Alexandra Dmitrienko

• AuthentiSafe: Lightweight and Future-Proof Device-to-Device Authentication for IoT. Petzi, Lukas; Krauß, Torsten; Dmitrienko, Alexandra; Tsudik, Gene; in to appear in the 20th ACM ASIA Conference on Computer and Communications Security (ACM ASIACCS 2025) (2025).
  • [ Abstract ]
  • [ BibTeX ]
  • [ Download ]
  • [ BibSonomy-Post ]
  The Internet of Things (IoT) is permeating many aspects of every- day life, including homes, public spaces, and industrial settings. The growing popularity of IoT devices prompts an important challenge of ensuring secure and reliable communication. To support direct device-to-device communication among resource-constrained IoT devices, lightweight authentication techniques are needed that do not rely on trusted servers. One promising primitive for this pur- pose are Physical Unclonable Functions (PUFs), which utilize unique characteristics of hardware components (e.g., memory) inherent in the manufacturing of IoT devices. Given some input, a PUF gener- ates a unique secret value which facilitates secure and robust au- thentication. However, current PUF-based authentication schemes require a trusted server, incur substantial computational costs, or lack resilience against emerging quantum computing threats. This paper introduces AuthentiSafe, a lightweight, scalable, and secure PUF-based authentication scheme for device-to-device au- thentication among mutually mistrusting IoT devices. AuthentiSafe integrates PUFs with one-time signatures and cryptographic accu- mulators, thus eliminating the need for a trusted server. By rely- ing exclusively on efficient cryptographic one-way hash functions, AuthentiSafe minimizes protocol costs and accommodates low com- putational power and very limited secure storage of IoT devices. It also ensures security in the post-quantum era, since one-way func- tions remain resilient to quantum attacks. We show AuthentiSafe’s resilience against various attacks. Experiments show that it appre- ciably outperforms three prior PUF-based authentication schemes.

  @article{noauthororeditor, abstract = {The Internet of Things (IoT) is permeating many aspects of every- day life, including homes, public spaces, and industrial settings. The growing popularity of IoT devices prompts an important challenge of ensuring secure and reliable communication. To support direct device-to-device communication among resource-constrained IoT devices, lightweight authentication techniques are needed that do not rely on trusted servers. One promising primitive for this pur- pose are Physical Unclonable Functions (PUFs), which utilize unique characteristics of hardware components (e.g., memory) inherent in the manufacturing of IoT devices. Given some input, a PUF gener- ates a unique secret value which facilitates secure and robust au- thentication. However, current PUF-based authentication schemes require a trusted server, incur substantial computational costs, or lack resilience against emerging quantum computing threats. This paper introduces AuthentiSafe, a lightweight, scalable, and secure PUF-based authentication scheme for device-to-device au- thentication among mutually mistrusting IoT devices. AuthentiSafe integrates PUFs with one-time signatures and cryptographic accu- mulators, thus eliminating the need for a trusted server. By rely- ing exclusively on efficient cryptographic one-way hash functions, AuthentiSafe minimizes protocol costs and accommodates low com- putational power and very limited secure storage of IoT devices. It also ensures security in the post-quantum era, since one-way func- tions remain resilient to quantum attacks. We show AuthentiSafe’s resilience against various attacks. Experiments show that it appre- ciably outperforms three prior PUF-based authentication schemes.}, author = {Petzi, Lukas and Krauß, Torsten and Dmitrienko, Alexandra and Tsudik, Gene}, journal = {to appear in the 20th ACM ASIA Conference on Computer and Communications Security (ACM ASIACCS 2025)}, keywords = {lukaspetzi}, title = {AuthentiSafe: Lightweight and Future-Proof Device-to-Device Authentication for IoT}, year = 2025 }

• DNNShield: Embedding Identifiers for Deep Neural Network Ownership Verification. Stang, Jasper; Krauß, Torsten; Dmitrienko, Alexandra; in ArXiv | arXiv:2403.06581 (2024).
  • [ Abstract ]
  • [ BibTeX ]
  • [ URL ]
  • [ Download ]
  • [ BibSonomy-Post ]
  The surge in popularity of machine learning (ML) has driven significant investments in training Deep Neural Networks (DNNs). However, these models that require resource-intensive training are vulnerable to theft and unauthorized use. This paper addresses this challenge by introducing DNNShield, a novel approach for DNN protection that integrates seamlessly before training. DNNShield embeds unique identifiers within the model architecture using specialized protection layers. These layers enable secure training and deployment while offering high resilience against various attacks, including fine-tuning, pruning, and adaptive adversarial attacks. Notably, our approach achieves this security with minimal performance and computational overhead (less than 5% runtime increase). We validate the effectiveness and efficiency of DNNShield through extensive evaluations across three datasets and four model architectures. This practical solution empowers developers to protect their DNNs and intellectual property rights.

  @article{jasper2024dnnshield, abstract = {The surge in popularity of machine learning (ML) has driven significant investments in training Deep Neural Networks (DNNs). However, these models that require resource-intensive training are vulnerable to theft and unauthorized use. This paper addresses this challenge by introducing DNNShield, a novel approach for DNN protection that integrates seamlessly before training. DNNShield embeds unique identifiers within the model architecture using specialized protection layers. These layers enable secure training and deployment while offering high resilience against various attacks, including fine-tuning, pruning, and adaptive adversarial attacks. Notably, our approach achieves this security with minimal performance and computational overhead (less than 5% runtime increase). We validate the effectiveness and efficiency of DNNShield through extensive evaluations across three datasets and four model architectures. This practical solution empowers developers to protect their DNNs and intellectual property rights.}, author = {Stang, Jasper and Krauß, Torsten and Dmitrienko, Alexandra}, journal = {ArXiv | arXiv:2403.06581}, keywords = {sssgroup}, month = {03}, title = {DNNShield: Embedding Identifiers for Deep Neural Network Ownership Verification}, year = 2024 }
• Time-Aware Face Anti-Spoofing with Rotation Invariant Local Binary Patterns and Deep Learning. Finke, Moritz; Dmitrienko, Alexandra; in ArXiv | arXiv:2408.14829 (2024).
  • [ BibTeX ]
  • [ URL ]
  • [ BibSonomy-Post ]
  @article{noauthororeditor2024, author = {Finke, Moritz and Dmitrienko, Alexandra}, journal = {ArXiv | arXiv:2408.14829}, keywords = {facialauthentication}, title = {Time-Aware Face Anti-Spoofing with Rotation Invariant Local Binary Patterns and Deep Learning}, year = 2024 }
• Large-Scale Study of Vulnerability Scanners for Ethereum Smart Contracts. Sendner, Christoph; Petzi, Lukas; Stang, Jasper; Dmitrienko, Alexandra; in To appear in the IEEE Symposium on Security & Privacy (2024).
  • [ BibTeX ]
  • [ BibSonomy-Post ]
  @article{sendner2024largescale, author = {Sendner, Christoph and Petzi, Lukas and Stang, Jasper and Dmitrienko, Alexandra}, journal = {To appear in the IEEE Symposium on Security & Privacy}, keywords = {lukaspetzi}, month = {05}, title = {Large-Scale Study of Vulnerability Scanners for Ethereum Smart Contracts}, year = 2024 }
• MirageFlow: A New Bandwidth Inflation Attack on Tor. Sendner, Christoph; Stang, Jasper; Dmitrienko, Alexandra; Wijewickrama, Raveen; Jadliwala, Murtuza; in the Network and Distributed System Security Symposium (NDSS) (2024).
  • [ BibTeX ]
  • [ BibSonomy-Post ]
  @article{sendner2024mirageflow, author = {Sendner, Christoph and Stang, Jasper and Dmitrienko, Alexandra and Wijewickrama, Raveen and Jadliwala, Murtuza}, journal = {the Network and Distributed System Security Symposium (NDSS)}, keywords = {sss-group}, title = {MirageFlow: A New Bandwidth Inflation Attack on Tor}, year = 2024 }
• Cloud-Based Machine Learning Models as Covert Communication Channels. Krauß, Torsten; Stang, Jasper; Dmitrienko, Alexandra; in the 19th ACM ASIA Conference on Computer and Communications Security (ACM ASIACCS 2024) (2024).
  • [ BibTeX ]
  • [ Download ]
  • [ BibSonomy-Post ]
  @article{torsten2024cloudbased, author = {Krauß, Torsten and Stang, Jasper and Dmitrienko, Alexandra}, journal = {the 19th ACM ASIA Conference on Computer and Communications Security (ACM ASIACCS 2024)}, keywords = {sssgroup}, title = {Cloud-Based Machine Learning Models as Covert Communication Channels}, year = 2024 }
• FreqFed: A Frequency Analysis-Based Approach for Mitigating Poisoning Attacks in Federated Learning. Fereidooni, Hossein; Pegoraro, Alessandro; Rieger, Phillip; Dmitrienko, Alexandra; Sadeghi, Ahmad-Reza; in the Network and Distributed System Security Symposium (NDSS) (2024).
  • [ BibTeX ]
  • [ Download ]
  • [ BibSonomy-Post ]
  @article{fereidooni2024freqfed, author = {Fereidooni, Hossein and Pegoraro, Alessandro and Rieger, Phillip and Dmitrienko, Alexandra and Sadeghi, Ahmad-Reza}, journal = {the Network and Distributed System Security Symposium (NDSS)}, keywords = {sss-group}, title = {FreqFed: A Frequency Analysis-Based Approach for Mitigating Poisoning Attacks in Federated Learning}, year = 2024 }
• CrowdGuard: Federated Backdoor Detection in Federated Learning. Rieger, Phillip; Krauß, Torsten; Miettinen, Markus; Dmitrienko, Alexandra; Sadeghi, Ahmad-Reza; in the Network and Distributed System Security Symposium (NDSS) (2024).
  • [ BibTeX ]
  • [ Download ]
  • [ BibSonomy-Post ]
  @article{torsten2024crowdguard, author = {Rieger, Phillip and Krauß, Torsten and Miettinen, Markus and Dmitrienko, Alexandra and Sadeghi, Ahmad-Reza}, journal = {the Network and Distributed System Security Symposium (NDSS)}, keywords = {Private_AI}, title = {CrowdGuard: Federated Backdoor Detection in Federated Learning}, year = 2024 }
• Triple-S: Security Scoring System for IoT Devices. Finke, Moritz; Dmitrienko, Alexandra; in IEEE International Conference on Omni-layer Intelligent Systems (COINS) (2024).
  • [ BibTeX ]
  • [ Download ]
  • [ BibSonomy-Post ]
  @article{finke2024triples, author = {Finke, Moritz and Dmitrienko, Alexandra}, journal = {IEEE International Conference on Omni-layer Intelligent Systems (COINS)}, keywords = {sssgroup}, title = {Triple-S: Security Scoring System for IoT Devices}, year = 2024 }
• FreqFed: A Frequency Analysis-Based Approach for Mitigating Poisoning Attacks in Federated Learning. Fereidooni, Hossein; Pegoraro, Alessandro; Rieger, Phillip; Dmitrienko, Alexandra; Sadeghi, Ahmad-Reza; in ArXiv | arXiv:2312.04432v2 (2024).
  • [ BibTeX ]
  • [ URL ]
  • [ BibSonomy-Post ]
  @article{fereidooni2024freqfed, author = {Fereidooni, Hossein and Pegoraro, Alessandro and Rieger, Phillip and Dmitrienko, Alexandra and Sadeghi, Ahmad-Reza}, journal = {ArXiv | arXiv:2312.04432v2}, keywords = {sss-group}, title = {FreqFed: A Frequency Analysis-Based Approach for Mitigating Poisoning Attacks in Federated Learning}, year = 2024 }
• ClearStamp: A Human-Visible and Robust Model-Ownership Proof based on Transposed Model Training. Krauß, Torsten; Stang, Jasper; Dmitrienko, Alexandra; in the 33rd USENIX Security Symposium (USENIX Security 2024) (2024).
  • [ Abstract ]
  • [ BibTeX ]
  • [ Download ]
  • [ BibSonomy-Post ]
  Due to costly efforts during data acquisition and model training, Deep Neural Networks (DNNs) belong to the intellectual property of the model creator. Hence, unauthorized use, theft, or modification may lead to legal repercussions. Existing DNN watermarking methods for ownership proof are often non-intuitive, embed human-invisible marks, require trust in algorithmic assessment that lacks human-understandable attributes, and rely on rigid thresholds, making it susceptible to failure in cases of partial watermark erasure. This paper introduces ClearStamp, the first DNN watermarking method designed for intuitive human assessment. ClearStamp embeds visible watermarks, enabling human decision-making without rigid value thresholds while allowing technology-assisted evaluations. ClearStamp defines a transposed model architecture allowing to use of the model in a backward fashion to interwove the watermark with the main task within all model parameters. Compared to existing watermarking methods, ClearStamp produces visual watermarks that are easy for humans to understand without requiring complex verification algorithms or strict thresholds. The watermark is embedded within all model parameters and entangled with the main task, exhibiting superior robustness. It shows an 8,544-bit watermark capacity comparable to the strongest existing work. Crucially, ClearStamp’s effectiveness is model and dataset-agnostic, and resilient against adversarial model manipulations, as demonstrated in a comprehensive study performed with four datasets and seven architectures.

  @article{torsten2024clearstamp, abstract = {Due to costly efforts during data acquisition and model training, Deep Neural Networks (DNNs) belong to the intellectual property of the model creator. Hence, unauthorized use, theft, or modification may lead to legal repercussions. Existing DNN watermarking methods for ownership proof are often non-intuitive, embed human-invisible marks, require trust in algorithmic assessment that lacks human-understandable attributes, and rely on rigid thresholds, making it susceptible to failure in cases of partial watermark erasure. This paper introduces ClearStamp, the first DNN watermarking method designed for intuitive human assessment. ClearStamp embeds visible watermarks, enabling human decision-making without rigid value thresholds while allowing technology-assisted evaluations. ClearStamp defines a transposed model architecture allowing to use of the model in a backward fashion to interwove the watermark with the main task within all model parameters. Compared to existing watermarking methods, ClearStamp produces visual watermarks that are easy for humans to understand without requiring complex verification algorithms or strict thresholds. The watermark is embedded within all model parameters and entangled with the main task, exhibiting superior robustness. It shows an 8,544-bit watermark capacity comparable to the strongest existing work. Crucially, ClearStamp’s effectiveness is model and dataset-agnostic, and resilient against adversarial model manipulations, as demonstrated in a comprehensive study performed with four datasets and seven architectures.}, author = {Krauß, Torsten and Stang, Jasper and Dmitrienko, Alexandra}, journal = {the 33rd USENIX Security Symposium (USENIX Security 2024)}, keywords = {sssgroup}, title = {ClearStamp: A Human-Visible and Robust Model-Ownership Proof based on Transposed Model Training}, year = 2024 }
• Automatic Adversarial Adaption for Stealthy Poisoning Attacks in Federated Learning. Krauß, Torsten; König, Jan; Dmitrienko, Alexandra; Kanzow, Christian; in the Network and Distributed System Security Symposium (NDSS) (2024).
  • [ BibTeX ]
  • [ Download ]
  • [ BibSonomy-Post ]
  @article{krauss2024automatic, author = {Krauß, Torsten and König, Jan and Dmitrienko, Alexandra and Kanzow, Christian}, journal = {the Network and Distributed System Security Symposium (NDSS)}, keywords = {jankounig}, title = {Automatic Adversarial Adaption for Stealthy Poisoning Attacks in Federated Learning}, year = 2024 }
• SPOQchain: Platform for Secure, Scalable, and Privacy-Preserving Supply Chain Tracing and Counterfeit Protection. Finke, Moritz; Dmitrienko, Alexandra; Stang, Jasper; in ArXiv | arXiv:2408.17049 (2024).
  • [ Abstract ]
  • [ BibTeX ]
  • [ URL ]
  • [ Download ]
  • [ BibSonomy-Post ]
  Product lifecycle tracing is increasingly in the focus of regulators and producers, as shown with the initiative of the Digital Product Pass. Likewise, new methods of counterfeit detection are developed that are, e.g., based on Physical Unclonable Functions (PUFs). In order to ensure trust and integrity of product lifecycle data, multiple existing supply chain tracing systems are built on blockchain technology. However, only few solutions employ secure identifiers such as PUFs. Furthermore, existing systems that publish the data of individual products, in part fully transparently, have a detrimental impact on scalability and the privacy of users. This work proposes SPOQchain, a novel blockchain-based platform that provides comprehensive lifecycle traceability and originality verification while ensuring high efficiency and user privacy. The improved efficiency is achieved by a sophisticated batching mechanism that removes lifecycle redundancies. In addition to the successful evaluation of SPOQchain's scalability, this work provides a comprehensive analysis of privacy and security aspects, demonstrating the need and qualification of SPOQchain for the future of supply chain tracing.

  @article{finke2024spoqchain, abstract = {Product lifecycle tracing is increasingly in the focus of regulators and producers, as shown with the initiative of the Digital Product Pass. Likewise, new methods of counterfeit detection are developed that are, e.g., based on Physical Unclonable Functions (PUFs). In order to ensure trust and integrity of product lifecycle data, multiple existing supply chain tracing systems are built on blockchain technology. However, only few solutions employ secure identifiers such as PUFs. Furthermore, existing systems that publish the data of individual products, in part fully transparently, have a detrimental impact on scalability and the privacy of users. This work proposes SPOQchain, a novel blockchain-based platform that provides comprehensive lifecycle traceability and originality verification while ensuring high efficiency and user privacy. The improved efficiency is achieved by a sophisticated batching mechanism that removes lifecycle redundancies. In addition to the successful evaluation of SPOQchain's scalability, this work provides a comprehensive analysis of privacy and security aspects, demonstrating the need and qualification of SPOQchain for the future of supply chain tracing.}, author = {Finke, Moritz and Dmitrienko, Alexandra and Stang, Jasper}, journal = {ArXiv | arXiv:2408.17049}, keywords = {sssgroup}, title = {SPOQchain: Platform for Secure, Scalable, and Privacy-Preserving Supply Chain Tracing and Counterfeit Protection}, year = 2024 }
• Verify your Labels! Trustworthy Predictions and Datasets via Confidence Scores. Krauß, Torsten; Stang, Jasper; Dmitrienko, Alexandra; in the 33rd USENIX Security Symposium (USENIX Security 2024) (2024).
  • [ Abstract ]
  • [ BibTeX ]
  • [ Download ]
  • [ BibSonomy-Post ]
  Machine learning is a rapidly evolving technology with manifold benefits. At its core lies the mapping between samples and corresponding target labels (SL-Mappings). Such mappings can originate from labeled dataset samples or from prediction generated during model inference. The correctness of SL-Mappings is crucial, both during training and for model predictions, especially when considering poisoning attacks. Existing standalone works from the dataset cleaning and prediction confidence scoring domains lack a dual-use tool offering an SL-Mappings score, which is impractical. Moreover, these works have drawbacks, e.g., dependence on specific model architectures and reliance on large datasets, which may not be accessible, or lack a meaningful confidence score. In this paper, we introduce LabelTrust, a versatile tool designed to generate confidence scores for SL-Mappings. We propose pipelines facilitating dataset cleaning and confidence scoring, mitigating the limitations of existing standalone approaches from each domain. Thereby, LabelTrust leverages a Siamese network trained via few-shot learning, requiring minimal clean samples and is agnostic to datasets and model architectures. We demonstrate LabelTrust’s efficacy in detecting poisoning attacks within samples and predictions alike, with a modest one-time training overhead of 34.56 seconds and an evaluation time of less than 1 second per SL-Mapping.

  @article{krauss2024verify, abstract = {Machine learning is a rapidly evolving technology with manifold benefits. At its core lies the mapping between samples and corresponding target labels (SL-Mappings). Such mappings can originate from labeled dataset samples or from prediction generated during model inference. The correctness of SL-Mappings is crucial, both during training and for model predictions, especially when considering poisoning attacks. Existing standalone works from the dataset cleaning and prediction confidence scoring domains lack a dual-use tool offering an SL-Mappings score, which is impractical. Moreover, these works have drawbacks, e.g., dependence on specific model architectures and reliance on large datasets, which may not be accessible, or lack a meaningful confidence score. In this paper, we introduce LabelTrust, a versatile tool designed to generate confidence scores for SL-Mappings. We propose pipelines facilitating dataset cleaning and confidence scoring, mitigating the limitations of existing standalone approaches from each domain. Thereby, LabelTrust leverages a Siamese network trained via few-shot learning, requiring minimal clean samples and is agnostic to datasets and model architectures. We demonstrate LabelTrust’s efficacy in detecting poisoning attacks within samples and predictions alike, with a modest one-time training overhead of 34.56 seconds and an evaluation time of less than 1 second per SL-Mapping.}, author = {Krauß, Torsten and Stang, Jasper and Dmitrienko, Alexandra}, journal = {the 33rd USENIX Security Symposium (USENIX Security 2024)}, keywords = {sssgroup}, title = {Verify your Labels! Trustworthy Predictions and Datasets via Confidence Scores}, year = 2024 }
• PUF-based Authentication in IoT against Strong Physical Adversary using Zero-Knowledge Proofs. Petzi, Lukas; Dmitrienko, Alexandra; Visconti, Ivan; in SafeThings (2024).
  • [ BibTeX ]
  • [ Download ]
  • [ BibSonomy-Post ]
  @article{petzi2024pufbased, author = {Petzi, Lukas and Dmitrienko, Alexandra and Visconti, Ivan}, journal = {SafeThings}, keywords = {iot}, title = {PUF-based Authentication in IoT against Strong Physical Adversary using Zero-Knowledge Proofs}, year = 2024 }

• Vulnerability Scanners for Ethereum Smart Contracts: A Large-Scale Study. Sendner, Christoph; Petzi, Lukas; Stang, Jasper; Dmitrienko, Alexandra; in ArXiv | arXiv:2312.16533 (2023).
  • [ BibTeX ]
  • [ URL ]
  • [ Download ]
  • [ BibSonomy-Post ]
  @article{sendner2023vulnerability, author = {Sendner, Christoph and Petzi, Lukas and Stang, Jasper and Dmitrienko, Alexandra}, journal = {ArXiv | arXiv:2312.16533}, keywords = {lukaspetzi}, month = 12, title = {Vulnerability Scanners for Ethereum Smart Contracts: A Large-Scale Study}, year = 2023 }
• TorMult: Introducing a Novel Tor Bandwidth Inflation Attack. Sendner, Christoph; Stang, Jasper; Dmitrienko, Alexandra; Wijewickrama, Raveen; Jadliwala, Murtuza; in ArXiv | arXiv.2307.08550 (2023).
  • [ BibTeX ]
  • [ URL ]
  • [ BibSonomy-Post ]
  @article{sendner2023tormult, author = {Sendner, Christoph and Stang, Jasper and Dmitrienko, Alexandra and Wijewickrama, Raveen and Jadliwala, Murtuza}, journal = {ArXiv | arXiv.2307.08550}, keywords = {sss-group}, title = {TorMult: Introducing a Novel Tor Bandwidth Inflation Attack}, year = 2023 }
• Smarter Contracts: Detecting Vulnerabilities in Smart Contracts with Deep Transfer Learning. Sendner, Christoph; Chen, Huili; Fereidooni, Hossein; Petzi, Lukas; König, Jan; Stang, Jasper; Dmitrienko, Alexandra; Sadeghi, Ahmad-Reza; Koushanfar, Farinaz; in Network and Distributed System Security Symposium (NDSS) (2023).
  • [ BibTeX ]
  • [ Download ]
  • [ BibSonomy-Post ]
  @article{sendner2023smarter, author = {Sendner, Christoph and Chen, Huili and Fereidooni, Hossein and Petzi, Lukas and König, Jan and Stang, Jasper and Dmitrienko, Alexandra and Sadeghi, Ahmad-Reza and Koushanfar, Farinaz}, journal = {Network and Distributed System Security Symposium (NDSS)}, keywords = {lukaspetzi}, title = {Smarter Contracts: Detecting Vulnerabilities in Smart Contracts with Deep Transfer Learning}, year = 2023 }
• MESAS: Poisoning Defense for Federated Learning Resilient against Adaptive Attackers. Torsten, Krauß; Alexandra, Dmitrienko; in ACM Conference on Computer and Communications Security (CCS) (2023).
  • [ BibTeX ]
  • [ Download ]
  • [ BibSonomy-Post ]
  @article{torsten2023mesas, author = {Torsten, Krauß and Alexandra, Dmitrienko}, journal = {ACM Conference on Computer and Communications Security (CCS)}, keywords = {sss-group}, title = {MESAS: Poisoning Defense for Federated Learning Resilient against Adaptive Attackers}, year = 2023 }
• Metadata-based Malware Detection on Android using Machine Learning. Hefter, Alexander; Sendner, Christoph; Dmitrienko, Alexandra; in ArXiv | arXiv.2307.08547 (2023).
  • [ BibTeX ]
  • [ URL ]
  • [ BibSonomy-Post ]
  @article{noauthororeditormetadatabased, author = {Hefter, Alexander and Sendner, Christoph and Dmitrienko, Alexandra}, journal = {ArXiv | arXiv.2307.08547}, keywords = {sss-group}, title = {Metadata-based Malware Detection on Android using Machine Learning}, year = 2023 }
• Security of NVMe Offloaded Data in Large-Scale Machine Learning. Krauß, Torsten; Götz, Raphael; Dmitrienko, Alexandra; in European Symposium on Research in Computer Security (ESORICS) (2023).
  • [ BibTeX ]
  • [ URL ]
  • [ Download ]
  • [ BibSonomy-Post ]
  @article{krauss2024security, author = {Krauß, Torsten and Götz, Raphael and Dmitrienko, Alexandra}, journal = {European Symposium on Research in Computer Security (ESORICS)}, keywords = {Private_AI}, title = {Security of NVMe Offloaded Data in Large-Scale Machine Learning}, year = 2023 }
• G-Scan: Graph Neural Networks for Line-Level Vulnerability Identification in Smart Contracts. Sendner, Christoph; Zhang, Ruisi; Hefter, Alexander; Dmitrienko, Alexandra; Koushanfar, Farinaz; in arXiv:2307.08549 (2023).
  • [ BibTeX ]
  • [ URL ]
  • [ BibSonomy-Post ]
  @article{sendner2023gscan, author = {Sendner, Christoph and Zhang, Ruisi and Hefter, Alexander and Dmitrienko, Alexandra and Koushanfar, Farinaz}, journal = {arXiv:2307.08549}, keywords = {sss-group}, title = {G-Scan: Graph Neural Networks for Line-Level Vulnerability Identification in Smart Contracts}, year = 2023 }
• Avoid Adversarial Adaption in Federated Learning by Multi-Metric Investigations. Krauß, Torsten; Dmitrienko, Alexandra; in ArXiv | arXiv.2306.03600 (2023).
  • [ BibTeX ]
  • [ URL ]
  • [ Download ]
  • [ BibSonomy-Post ]
  @article{krauss2023avoid, author = {Krauß, Torsten and Dmitrienko, Alexandra}, journal = {ArXiv | arXiv.2306.03600}, keywords = {Machine}, title = {Avoid Adversarial Adaption in Federated Learning by Multi-Metric Investigations}, year = 2023 }
• ClearMark: Intuitive and Robust Model Watermarking via Transposed Model Training. Krauß, Torsten; Stang, Jasper; Dmitrienko, Alexandra; in ArXiv | arXiv:2310.16453v1 (2023).
  • [ Abstract ]
  • [ BibTeX ]
  • [ URL ]
  • [ Download ]
  • [ BibSonomy-Post ]
  Due to costly efforts during data acquisition and model training, Deep Neural Networks (DNNs) belong to the intellectual property of the model creator. Hence, unauthorized use, theft, or modification may lead to legal repercussions. Existing DNN watermarking methods for ownership proof are often non-intuitive, embed human-invisible marks, require trust in algorithmic assessment that lacks human-understandable attributes, and rely on rigid thresholds, making it susceptible to failure in cases of partial watermark erasure. This paper introduces ClearMark, the first DNN watermarking method designed for intuitive human assessment. ClearMark embeds visible watermarks, enabling human decision-making without rigid value thresholds while allowing technology-assisted evaluations. ClearMark defines a transposed model architecture allowing to use of the model in a backward fashion to interwove the watermark with the main task within all model parameters. Compared to existing watermarking methods, ClearMark produces visual watermarks that are easy for humans to understand without requiring complex verification algorithms or strict thresholds. The watermark is embedded within all model parameters and entangled with the main task, exhibiting superior robustness. It shows an 8,544-bit watermark capacity comparable to the strongest existing work. Crucially, ClearMark's effectiveness is model and dataset-agnostic, and resilient against adversarial model manipulations, as demonstrated in a comprehensive study performed with four datasets and seven architectures.

  @article{krauss2023clearmark, abstract = {Due to costly efforts during data acquisition and model training, Deep Neural Networks (DNNs) belong to the intellectual property of the model creator. Hence, unauthorized use, theft, or modification may lead to legal repercussions. Existing DNN watermarking methods for ownership proof are often non-intuitive, embed human-invisible marks, require trust in algorithmic assessment that lacks human-understandable attributes, and rely on rigid thresholds, making it susceptible to failure in cases of partial watermark erasure. This paper introduces ClearMark, the first DNN watermarking method designed for intuitive human assessment. ClearMark embeds visible watermarks, enabling human decision-making without rigid value thresholds while allowing technology-assisted evaluations. ClearMark defines a transposed model architecture allowing to use of the model in a backward fashion to interwove the watermark with the main task within all model parameters. Compared to existing watermarking methods, ClearMark produces visual watermarks that are easy for humans to understand without requiring complex verification algorithms or strict thresholds. The watermark is embedded within all model parameters and entangled with the main task, exhibiting superior robustness. It shows an 8,544-bit watermark capacity comparable to the strongest existing work. Crucially, ClearMark's effectiveness is model and dataset-agnostic, and resilient against adversarial model manipulations, as demonstrated in a comprehensive study performed with four datasets and seven architectures.}, author = {Krauß, Torsten and Stang, Jasper and Dmitrienko, Alexandra}, journal = {ArXiv | arXiv:2310.16453v1}, keywords = {sss-group}, month = 10, title = {ClearMark: Intuitive and Robust Model Watermarking via Transposed Model Training}, year = 2023 }
• AuthentiSense: A Scalable Behavioral Biometrics Authentication Scheme using Few-Shot Learning for Mobile Platforms. Fereidooni, Hossein; König, Jan; Rieger, Philip; Chilese, Markus; Finke, Moritz; Goekbakan, Bora; Dmitrienko, Alexandra; Sadeghi, Ahmad-Reza; in Network and Distributed System Security Symposium (NDSS) (2023).
  • [ BibTeX ]
  • [ Download ]
  • [ BibSonomy-Post ]
  @article{hossein2023authentisense, author = {Fereidooni, Hossein and König, Jan and Rieger, Philip and Chilese, Markus and Finke, Moritz and Goekbakan, Bora and Dmitrienko, Alexandra and Sadeghi, Ahmad-Reza}, journal = {Network and Distributed System Security Symposium (NDSS)}, keywords = {moritzfinke}, title = {AuthentiSense: A Scalable Behavioral Biometrics Authentication Scheme using Few-Shot Learning for Mobile Platforms}, year = 2023 }
• CROSSCON: Interoperable IoT Security Stack - The RISC-V Opportunity. Pinto, Sandro; Breskvar, Matjaz; Gomes, Tiago; Koshutanski, Hristo; Pasic, Aljosa; Krol, Piotr; Amri, Emna; Puron, David; Hornak, Zoltan; Rovieri, Marco; Dmitrienko, Alexandra; Sadeghi, Ahmad-Reza; Crispo, Bruno; in RISC-V Summit Europe, Barcelona (2023).
  • [ BibTeX ]
  • [ Download ]
  • [ BibSonomy-Post ]
  @conference{sandro2023crosscon, author = {Pinto, Sandro and Breskvar, Matjaz and Gomes, Tiago and Koshutanski, Hristo and Pasic, Aljosa and Krol, Piotr and Amri, Emna and Puron, David and Hornak, Zoltan and Rovieri, Marco and Dmitrienko, Alexandra and Sadeghi, Ahmad-Reza and Crispo, Bruno}, booktitle = {RISC-V Summit Europe, Barcelona}, keywords = {sss-group}, title = {CROSSCON: Interoperable IoT Security Stack - The RISC-V Opportunity}, year = 2023 }

• Ransomware Detection in Databases through Dynamic Analysis of Query Sequences. Sendner, Christoph; Iffländer, Lukas; Schindler, Sebastian; Jobst, Michael; Dmitrienko, Alexandra; Kounev, Samuel; in IEEE Conference on Communications and Network Security (CNS) (2022).
  • [ BibTeX ]
  • [ Download ]
  • [ BibSonomy-Post ]
  @conference{sendner2022ransomware, author = {Sendner, Christoph and Iffländer, Lukas and Schindler, Sebastian and Jobst, Michael and Dmitrienko, Alexandra and Kounev, Samuel}, booktitle = {IEEE Conference on Communications and Network Security (CNS)}, keywords = {ransomware}, title = {Ransomware Detection in Databases through Dynamic Analysis of Query Sequences}, year = 2022 }
• Contact Discovery in Mobile Messengers: Low-cost Attacks, Quantitative Analyses, and Efficient Mitigations. Hagen, Christoph; Weinert, Christian; Sendner, Christoph; Dmitrienko, Alexandra; Schneider, Thomas; in Cryptology ePrint Archive, Report 2022/875 (2022). (2022/875)
  • [ BibTeX ]
  • [ URL ]
  • [ BibSonomy-Post ]
  @article{hagen2022contact, author = {Hagen, Christoph and Weinert, Christian and Sendner, Christoph and Dmitrienko, Alexandra and Schneider, Thomas}, journal = {Cryptology ePrint Archive, Report 2022/875}, keywords = {security}, number = {2022/875}, publisher = {Cryptology ePrint}, title = {Contact Discovery in Mobile Messengers: Low-cost Attacks, Quantitative Analyses, and Efficient Mitigations}, year = 2022 }
• Digital Contact Tracing Solutions: Promises, Pitfalls and Challenges. Thien Duc, Nguyen; Markus, Miettinen; Alexandra, Dmitrienko; Ahmad-Reza, Sadeghi; Ivan, Visconti; in IEEE Transactions on Emerging Topics in Computing (2022).
  • [ BibTeX ]
  • [ Download ]
  • [ BibSonomy-Post ]
  @article{thienduc2022digital, author = {Thien Duc, Nguyen and Markus, Miettinen and Alexandra, Dmitrienko and Ahmad-Reza, Sadeghi and Ivan, Visconti}, journal = {IEEE Transactions on Emerging Topics in Computing}, keywords = {TraceCORONA}, month = 10, title = {Digital Contact Tracing Solutions: Promises, Pitfalls and Challenges.}, year = 2022 }
• FedCRI: Federated Mobile Cyber-Risk Intelligence. Fereidooni, Hossein; Dmitrienko, Alexandra; Madlener, Felix; Rieger, Phillip; Miettinen, Markus; Sadeghi, Ahmad-Reza; in The Network and Distributed System Security Symposium (NDSS) (2022).
  • [ BibTeX ]
  • [ Download ]
  • [ BibSonomy-Post ]
  @inproceedings{fereidooni2022fedcri, author = {Fereidooni, Hossein and Dmitrienko, Alexandra and Madlener, Felix and Rieger, Phillip and Miettinen, Markus and Sadeghi, Ahmad-Reza}, booktitle = {The Network and Distributed System Security Symposium (NDSS)}, keywords = {security}, title = {FedCRI: Federated Mobile Cyber-Risk Intelligence}, year = 2022 }
• Towards a Cryptography Benchmark: A View on Attribute Based Encryption Schemes. Prantl, Thomas; Zeck, Timo; Iffländer, Lukas; Beierlieb, Lukas; Dmitrenko, Alexandra; Krupitzer, Christian; Kounev, Samuel; in 2022 5th Conference on Cloud and Internet of Things (CIoT) (2022).
  • [ BibTeX ]
  • [ BibSonomy-Post ]
  @inproceedings{PrZeIfBeDmKrKo2022-CIoT-ABEBenchmark, author = {Prantl, Thomas and Zeck, Timo and Iffländer, Lukas and Beierlieb, Lukas and Dmitrenko, Alexandra and Krupitzer, Christian and Kounev, Samuel}, booktitle = {2022 5th Conference on Cloud and Internet of Things (CIoT)}, keywords = {sss-group}, organization = {IEEE}, title = {Towards a Cryptography Benchmark: A View on Attribute Based Encryption Schemes}, year = 2022 }
• Digital Contact Tracing Solutions: Promises, Pitfalls and Challenges. Thien Duc, Nguyen; Markus, Miettinen; Alexandra, Dmitrienko; Ahmad-Reza, Sadeghi; Ivan, Visconti; in Cryptology ePrint Archive (2022).
  • [ BibTeX ]
  • [ URL ]
  • [ BibSonomy-Post ]
  @article{thienduc2022digital, author = {Thien Duc, Nguyen and Markus, Miettinen and Alexandra, Dmitrienko and Ahmad-Reza, Sadeghi and Ivan, Visconti}, journal = {Cryptology ePrint Archive}, keywords = {TraceCORONA}, month = 10, title = {Digital Contact Tracing Solutions: Promises, Pitfalls and Challenges}, year = 2022 }
• Digital contact Tracing solutions: Promises, Pitfalls and Challenges. Thien Duc, Nguyen; Markus, Miettinen; Alexandra, Dmitrienko; Ahmad-Reza, Sadeghi; Ivan, Visconti; in ArXiv I arXiv 2202.06698v2 (October 2022) (2022).
  • [ BibTeX ]
  • [ URL ]
  • [ BibSonomy-Post ]
  @article{thienduc2022digital, author = {Thien Duc, Nguyen and Markus, Miettinen and Alexandra, Dmitrienko and Ahmad-Reza, Sadeghi and Ivan, Visconti}, journal = {ArXiv I arXiv 2202.06698v2 (October 2022)}, keywords = {TraceCORONA}, month = 10, title = {Digital contact Tracing solutions: Promises, Pitfalls and Challenges.}, year = 2022 }
• Close the Gate: Detecting Backdoored Models in Federated Learning based on Client-Side Deep Layer Output Analysis. Rieger, Phillip; Krauß, Torsten; Miettinen, Markus; Dmitrienko, Alexandra; Sadeghi, Ahmad-Reza; in ArXiv | arXiv:2210.07714 (2022).
  • [ BibTeX ]
  • [ URL ]
  • [ BibSonomy-Post ]
  @article{https://doi.org/10.48550/arxiv.2210.07714, author = {Rieger, Phillip and Krauß, Torsten and Miettinen, Markus and Dmitrienko, Alexandra and Sadeghi, Ahmad-Reza}, journal = {ArXiv | arXiv:2210.07714}, keywords = {Private_AI}, publisher = {arXiv}, title = {Close the Gate: Detecting Backdoored Models in Federated Learning based on Client-Side Deep Layer Output Analysis}, year = 2022 }
• Contact Discovery in Mobile Messengers: Low-cost Attacks, Quantitative Analyses, and Efficient Mitigations. Hagen, Christoph; Weinert, Christian; Sendner, Christoph; Dmitrienko, Alexandra; Schneider, Thomas; in ACM Transactions on Privacy and Security (TOPS) (2022).
  • [ Abstract ]
  • [ BibTeX ]
  • [ Download ]
  • [ BibSonomy-Post ]
  Contact discovery allows users of mobile messengers to conveniently connect with people in their address book. In this work, we demonstrate that severe privacy issues exist in currently deployed contact discovery methods and propose suitable mitigations. Our study of three popular messengers (WhatsApp, Signal, and Telegram) shows that large-scale crawling attacks are (still) possible. Using an accurate database of mobile phone number prefixes and very few resources, we queried 10% of US mobile phone numbers for WhatsApp and 100% for Signal. For Telegram we find that its API exposes a wide range of sensitive information, even about numbers not registered with the service. We present interesting (cross-messenger) usage statistics, which also reveal that very few users change the default privacy settings. Furthermore, we demonstrate that currently deployed hashing-based contact discovery protocols are severely broken by comparing three methods for efficient hash reversal. Most notably, we show that with the password cracking tool “JTR” we can iterate through the entire world-wide mobile phone number space in < 150s on a consumer-grade GPU. We also propose a significantly improved rainbow table construction for non-uniformly distributed input domains that is of independent interest. Regarding mitigations, we most notably propose two novel rate-limiting schemes: our incremental contact discovery for services without server-side contact storage strictly improves over Signal’s current approach while being compatible with private set intersection, whereas our differential scheme allows even stricter rate limits at the overhead for service providers to store a small constant-size state that does not reveal any contact information.

  @article{hagen2022contact, abstract = {Contact discovery allows users of mobile messengers to conveniently connect with people in their address book. In this work, we demonstrate that severe privacy issues exist in currently deployed contact discovery methods and propose suitable mitigations. Our study of three popular messengers (WhatsApp, Signal, and Telegram) shows that large-scale crawling attacks are (still) possible. Using an accurate database of mobile phone number prefixes and very few resources, we queried 10% of US mobile phone numbers for WhatsApp and 100% for Signal. For Telegram we find that its API exposes a wide range of sensitive information, even about numbers not registered with the service. We present interesting (cross-messenger) usage statistics, which also reveal that very few users change the default privacy settings. Furthermore, we demonstrate that currently deployed hashing-based contact discovery protocols are severely broken by comparing three methods for efficient hash reversal. Most notably, we show that with the password cracking tool “JTR” we can iterate through the entire world-wide mobile phone number space in < 150s on a consumer-grade GPU. We also propose a significantly improved rainbow table construction for non-uniformly distributed input domains that is of independent interest. Regarding mitigations, we most notably propose two novel rate-limiting schemes: our incremental contact discovery for services without server-side contact storage strictly improves over Signal’s current approach while being compatible with private set intersection, whereas our differential scheme allows even stricter rate limits at the overhead for service providers to store a small constant-size state that does not reveal any contact information.}, author = {Hagen, Christoph and Weinert, Christian and Sendner, Christoph and Dmitrienko, Alexandra and Schneider, Thomas}, journal = {ACM Transactions on Privacy and Security (TOPS)}, keywords = {security}, title = {Contact Discovery in Mobile Messengers: Low-cost Attacks, Quantitative Analyses, and Efficient Mitigations}, year = 2022 }
• SCRAPS: Scalable Collective Remote Attestation for Pub-Sub IoT Networks with Untrusted Proxy Verifier. Petzi, Lukas; Ben Yahya, Ala Eddine; Dmitrienko, Alexandra; Tsudik, Gene; Prantl, Thomas; Kounev, Samuel; in USENIX Security (2022).
  • [ Abstract ]
  • [ BibTeX ]
  • [ Download ]
  • [ BibSonomy-Post ]
  Remote Attestation (RA) is a basic security mechanism that detects malicious presence on various types of computing components, e.g., IoT devices. In a typical IoT setting, RA involves a trusted Verifier that sends a challenge to an untrusted remote Prover, which must in turn reply with a fresh and authentic evidence of being in a trustworthy state. However,most current RA schemes assume a central Verifier, which rep-resents a single point of failure. This feature is problematic when mutually suspicious stakeholders are involved. Furthermore, scalability issues arise as the number of IoT devices (Provers) grows. Although some RA schemes allow peer Provers to act as Verifiers, they involve unrealistic (for IoT devices) requirements, such as time synchronization and synchronous communication. Moreover, they incur heavy memory, computation,and communication burdens, while not considering sleeping or otherwise disconnected devices. Motivated by the need to address these limitations, we construct Scalable Collective Remote Attestation for Pub-Sub (SCRAPS), a novel collective RA scheme. It achieves scalability by outsourcing Verifier duties to a smart contract and mitigates DoS attacks against both Provers and Verifiers. It also removes the need for synchronous communication. Furthermore,RA evidence in SCRAPS is publicly verifiable, which significantly reduces the number of attestation evidence computations, thus lowering Prover burden. We report on a prototype of SCRAPS over Hyperledger Sawtooth (a blockchain geared for IoT use-cases) and evaluate its performance, scalability, and security aspects.

  @proceedings{petzi2022scraps, abstract = {Remote Attestation (RA) is a basic security mechanism that detects malicious presence on various types of computing components, e.g., IoT devices. In a typical IoT setting, RA involves a trusted Verifier that sends a challenge to an untrusted remote Prover, which must in turn reply with a fresh and authentic evidence of being in a trustworthy state. However,most current RA schemes assume a central Verifier, which rep-resents a single point of failure. This feature is problematic when mutually suspicious stakeholders are involved. Furthermore, scalability issues arise as the number of IoT devices (Provers) grows. Although some RA schemes allow peer Provers to act as Verifiers, they involve unrealistic (for IoT devices) requirements, such as time synchronization and synchronous communication. Moreover, they incur heavy memory, computation,and communication burdens, while not considering sleeping or otherwise disconnected devices. Motivated by the need to address these limitations, we construct Scalable Collective Remote Attestation for Pub-Sub (SCRAPS), a novel collective RA scheme. It achieves scalability by outsourcing Verifier duties to a smart contract and mitigates DoS attacks against both Provers and Verifiers. It also removes the need for synchronous communication. Furthermore,RA evidence in SCRAPS is publicly verifiable, which significantly reduces the number of attestation evidence computations, thus lowering Prover burden. We report on a prototype of SCRAPS over Hyperledger Sawtooth (a blockchain geared for IoT use-cases) and evaluate its performance, scalability, and security aspects.}, author = {Petzi, Lukas and Ben Yahya, Ala Eddine and Dmitrienko, Alexandra and Tsudik, Gene and Prantl, Thomas and Kounev, Samuel}, booktitle = {USENIX Security}, keywords = {sys:relevantfor:sss-group}, title = {SCRAPS: Scalable Collective Remote Attestation for Pub-Sub IoT Networks with Untrusted Proxy Verifier.}, year = 2022 }
• A Survey on Secure Group Communication Schemes with Focus on IoT Communication. Prantl, Thomas; Zeck, Timo; Bauer, André; Ten, Peter; Prantl, Dominik; Ben Yahya, Ala Eddine; Iffländer, Lukas; Dmitrienko, Alexandra; Krupitzer, Christian; Kounev, Samuel; in IEEE Access (2022).
  • [ BibTeX ]
  • [ URL ]
  • [ BibSonomy-Post ]
  @article{PrZeBaTePrYaIfDmKrKo_IEEEAccess_SGCSurvey, author = {Prantl, Thomas and Zeck, Timo and Bauer, André and Ten, Peter and Prantl, Dominik and Ben Yahya, Ala Eddine and Iffländer, Lukas and Dmitrienko, Alexandra and Krupitzer, Christian and Kounev, Samuel}, journal = {IEEE Access}, keywords = {sssgroup}, publisher = {IEEE}, title = {A Survey on Secure Group Communication Schemes with Focus on IoT Communication}, year = 2022 }
• An Experience Report on the Suitability of a Distributed Group Encryption Scheme for an IoT Use Case. Prantl, Thomas; Engel, Simon; Bauer, Andre; Ben Yahya, Ala Eddine; Herrnleben, Stefan; Iffländer, Lukas; Dmitrienko, Alexandra; Kounev, Samuel; in IEEE 95th Vehicular Technology Conference (VTC) (2022).
  • [ BibTeX ]
  • [ BibSonomy-Post ]
  @inproceedings{PrEnBaAlHeIfDmKo2022-IoT/CPS-DistributedGroupEncryption, author = {Prantl, Thomas and Engel, Simon and Bauer, Andre and Ben Yahya, Ala Eddine and Herrnleben, Stefan and Iffländer, Lukas and Dmitrienko, Alexandra and Kounev, Samuel}, booktitle = {IEEE 95th Vehicular Technology Conference (VTC)}, keywords = {IoT}, organization = {IEEE}, title = {An Experience Report on the Suitability of a Distributed Group Encryption Scheme for an IoT Use Case}, year = 2022 }

• All the Numbers are US: Large-scale Abuse of Contact Discovery in Mobile Messengers. Hagen, Christoph; Weinert, Christian; Sendner, Christoph; Dmitrienko, Alexandra; Schneider, Thomas; in Network and Distributed System Security Symposium (NDSS) (2021).
  • [ Abstract ]
  • [ BibTeX ]
  • [ URL ]
  • [ Download ]
  • [ BibSonomy-Post ]
  Contact discovery allows users of mobile messengers to conveniently connect with people in their address book. In this work, we demonstrate that severe privacy issues exist in currently deployed contact discovery methods. Our study of three popular mobile messengers (WhatsApp, Signal, and Telegram) shows that, contrary to expectations, largescale crawling attacks are (still) possible. Using an accurate database of mobile phone number prefixes and very few resources, we have queried 10 % of US mobile phone numbers for WhatsApp and 100 % for Signal. For Telegram we find that its API exposes a wide range of sensitive information, even about numbers not registered with the service. We present interesting (crossmessenger) usage statistics, which also reveal that very few users change the default privacy settings. Regarding mitigations, we propose novel techniques to significantly limit the feasibility of our crawling attacks, especially a new incremental contact discovery scheme that strictly improves over Signal’s current approach. Furthermore, we show that currently deployed hashing-based contact discovery protocols are severely broken by comparing three methods for efficient hash reversal of mobile phone numbers. For this, we also propose a significantly improved rainbow table construction for non-uniformly distributed inputs that is of independent interest.

  @inproceedings{DBLP:conf/ndss/2021, abstract = {Contact discovery allows users of mobile messengers to conveniently connect with people in their address book. In this work, we demonstrate that severe privacy issues exist in currently deployed contact discovery methods. Our study of three popular mobile messengers (WhatsApp, Signal, and Telegram) shows that, contrary to expectations, largescale crawling attacks are (still) possible. Using an accurate database of mobile phone number prefixes and very few resources, we have queried 10 % of US mobile phone numbers for WhatsApp and 100 % for Signal. For Telegram we find that its API exposes a wide range of sensitive information, even about numbers not registered with the service. We present interesting (crossmessenger) usage statistics, which also reveal that very few users change the default privacy settings. Regarding mitigations, we propose novel techniques to significantly limit the feasibility of our crawling attacks, especially a new incremental contact discovery scheme that strictly improves over Signal’s current approach. Furthermore, we show that currently deployed hashing-based contact discovery protocols are severely broken by comparing three methods for efficient hash reversal of mobile phone numbers. For this, we also propose a significantly improved rainbow table construction for non-uniformly distributed inputs that is of independent interest.}, author = {Hagen, Christoph and Weinert, Christian and Sendner, Christoph and Dmitrienko, Alexandra and Schneider, Thomas}, booktitle = {Network and Distributed System Security Symposium (NDSS)}, keywords = {dblp}, month = {02}, publisher = {The Internet Society}, title = {All the Numbers are US: Large-scale Abuse of Contact Discovery in Mobile Messengers}, year = 2021 }
• Vision: Challenges & Opportunities. Annaaram, Murali; Asokan, N.; Atli, Buse Gül; Avestimeh, Salman; Brasser, Ferdinand; Cammarota, Rosario; Dmitrienko, Alexandra; Dziedzic, Adam; Given-Wilson, Thomas; Gunn, Lachlan J.; Kerschbaum, Florian; Koushanfar, Farinaz; Legay, Axel; Miettinen, Markus; Nguyen, Thien Duc; Papernot, Nicolas; Sadeghi, Ahmad-Reza; Schunter, Matthias; Shokri, Reza; Smith, Virginia; in Vision Paper of the Private AI Collaborative Research Institute (2021).
  • [ BibTeX ]
  • [ Download ]
  • [ BibSonomy-Post ]
  @inproceedings{annaaramvision, author = {Annaaram, Murali and Asokan, N. and Atli, Buse Gül and Avestimeh, Salman and Brasser, Ferdinand and Cammarota, Rosario and Dmitrienko, Alexandra and Dziedzic, Adam and Given-Wilson, Thomas and Gunn, Lachlan J. and Kerschbaum, Florian and Koushanfar, Farinaz and Legay, Axel and Miettinen, Markus and Nguyen, Thien Duc and Papernot, Nicolas and Sadeghi, Ahmad-Reza and Schunter, Matthias and Shokri, Reza and Smith, Virginia}, booktitle = {Vision Paper of the Private AI Collaborative Research Institute}, keywords = {Private_AI}, title = {Vision: Challenges & Opportunities.}, year = 2021 }
• Towards a Group Encryption Scheme Benchmark: A View on Centralized Schemes with focus on IoT. Prantl, Thomas; Ten, Peter; Iffländer, Lukas; Herrnleben, Stefan; Dmitrenko, Alexandra; Kounev, Samuel; Krupitzer, Christian; in ACM/SPEC International Conference on Performance Engineering (ICPE) (2021).
  • [ Abstract ]
  • [ BibTeX ]
  • [ Download ]
  • [ BibSonomy-Post ]
  The number of devices connected to the Internet of Things (IoT) is continuously increasing to several billion nowadays. As those devices often share sensitive data, encryption of those data is an important issue. The pure volume of data and the complexity of communication patterns increases, and, accordingly, the importance of group encryption is recently gaining more importance. Still, the choice of the best-suited group encryption scheme for a specific application is complicated. Benchmarks can support this choice. However, while literature distinguishes three categories for the schemes (central, decentral, and hybrid), a one-fits-all benchmark seems challenging to achieve. In this paper, we go the first step towards a structured benchmark for group encryption schemes by presenting a benchmark for centralized group encryption schemes in an IoT scenario. To this end, our benchmark includes a description of workloads, a baseline scheme, a measurement setup, and metrics while also considering the requirements and features of centralized group encryption schemes.

  @inproceedings{PrTeIfHeDmKo2021-ICPE-GroupEncryptionCentralizedBenchmark, abstract = {The number of devices connected to the Internet of Things (IoT) is continuously increasing to several billion nowadays. As those devices often share sensitive data, encryption of those data is an important issue. The pure volume of data and the complexity of communication patterns increases, and, accordingly, the importance of group encryption is recently gaining more importance. Still, the choice of the best-suited group encryption scheme for a specific application is complicated. Benchmarks can support this choice. However, while literature distinguishes three categories for the schemes (central, decentral, and hybrid), a one-fits-all benchmark seems challenging to achieve. In this paper, we go the first step towards a structured benchmark for group encryption schemes by presenting a benchmark for centralized group encryption schemes in an IoT scenario. To this end, our benchmark includes a description of workloads, a baseline scheme, a measurement setup, and metrics while also considering the requirements and features of centralized group encryption schemes.}, author = {Prantl, Thomas and Ten, Peter and Iffländer, Lukas and Herrnleben, Stefan and Dmitrenko, Alexandra and Kounev, Samuel and Krupitzer, Christian}, booktitle = {ACM/SPEC International Conference on Performance Engineering (ICPE)}, keywords = {security}, month = {04}, series = {ICPE'21}, title = {Towards a Group Encryption Scheme Benchmark: A View on Centralized Schemes with focus on IoT}, year = 2021 }
• Performance Evaluation for a Post-Quantum Public-Key Cryptosystem. Prantl, Thomas; Prantl, Dominik; Beierlieb, Lukas; Iffländer, Lukas; Dmitrienko, Alexandra; Krupitzer, Christian; Kounev, Samuel; in IEEE 40th International Performance Computing and Communications Conference (IPCCC) (2021).
  • [ BibTeX ]
  • [ Download ]
  • [ BibSonomy-Post ]
  @inproceedings{PrPrBeIfDnKrKo2021-IPCCC-QuantumPublicKeyCryposystem, author = {Prantl, Thomas and Prantl, Dominik and Beierlieb, Lukas and Iffländer, Lukas and Dmitrienko, Alexandra and Krupitzer, Christian and Kounev, Samuel}, booktitle = {IEEE 40th International Performance Computing and Communications Conference (IPCCC)}, keywords = {security}, organization = {IEEE}, title = {Performance Evaluation for a Post-Quantum Public-Key Cryptosystem}, year = 2021 }
• Benchmarking of Pre- and Post-Quantum Group Encryption Schemes with Focus on IoT. Prantl, Thomas; Prantl, Dominik; Bauer, André; Iffländer, Lukas; Dmitrenko, Alexandra; Krupitzer, Christian; Kounev, Samuel; in IEEE 40th International Performance Computing and Communications Conference (IPCCC) (2021).
  • [ BibTeX ]
  • [ Download ]
  • [ BibSonomy-Post ]
  @inproceedings{PrPrBaIfDmKrKo2021-IPCCC-QuantumGroupEncryption, author = {Prantl, Thomas and Prantl, Dominik and Bauer, André and Iffländer, Lukas and Dmitrenko, Alexandra and Krupitzer, Christian and Kounev, Samuel}, booktitle = {IEEE 40th International Performance Computing and Communications Conference (IPCCC)}, keywords = {sss-group}, title = {Benchmarking of Pre- and Post-Quantum Group Encryption Schemes with Focus on IoT}, year = 2021 }
• RIP StrandHogg: A Practical StrandHogg Attack Detection Method on Android. Stang, Jasper; Dmitrienko, Alexandra; Roth, Sascha; in 14th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec) (2021).
  • [ Abstract ]
  • [ BibTeX ]
  • [ Download ]
  • [ BibSonomy-Post ]
  StrandHogg vulnerabilities affect Android’s multitasking system and threaten up to 90% of Android platforms, which translates to millions of affected users. Existing countermeasures require modification of the OS, have usability drawbacks, or are limited to the detection of certain attack versions. In this work, we aim to develop a generic, efficient, and usability-friendly attack detection method, which does not require OS modifications and can be employed by apps installed on any vulnerable Android platform. To achieve our goal, we analyze StrandHogg attack techniques and develop two countermeasures, one using Machine Learning and the other one using ActivityCounter – a reliable attack indicator, which we could synthetically engineer. Our first approach achieves an average F1 score of 92% across all attack variations, while ActivityCounter shows superior performance and efficiently detects all attack versions without false positives. ActivityCounter is the first solution without practical limitations, which can be easily deployed in practice and protect millions of affected users.

  @inproceedings{stang2021strandhogg, abstract = {StrandHogg vulnerabilities affect Android’s multitasking system and threaten up to 90% of Android platforms, which translates to millions of affected users. Existing countermeasures require modification of the OS, have usability drawbacks, or are limited to the detection of certain attack versions. In this work, we aim to develop a generic, efficient, and usability-friendly attack detection method, which does not require OS modifications and can be employed by apps installed on any vulnerable Android platform. To achieve our goal, we analyze StrandHogg attack techniques and develop two countermeasures, one using Machine Learning and the other one using ActivityCounter – a reliable attack indicator, which we could synthetically engineer. Our first approach achieves an average F1 score of 92% across all attack variations, while ActivityCounter shows superior performance and efficiently detects all attack versions without false positives. ActivityCounter is the first solution without practical limitations, which can be easily deployed in practice and protect millions of affected users.}, author = {Stang, Jasper and Dmitrienko, Alexandra and Roth, Sascha}, booktitle = {14th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec)}, keywords = {Android}, title = {RIP StrandHogg: A Practical StrandHogg Attack Detection Method on Android}, year = 2021 }
• Increasing Security in Satellite Networks. Schilling, Klaus; Dmitrienko, Alexandra; in 72nd International Astronautical Congress (IAC) (2021).
  • [ BibTeX ]
  • [ Download ]
  • [ BibSonomy-Post ]
  @inproceedings{schilling2021increasing, author = {Schilling, Klaus and Dmitrienko, Alexandra}, booktitle = {72nd International Astronautical Congress (IAC)}, keywords = {security}, title = {Increasing Security in Satellite Networks}, year = 2021 }
• ESCORT: Ethereum Smart COntRacTs Vulnerability Detection using Deep Neural Network and Transfer Learning. Lutz, Oliver; Chen, Huili; Fereidooni, Hossein; Sendner, Christoph; Dmitrienko, Alexandra; Sadeghi, Ahmad Reza; Koushanfar, Farinaz; in ArXiv | arXiv:2103.12607v1 (2021).
  • [ Abstract ]
  • [ BibTeX ]
  • [ URL ]
  • [ BibSonomy-Post ]
  Ethereum smart contracts are automated decentralized applications on the blockchain that describe the terms of the agreement between buyers and sellers, reducing the need for trusted intermediaries and arbitration. However, the deployment of smart contracts introduces new attack vectors into the cryptocurrency systems. In particular, programming flaws in smart contracts can be and have already been exploited to gain enormous financial profits. It is thus an emerging yet crucial issue to detect vulnerabilities of different classes in contracts in an efficient manner. Existing machine learning-based vulnerability detection methods are limited and only inspect whether the smart contract is vulnerable, or train individual classifiers for each specific vulnerability, or demonstrate multi-class vulnerability detection without extensibility consideration. To overcome the scalability and generalization limitations of existing works, we propose ESCORT, the first Deep Neural Network (DNN)-based vulnerability detection framework for Ethereum smart contracts that support lightweight transfer learning on unseen security vulnerabilities, thus is extensible and generalizable. ESCORT leverages a multi-output NN architecture that consists of two parts: (i) A common feature extractor that learns the semantics of the input contract; (ii) Multiple branch structures where each branch learns a specific vulnerability type based on features obtained from the feature extractor. Experimental results show that ESCORT achieves an average F1-score of 95% on six vulnerability types and the detection time is 0.02 seconds per contract. When extended to new vulnerability types, ESCORT yields an average F1-score of 93%. To the best of our knowledge, ESCORT is the first framework that enables transfer learning on new vulnerability types with minimal modification of the DNN model architecture and re-training overhead.

  @article{lutz2021escort, abstract = {Ethereum smart contracts are automated decentralized applications on the blockchain that describe the terms of the agreement between buyers and sellers, reducing the need for trusted intermediaries and arbitration. However, the deployment of smart contracts introduces new attack vectors into the cryptocurrency systems. In particular, programming flaws in smart contracts can be and have already been exploited to gain enormous financial profits. It is thus an emerging yet crucial issue to detect vulnerabilities of different classes in contracts in an efficient manner. Existing machine learning-based vulnerability detection methods are limited and only inspect whether the smart contract is vulnerable, or train individual classifiers for each specific vulnerability, or demonstrate multi-class vulnerability detection without extensibility consideration. To overcome the scalability and generalization limitations of existing works, we propose ESCORT, the first Deep Neural Network (DNN)-based vulnerability detection framework for Ethereum smart contracts that support lightweight transfer learning on unseen security vulnerabilities, thus is extensible and generalizable. ESCORT leverages a multi-output NN architecture that consists of two parts: (i) A common feature extractor that learns the semantics of the input contract; (ii) Multiple branch structures where each branch learns a specific vulnerability type based on features obtained from the feature extractor. Experimental results show that ESCORT achieves an average F1-score of 95% on six vulnerability types and the detection time is 0.02 seconds per contract. When extended to new vulnerability types, ESCORT yields an average F1-score of 93%. To the best of our knowledge, ESCORT is the first framework that enables transfer learning on new vulnerability types with minimal modification of the DNN model architecture and re-training overhead.}, author = {Lutz, Oliver and Chen, Huili and Fereidooni, Hossein and Sendner, Christoph and Dmitrienko, Alexandra and Sadeghi, Ahmad Reza and Koushanfar, Farinaz}, journal = {ArXiv | arXiv:2103.12607v1}, keywords = {cryptography}, month = {03}, title = {ESCORT: Ethereum Smart COntRacTs Vulnerability Detection using Deep Neural Network and Transfer Learning}, year = 2021 }
• Sound Smart Contract Security Testing with Just One Tool. Dmitrienko, Alexandra; Chen, Huili; Fereidooni, Hossein; Sendner, Christoph; Sadeghi, Ahmad-Reza; Koushanfar, Farinaz; in CyberSec&AI 2021 (2021).
  • [ BibTeX ]
  • [ URL ]
  • [ Download ]
  • [ BibSonomy-Post ]
  @conference{dmitrienko2021sound, author = {Dmitrienko, Alexandra and Chen, Huili and Fereidooni, Hossein and Sendner, Christoph and Sadeghi, Ahmad-Reza and Koushanfar, Farinaz}, booktitle = {CyberSec&AI 2021}, keywords = {sss-group}, title = {Sound Smart Contract Security Testing with Just One Tool}, year = 2021 }
• Security and Privacy Aspects of Digital Contact Tracing. Roos, Filipp; Thesis; Master Thesis. (2021, October).
  • [ Abstract ]
  • [ BibTeX ]
  • [ Download ]
  • [ BibSonomy-Post ]
  I am truly thankful to my advisor, Prof. Dr.-Ing. Alexandra Dmitrienko, for her guidance, support and patience throughout the research project and thesis writing process. Special thanks to Thien Nguyen for the discussions and feedback about the security analysis, as well as the rest of the TraceCORONA research and prototyping team at TU Darmstadt, which I am very grateful to have been a part of: Prof. Dr.-Ing. Ahmad-Reza Sadeghi, Dr.-Ing. Markus Miettinen, Joshua Kühlberg, Anel Muhamedagic and Richard Mitev. Without these people this work would not have been possible. Additionally, I would like to express gratitude to my parents, who have encouraged me to never give up, as well as the friends and family members who have helped with proofreading the thesis.

  @mastersthesis{roos2021security, abstract = {I am truly thankful to my advisor, Prof. Dr.-Ing. Alexandra Dmitrienko, for her guidance, support and patience throughout the research project and thesis writing process. Special thanks to Thien Nguyen for the discussions and feedback about the security analysis, as well as the rest of the TraceCORONA research and prototyping team at TU Darmstadt, which I am very grateful to have been a part of: Prof. Dr.-Ing. Ahmad-Reza Sadeghi, Dr.-Ing. Markus Miettinen, Joshua Kühlberg, Anel Muhamedagic and Richard Mitev. Without these people this work would not have been possible. Additionally, I would like to express gratitude to my parents, who have encouraged me to never give up, as well as the friends and family members who have helped with proofreading the thesis.}, author = {Roos, Filipp}, keywords = {security}, month = 10, publisher = {Master Thesis}, school = {University of Würzburg}, title = {Security and Privacy Aspects of Digital Contact Tracing}, year = 2021 }

• Mind the GAP: Security & Privacy Risks of Contact Tracing Apps. Baumgärtner, Lars; Dmitrienko, Alexandra; Freisleben, Bernd; Gruler, Alexander; Höchst, Jonas; Kühlberg, Joshua; Mezini, Mira; Mitev, Richard; Miettinen, Markus; Muhamedagic, Anel; Nguyen, Thien Duc; Penning, Alvar; Pustelnik, Dermot Frederik; Roos, Filipp; Sadeghi, Ahmad-Reza; Schwarz, Michael; Uhl, Christian; in ArXiv | arXiv:2006.05914v2 (2020).
  • [ Abstract ]
  • [ BibTeX ]
  • [ URL ]
  • [ BibSonomy-Post ]
  Google and Apple have jointly provided an API for exposure notification in order to implement decentralized contract tracing apps using Bluetooth Low Energy, the so-called "Google/Apple Proposal", which we abbreviate by "GAP". We demonstrate that in real-world scenarios the current GAP design is vulnerable to (i) profiling and possibly de-anonymizing infected persons, and (ii) relay-based wormhole attacks that basically can generate fake contacts with the potential of affecting the accuracy of an app-based contact tracing system. For both types of attack, we have built tools that can easily be used on mobile phones or Raspberry Pis (e.g., Bluetooth sniffers). The goal of our work is to perform a reality check towards possibly providing empirical real-world evidence for these two privacy and security risks. We hope that our findings provide valuable input for developing secure and privacy-preserving digital contact tracing systems.

  @article{mindthegap, abstract = {Google and Apple have jointly provided an API for exposure notification in order to implement decentralized contract tracing apps using Bluetooth Low Energy, the so-called "Google/Apple Proposal", which we abbreviate by "GAP". We demonstrate that in real-world scenarios the current GAP design is vulnerable to (i) profiling and possibly de-anonymizing infected persons, and (ii) relay-based wormhole attacks that basically can generate fake contacts with the potential of affecting the accuracy of an app-based contact tracing system. For both types of attack, we have built tools that can easily be used on mobile phones or Raspberry Pis (e.g., Bluetooth sniffers). The goal of our work is to perform a reality check towards possibly providing empirical real-world evidence for these two privacy and security risks. We hope that our findings provide valuable input for developing secure and privacy-preserving digital contact tracing systems.}, author = {Baumgärtner, Lars and Dmitrienko, Alexandra and Freisleben, Bernd and Gruler, Alexander and Höchst, Jonas and Kühlberg, Joshua and Mezini, Mira and Mitev, Richard and Miettinen, Markus and Muhamedagic, Anel and Nguyen, Thien Duc and Penning, Alvar and Pustelnik, Dermot Frederik and Roos, Filipp and Sadeghi, Ahmad-Reza and Schwarz, Michael and Uhl, Christian}, journal = {ArXiv | arXiv:2006.05914v2}, keywords = {TraceCORONA}, month = {06}, title = {Mind the GAP: Security & Privacy Risks of Contact Tracing Apps}, year = 2020 }
• LegIoT: Ledgered Trust Management Platform for IoT. Neureither, Jens; Dmitrienko, Alexandra; Koisser, David; Brasser, Ferdinand; Sadeghi, Ahmad-Reza; in European Symposium on Research in Computer Security (ESORICS) (2020).
  • [ Abstract ]
  • [ BibTeX ]
  • [ Download ]
  • [ BibSonomy-Post ]
  We investigate and address the currently unsolved problem of trust establishment in large-scale Internet of Things (IoT) networks where heterogeneous devices and mutually mistrusting stakeholders are involved. We design, prototype and evaluate LegIoT, a novel, probabilistic trust management system that enables secure, dynamic and flexible(yet inexpensive) trust relationships in large IoT networks. The core component of LegIoT is a novel graph-based scheme that allows network devices (graph nodes) to re-use the already existing trust associations(graph edges) very efficiently; thus, significantly reducing the number of individually conducted trust assessments. Since no central trusted third party exists, LegIoT leverages Distributed Ledger Technology(DLT) to create and manage the trust relation graph in a decentralized manner.The trust assessment among devices can be instantiated by any appropriate assessment technique, for which we focus on remote attestation(integrity verification) in this paper. We prototyped LegIoT for Hyper-ledger Sawtooth and demonstrated through evaluation that the number of trust assessments in the network can be significantly reduced – e.g.,by a factor of 20 for a network of 400 nodes and factor 5 for 1000 nodes.

  @inproceedings{neureither2020legiot, abstract = {We investigate and address the currently unsolved problem of trust establishment in large-scale Internet of Things (IoT) networks where heterogeneous devices and mutually mistrusting stakeholders are involved. We design, prototype and evaluate LegIoT, a novel, probabilistic trust management system that enables secure, dynamic and flexible(yet inexpensive) trust relationships in large IoT networks. The core component of LegIoT is a novel graph-based scheme that allows network devices (graph nodes) to re-use the already existing trust associations(graph edges) very efficiently; thus, significantly reducing the number of individually conducted trust assessments. Since no central trusted third party exists, LegIoT leverages Distributed Ledger Technology(DLT) to create and manage the trust relation graph in a decentralized manner.The trust assessment among devices can be instantiated by any appropriate assessment technique, for which we focus on remote attestation(integrity verification) in this paper. We prototyped LegIoT for Hyper-ledger Sawtooth and demonstrated through evaluation that the number of trust assessments in the network can be significantly reduced – e.g.,by a factor of 20 for a network of 400 nodes and factor 5 for 1000 nodes.}, author = {Neureither, Jens and Dmitrienko, Alexandra and Koisser, David and Brasser, Ferdinand and Sadeghi, Ahmad-Reza}, booktitle = {European Symposium on Research in Computer Security (ESORICS)}, keywords = {sss-group}, month = {09}, title = {LegIoT: Ledgered Trust Management Platform for IoT}, year = 2020 }
• Contact Tracing by Giant Data Collectors: Opening Pandora’s Box of Threats to Privacy, Sovereignty and National Security. Boutet, Antoine; Castelluccia, Claude; Cunche, Mathieu; Dmitrienko, Alexandra; Iovino, Vincenzo; Miettinen, Markus; Nguyen, Thien Duc; Roca, Vincent; Sadeghi, Ahmad-Reza; Vaudenay, Serge; Visconti, Ivan; Vuagnoux, Martin; (2020).
  • [ Abstract ]
  • [ BibTeX ]
  • [ URL ]
  • [ Download ]
  • [ BibSonomy-Post ]
  Many countries have introduced digital contact tracing apps to fight the COVID-19 pandemic. Such apps help to identify contacts between potentially infectious persons automatically and thus bear the promise of reducing the burden on manual contact tracers and increase tracing accuracy in situations in which people have difficulties identifying with whom they have been in contact. A number of different proposals for digital contact tracing systems have been made or deployed, ranging from heavily centralized to completely decentralized approaches, each with its own advantages and disadvantages in terms of tracing effectiveness and impact on user privacy. During the phase of highly dynamic evolution of these approaches, surprisingly, Google and Apple established an unprecedented friendship and agreed on a very special scheme for contact tracing, realizing this in the form of an API called GAEN that they quickly integrated into their mobile operating systems. A multitude of nationally rolled out tracing apps are now based on the GAEN approach. In this paper, we revisit such apps and the GAEN API on which they are built. In particular, we point out a number of very problematic aspects and threats that the GAEN approach creates through its security and privacy weaknesses but also through the threats that it poses on technological sovereignty and the public health system.

  @techreport{boutet2020contact, abstract = {Many countries have introduced digital contact tracing apps to fight the COVID-19 pandemic. Such apps help to identify contacts between potentially infectious persons automatically and thus bear the promise of reducing the burden on manual contact tracers and increase tracing accuracy in situations in which people have difficulties identifying with whom they have been in contact. A number of different proposals for digital contact tracing systems have been made or deployed, ranging from heavily centralized to completely decentralized approaches, each with its own advantages and disadvantages in terms of tracing effectiveness and impact on user privacy. During the phase of highly dynamic evolution of these approaches, surprisingly, Google and Apple established an unprecedented friendship and agreed on a very special scheme for contact tracing, realizing this in the form of an API called GAEN that they quickly integrated into their mobile operating systems. A multitude of nationally rolled out tracing apps are now based on the GAEN approach. In this paper, we revisit such apps and the GAEN API on which they are built. In particular, we point out a number of very problematic aspects and threats that the GAEN approach creates through its security and privacy weaknesses but also through the threats that it poses on technological sovereignty and the public health system.}, author = {Boutet, Antoine and Castelluccia, Claude and Cunche, Mathieu and Dmitrienko, Alexandra and Iovino, Vincenzo and Miettinen, Markus and Nguyen, Thien Duc and Roca, Vincent and Sadeghi, Ahmad-Reza and Vaudenay, Serge and Visconti, Ivan and Vuagnoux, Martin}, institution = {{EPFL, Switzerland ; Inria, France ; JMU W{\"u}rzburg, Germany ; University of Salerno, Italy ; base23, Geneva, Switzerland ; Technical University of Darmstadt, Germany}}, keywords = {collector}, month = 12, title = {Contact Tracing by Giant Data Collectors: Opening Pandora’s Box of Threats to Privacy, Sovereignty and National Security.}, type = {University works}, year = 2020 }
• Evaluating the Performance of a State-of-the-Art Group-oriented Encryption Scheme for Dynamic Groups in an IoT Scenario. Prantl, Thomas; Ten, Peter; Iffländer, Lukas; Dmitrenko, Alexandra; Kounev, Samuel; Krupitzer, Christian; in IEEE 28th International Symposium on Modeling, Analysis, and Simulation of Computer and Telecommunication Systems (MASCOTS) (2020).

  Acceptance Rate: 27%
  • [ Abstract ]
  • [ BibTeX ]
  • [ BibSonomy-Post ]
  New emerging technologies, such as autonomous driving, intelligent buildings, and smart cities, are promising to revolutionize user experience and offer new services. The world has to undergo large scale deployment of billions of things — cost-efficient intelligent sensors that will be interconnected into extensive networks and will collect and supply data to intelligent algorithms — to make it happen. To date, however, it is challenging to secure such an infrastructure for many-fold reasons, such as resource constraints of things, large scale deployment, manyto-many communication patterns, and dynamically changing communication groups. All these factors rule out most of the state-of-the-art encryption and key-management techniques. Group encryption algorithms are well-suitable for many-tomany communication patterns typical for IoT networks, and many of them can deal with dynamic groups. There are, however, very few constructions that could potentially fulfill the computational and storage constraints of IoT devices while providing sufficient scalability for large networks. The promising candidates, such as construction by Nishat et al. [1], were not evaluated using IoT platforms and under constraints typical for IoT networks. In this paper, we aim to fill this gap and present the evaluation of a state-of-the-art group-oriented encryption scheme by Nishat et al. to identify its applicability to IoT systems. In detail, we provide a measurement workflow, a revised version of the approach, and describe a reproducible hardware testbed. Using this evaluation environment, we analyze the performance of the encryption scheme in a typical IoT scenario from a group member perspective. The results show that all calculation times can be assumed to be constant and are always below 2 seconds. The memory requirement for permanent parameters can also be considered to be constant and are below 8.5 kbit in each case. However, the information that has to be stored temporarily for group updates has turned out to be the bottleneck of the scheme, since their memory requirements increase linearly with the group size.

  @inproceedings{PrTeIfDmKo2020-MASCOTS-GroupEncryption, abstract = {New emerging technologies, such as autonomous driving, intelligent buildings, and smart cities, are promising to revolutionize user experience and offer new services. The world has to undergo large scale deployment of billions of things — cost-efficient intelligent sensors that will be interconnected into extensive networks and will collect and supply data to intelligent algorithms — to make it happen. To date, however, it is challenging to secure such an infrastructure for many-fold reasons, such as resource constraints of things, large scale deployment, manyto-many communication patterns, and dynamically changing communication groups. All these factors rule out most of the state-of-the-art encryption and key-management techniques. Group encryption algorithms are well-suitable for many-tomany communication patterns typical for IoT networks, and many of them can deal with dynamic groups. There are, however, very few constructions that could potentially fulfill the computational and storage constraints of IoT devices while providing sufficient scalability for large networks. The promising candidates, such as construction by Nishat et al. [1], were not evaluated using IoT platforms and under constraints typical for IoT networks. In this paper, we aim to fill this gap and present the evaluation of a state-of-the-art group-oriented encryption scheme by Nishat et al. to identify its applicability to IoT systems. In detail, we provide a measurement workflow, a revised version of the approach, and describe a reproducible hardware testbed. Using this evaluation environment, we analyze the performance of the encryption scheme in a typical IoT scenario from a group member perspective. The results show that all calculation times can be assumed to be constant and are always below 2 seconds. The memory requirement for permanent parameters can also be considered to be constant and are below 8.5 kbit in each case. However, the information that has to be stored temporarily for group updates has turned out to be the bottleneck of the scheme, since their memory requirements increase linearly with the group size.}, author = {Prantl, Thomas and Ten, Peter and Iffländer, Lukas and Dmitrenko, Alexandra and Kounev, Samuel and Krupitzer, Christian}, booktitle = {IEEE 28th International Symposium on Modeling, Analysis, and Simulation of Computer and Telecommunication Systems (MASCOTS)}, keywords = {sss-group}, month = 11, note = {Acceptance Rate: 27%}, series = {MASCOTS '20}, title = {Evaluating the Performance of a State-of-the-Art Group-oriented Encryption Scheme for Dynamic Groups in an IoT Scenario}, year = 2020 }
• SIMPL: Secure IoT Management Platform. Prantl, Thomas; Ben Yahya, Ala Eddine; Dmitrienko, Alexandra; Kounev, Samuel; Lipp, Fabian; Hock, David; Rathfelder, Christoph; Hofherr, Martin; in ITG Workshop on IT Security (ITSec) (2020).
  • [ Abstract ]
  • [ BibTeX ]
  • [ Download ]
  • [ BibSonomy-Post ]
  The proliferation of IoT devices is increasing at a fast pace, whether for private or business use. However,despite their growing popularity, their safe operation is often not guaranteed. To tackle the security challenges of modern IoT environments, the German Federal Ministry of Education and Research is funding the SIMPL project in order to support research in this area. The contribution of this paper is to introduce the main goal, objectives, and key features of SIMPL

  @inproceedings{prantl2020simpl, abstract = {The proliferation of IoT devices is increasing at a fast pace, whether for private or business use. However,despite their growing popularity, their safe operation is often not guaranteed. To tackle the security challenges of modern IoT environments, the German Federal Ministry of Education and Research is funding the SIMPL project in order to support research in this area. The contribution of this paper is to introduce the main goal, objectives, and key features of SIMPL}, author = {Prantl, Thomas and Ben Yahya, Ala Eddine and Dmitrienko, Alexandra and Kounev, Samuel and Lipp, Fabian and Hock, David and Rathfelder, Christoph and Hofherr, Martin}, booktitle = {ITG Workshop on IT Security (ITSec)}, keywords = {secure}, month = {05}, title = {SIMPL: Secure IoT Management Platform}, year = 2020 }
• All the Numbers are US: Large-scale Abuse of Contact Discovery in Mobile Messengers. Hagen, Christoph; Weinert, Christian; Sendner, Christoph; Dmitrienko, Alexandra; Schneider, Thomas; in Cryptology ePrint Archive, Report 2020/1119 (2020).
  • [ BibTeX ]
  • [ URL ]
  • [ BibSonomy-Post ]
  @article{cryptoeprint:2020:1119, author = {Hagen, Christoph and Weinert, Christian and Sendner, Christoph and Dmitrienko, Alexandra and Schneider, Thomas}, journal = {Cryptology ePrint Archive, Report 2020/1119}, keywords = {security}, month = {09}, title = {All the Numbers are US: Large-scale Abuse of Contact Discovery in Mobile Messengers}, year = 2020 }
• Mind the GAP: Security & Privacy Risks of Contact Tracing Apps. Baumgärtner, Lars; Dmitrienko, Alexandra; Freisleben, Bernd; Höchst, Jonas; Kühlberg, Joshua; Mezini, Mira; Miettinen, Markus; Muhamedagic, Anel; Nguyen, Thien Duc; Penning, Alvar; Pustelnik, Dermot Frederik; Roos, Filipp; Sadeghi, Ahmad-Reza; Schwarz, Michael; Uhl, Christian; in TrustCom, Security Track (2020).
  • [ Abstract ]
  • [ BibTeX ]
  • [ Download ]
  • [ BibSonomy-Post ]
  Google and Apple have jointly provided an API for exposure notification in order to implement decentralized contract tracing apps using Bluetooth Low Energy, the so-called "Google/Apple Proposal", which we abbreviate by "GAP". We demonstrate that in real-world scenarios the current GAP design is vulnerable to (i) profiling and possibly de-anonymizing infected persons, and (ii) relay-based wormhole attacks that basically can generate fake contacts with the potential of affecting the accuracy of an app-based contact tracing system. For both types of attack, we have built tools that can easily be used on mobile phones or Raspberry Pis (e.g., Bluetooth sniffers). The goal of our work is to perform a reality check towards possibly providing empirical real-world evidence for these two privacy and security risks. We hope that our findings provide valuable input for developing secure and privacy-preserving digital contact tracing systems.

  @inproceedings{baumgartner2020security, abstract = {Google and Apple have jointly provided an API for exposure notification in order to implement decentralized contract tracing apps using Bluetooth Low Energy, the so-called "Google/Apple Proposal", which we abbreviate by "GAP". We demonstrate that in real-world scenarios the current GAP design is vulnerable to (i) profiling and possibly de-anonymizing infected persons, and (ii) relay-based wormhole attacks that basically can generate fake contacts with the potential of affecting the accuracy of an app-based contact tracing system. For both types of attack, we have built tools that can easily be used on mobile phones or Raspberry Pis (e.g., Bluetooth sniffers). The goal of our work is to perform a reality check towards possibly providing empirical real-world evidence for these two privacy and security risks. We hope that our findings provide valuable input for developing secure and privacy-preserving digital contact tracing systems.}, author = {Baumgärtner, Lars and Dmitrienko, Alexandra and Freisleben, Bernd and Höchst, Jonas and Kühlberg, Joshua and Mezini, Mira and Miettinen, Markus and Muhamedagic, Anel and Nguyen, Thien Duc and Penning, Alvar and Pustelnik, Dermot Frederik and Roos, Filipp and Sadeghi, Ahmad-Reza and Schwarz, Michael and Uhl, Christian}, booktitle = {TrustCom, Security Track}, keywords = {TraceCORONA}, month = {09}, title = {Mind the GAP: Security & Privacy Risks of Contact Tracing Apps}, year = 2020 }

• Hands off my Database: Ransomware Detection in Databases through Dynamic Analysis of Query Sequences. Iffländer, Lukas; Dmitrienko, Alexandra; Hagen, Christoph; Jobst, Michael; Kounev, Samuel; in ArXiv | arXiv:1907.06775v1 (2019).
  • [ BibTeX ]
  • [ URL ]
  • [ BibSonomy-Post ]
  @article{DBLP:journals/corr/abs-1907-06775, author = {Iffländer, Lukas and Dmitrienko, Alexandra and Hagen, Christoph and Jobst, Michael and Kounev, Samuel}, journal = {ArXiv | arXiv:1907.06775v1}, keywords = {ransomware}, month = {07}, title = {Hands off my Database: Ransomware Detection in Databases through Dynamic Analysis of Query Sequences}, year = 2019 }
• DR.SGX: Automated and Adjustable Side-Channel Protection for SGX using Data Location Randomization. Brasser, Ferdinand; Capkun, Srdjan; Dmitrienko, Alexandra; Frassetto, Tommaso; Kostiainen, Kari; Sadeghi, Ahmad-Reza; in Annual Computer Security Applications Conference (ACSAC) (2019).
  • [ Abstract ]
  • [ BibTeX ]
  • [ URL ]
  • [ Download ]
  • [ BibSonomy-Post ]
  Recent research has demonstrated that Intel’s SGX is vulnerable to software-based side-channel attacks. In a common attack, the adversary monitors CPU caches to infer secret-dependent data accesses patterns. Known defenses have major limitations, as they require either error-prone developer assistance, incur extremely high runtime overhead, or prevent only specific attacks.In this paper, we propose data location randomization as a novel defense against side-channel attacks that target data access patterns.Our goal is to break the link between the memory observations by the adversary and the actual data accesses by the victim. We design and implement a compiler-based tool called DR.SGX that instruments the enclave code, permuting data locations at fine granularity.To prevent correlation of repeated memory accesses we periodically re-randomize all enclave data. Our solution requires no developer assistance and strikes the balance between side-channel protection and performance based on an adjustable security parameter.

  @inproceedings{brasser2019drsgx, abstract = {Recent research has demonstrated that Intel’s SGX is vulnerable to software-based side-channel attacks. In a common attack, the adversary monitors CPU caches to infer secret-dependent data accesses patterns. Known defenses have major limitations, as they require either error-prone developer assistance, incur extremely high runtime overhead, or prevent only specific attacks.In this paper, we propose data location randomization as a novel defense against side-channel attacks that target data access patterns.Our goal is to break the link between the memory observations by the adversary and the actual data accesses by the victim. We design and implement a compiler-based tool called DR.SGX that instruments the enclave code, permuting data locations at fine granularity.To prevent correlation of repeated memory accesses we periodically re-randomize all enclave data. Our solution requires no developer assistance and strikes the balance between side-channel protection and performance based on an adjustable security parameter.}, author = {Brasser, Ferdinand and Capkun, Srdjan and Dmitrienko, Alexandra and Frassetto, Tommaso and Kostiainen, Kari and Sadeghi, Ahmad-Reza}, booktitle = {Annual Computer Security Applications Conference (ACSAC)}, keywords = {sss-group}, month = 12, publisher = {ACM}, title = {DR.SGX: Automated and Adjustable Side-Channel Protection for SGX using Data Location Randomization}, year = 2019 }

• SmarTor: Smarter Tor with Smart Contracts: Improving resilience of topology distribution in the Tor network. Greubel, Andre; Dmitrienko, Alexandra; Kounev, Samuel; in Annual Computer Security Applications Conference (ACSAC) (2018).
  • [ Abstract ]
  • [ BibTeX ]
  • [ Download ]
  • [ BibSonomy-Post ]
  In the Tor anonymity network, the distribution of topology information relies on the correct behavior of five out of the nine trusted directory authority servers. This centralization is concerning since powerful adversary might compromise these servers and conceal in-formation about honest nodes, leading to the full de-anonymization of all Tor users. Our work aims at distributing the work of these trusted authorities, such increasing resilience against attacks on core infrastructure components of the Tor network. In particular,we leverage several emerging technologies, such as blockchains,smart contracts, and trusted execution environments to design and prototype a system called SmarTor. This system replaces the directory authorities with a smart contract and a distributed network of untrusted entities responsible for bandwidth measurements. We prototyped SmarTorusing Ethereum smart contracts and Intel SGX secure hardware. In our evaluation, we show that SmarTor produces significantly more reliable and precise measurements compared to the current measurement system. Overall, our solution improves the decentralization of the Tor network, reduces trust assumptions and increases resilience against powerful adversaries like law enforcement and intelligence services.

  @inproceedings{GrDmKo2018-ACSAC-SmarTor, abstract = {In the Tor anonymity network, the distribution of topology information relies on the correct behavior of five out of the nine trusted directory authority servers. This centralization is concerning since powerful adversary might compromise these servers and conceal in-formation about honest nodes, leading to the full de-anonymization of all Tor users. Our work aims at distributing the work of these trusted authorities, such increasing resilience against attacks on core infrastructure components of the Tor network. In particular,we leverage several emerging technologies, such as blockchains,smart contracts, and trusted execution environments to design and prototype a system called SmarTor. This system replaces the directory authorities with a smart contract and a distributed network of untrusted entities responsible for bandwidth measurements. We prototyped SmarTorusing Ethereum smart contracts and Intel SGX secure hardware. In our evaluation, we show that SmarTor produces significantly more reliable and precise measurements compared to the current measurement system. Overall, our solution improves the decentralization of the Tor network, reduces trust assumptions and increases resilience against powerful adversaries like law enforcement and intelligence services.}, author = {Greubel, Andre and Dmitrienko, Alexandra and Kounev, Samuel}, booktitle = {Annual Computer Security Applications Conference (ACSAC)}, keywords = {smart}, month = 12, organization = {ACM}, title = {SmarTor: Smarter Tor with Smart Contracts: Improving resilience of topology distribution in the Tor network.}, year = 2018 }
• POSTER: Efficient and Effective Ransomware Detection in Databases. Hagen, Christoph; Dmitrienko, Alexandra; Iffländer, Lukas; Jobst, Michael; Kounev, Samuel; in 34th Annual Computer Security Applications Conference (ACSAC) (2018).
  • [ BibTeX ]
  • [ Download ]
  • [ BibSonomy-Post ]
  @inproceedings{Hagen2018_EfficientandEffectiveRansomwareDetectioninDatabases, author = {Hagen, Christoph and Dmitrienko, Alexandra and Iffländer, Lukas and Jobst, Michael and Kounev, Samuel}, booktitle = {34th Annual Computer Security Applications Conference (ACSAC)}, keywords = {ransomware}, month = 12, organization = {ACM}, title = {POSTER: Efficient and Effective Ransomware Detection in Databases}, year = 2018 }

• Software Grand Exposure: SGX Cache Attacks Are Practical. Brasser, Ferdinand; Müller, Urs; Dmitrienko, Alexandra; Kostiainen, Kari; Capkun, Srdjan; Sadeghi, Ahmad-Reza; in ArXiv | arXiv:1702.07521v1 (2017).
  • [ Abstract ]
  • [ BibTeX ]
  • [ URL ]
  • [ BibSonomy-Post ]
  Side-channel information leakage is a known limitation of SGX. Researchers have demonstrated that secret-dependent information can be extracted from enclave execution through page-fault access patterns. Consequently, various recent research efforts are actively seeking countermeasures to SGX side-channel attacks. It is widely assumed that SGX may be vulnerable to other side channels, such as cache access pattern monitoring,as well. However, prior to our work, the practicality and the extent of such information leakage was not studied.In this paper we demonstrate that cache-based attacks are indeed a serious threat to the confidentiality of SGX-protected programs. Our goal was to design an attack that is hard to mitigate using known defenses, and there-fore we mount our attack without interrupting enclave execution. This approach has major technical challenges,since the existing cache monitoring techniques experience significant noise if the victim process is not interrupted. We designed and implemented novel attack techniques to reduce this noise by leveraging the capabilities of the privileged adversary. Our attacks are able to recover confidential information from SGX enclaves,which we illustrate in two example cases: extraction of an entire RSA-2048 key during RSA decryption, and detection of specific human genome sequences during genomic indexing. We show that our attacks are more effective than previous cache attacks and harder to mitigate than previous SGX side-channel attacks.

  @article{206170, abstract = {Side-channel information leakage is a known limitation of SGX. Researchers have demonstrated that secret-dependent information can be extracted from enclave execution through page-fault access patterns. Consequently, various recent research efforts are actively seeking countermeasures to SGX side-channel attacks. It is widely assumed that SGX may be vulnerable to other side channels, such as cache access pattern monitoring,as well. However, prior to our work, the practicality and the extent of such information leakage was not studied.In this paper we demonstrate that cache-based attacks are indeed a serious threat to the confidentiality of SGX-protected programs. Our goal was to design an attack that is hard to mitigate using known defenses, and there-fore we mount our attack without interrupting enclave execution. This approach has major technical challenges,since the existing cache monitoring techniques experience significant noise if the victim process is not interrupted. We designed and implemented novel attack techniques to reduce this noise by leveraging the capabilities of the privileged adversary. Our attacks are able to recover confidential information from SGX enclaves,which we illustrate in two example cases: extraction of an entire RSA-2048 key during RSA decryption, and detection of specific human genome sequences during genomic indexing. We show that our attacks are more effective than previous cache attacks and harder to mitigate than previous SGX side-channel attacks.}, address = {Vancouver, BC}, author = {Brasser, Ferdinand and M{\"u}ller, Urs and Dmitrienko, Alexandra and Kostiainen, Kari and Capkun, Srdjan and Sadeghi, Ahmad-Reza}, booktitle = {{USENIX} Workshop on Offensive Technologies ({WOOT} 17)}, institution = {USENIX Association}, journal = {ArXiv | arXiv:1702.07521v1}, keywords = {myown}, month = {08}, title = {Software Grand Exposure: {SGX} Cache Attacks Are Practical}, year = 2017 }
• Phonion: Practical Protection of Metadata in Telephony Networks. Heuser, Stephan; Reaves, Bradley; Pendyala, Praveen Kumar; Carter, Henry; Dmitrienko, Alexandra; Enck, William; Kiyavash, Negar; Sadeghi, Ahmad-Reza; Traynor, Patrick; in Proceedings on Privacy Enhancing Technologies (PoPETs) (2017).
  • [ Abstract ]
  • [ BibTeX ]
  • [ Download ]
  • [ BibSonomy-Post ]
  The majority of people across the globe rely on telephony networks as their primary means of communication. As such, many of the most sensitive personal, corporate and government related communications pass through these systems every day. Unsurprisingly, such connections are subject to a wide range of attacks. Of increasing concern is the use of metadata contained in Call Detail Records (CDRs), which contain source, destination, start time and duration of a call.This information is potentially dangerous as the very act of two parties communicating can reveal significant details about their relationship and put them in the focus of targeted observation or surveillance, which is highly critical especially for journalists and activists.To address this problem, we develop the Phonion architecture to frustrate such attacks by separating call setup functions from call delivery. Specifically, Phonion allows users to preemptively establish call circuits across multiple providers and technologies before dialing into the circuit and does not require constant Internet connectivity. Since no single carrier can determine the ultimate destination of the call, it provides unlinkability for its users and helps them to avoid passive surveillance. We define and discuss a range of adversary classes and analyze why current obfuscation technologies fail to protect users against such metadata attacks. In our extensive evaluation we further analyze advanced anonymity technologies (e.g., VoIP over Tor), which do not preserve our functional requirements for high voice quality in the absence of constant broadband Internet connectivity and compatibility with landline and feature phones. Phonion is the first practical system to provide guarantees of unlinkable communication against a range of practical adversaries in telephony systems.

  @inproceedings{Phonion2017, abstract = {The majority of people across the globe rely on telephony networks as their primary means of communication. As such, many of the most sensitive personal, corporate and government related communications pass through these systems every day. Unsurprisingly, such connections are subject to a wide range of attacks. Of increasing concern is the use of metadata contained in Call Detail Records (CDRs), which contain source, destination, start time and duration of a call.This information is potentially dangerous as the very act of two parties communicating can reveal significant details about their relationship and put them in the focus of targeted observation or surveillance, which is highly critical especially for journalists and activists.To address this problem, we develop the Phonion architecture to frustrate such attacks by separating call setup functions from call delivery. Specifically, Phonion allows users to preemptively establish call circuits across multiple providers and technologies before dialing into the circuit and does not require constant Internet connectivity. Since no single carrier can determine the ultimate destination of the call, it provides unlinkability for its users and helps them to avoid passive surveillance. We define and discuss a range of adversary classes and analyze why current obfuscation technologies fail to protect users against such metadata attacks. In our extensive evaluation we further analyze advanced anonymity technologies (e.g., VoIP over Tor), which do not preserve our functional requirements for high voice quality in the absence of constant broadband Internet connectivity and compatibility with landline and feature phones. Phonion is the first practical system to provide guarantees of unlinkable communication against a range of practical adversaries in telephony systems.}, author = {Heuser, Stephan and Reaves, Bradley and Pendyala, Praveen Kumar and Carter, Henry and Dmitrienko, Alexandra and Enck, William and Kiyavash, Negar and Sadeghi, Ahmad-Reza and Traynor, Patrick}, booktitle = {Proceedings on Privacy Enhancing Technologies (PoPETs)}, keywords = {sys:relevantfor:sss-group}, month = {01}, title = {Phonion: Practical Protection of Metadata in Telephony Networks}, year = 2017 }
• Software grand exposure: SGX cache attacks are practical. Brasser, Ferdinand; Mller, Urs; Dmitrienko, Alexandra; Kostiainen, Kari; Capkun, Srdjan; Sadeghi, Ahmad-Reza; in In 11th USENIX Workshop on Offensive Technologies (WOOT 17) (2017).
  • [ Abstract ]
  • [ BibTeX ]
  • [ URL ]
  • [ Download ]
  • [ BibSonomy-Post ]
  Side-channel information leakage is a known limitation of SGX. Researchers have demonstrated that secret-dependent information can be extracted from enclave execution through page-fault access patterns. Consequently, various recent research efforts are actively seeking countermeasures to SGX side-channel attacks. It is widely assumed that SGX may be vulnerable to other side channels, such as cache access pattern monitoring,as well. However, prior to our work, the practicality and the extent of such information leakage was not studied.In this paper we demonstrate that cache-based attacks are indeed a serious threat to the confidentiality of SGX-protected programs. Our goal was to design an attack that is hard to mitigate using known defenses, and there-fore we mount our attack without interrupting enclave execution. This approach has major technical challenges,since the existing cache monitoring techniques experience significant noise if the victim process is not interrupted. We designed and implemented novel attack techniques to reduce this noise by leveraging the capabilities of the privileged adversary. Our attacks are able to recover confidential information from SGX enclaves,which we illustrate in two example cases: extraction of an entire RSA-2048 key during RSA decryption, and detection of specific human genome sequences during genomic indexing. We show that our attacks are more effective than previous cache attacks and harder to mitigate than previous SGX side-channel attacks.

  @article{206170, abstract = {Side-channel information leakage is a known limitation of SGX. Researchers have demonstrated that secret-dependent information can be extracted from enclave execution through page-fault access patterns. Consequently, various recent research efforts are actively seeking countermeasures to SGX side-channel attacks. It is widely assumed that SGX may be vulnerable to other side channels, such as cache access pattern monitoring,as well. However, prior to our work, the practicality and the extent of such information leakage was not studied.In this paper we demonstrate that cache-based attacks are indeed a serious threat to the confidentiality of SGX-protected programs. Our goal was to design an attack that is hard to mitigate using known defenses, and there-fore we mount our attack without interrupting enclave execution. This approach has major technical challenges,since the existing cache monitoring techniques experience significant noise if the victim process is not interrupted. We designed and implemented novel attack techniques to reduce this noise by leveraging the capabilities of the privileged adversary. Our attacks are able to recover confidential information from SGX enclaves,which we illustrate in two example cases: extraction of an entire RSA-2048 key during RSA decryption, and detection of specific human genome sequences during genomic indexing. We show that our attacks are more effective than previous cache attacks and harder to mitigate than previous SGX side-channel attacks.}, address = {Vancouver, BC}, author = {Brasser, Ferdinand and Mller, Urs and Dmitrienko, Alexandra and Kostiainen, Kari and Capkun, Srdjan and Sadeghi, Ahmad-Reza}, booktitle = {In 11th USENIX Workshop on Offensive Technologies (WOOT 17)}, institution = {USENIX Association}, keywords = {Attacks}, month = {08}, title = {Software grand exposure: SGX cache attacks are practical}, year = 2017 }
• μchain: How to Forget without Hard Forks. Puddu, Ivan; Dmitrienko, Alexandra; Capkun, Srdjan; in IACR Cryptology ePrint Archive (IACR) (2017).
  • [ Abstract ]
  • [ BibTeX ]
  • [ URL ]
  • [ Download ]
  • [ BibSonomy-Post ]
  In this paper, we explore an idea of making(proof-of-work) blockchains mutable. We propose and implement μchain, a mutable blockchain, that enables modifications of blockchain history. Blockchains are, by common definition,distributed and immutable data structures that store a history of events, such as transactions in a digital currency system. While the very idea of mutable event history may seem controversial at a first glance, we show thatμchain does not undermine security guarantees provided by immutable blockchains. In particular,all mutations in our system are controlled by fiat, enforced by consensus and are verifiable in the same way as regular transactions. At the same time,μchain provides a solution to a number of challenging problems, such as the patching of vulnerable smart contracts and removal of abusive content from blockchain history. It also gives rise to new blockchain applications that were not possible with immutable blockchains.For instance, governments and companies could now maintain registers of citizens and customers, while preserving their legislated rights to be forgotten. Banks could consider consolidation of cryptocurrency with traditional payments, which is hard to achieve without the ability to revert transactions. To further illustrate the power ofμchain on more concrete examples, we present two new applications, the collaborative recommendation system with the ability to censor inappropriate content, and a time-lock encryption mechanism that provides a method to decrypt messages after a certain deadline has passed.

  @article{Puddu2017chainHT, abstract = {In this paper, we explore an idea of making(proof-of-work) blockchains mutable. We propose and implement μchain, a mutable blockchain, that enables modifications of blockchain history. Blockchains are, by common definition,distributed and immutable data structures that store a history of events, such as transactions in a digital currency system. While the very idea of mutable event history may seem controversial at a first glance, we show thatμchain does not undermine security guarantees provided by immutable blockchains. In particular,all mutations in our system are controlled by fiat, enforced by consensus and are verifiable in the same way as regular transactions. At the same time,μchain provides a solution to a number of challenging problems, such as the patching of vulnerable smart contracts and removal of abusive content from blockchain history. It also gives rise to new blockchain applications that were not possible with immutable blockchains.For instance, governments and companies could now maintain registers of citizens and customers, while preserving their legislated rights to be forgotten. Banks could consider consolidation of cryptocurrency with traditional payments, which is hard to achieve without the ability to revert transactions. To further illustrate the power ofμchain on more concrete examples, we present two new applications, the collaborative recommendation system with the ability to censor inappropriate content, and a time-lock encryption mechanism that provides a method to decrypt messages after a certain deadline has passed.}, author = {Puddu, Ivan and Dmitrienko, Alexandra and Capkun, Srdjan}, journal = {IACR Cryptology ePrint Archive (IACR)}, keywords = {micro-chain}, month = {02}, title = {μchain: How to Forget without Hard Forks}, year = 2017 }
• Secure Wallet-Assisted Offline Bitcoin Payments with Double-Spender Revocation (distinguished paper award). Dmitrienko, Alexandra; Noack, David; Yung, Moti; in ACM Conference on Information, Computer and Communications Security (AsiaCCS) (2017).
  • [ Abstract ]
  • [ BibTeX ]
  • [ Download ]
  • [ BibSonomy-Post ]
  Bitcoin seems to be the most successful cryptocurrency so far given the growing real life deployment and popularity.While Bitcoin requires clients to be online to perform trans-actions and a certain amount of time to verify them, there are many real life scenarios that demand for offline and immediate payments (e.g., mobile ticketing, vending machines,etc). However, offline payments in Bitcoin raise non-trivial security challenges, as the payee has no means to verify the received coins without having access to the Bitcoin network.Moreover, even online immediate payments are shown to be vulnerable to double-spending attacks.In this paper, we propose the first solution for Bitcoin payments, which enables secure payments with Bitcoin in offline settings and in scenarios where payments need to be immediately accepted. Our approach relies on an offline wallet and deploys several novel security mechanisms to prevent double-spending and to verify the coin validity in offline set-ting. These mechanisms achieve probabilistic security to guarantee that the attack probability is lower than the de-sired threshold. We provide a security and risk analysis as well as model security parameters for various adversaries.We further eliminate remaining risks by detection of misbehaving wallets and their revocation.We implemented our solution for mobile Android client sand instantiated an offline wallet using a microSD security card. Our implementation demonstrates that smooth integration over a very prevalent platform (Android) is possible,and that offline and online payments can practically co-exist.We also discuss alternative deployment approach for the offline wallet which does not leverage secure hardware, but instead relies on a deposit system managed by the Bitcoin network.

  @inproceedings{BitcoinOffline2017, abstract = {Bitcoin seems to be the most successful cryptocurrency so far given the growing real life deployment and popularity.While Bitcoin requires clients to be online to perform trans-actions and a certain amount of time to verify them, there are many real life scenarios that demand for offline and immediate payments (e.g., mobile ticketing, vending machines,etc). However, offline payments in Bitcoin raise non-trivial security challenges, as the payee has no means to verify the received coins without having access to the Bitcoin network.Moreover, even online immediate payments are shown to be vulnerable to double-spending attacks.In this paper, we propose the first solution for Bitcoin payments, which enables secure payments with Bitcoin in offline settings and in scenarios where payments need to be immediately accepted. Our approach relies on an offline wallet and deploys several novel security mechanisms to prevent double-spending and to verify the coin validity in offline set-ting. These mechanisms achieve probabilistic security to guarantee that the attack probability is lower than the de-sired threshold. We provide a security and risk analysis as well as model security parameters for various adversaries.We further eliminate remaining risks by detection of misbehaving wallets and their revocation.We implemented our solution for mobile Android client sand instantiated an offline wallet using a microSD security card. Our implementation demonstrates that smooth integration over a very prevalent platform (Android) is possible,and that offline and online payments can practically co-exist.We also discuss alternative deployment approach for the offline wallet which does not leverage secure hardware, but instead relies on a deposit system managed by the Bitcoin network.}, author = {Dmitrienko, Alexandra and Noack, David and Yung, Moti}, booktitle = {ACM Conference on Information, Computer and Communications Security (AsiaCCS)}, keywords = {International-Conference-Workshop-Papers-Book-Chapters}, month = {04}, title = {Secure Wallet-Assisted Offline Bitcoin Payments with Double-Spender Revocation (distinguished paper award)}, year = 2017 }
• Secure Free-Floating Car Sharing for Offline Cars. Dmitrienko, Alexandra; Plappert, Christian; in ACM Conference on Data and Application Security and Privacy (CODASPY) (2017).
  • [ Abstract ]
  • [ BibTeX ]
  • [ Download ]
  • [ BibSonomy-Post ]
  In this paper, we present a new access control system for free-floating car sharing, which achieves a number of appealing features not available in the state-of-the-art solutions.First of all, it does not require online connection for cars,and, therefore, allows car sharing providers to expand their services to areas without reliable network coverage (e.g., with blind spots). Second, the solution is compatible to RFID cards – the most commonly deployed authentication token sin car sharing, and can be deployed on standard mobile platforms with various hardware features. Third, it is fully compatible with off-the-shelf cars and does not require any intrusive modifications to car’s internals.These new properties can be achieved due to a novel system design which deploys two-factor authentication and combines an RFID card (the real one or emulated in software) with a”soft” authentication token stored on a mobile platform. Such a combination increases security of the solution, preserves backward compatibility to RFID technology and enables great flexibility in protection of authentication secrets on the mobile platform. To demonstrate such a flexibility, we present a platform security concept which can be instantiate din various deployment options and provides the means to achieve best possible security given available hardware.We implemented our solution on Android and instantiated the platform security concept in three different deployment options. We evaluate security of our solution and report performance measurements

  @inproceedings{CarSharing2017, abstract = {In this paper, we present a new access control system for free-floating car sharing, which achieves a number of appealing features not available in the state-of-the-art solutions.First of all, it does not require online connection for cars,and, therefore, allows car sharing providers to expand their services to areas without reliable network coverage (e.g., with blind spots). Second, the solution is compatible to RFID cards – the most commonly deployed authentication token sin car sharing, and can be deployed on standard mobile platforms with various hardware features. Third, it is fully compatible with off-the-shelf cars and does not require any intrusive modifications to car’s internals.These new properties can be achieved due to a novel system design which deploys two-factor authentication and combines an RFID card (the real one or emulated in software) with a”soft” authentication token stored on a mobile platform. Such a combination increases security of the solution, preserves backward compatibility to RFID technology and enables great flexibility in protection of authentication secrets on the mobile platform. To demonstrate such a flexibility, we present a platform security concept which can be instantiate din various deployment options and provides the means to achieve best possible security given available hardware.We implemented our solution on Android and instantiated the platform security concept in three different deployment options. We evaluate security of our solution and report performance measurements}, author = {Dmitrienko, Alexandra and Plappert, Christian}, booktitle = {ACM Conference on Data and Application Security and Privacy (CODASPY)}, keywords = {International-Conference-Workshop-Papers-Book-Chapters}, month = {03}, title = {Secure Free-Floating Car Sharing for Offline Cars}, year = 2017 }
• POSTER: Secure Free-Floating Car Sharing for Offline Cars (an outstanding poster award). Dmitrienko, Alexandra; Plappert, Christian; in ACM Conference on Data and Application Security and Privacy (CODASPY) (2017).
  • [ BibTeX ]
  • [ Download ]
  • [ BibSonomy-Post ]
  @inproceedings{BitcoinOffline2017-poster, author = {Dmitrienko, Alexandra and Plappert, Christian}, booktitle = {ACM Conference on Data and Application Security and Privacy (CODASPY)}, keywords = {International-Conference-Workshop-Papers-Book-Chapters}, month = {03}, title = {POSTER: Secure Free-Floating Car Sharing for Offline Cars (an outstanding poster award)}, year = 2017 }
• DR.SGX: Hardening SGX Enclaves against Cache Attacks with Data Location Randomization. Brasser, Ferdinand; Capkun, Srdjan; Dmitrienko, Alexandra; Frassetto, Tommaso; Kostiainen, Kari; Müller, Urs; Sadeghi, Ahmad-Reza; in ArXiv | arXiv:1709.09917v2 (2017).
  • [ Abstract ]
  • [ BibTeX ]
  • [ URL ]
  • [ BibSonomy-Post ]
  Recent research has demonstrated that Intel’s SGX is vulnerable to software-based side-channel attacks. In a common attack, the adversary monitors CPU caches to infer secret-dependent data accesses patterns. Known defenses have major limitations, as they require either error-prone developer assistance, incur extremely high runtime overhead, or prevent only specific attacks.In this paper, we propose data location randomization as a novel defense against side-channel attacks that target data access patterns.Our goal is to break the link between the memory observations by the adversary and the actual data accesses by the victim. We design and implement a compiler-based tool called DR.SGX that instruments the enclave code, permuting data locations at fine granularity.To prevent correlation of repeated memory accesses we periodically re-randomize all enclave data. Our solution requires no developer assistance and strikes the balance between side-channel protection and performance based on an adjustable security parameter.

  @inproceedings{DrSGX-2017-TR, abstract = {Recent research has demonstrated that Intel’s SGX is vulnerable to software-based side-channel attacks. In a common attack, the adversary monitors CPU caches to infer secret-dependent data accesses patterns. Known defenses have major limitations, as they require either error-prone developer assistance, incur extremely high runtime overhead, or prevent only specific attacks.In this paper, we propose data location randomization as a novel defense against side-channel attacks that target data access patterns.Our goal is to break the link between the memory observations by the adversary and the actual data accesses by the victim. We design and implement a compiler-based tool called DR.SGX that instruments the enclave code, permuting data locations at fine granularity.To prevent correlation of repeated memory accesses we periodically re-randomize all enclave data. Our solution requires no developer assistance and strikes the balance between side-channel protection and performance based on an adjustable security parameter.}, author = {Brasser, Ferdinand and Capkun, Srdjan and Dmitrienko, Alexandra and Frassetto, Tommaso and Kostiainen, Kari and Müller, Urs and Sadeghi, Ahmad-Reza}, booktitle = {ArXiv | arXiv:1709.09917v2}, keywords = {sys:relevantfor:sss-group}, month = {09}, title = {DR.SGX: Hardening SGX Enclaves against Cache Attacks with Data Location Randomization}, year = 2017 }

• POSTER: Phonion: Frustrating Telephony Metadata Analysis. Heuser, Stephan; Reaves, Bradley; Pendyala, Praveen Kumar; Carter, Henry; Dmitrienko, Alexandra; Enck, William; Sadeghi, Ahmad-Reza; Traynor, Patrick; in Network and Distributed System Security Symposium (NDSS) (2016).
  • [ Abstract ]
  • [ BibTeX ]
  • [ Download ]
  • [ BibSonomy-Post ]
  Phone companies record network use by individual customers via Call Detail Records (CDRs). CDRs contain important metadata ranging from call source and destination to duration of the connection, route through the network and identification of the network device writing the call record.Historically, CDRs have served as a means of not only properly billing customers for the services they use, but also as a way of identifying and debugging network errors.This metadata has most recently been associated with large-scale collection campaigns by intelligence agencies. While these organizations often assert that such programs are necessary to prevent crime and terrorism, privacy advocates argue that the complete cataloging of telephony actions erode civil liberties. However, what researchers and policy makers have generally failed to consider is that a range of other adversaries may also use CDRs to violate the privacy of targeted individuals. In 2006, for example, detectives hired by executives at HP were able to use social engineering to acquire phone records and determine the identity of an anonymous corporate board member who leaked sensitive information to journalists. Such attacks are not limited to private detectives, but have also been executed by jealous spouses, curious neighbors, companies paying for employee cell phones, rogue employees at cellular providers and more. In fact, last September it was revealed that Vodafone scoured a journalist’s personal phone records to discover her sources on a story about Vodafone security problems [1] . Accordingly, strong mechanisms for making analysis of CDRs difficult is crucial to the privacy of citizens across the world.Taking the importance of call metadata for user privacy into consideration, there are prior attempts to build anonymous telecommunication systems based on Voice over IP (VoIP) and anonymization networks like Tor. However, these solutions do not provide adequate quality of service for voice calls.Moreover, they require fast and reliable Internet connectivity,which might not always be available. For instance, Internet access in countries with a repressive regime can be shut down to prevent dissemination of non-censored information. Further,even if Internet access is generally available, access to the Tor network could be censored.

  @inproceedings{PhonionPoster, abstract = {Phone companies record network use by individual customers via Call Detail Records (CDRs). CDRs contain important metadata ranging from call source and destination to duration of the connection, route through the network and identification of the network device writing the call record.Historically, CDRs have served as a means of not only properly billing customers for the services they use, but also as a way of identifying and debugging network errors.This metadata has most recently been associated with large-scale collection campaigns by intelligence agencies. While these organizations often assert that such programs are necessary to prevent crime and terrorism, privacy advocates argue that the complete cataloging of telephony actions erode civil liberties. However, what researchers and policy makers have generally failed to consider is that a range of other adversaries may also use CDRs to violate the privacy of targeted individuals. In 2006, for example, detectives hired by executives at HP were able to use social engineering to acquire phone records and determine the identity of an anonymous corporate board member who leaked sensitive information to journalists. Such attacks are not limited to private detectives, but have also been executed by jealous spouses, curious neighbors, companies paying for employee cell phones, rogue employees at cellular providers and more. In fact, last September it was revealed that Vodafone scoured a journalist’s personal phone records to discover her sources on a story about Vodafone security problems [1] . Accordingly, strong mechanisms for making analysis of CDRs difficult is crucial to the privacy of citizens across the world.Taking the importance of call metadata for user privacy into consideration, there are prior attempts to build anonymous telecommunication systems based on Voice over IP (VoIP) and anonymization networks like Tor. However, these solutions do not provide adequate quality of service for voice calls.Moreover, they require fast and reliable Internet connectivity,which might not always be available. For instance, Internet access in countries with a repressive regime can be shut down to prevent dissemination of non-censored information. Further,even if Internet access is generally available, access to the Tor network could be censored.}, author = {Heuser, Stephan and Reaves, Bradley and Pendyala, Praveen Kumar and Carter, Henry and Dmitrienko, Alexandra and Enck, William and Sadeghi, Ahmad-Reza and Traynor, Patrick}, booktitle = {Network and Distributed System Security Symposium (NDSS)}, keywords = {International-Conference-Workshop-Papers-Book-Chapters}, month = {02}, title = {POSTER: Phonion: Frustrating Telephony Metadata Analysis.}, year = 2016 }

• Security and Privacy Aspects of Mobile Platforms and Applications. Dmitrienko, Alexandra; Thesis; TU Darmstadt. (2015, April).
  • [ Abstract ]
  • [ BibTeX ]
  • [ Download ]
  • [ BibSonomy-Post ]
  Mobile smart devices (such as smartphones and tablets) emerged to dominant computing platforms for end-users. The capabilities of these convenient mini-computers seem nearly boundless: They feature compelling computing power and storage resources, new interfaces such as Near Field Communication (NFC) and Bluetooth Low Energy (BLE),connectivity to cloud services, as well as a vast number and variety of apps. By installing these apps, users can turn a mobile device into a music player, a gaming console,a navigation system, a business assistant, and more. In addition, the current trend of increased screen sizes make these devices reasonable replacements for traditional (mobile)computing platforms such as laptops.On the other hand, mobile platforms process and store the extensive amount of sensitive information about their users, ranging from the user ’s location data to credentials for online banking and enterprise Virtual Private Networks (VPNs). This raises many security and privacy concerns and makes mobile platforms attractive targets for attackers. The rapid increase in number, variety and sophistication of attacks demonstrate that the protection mechanisms offered by mobile systems today are insufficient and improvements are necessary in order to make mobile devices capable of withstanding modern security and privacy threats.This dissertation focuses on various aspects of security and privacy of mobile platforms.In particular, it consists of three parts: (i) advanced attacks on mobile platforms and countermeasures; (ii) online authentication security for mobile systems, and (iii) secure mobile applications and services.Specifically, the first part of the dissertation concentrates on advanced attacks on mobile platforms, such as code re-use attacks that hijack execution flow of benign apps without injecting malicious code, and application-level privilege escalation attacks that allow malicious or compromised apps to gain more privileges than were initially granted. In this context, we develop new advanced code re-use attack techniques that can bypass deployed protection mechanisms (e.g., Address Space Layout Randomization (ASLR)) and cannot be detected by any of the existing security tools (e.g., return address checkers). Further, we investigate the problem of application-level privilege escalation attacks on mobile platforms like Android, study and classify them, develop proof of concept exploits and propose countermeasures against these attacks. Our countermeasures can mitigate all types of application-level privilege escalation attacks, in contrast to alternative solutions proposed in literature.In the second part of the dissertation we investigate online authentication schemes frequently utilized by mobile users, such as the most common web authentication based upon the user’s passwords and the recently widespread mobile2-factor authentication(2FA) which extends the password-based approach with a secondary authenticator sent toa user ’s mobile device or generated on it (e.g, a One-time Password (OTP) or Transaction Authentication Number (TAN)). In this context we demonstrate various weaknesses ofmobile2FAschemes deployed for login verification by global Internet service providers(such as Google, Dropbox, Twitter, and Facebook) and by a popular Google Authenticator app. These weaknesses allow an attacker to impersonate legitimate users even if their mobile device with the secondary authenticator is not compromised. We then go one step further and develop a general attack method for bypassing mobile2FAschemes.Our method relies on a cross-platform infection (mobile-to-PC or PC-to-mobile) as a first step in order to compromise the Personal Computer (PC) and a mobile device of the same user. We develop proof-of-concept prototypes for a cross-platform infection and show how an attacker can bypass various instantiations of mobile2FAschemes once both devices,PC and the mobile platform, are infected. We then deliver proof-of-concept attack implementations that bypass online banking solutions based on SMS-based TAN sand visual cryptograms, as well as login verification schemes deployed by various Internet service providers. Finally, we propose a wallet-based secure solution for password-based authentication which requires no secondary authenticator, and yet provides better security guaranties than, e.g., mobile2FAschemes.The third part of the dissertation concerns design and development of security sensitive mobile applications and services. In particular, our first application allows mobile users to replace usual keys (for doors, cars, garages, etc.) with their mobile devices. It uses electronic access tokens which are generated by the central key server and then downloaded into mobile devices for user authentication. Our solution protects access tokens in transit (e.g., while they are downloaded on the mobile device) and when they are stored and processed on the mobile platform. The unique feature of our solution is offline delegation: Users can delegate (a portion of) their access rights to other users without accessing the key server. Further, our solution is efficient even when used with constraint communication interfaces like NFC.The second application we developed is devoted to resource sharing among mobile users in ad-hoc mobile networks. It enables users to, e.g., exchange files and text messages,or share their tethering connection. Our solution addresses security threats specific toresource sharing and features the required security mechanisms (e.g., access control of resources, pseudonymity for users, and accountability for resource use). One of the key features of our solution is a privacy-preserving access control of resources based on FoF Finder (FoFF) service, which provides a user-friendly means to configure access control based upon information from social networks (e.g., friendship information) while preserving user privacy (e.g., not revealing their social network identifiers).The results presented in this dissertation were included in several peer-reviewed publications [71,91,58,107,109,61,110,65,64,30] and extended technical reports [95,57,108,31]1. Some of these publications had significant impact on follow up research.For example, our publications on new forms of code re-use attacks [71,91] motivated researchers to develop more advanced forms of ASLR(e.g., [232,156,293,157]) and tore-consider the idea of using Control-Flow Integrity (CFI) (e.g., [51,300,303,182,233,77]). Further, our work on application-level privilege escalation attacks [94,57,59] was followed by many other publications addressing this problem (e.g., [106,122,209,155,146,69,63,302]). Moreover, our access control solution using mobile devices as access tokens[110,65] demonstrated significant practical impact: in2013it was chosen as a highlight of CeBIT – the world’s largest international computer expo, and was then deployed by a large enterprise to be used by tens of thousands of company employees and millions of customers.

  @phdthesis{tuprints4611, abstract = {Mobile smart devices (such as smartphones and tablets) emerged to dominant computing platforms for end-users. The capabilities of these convenient mini-computers seem nearly boundless: They feature compelling computing power and storage resources, new interfaces such as Near Field Communication (NFC) and Bluetooth Low Energy (BLE),connectivity to cloud services, as well as a vast number and variety of apps. By installing these apps, users can turn a mobile device into a music player, a gaming console,a navigation system, a business assistant, and more. In addition, the current trend of increased screen sizes make these devices reasonable replacements for traditional (mobile)computing platforms such as laptops.On the other hand, mobile platforms process and store the extensive amount of sensitive information about their users, ranging from the user ’s location data to credentials for online banking and enterprise Virtual Private Networks (VPNs). This raises many security and privacy concerns and makes mobile platforms attractive targets for attackers. The rapid increase in number, variety and sophistication of attacks demonstrate that the protection mechanisms offered by mobile systems today are insufficient and improvements are necessary in order to make mobile devices capable of withstanding modern security and privacy threats.This dissertation focuses on various aspects of security and privacy of mobile platforms.In particular, it consists of three parts: (i) advanced attacks on mobile platforms and countermeasures; (ii) online authentication security for mobile systems, and (iii) secure mobile applications and services.Specifically, the first part of the dissertation concentrates on advanced attacks on mobile platforms, such as code re-use attacks that hijack execution flow of benign apps without injecting malicious code, and application-level privilege escalation attacks that allow malicious or compromised apps to gain more privileges than were initially granted. In this context, we develop new advanced code re-use attack techniques that can bypass deployed protection mechanisms (e.g., Address Space Layout Randomization (ASLR)) and cannot be detected by any of the existing security tools (e.g., return address checkers). Further, we investigate the problem of application-level privilege escalation attacks on mobile platforms like Android, study and classify them, develop proof of concept exploits and propose countermeasures against these attacks. Our countermeasures can mitigate all types of application-level privilege escalation attacks, in contrast to alternative solutions proposed in literature.In the second part of the dissertation we investigate online authentication schemes frequently utilized by mobile users, such as the most common web authentication based upon the user’s passwords and the recently widespread mobile2-factor authentication(2FA) which extends the password-based approach with a secondary authenticator sent toa user ’s mobile device or generated on it (e.g, a One-time Password (OTP) or Transaction Authentication Number (TAN)). In this context we demonstrate various weaknesses ofmobile2FAschemes deployed for login verification by global Internet service providers(such as Google, Dropbox, Twitter, and Facebook) and by a popular Google Authenticator app. These weaknesses allow an attacker to impersonate legitimate users even if their mobile device with the secondary authenticator is not compromised. We then go one step further and develop a general attack method for bypassing mobile2FAschemes.Our method relies on a cross-platform infection (mobile-to-PC or PC-to-mobile) as a first step in order to compromise the Personal Computer (PC) and a mobile device of the same user. We develop proof-of-concept prototypes for a cross-platform infection and show how an attacker can bypass various instantiations of mobile2FAschemes once both devices,PC and the mobile platform, are infected. We then deliver proof-of-concept attack implementations that bypass online banking solutions based on SMS-based TAN sand visual cryptograms, as well as login verification schemes deployed by various Internet service providers. Finally, we propose a wallet-based secure solution for password-based authentication which requires no secondary authenticator, and yet provides better security guaranties than, e.g., mobile2FAschemes.The third part of the dissertation concerns design and development of security sensitive mobile applications and services. In particular, our first application allows mobile users to replace usual keys (for doors, cars, garages, etc.) with their mobile devices. It uses electronic access tokens which are generated by the central key server and then downloaded into mobile devices for user authentication. Our solution protects access tokens in transit (e.g., while they are downloaded on the mobile device) and when they are stored and processed on the mobile platform. The unique feature of our solution is offline delegation: Users can delegate (a portion of) their access rights to other users without accessing the key server. Further, our solution is efficient even when used with constraint communication interfaces like NFC.The second application we developed is devoted to resource sharing among mobile users in ad-hoc mobile networks. It enables users to, e.g., exchange files and text messages,or share their tethering connection. Our solution addresses security threats specific toresource sharing and features the required security mechanisms (e.g., access control of resources, pseudonymity for users, and accountability for resource use). One of the key features of our solution is a privacy-preserving access control of resources based on FoF Finder (FoFF) service, which provides a user-friendly means to configure access control based upon information from social networks (e.g., friendship information) while preserving user privacy (e.g., not revealing their social network identifiers).The results presented in this dissertation were included in several peer-reviewed publications [71,91,58,107,109,61,110,65,64,30] and extended technical reports [95,57,108,31]1. Some of these publications had significant impact on follow up research.For example, our publications on new forms of code re-use attacks [71,91] motivated researchers to develop more advanced forms of ASLR(e.g., [232,156,293,157]) and tore-consider the idea of using Control-Flow Integrity (CFI) (e.g., [51,300,303,182,233,77]). Further, our work on application-level privilege escalation attacks [94,57,59] was followed by many other publications addressing this problem (e.g., [106,122,209,155,146,69,63,302]). Moreover, our access control solution using mobile devices as access tokens[110,65] demonstrated significant practical impact: in2013it was chosen as a highlight of CeBIT – the world’s largest international computer expo, and was then deployed by a large enterprise to be used by tens of thousands of company employees and millions of customers.}, author = {Dmitrienko, Alexandra}, keywords = {Theses}, month = {04}, school = {TU Darmstadt}, title = {Security and Privacy Aspects of Mobile Platforms and Applications}, year = 2015 }
• Market-driven Code Provisioning to Mobile Secure Hardware. Dmitrienko, Alexandra; Heuser, Stephan; Nguyen, Thien Duc; da Silva Ramos, Marcos; Rein, Andre; Sadeghi, Ahmad-Reza; in Financial Cryptography and Data Security Conference (FC) (2015).
  • [ BibTeX ]
  • [ Download ]
  • [ BibSonomy-Post ]
  @inproceedings{TUD-CS-2015-0005, author = {Dmitrienko, Alexandra and Heuser, Stephan and Nguyen, Thien Duc and da Silva Ramos, Marcos and Rein, Andre and Sadeghi, Ahmad-Reza}, booktitle = {Financial Cryptography and Data Security Conference (FC)}, keywords = {Cards}, month = {01}, title = {Market-driven Code Provisioning to Mobile Secure Hardware}, year = 2015 }

• POSTER. Bitcoin2Go: Secure Offline and Fast Payments with Bitcoins. Dmitrienko, Alexandra; Noack, David; Sadeghi, Ahmad-Reza; Yung, Moti; in Financial Cryptography and Data Security Conference (FC) (2014).
  • [ BibTeX ]
  • [ Download ]
  • [ BibSonomy-Post ]
  @inproceedings{TUD-CS-2014-0039, author = {Dmitrienko, Alexandra and Noack, David and Sadeghi, Ahmad-Reza and Yung, Moti}, booktitle = {Financial Cryptography and Data Security Conference (FC)}, keywords = {Bitcoin}, month = {03}, title = {POSTER. Bitcoin2Go: Secure Offline and Fast Payments with Bitcoins}, year = 2014 }
• On the (In)Security of Mobile Two-Factor Authentication. Dmitrienko, Alexandra; Liebchen, Christopher; Rossow, Christian; Sadeghi, Ahmad-Reza; in Financial Cryptography and Data Security Conference (FC) (2014).
  • [ Abstract ]
  • [ BibTeX ]
  • [ Download ]
  • [ BibSonomy-Post ]
  Two-factor authentication (2FA) schemes aim at strengthening the security of login password-based authentication by deploying secondary authentication tokens. In this context, mobile 2FA schemes re-quire no additional hardware (e.g., a smartcard) to store and handle the secondary authentication token, and hence are considered as a reasonable trade-off between security, usability and costs. They are widely used in online banking and increasingly deployed by Internet service providers.In this paper, we investigate 2FA implementations of several well-known Internet service providers such as Google, Dropbox, Twitter and Face-book. We identify various weaknesses that allow an attacker to easily bypass them, even when the secondary authentication token is not under attacker’s control. We then go a step further and present a more general attack against mobile 2FA schemes. Our attack relies on cross-platform infection that subverts control over both end points (PC and a mobile device) involved in the authentication protocol. We apply this at-tack in practice and successfully circumvent diverse schemes: SMS-based TAN solutions of four large banks, one instance of a visual TAN scheme,2FA login verification systems of Google, Dropbox, Twitter and Face-book accounts, and the Google Authenticator app currently used by 32third-party service providers. Finally, we cluster and analyze hundreds of real-world malicious Android apps that target mobile 2FA schemes and show that banking Trojans already deploy mobile counterparts that steal 2FA credentials like TANs.

  @inproceedings{DLRS2014, abstract = {Two-factor authentication (2FA) schemes aim at strengthening the security of login password-based authentication by deploying secondary authentication tokens. In this context, mobile 2FA schemes re-quire no additional hardware (e.g., a smartcard) to store and handle the secondary authentication token, and hence are considered as a reasonable trade-off between security, usability and costs. They are widely used in online banking and increasingly deployed by Internet service providers.In this paper, we investigate 2FA implementations of several well-known Internet service providers such as Google, Dropbox, Twitter and Face-book. We identify various weaknesses that allow an attacker to easily bypass them, even when the secondary authentication token is not under attacker’s control. We then go a step further and present a more general attack against mobile 2FA schemes. Our attack relies on cross-platform infection that subverts control over both end points (PC and a mobile device) involved in the authentication protocol. We apply this at-tack in practice and successfully circumvent diverse schemes: SMS-based TAN solutions of four large banks, one instance of a visual TAN scheme,2FA login verification systems of Google, Dropbox, Twitter and Face-book accounts, and the Google Authenticator app currently used by 32third-party service providers. Finally, we cluster and analyze hundreds of real-world malicious Android apps that target mobile 2FA schemes and show that banking Trojans already deploy mobile counterparts that steal 2FA credentials like TANs.}, author = {Dmitrienko, Alexandra and Liebchen, Christopher and Rossow, Christian and Sadeghi, Ahmad-Reza}, booktitle = {Financial Cryptography and Data Security Conference (FC)}, keywords = {Technical-Reports}, month = {03}, title = {On the (In)Security of Mobile Two-Factor Authentication}, year = 2014 }
• On the (in)security of mobile two-factor authentication. Dmitrienko, Alexandra; Liebchen, Christopher; Rossow, Christian; Sadeghi, Ahmad-Reza; in CASED TUD-CS-2014-0029 (2014).
  • [ BibTeX ]
  • [ BibSonomy-Post ]
  @article{dmitrienko2014insecurity, author = {Dmitrienko, Alexandra and Liebchen, Christopher and Rossow, Christian and Sadeghi, Ahmad-Reza}, journal = {CASED TUD-CS-2014-0029}, keywords = {technical-reports}, title = {On the (in)security of mobile two-factor authentication}, year = 2014 }
• On Offline Payments with Bitcoin. Dmitrienko, Alexandra; Noack, David; Sadeghi, Ahmad-Reza; Yung, Moti; in Workshop on Bitcoin Research (BITCOIN’14) (2014).
  • [ BibTeX ]
  • [ Download ]
  • [ BibSonomy-Post ]
  @inproceedings{bitcoin-offline, author = {Dmitrienko, Alexandra and Noack, David and Sadeghi, Ahmad-Reza and Yung, Moti}, booktitle = {Workshop on Bitcoin Research (BITCOIN'14)}, keywords = {International-Conference-Workshop-Papers-Book-Chapters}, month = {03}, title = {On Offline Payments with Bitcoin}, year = 2014 }
• Security Analysis of Mobile Two-Factor Authentication Schemes. Dmitrienko, Alexandra; Liebchen, Christopher; Rossow, Christian; Sadeghi, Ahmad-Reza; in Intel Technology Journal (ITJ) (2014).
  • [ Abstract ]
  • [ BibTeX ]
  • [ Download ]
  • [ BibSonomy-Post ]
  Two-factor authentication (2FA) schemes aim at strengthening the security of login-password–based authentication by deploying secondary authentication tokens. In this context, mobile 2FA schemes require no additional hardware (such as a smartcard) to store and handle the secondary authentication token, and hence are considered as a reasonable trade off between security, usability, and cost. They are widely used in online banking and increasingly deployed by Internet service providers.In this article, we investigate 2FA implementations of several well-known Internet service providers such as Google, Dropbox, Twitter, and Facebook. We identify various weaknesses that allow an attacker to easily bypass 2FA, even when the secondary authentication token is not under the attacker’s control. We then go a step further and present a more general attack against mobile 2FA schemes. Our attack relies on a cross-platform infection that subverts control over both end points (PC and a mobile device) involved in the authentication protocol.We apply this attack in practice and successfully circumvent diverse schemes: SMS-based TAN solutions of four large banks, one instance of a visual TAN scheme, 2FA login verification systems of Google, Dropbox, Twitter, and Facebook accounts, and the Google Authenticator app currently used by 32 third-party service providers. Finally, we cluster and analyze hundreds of real-world malicious Android apps that target mobile 2FA schemes and show that banking Trojans already deploy mobile counterparts that steal 2FA credentials like TANs.

  @article{DmLiRoSa2014, abstract = {Two-factor authentication (2FA) schemes aim at strengthening the security of login-password–based authentication by deploying secondary authentication tokens. In this context, mobile 2FA schemes require no additional hardware (such as a smartcard) to store and handle the secondary authentication token, and hence are considered as a reasonable trade off between security, usability, and cost. They are widely used in online banking and increasingly deployed by Internet service providers.In this article, we investigate 2FA implementations of several well-known Internet service providers such as Google, Dropbox, Twitter, and Facebook. We identify various weaknesses that allow an attacker to easily bypass 2FA, even when the secondary authentication token is not under the attacker’s control. We then go a step further and present a more general attack against mobile 2FA schemes. Our attack relies on a cross-platform infection that subverts control over both end points (PC and a mobile device) involved in the authentication protocol.We apply this attack in practice and successfully circumvent diverse schemes: SMS-based TAN solutions of four large banks, one instance of a visual TAN scheme, 2FA login verification systems of Google, Dropbox, Twitter, and Facebook accounts, and the Google Authenticator app currently used by 32 third-party service providers. Finally, we cluster and analyze hundreds of real-world malicious Android apps that target mobile 2FA schemes and show that banking Trojans already deploy mobile counterparts that steal 2FA credentials like TANs.}, author = {Dmitrienko, Alexandra and Liebchen, Christopher and Rossow, Christian and Sadeghi, Ahmad-Reza}, journal = {Intel Technology Journal (ITJ)}, keywords = {Journal-and-Magazine-Articles}, title = {Security Analysis of Mobile Two-Factor Authentication Schemes}, year = 2014 }
• Key2Share for Authentication Services. Busold, Christoph; Dmitrienko, Alexandra; Wachsmann, Christian; in SmartCard Workshop (SRC) (2014).
  • [ Abstract ]
  • [ BibTeX ]
  • [ Download ]
  • [ BibSonomy-Post ]
  Key2Share is a smartphone-based solution for authentication services that allows users to manage their access rights to different physical resources on their mobile device. The system is applicable to various application scenarios, such as access control to enterprise facilities, hotel rooms, houses and cars. Key2Share complies with high security standards by providing reliable protection for keys in transit and on the mobile platform. Particularly, it employs modern cryptography to protect keys in transfer and leverages secure hardware (such as smartcards) for storing and handling cryptographic secrets in isolation from untrusted code, such as mobile operating system and apps.

  @inproceedings{TUD-CS-2014-0038, abstract = {Key2Share is a smartphone-based solution for authentication services that allows users to manage their access rights to different physical resources on their mobile device. The system is applicable to various application scenarios, such as access control to enterprise facilities, hotel rooms, houses and cars. Key2Share complies with high security standards by providing reliable protection for keys in transit and on the mobile platform. Particularly, it employs modern cryptography to protect keys in transfer and leverages secure hardware (such as smartcards) for storing and handling cryptographic secrets in isolation from untrusted code, such as mobile operating system and apps.}, author = {Busold, Christoph and Dmitrienko, Alexandra and Wachsmann, Christian}, booktitle = {SmartCard Workshop (SRC)}, keywords = {sys:relevantfor:sss-group}, month = {02}, title = {Key2Share for Authentication Services}, year = 2014 }

• Just-In-Time Code Reuse: On the Effectiveness of Fine-Grained Address Space Layout Randomization (best student paper award). Snow, Kevin Z.; Davi, Lucas; Dmitrienko, Alexandra; Liebchen, Christopher; Monrose, Fabian; Sadeghi, Ahmad-Reza; in IEEE Symposium on Security and Privacy (S&P) (2013).
  • [ Abstract ]
  • [ BibTeX ]
  • [ Download ]
  • [ BibSonomy-Post ]
  Fine-grained address space layout randomization(ASLR) has recently been proposed as a method of efficiently mitigating runtime attacks. In this paper, we introduce the design and implementation of a framework based on a novel attack strategy, dubbed just-in-time code reuse, that undermines the benefits of fine-grained ASLR. Specifically, we derail the assumptions embodied in fine-grained ASLR by exploiting the ability to repeatedly abuse a memory disclosure to map an application’s memory layout on-the-fly, dynamically discover API functions and gadgets, and JIT-compile a target program using those gadgets—all within a script environment at the time an exploit is launched. We demonstrate the power of our framework by using it in conjunction with a real-world exploit against Internet Explorer, and also provide extensive evaluations that demonstrate the practicality of just-in-time code reuse attacks. Our findings suggest that fine-grained ASLR may not be as promising as first thought.

  @inproceedings{TUD-CS-2013-0026, abstract = {Fine-grained address space layout randomization(ASLR) has recently been proposed as a method of efficiently mitigating runtime attacks. In this paper, we introduce the design and implementation of a framework based on a novel attack strategy, dubbed just-in-time code reuse, that undermines the benefits of fine-grained ASLR. Specifically, we derail the assumptions embodied in fine-grained ASLR by exploiting the ability to repeatedly abuse a memory disclosure to map an application’s memory layout on-the-fly, dynamically discover API functions and gadgets, and JIT-compile a target program using those gadgets—all within a script environment at the time an exploit is launched. We demonstrate the power of our framework by using it in conjunction with a real-world exploit against Internet Explorer, and also provide extensive evaluations that demonstrate the practicality of just-in-time code reuse attacks. Our findings suggest that fine-grained ASLR may not be as promising as first thought.}, author = {Snow, Kevin Z. and Davi, Lucas and Dmitrienko, Alexandra and Liebchen, Christopher and Monrose, Fabian and Sadeghi, Ahmad-Reza}, booktitle = {IEEE Symposium on Security and Privacy (S&P)}, keywords = {sys:relevantfor:sss-group}, month = {05}, title = {Just-In-Time Code Reuse: On the Effectiveness of Fine-Grained Address Space Layout Randomization (best student paper award)}, year = 2013 }
• Smart Keys for Cyber-Cars: Secure Smartphone-Based NFC-Enabled Car Immobilizer. Bertino, Elisa; Sandhu, Ravi S.; Bauer, Lujo; Park, Jaehong; in ACM Conference on Data and Application Security and Privacy (CODASPY) (2013).
  • [ Abstract ]
  • [ BibTeX ]
  • [ URL ]
  • [ Download ]
  • [ BibSonomy-Post ]
  Smartphones have become very popular and versatile de-vices. An emerging trend is the integration of smartphones into automotive systems and applications, particularly access control systems to unlock cars (doors and immobilizers). Smartphone-based automotive solutions promise to greatly enhance the user’s experience by providing advanced features far beyond the conventional dedicated tokens/tranponders. We present the first opensecurity framework for secure smartphone-based immobilizers. Our generic security architecture protects the electronic access tokens on the smart-phone and provides advanced features such as context-aware access policies, remote issuing and revocation of access rights and their delegation to other users. We discuss various approaches to instantiate our security architecture based on different hardware-based trusted execution environments, and elaborate on their security properties. We implemented our immobilizer system based on the latest Android-based smartphone and a microSD smartcard. Further, we support the algorithmic proofs of the security of the underlying protocols with automated formal verification tools.

  @inproceedings{conf/codaspy/BusoldTWDSSS13, abstract = {Smartphones have become very popular and versatile de-vices. An emerging trend is the integration of smartphones into automotive systems and applications, particularly access control systems to unlock cars (doors and immobilizers). Smartphone-based automotive solutions promise to greatly enhance the user’s experience by providing advanced features far beyond the conventional dedicated tokens/tranponders. We present the first opensecurity framework for secure smartphone-based immobilizers. Our generic security architecture protects the electronic access tokens on the smart-phone and provides advanced features such as context-aware access policies, remote issuing and revocation of access rights and their delegation to other users. We discuss various approaches to instantiate our security architecture based on different hardware-based trusted execution environments, and elaborate on their security properties. We implemented our immobilizer system based on the latest Android-based smartphone and a microSD smartcard. Further, we support the algorithmic proofs of the security of the underlying protocols with automated formal verification tools.}, booktitle = {ACM Conference on Data and Application Security and Privacy (CODASPY)}, editor = {Bertino, Elisa and Sandhu, Ravi S. and Bauer, Lujo and Park, Jaehong}, keywords = {International-Conference-Workshop-Papers-Book-Chapters}, month = {02}, publisher = {ACM}, title = {Smart Keys for Cyber-Cars: Secure Smartphone-Based NFC-Enabled Car Immobilizer}, year = 2013 }
• Mobile Platform Security Asokan, N.; Davi, Lucas; Dmitrienko, Alexandra; Heuser, Stephan; Kostiainen, Kari; Reshetova, Elena; Sadeghi, Ahmad-Reza; in Synthesis Lectures on Information Security, Privacy, and Trust 2013 (2013). (Vol. 4) Morgan & Claypool.
  • [ Abstract ]
  • [ BibTeX ]
  • [ BibSonomy-Post ]
  Recently, mobile security has garnered considerable interest in both the research community and industry due to the popularity of smartphones. The current smartphone platforms are open systems that allow application development, also for malicious parties. To protect the mobile device, its user, and other mobile ecosystem stakeholders such as network operators, application execution is controlled by a platform security architecture. This book explores how such mobile platform security architectures work. We present a generic model for mobile platform security architectures: the model illustrates commonly used security mechanisms and techniques in mobile devices and allows a systematic comparison of different platforms. We analyze several mobile platforms using the model. In addition, this book explains hardware-security mechanisms typically present in a mobile device. We also discuss enterprise security extensions for mobile platforms and survey recent research in the area of mobile platform security. The objective of this book is to provide a comprehensive overview of the current status of mobile platform security for students, researchers, and practitioners.

  @book{TUD-CS-2013-0362, abstract = {Recently, mobile security has garnered considerable interest in both the research community and industry due to the popularity of smartphones. The current smartphone platforms are open systems that allow application development, also for malicious parties. To protect the mobile device, its user, and other mobile ecosystem stakeholders such as network operators, application execution is controlled by a platform security architecture. This book explores how such mobile platform security architectures work. We present a generic model for mobile platform security architectures: the model illustrates commonly used security mechanisms and techniques in mobile devices and allows a systematic comparison of different platforms. We analyze several mobile platforms using the model. In addition, this book explains hardware-security mechanisms typically present in a mobile device. We also discuss enterprise security extensions for mobile platforms and survey recent research in the area of mobile platform security. The objective of this book is to provide a comprehensive overview of the current status of mobile platform security for students, researchers, and practitioners.}, author = {Asokan, N. and Davi, Lucas and Dmitrienko, Alexandra and Heuser, Stephan and Kostiainen, Kari and Reshetova, Elena and Sadeghi, Ahmad-Reza}, keywords = {myown}, month = 12, number = 3, publisher = {Morgan & Claypool}, series = {Synthesis Lectures on Information Security, Privacy, and Trust 2013}, title = {Mobile Platform Security}, volume = 4, year = 2013 }
• Gadge Me If You Can: Secure and Efficient Ad-hoc Instruction-Level Randomization for x86 and ARM. Davi, Lucas; Dmitrienko, Alexandra; Nürnberger, Stefan; Sadeghi, Ahmad-Reza; in ACM ASIA Conference on Computer and Communications Security (AsiaCCS) (2013).
  • [ Abstract ]
  • [ BibTeX ]
  • [ Download ]
  • [ BibSonomy-Post ]
  Code reuse attacks such as return-oriented programming are one of the most powerful threats to contemporary software. ASLR was introduced to impede these attacks by dispersing shared libraries and the executable in memory. However, in practice its entropy is rather low and, more importantly, the leakage of a single address reveals the position of a whole library in memory. The recent mitigation literature followed the route of randomization, applied it at different stages such as source code or the executable binary. However, the code segments still stay in one block. In contrast to previous work, our randomization solution, called XIFER,(1)disperses all code (executable and libraries) across the whole address space, (2) re-randomizes the address space for each run, (3) is compatible to code signing, and (4) does neither require offline static analysis nor source-code. Our prototype implementation supports the Linux ELF file format and covers both mainstream processor architectures x86 and ARM. Our evaluation demonstrates that XIFER performs efficiently at load- and during run-time (1.2% overhead).

  @inproceedings{TUD-CS-2013-0042, abstract = {Code reuse attacks such as return-oriented programming are one of the most powerful threats to contemporary software. ASLR was introduced to impede these attacks by dispersing shared libraries and the executable in memory. However, in practice its entropy is rather low and, more importantly, the leakage of a single address reveals the position of a whole library in memory. The recent mitigation literature followed the route of randomization, applied it at different stages such as source code or the executable binary. However, the code segments still stay in one block. In contrast to previous work, our randomization solution, called XIFER,(1)disperses all code (executable and libraries) across the whole address space, (2) re-randomizes the address space for each run, (3) is compatible to code signing, and (4) does neither require offline static analysis nor source-code. Our prototype implementation supports the Linux ELF file format and covers both mainstream processor architectures x86 and ARM. Our evaluation demonstrates that XIFER performs efficiently at load- and during run-time (1.2% overhead).}, author = {Davi, Lucas and Dmitrienko, Alexandra and Nürnberger, Stefan and Sadeghi, Ahmad-Reza}, booktitle = {ACM ASIA Conference on Computer and Communications Security (AsiaCCS)}, keywords = {International-Conference-Workshop-Papers-Book-Chapters}, month = {05}, title = {Gadge Me If You Can: Secure and Efficient Ad-hoc Instruction-Level Randomization for x86 and ARM}, year = 2013 }
• POSTER: Secure Smartphone-based NFC-enabled Car Immobilizer (an outstanding poster award). Busold, Christoph; Dmitrienko, Alexandra; Seudie, Herve; Taha, Ahmed; Sobhani, Majid; Wachsmann, Christian; Sadeghi, Ahmad-Reza; in ACM Conference on Data and Application Security and Privacy (CODASPY) (2013).
  • [ BibTeX ]
  • [ Download ]
  • [ BibSonomy-Post ]
  @inproceedings{TUD-CS-2013-0004a, author = {Busold, Christoph and Dmitrienko, Alexandra and Seudie, Herve and Taha, Ahmed and Sobhani, Majid and Wachsmann, Christian and Sadeghi, Ahmad-Reza}, booktitle = {ACM Conference on Data and Application Security and Privacy (CODASPY)}, keywords = {International-Conference-Workshop-Papers-Book-Chapters}, month = {02}, title = {POSTER: Secure Smartphone-based NFC-enabled Car Immobilizer (an outstanding poster award)}, year = 2013 }
• Do I know you? - Efficient and Privacy-Preserving Common Friend-Finder Protocols and Applications. Nagy, Marcin; Cristofaro, Emiliano De; Dmitrienko, Alexandra; Asokan, N.; Sadeghi, Ahmad-Reza; in Annual Computer Security Applications Conference (ACSAC) (2013).
  • [ Abstract ]
  • [ BibTeX ]
  • [ Download ]
  • [ BibSonomy-Post ]
  The increasing penetration of Online Social Networks (OSNs)prompts the need for effectively accessing and utilizing social net-working information. In numerous applications, users need to make trust and/or access control decisions involving other (possibly stranger) users, and one important factor is often the existence of common social relationships. This motivates the need for secure and privacy-preserving techniques allowing users to assess whether or not they have mutual friends.This paper introduces the Common Friends service, a frame-work for finding common friends which protects privacy of non-mutual friends and guarantees authenticity of friendships. First,we present a generic construction that reduces to secure computation of set intersection, while ensuring authenticity of announced friends via bearer capabilities. Then, we propose an efficient instantiation, based on Bloom filters, that only incurs a constant number of public-key operations and appreciably low communication overhead. Our software is designed so that developers can easily integrate Common Friends into their applications, e.g., to en-force access control based on users’ social proximity in a privacy-preserving manner. Finally, we showcase our techniques in the con-text of an existing application for sharing (tethered) Internet access,whereby users decide to share access depending on the existence of common friends. A comprehensive experimental evaluation attests to the practicality of proposed techniques.

  @inproceedings{NCDAS2013, abstract = {The increasing penetration of Online Social Networks (OSNs)prompts the need for effectively accessing and utilizing social net-working information. In numerous applications, users need to make trust and/or access control decisions involving other (possibly stranger) users, and one important factor is often the existence of common social relationships. This motivates the need for secure and privacy-preserving techniques allowing users to assess whether or not they have mutual friends.This paper introduces the Common Friends service, a frame-work for finding common friends which protects privacy of non-mutual friends and guarantees authenticity of friendships. First,we present a generic construction that reduces to secure computation of set intersection, while ensuring authenticity of announced friends via bearer capabilities. Then, we propose an efficient instantiation, based on Bloom filters, that only incurs a constant number of public-key operations and appreciably low communication overhead. Our software is designed so that developers can easily integrate Common Friends into their applications, e.g., to en-force access control based on users’ social proximity in a privacy-preserving manner. Finally, we showcase our techniques in the con-text of an existing application for sharing (tethered) Internet access,whereby users decide to share access depending on the existence of common friends. A comprehensive experimental evaluation attests to the practicality of proposed techniques.}, author = {Nagy, Marcin and Cristofaro, Emiliano De and Dmitrienko, Alexandra and Asokan, N. and Sadeghi, Ahmad-Reza}, booktitle = {Annual Computer Security Applications Conference (ACSAC)}, keywords = {International-Conference-Workshop-Papers-Book-Chapters}, month = 12, organization = {ACM}, title = {Do I know you? - Efficient and Privacy-Preserving Common Friend-Finder Protocols and Applications}, year = 2013 }
• CrowdShare: Secure mobile resource sharing. Asokan, N.; Dmitrienko, Alexandra; Nagy, Marcin; Elena, Reshetova; Sadeghi, Ahmad-Reza; Schneider, Thomas; Stelle, Stanislaus; in TUD-CS-2013-0084 (2013).
  • [ BibTeX ]
  • [ BibSonomy-Post ]
  @article{asokan2013crowdshare, author = {Asokan, N. and Dmitrienko, Alexandra and Nagy, Marcin and Elena, Reshetova and Sadeghi, Ahmad-Reza and Schneider, Thomas and Stelle, Stanislaus}, journal = {TUD-CS-2013-0084}, keywords = {myown}, month = {04}, title = {CrowdShare: Secure mobile resource sharing}, year = 2013 }
• Just-In-Time Code Reuse: The More Things Change, the More They Stay the Same. Snow, Kevin Z.; Davi, Lucas; Dmitrienko, Alexandra; Liebchen, Christopher; Monrose, Fabian; Sadeghi, Ahmad-Reza; in BlackHat USA (2013).
  • [ BibTeX ]
  • [ Download ]
  • [ BibSonomy-Post ]
  @inproceedings{SDDLMS2013, author = {Snow, Kevin Z. and Davi, Lucas and Dmitrienko, Alexandra and Liebchen, Christopher and Monrose, Fabian and Sadeghi, Ahmad-Reza}, booktitle = {BlackHat USA}, keywords = {International-Conference-Workshop-Papers-Book-Chapters}, month = {08}, title = {Just-In-Time Code Reuse: The More Things Change, the More They Stay the Same}, year = 2013 }
• CrowdShare: Secure Mobile Resource Sharing. Asokan, N.; Dmitrienko, Alexandra; Nagy, Marcin; Reshetova, Elena; Sadeghi, Ahmad-Reza; Schneider, Thomas; Stelle, Stanislaus; in International Conference on Applied Cryptography and Network Security (ACNS) (2013).
  • [ Abstract ]
  • [ BibTeX ]
  • [ Download ]
  • [ BibSonomy-Post ]
  Mobile smart devices and services have become an integral part of our daily life. In this context there are many compelling scenarios for mobile device users to share resources. A popular example is tethering. However, sharing resources also raises privacy and security issues.In this paper, we present CrowdShare, a complete framework and its (Android) implementation for secure and private resource sharing among nearby devices.CrowdShare provides pseudonymity for users, accountability of resource usage, and the possibility of specifying access control in terms of social network relationships. Further,CrowdShare preserves secure connectivity between nearby devices even in the absence of the mobile infrastructure. We have implemented CrowdShare on Android devices and report good performance results.

  @inproceedings{ADNRSSS2013a, abstract = {Mobile smart devices and services have become an integral part of our daily life. In this context there are many compelling scenarios for mobile device users to share resources. A popular example is tethering. However, sharing resources also raises privacy and security issues.In this paper, we present CrowdShare, a complete framework and its (Android) implementation for secure and private resource sharing among nearby devices.CrowdShare provides pseudonymity for users, accountability of resource usage, and the possibility of specifying access control in terms of social network relationships. Further,CrowdShare preserves secure connectivity between nearby devices even in the absence of the mobile infrastructure. We have implemented CrowdShare on Android devices and report good performance results.}, author = {Asokan, N. and Dmitrienko, Alexandra and Nagy, Marcin and Reshetova, Elena and Sadeghi, Ahmad-Reza and Schneider, Thomas and Stelle, Stanislaus}, booktitle = {International Conference on Applied Cryptography and Network Security (ACNS)}, keywords = {Technical-Reports}, month = {06}, title = {CrowdShare: Secure Mobile Resource Sharing}, year = 2013 }

• Over-the-air Cross-Platform Infection for Breaking mTAN-based Online Banking Authentication. Davi, Lucas; Dmitrienko, Alexandra; Liebchen, Christopher; Sadeghi, Ahmad-Reza; in BlackHat Abu Dhabi (2012).
  • [ Abstract ]
  • [ BibTeX ]
  • [ Download ]
  • [ BibSonomy-Post ]
  We present a novel stealthy cross-platform infection attack in WiFi networks. Our attack has high impact on two-factor authentication schemes that make use of mobile phones. In particular, we apply our attack to break mTAN authentication, one of the most used scheme for online banking worldwide (Europe, US, China). We present the design and implementation of the online banking Trojan which spreads over the WiFi network from the user's PC to her mobile phone and automatically pairs these devices. When paired, the host and the mobile malware deliver to the attacker authentication secrets which allow her to successfully authenticate against the online-banking portal and perform financial transactions in the name of the user. Our attack is stealthy compared to the known banking Trojans ZeuS/ZitMo and SpyEye/Spitmo, as it does not rely on phishing or naive user behavior for malware spreading and pairing. Our reference implementation targets Windows PCs and Android based smartphones, although our attack is not platform specific. To achieve cross-platform infection, we applied and adapted attack techniques such as remote code execution, privilege escalation, GOT overwriting, DLL injection and function hooking. Our attack can he implemented by knowledgeable attackers and calls for re-thinking of security measures deployed for protection of online transactions by banks.

  @inproceedings{TUD-CS-2012-0230, abstract = {We present a novel stealthy cross-platform infection attack in WiFi networks. Our attack has high impact on two-factor authentication schemes that make use of mobile phones. In particular, we apply our attack to break mTAN authentication, one of the most used scheme for online banking worldwide (Europe, US, China). We present the design and implementation of the online banking Trojan which spreads over the WiFi network from the user's PC to her mobile phone and automatically pairs these devices. When paired, the host and the mobile malware deliver to the attacker authentication secrets which allow her to successfully authenticate against the online-banking portal and perform financial transactions in the name of the user. Our attack is stealthy compared to the known banking Trojans ZeuS/ZitMo and SpyEye/Spitmo, as it does not rely on phishing or naive user behavior for malware spreading and pairing. Our reference implementation targets Windows PCs and Android based smartphones, although our attack is not platform specific. To achieve cross-platform infection, we applied and adapted attack techniques such as remote code execution, privilege escalation, GOT overwriting, DLL injection and function hooking. Our attack can he implemented by knowledgeable attackers and calls for re-thinking of security measures deployed for protection of online transactions by banks.}, author = {Davi, Lucas and Dmitrienko, Alexandra and Liebchen, Christopher and Sadeghi, Ahmad-Reza}, booktitle = {BlackHat Abu Dhabi}, keywords = {International-Conference-Workshop-Papers-Book-Chapters}, month = 12, title = {Over-the-air Cross-Platform Infection for Breaking mTAN-based Online Banking Authentication}, year = 2012 }
• Towards Taming Privilege-Escalation Attacks on Android. Bugiel, Sven; Davi, Lucas; Dmitrienko, Alexandra; Fischer, Thomas; Sadeghi, Ahmad-Reza; Shastry, Bhargava; in Network and Distributed System Security Symposium (NDSS) (2012).
  • [ Abstract ]
  • [ BibTeX ]
  • [ Download ]
  • [ BibSonomy-Post ]
  Android’s security framework has been an appealing subject of research in the last few years. Android has been shown to be vulnerable to application-level privilege escalation attacks, such as confused deputy attacks, and more recently, attacks by colluding applications. While most of the proposed approaches aim at solving confused deputy at-tacks, there is still no solution that simultaneously addresses collusion attacks.In this paper, we investigate the problem of designing and implementing a practical security framework for Android to protect against confused deputy and collusion attacks. We realize that defeating collusion attacks calls for a rather system-centric solution as opposed to application-dependent policy enforcement. To support our design decisions, we conduct a heuristic analysis of Android’s system behavior(with popular apps) to identify attack patterns, classify different adversary models, and point out the challenges to be tackled. Then we propose a solution for a system-centric and policy-driven runtime monitoring of communication channels between applications at multiple layers: 1) at the middleware we control IPCs between applications and indirect communication via Android system components. Moreover,inspired by the approach in QUIRE, we establish semantic links between IPCs and enable the reference monitor to verify the call-chain; 2) at the kernel level we realize mandatory access control on the file system (including Unix domain sockets) and local Internet sockets. To allow for runtime,dynamic low-level policy enforcement, we provide a callback channel between the kernel and the middleware. Finally, we evaluate the efficiency and effectiveness of our framework on known confused deputy and collusion attacks, and discuss future directions.

  @inproceedings{TUD-CS-2012-0002, abstract = {Android’s security framework has been an appealing subject of research in the last few years. Android has been shown to be vulnerable to application-level privilege escalation attacks, such as confused deputy attacks, and more recently, attacks by colluding applications. While most of the proposed approaches aim at solving confused deputy at-tacks, there is still no solution that simultaneously addresses collusion attacks.In this paper, we investigate the problem of designing and implementing a practical security framework for Android to protect against confused deputy and collusion attacks. We realize that defeating collusion attacks calls for a rather system-centric solution as opposed to application-dependent policy enforcement. To support our design decisions, we conduct a heuristic analysis of Android’s system behavior(with popular apps) to identify attack patterns, classify different adversary models, and point out the challenges to be tackled. Then we propose a solution for a system-centric and policy-driven runtime monitoring of communication channels between applications at multiple layers: 1) at the middleware we control IPCs between applications and indirect communication via Android system components. Moreover,inspired by the approach in QUIRE, we establish semantic links between IPCs and enable the reference monitor to verify the call-chain; 2) at the kernel level we realize mandatory access control on the file system (including Unix domain sockets) and local Internet sockets. To allow for runtime,dynamic low-level policy enforcement, we provide a callback channel between the kernel and the middleware. Finally, we evaluate the efficiency and effectiveness of our framework on known confused deputy and collusion attacks, and discuss future directions.}, author = {Bugiel, Sven and Davi, Lucas and Dmitrienko, Alexandra and Fischer, Thomas and Sadeghi, Ahmad-Reza and Shastry, Bhargava}, booktitle = {Network and Distributed System Security Symposium (NDSS)}, keywords = {International-Conference-Workshop-Papers-Book-Chapters}, month = {02}, title = {Towards Taming Privilege-Escalation Attacks on Android}, year = 2012 }
• MoCFI: A Framework to Mitigate Control-Flow Attacks on Smartphones. Davi, Lucas; Dmitrienko, Alexandra; Egele, Manuel; Fischer, Thomas; Holz, Thorsten; Hund, Ralf; Nürnberger, Stefan; Sadeghi, Ahmad-Reza; in Network and Distributed System Security Symposium (NDSS) (2012).
  • [ Abstract ]
  • [ BibTeX ]
  • [ URL ]
  • [ Download ]
  • [ BibSonomy-Post ]
  Runtime and control-flow attacks (such as code injection or return-oriented programming) constitute one of the most severe threats to software programs. These attacks are prevalent and have been recently applied to smartphone applications as well, of which hundreds of thousands are downloaded by users every day. While a framework for control-flow integrity (CFI) enforcement, an approach to prohibit this kind of attacks, exists for the Intel x86 plat-form, there is no such a solution for smartphones.In this paper, we present a novel framework, MoCFI(Mobile CFI), that provides a general countermeasure against control-flow attacks on smartphone platforms by en-forcing CFI. We show that CFI on typical smartphone plat-forms powered by an ARM processor is technically involved due to architectural differences between ARM and Intel x86,as well as the specifics of smartphone OSes. Our framework performs CFI on-the-fly during runtime without requiring the application’s source code. For our reference implementation we chose Apple’s iOS, because it has been an attractive target for control-flow attacks. Nevertheless, our frame-work is also applicable to other ARM-based devices such as Google’s Android. Our performance evaluation demon-strates that MoCFI is efficient and does not induce notable overhead when applied to popular iOS applications.

  @inproceedings{TUD-CS-2012-0001, abstract = {Runtime and control-flow attacks (such as code injection or return-oriented programming) constitute one of the most severe threats to software programs. These attacks are prevalent and have been recently applied to smartphone applications as well, of which hundreds of thousands are downloaded by users every day. While a framework for control-flow integrity (CFI) enforcement, an approach to prohibit this kind of attacks, exists for the Intel x86 plat-form, there is no such a solution for smartphones.In this paper, we present a novel framework, MoCFI(Mobile CFI), that provides a general countermeasure against control-flow attacks on smartphone platforms by en-forcing CFI. We show that CFI on typical smartphone plat-forms powered by an ARM processor is technically involved due to architectural differences between ARM and Intel x86,as well as the specifics of smartphone OSes. Our framework performs CFI on-the-fly during runtime without requiring the application’s source code. For our reference implementation we chose Apple’s iOS, because it has been an attractive target for control-flow attacks. Nevertheless, our frame-work is also applicable to other ARM-based devices such as Google’s Android. Our performance evaluation demon-strates that MoCFI is efficient and does not induce notable overhead when applied to popular iOS applications.}, author = {Davi, Lucas and Dmitrienko, Alexandra and Egele, Manuel and Fischer, Thomas and Holz, Thorsten and Hund, Ralf and Nürnberger, Stefan and Sadeghi, Ahmad-Reza}, booktitle = {Network and Distributed System Security Symposium (NDSS)}, keywords = {Attacks}, month = {02}, publisher = {The Internet Society}, title = {MoCFI: A Framework to Mitigate Control-Flow Attacks on Smartphones}, year = 2012 }
• SmartTokens: Delegable Access Control with NFC-enabled Smartphones. Dmitrienko, Alexandra; Sadeghi, Ahmad-Reza; Tamrakar, Sandeep; Wachsmann, Christian; in International Conference on Trust and Trustworthy Computing (TRUST) (2012).
  • [ Abstract ]
  • [ BibTeX ]
  • [ Download ]
  • [ BibSonomy-Post ]
  Today’s smartphones and tablets offer compelling computing and storage capabilities enabling a variety of mobile applications with rich functionality. The integration of new interfaces, in particular near field communication (NFC) opens new opportunities for new applications and business models, as the most recent trend in industry for payment and ticketing shows. These applications require storing and processing security-critical data on smartphones, making them attractive targets fora variety of attacks. The state of the art to enhance platform security concerns outsourcing security-critical computations to hardware-isolated Trusted Execution Environments (TrEE). However, since these TrEEsare used by software running in commodity operating systems, malware could impersonate the software and use the TrEE in an unintended way.Further, existing NFC-based access control solutions for smartphones are either not public or based on strong assumptions that are hard to achieve in practice. We present the design and implementation of a generic access control system for NFC-enabled smartphones based on a multi-level security architecture for smartphones. Our solution allows users to delegate their access rights and addresses the bandwidth constraints of NFC.Our prototype captures electronic access to facilities, such as entrances and offices, and binds NFC operations to a software-isolated TrEE established on the widely used Android smartphone operating system. We provide a formal security analysis of our protocols and evaluated the performance of our solution.

  @inproceedings{TUD-CS-2012-0071, abstract = {Today’s smartphones and tablets offer compelling computing and storage capabilities enabling a variety of mobile applications with rich functionality. The integration of new interfaces, in particular near field communication (NFC) opens new opportunities for new applications and business models, as the most recent trend in industry for payment and ticketing shows. These applications require storing and processing security-critical data on smartphones, making them attractive targets fora variety of attacks. The state of the art to enhance platform security concerns outsourcing security-critical computations to hardware-isolated Trusted Execution Environments (TrEE). However, since these TrEEsare used by software running in commodity operating systems, malware could impersonate the software and use the TrEE in an unintended way.Further, existing NFC-based access control solutions for smartphones are either not public or based on strong assumptions that are hard to achieve in practice. We present the design and implementation of a generic access control system for NFC-enabled smartphones based on a multi-level security architecture for smartphones. Our solution allows users to delegate their access rights and addresses the bandwidth constraints of NFC.Our prototype captures electronic access to facilities, such as entrances and offices, and binds NFC operations to a software-isolated TrEE established on the widely used Android smartphone operating system. We provide a formal security analysis of our protocols and evaluated the performance of our solution.}, author = {Dmitrienko, Alexandra and Sadeghi, Ahmad-Reza and Tamrakar, Sandeep and Wachsmann, Christian}, booktitle = {International Conference on Trust and Trustworthy Computing (TRUST)}, keywords = {myown}, month = {06}, publisher = {Springer}, title = {SmartTokens: Delegable Access Control with NFC-enabled Smartphones}, year = 2012 }
• XIFER: A Software Diversity Tool Against Code-Reuse Attacks. Davi, Lucas; Dmitrienko, Alexandra; Nürnberger, Stefan; Sadeghi, Ahmad-Reza; in ACM International Workshop on Wireless of the Students, by the Students, for the Students (MOBICOM) (2012).
  • [ Abstract ]
  • [ BibTeX ]
  • [ Download ]
  • [ BibSonomy-Post ]
  The enormous growth of mobile devices and their app markets has raised many security and privacy concerns. Run-time attacks seem to be a major threat, in particular, code-reuse attacks that do not require any external code injection(e.g., return-to-libc or return-oriented programming). We present, for the first time, a code transformation tool that completely mitigates code-reuse attacks by applying software diversity to the binary at runtime. Our tool XIFER(1) randomly diversifies the code of an application over the entire memory for each invocation, (2) requires no source code or any static analysis, (3) can be applied to both Intelx86 and ARM Linux executables, and (4) induces a negligible runtime overhead of only 1% in average.

  @inproceedings{TUD-CS-2012-0135, abstract = {The enormous growth of mobile devices and their app markets has raised many security and privacy concerns. Run-time attacks seem to be a major threat, in particular, code-reuse attacks that do not require any external code injection(e.g., return-to-libc or return-oriented programming). We present, for the first time, a code transformation tool that completely mitigates code-reuse attacks by applying software diversity to the binary at runtime. Our tool XIFER(1) randomly diversifies the code of an application over the entire memory for each invocation, (2) requires no source code or any static analysis, (3) can be applied to both Intelx86 and ARM Linux executables, and (4) induces a negligible runtime overhead of only 1% in average.}, author = {Davi, Lucas and Dmitrienko, Alexandra and Nürnberger, Stefan and Sadeghi, Ahmad-Reza}, booktitle = {ACM International Workshop on Wireless of the Students, by the Students, for the Students (MOBICOM)}, keywords = {International-Conference-Workshop-Papers-Book-Chapters}, month = {08}, title = {XIFER: A Software Diversity Tool Against Code-Reuse Attacks}, year = 2012 }

• A Security Architecture for Accessing Health Records on Mobile Phones. Dmitrienko, Alexandra; Hadzic, Zecir; Löhr, Hans; Sadeghi, Ahmad-Reza; Winandy, Marcel; in International Conference on Health Informatics (HEALTHINF) (2011).
  • [ Abstract ]
  • [ BibTeX ]
  • [ Download ]
  • [ BibSonomy-Post ]
  Using mobile phones to access healthcare data is an upcoming application scenario of increasing importance in the near future. However, important aspects to consider in this context are the high security and privacy requirements for sensitive medical data. Current mobile phones using standard operating systems and software cannot offer appropriate protection for sensitive data, although the hardware platform often offers dedicated security features. Malicious software (malware) like Trojan horses on the mobile phone could gain unauthorized access to sensitive medical data.In this paper, we propose a complete security framework to protect medical data (such as electronic health records) and authentication credentials that are used to access e-health servers. Derived from a generic architecture that can be used for PCs, we introduce a security architecture specifically for mobile phones, based on existing hardware security extensions. We describe security building blocks, including trusted hardware features, a security kernel providing isolated application environments as well as a secure graphical user interface, and a trusted wallet (TruWallet) for secure authentication to e-health servers. Moreover, we present a prototype implementation of the trusted wallet on a current smartphone: the Nokia N900. Based on our architecture, health care professionals can safely and securely process medical data on their mobile phones without the risk of disclosing sensitive information as compared to commodity mobile operating systems.

  @inproceedings{DLSW2011, abstract = {Using mobile phones to access healthcare data is an upcoming application scenario of increasing importance in the near future. However, important aspects to consider in this context are the high security and privacy requirements for sensitive medical data. Current mobile phones using standard operating systems and software cannot offer appropriate protection for sensitive data, although the hardware platform often offers dedicated security features. Malicious software (malware) like Trojan horses on the mobile phone could gain unauthorized access to sensitive medical data.In this paper, we propose a complete security framework to protect medical data (such as electronic health records) and authentication credentials that are used to access e-health servers. Derived from a generic architecture that can be used for PCs, we introduce a security architecture specifically for mobile phones, based on existing hardware security extensions. We describe security building blocks, including trusted hardware features, a security kernel providing isolated application environments as well as a secure graphical user interface, and a trusted wallet (TruWallet) for secure authentication to e-health servers. Moreover, we present a prototype implementation of the trusted wallet on a current smartphone: the Nokia N900. Based on our architecture, health care professionals can safely and securely process medical data on their mobile phones without the risk of disclosing sensitive information as compared to commodity mobile operating systems.}, author = {Dmitrienko, Alexandra and Hadzic, Zecir and Löhr, Hans and Sadeghi, Ahmad-Reza and Winandy, Marcel}, booktitle = {International Conference on Health Informatics (HEALTHINF)}, keywords = {sys:relevantfor:sss-group}, month = 10, title = {A Security Architecture for Accessing Health Records on Mobile Phones}, year = 2011 }
• POSTER: Control-Flow Integrity for Smartphones. Davi, Lucas; Dmitrienko, Alexandra; Egele, Manuel; Fischer, Thomas; Holz, Thorsten; Hund, Ralf; Nürnberger, Stefan; Sadeghi, Ahmad-Reza; in ACM Conference on Computer and Communications Security (CCS) (2011).
  • [ BibTeX ]
  • [ Download ]
  • [ BibSonomy-Post ]
  @inproceedings{TUD-CS-2011-0210, author = {Davi, Lucas and Dmitrienko, Alexandra and Egele, Manuel and Fischer, Thomas and Holz, Thorsten and Hund, Ralf and Nürnberger, Stefan and Sadeghi, Ahmad-Reza}, booktitle = {ACM Conference on Computer and Communications Security (CCS)}, keywords = {International-Conference-Workshop-Papers-Book-Chapters}, month = 10, publisher = {ACM}, title = {POSTER: Control-Flow Integrity for Smartphones}, year = 2011 }
• Trusted Virtual Domains on OKL4: Secure Information Sharing on Smartphones. Davi, Lucas; Dmitrienko, Alexandra; Kowalski, Christoph; Winandy, Marcel; in ACM Workshop on Scalable Trusted Computing (STC) (2011).
  • [ Abstract ]
  • [ BibTeX ]
  • [ Download ]
  • [ BibSonomy-Post ]
  The flexibility and computing power of modern smartphones to install and execute various applications allows for a rich user experience but also imposes several security concerns.Smartphones that are used both for private and corporate purposes do not separate the data and applications of different security domains, and users are usually too unskilled to deploy and configure extra security mechanisms. Hence,data leakage and unwanted information flow may occur.In this paper we present the design and implementation of the Trusted Virtual Domain (TVD) security architecture for smartphones. The TVD concept separates data and applications of different security domains and automates the security configuration on devices. In particular, we build our solution on top of the OKL4 microkernel, which provides the basic isolation properties, and extend it with a framework that realizes the TVD policy enforcement for Android operating systems. Our results show that the TVD security architecture can be built and used on modern smartphones,but there are also limitations that current security kernels like OKL4 have to address to improve the user experience.

  @inproceedings{TUD-CS-2011-0217, abstract = {The flexibility and computing power of modern smartphones to install and execute various applications allows for a rich user experience but also imposes several security concerns.Smartphones that are used both for private and corporate purposes do not separate the data and applications of different security domains, and users are usually too unskilled to deploy and configure extra security mechanisms. Hence,data leakage and unwanted information flow may occur.In this paper we present the design and implementation of the Trusted Virtual Domain (TVD) security architecture for smartphones. The TVD concept separates data and applications of different security domains and automates the security configuration on devices. In particular, we build our solution on top of the OKL4 microkernel, which provides the basic isolation properties, and extend it with a framework that realizes the TVD policy enforcement for Android operating systems. Our results show that the TVD security architecture can be built and used on modern smartphones,but there are also limitations that current security kernels like OKL4 have to address to improve the user experience.}, author = {Davi, Lucas and Dmitrienko, Alexandra and Kowalski, Christoph and Winandy, Marcel}, booktitle = {ACM Workshop on Scalable Trusted Computing (STC)}, keywords = {International-Conference-Workshop-Papers-Book-Chapters}, month = 10, publisher = {ACM Press}, title = {Trusted Virtual Domains on OKL4: Secure Information Sharing on Smartphones}, year = 2011 }
• Trusted embedded System Operating System (TeSOS) - Study and Design. Dmitrienko, Alexandra; Gessner, Dennis; Sadeghi, Ahmad-Reza; Schulz, Steffen; Stueble, Christian; Ullmann, Markus; in HGI-TR-2011-004 (2011).
  • [ BibTeX ]
  • [ Download ]
  • [ BibSonomy-Post ]
  @inproceedings{SSDSDU2011, author = {Dmitrienko, Alexandra and Gessner, Dennis and Sadeghi, Ahmad-Reza and Schulz, Steffen and Stueble, Christian and Ullmann, Markus}, booktitle = {HGI-TR-2011-004}, howpublished = {\url{http://www.trust.informatik.tu-darmstadt.de/fileadmin/user_upload/Group_TRUST/projects/TeSOS_Study.pdf}}, institution = {Ruhr-University Bochum, System Security Lab}, keywords = {Technical-Reports}, month = {04}, title = {Trusted embedded System Operating System (TeSOS) - Study and Design}, year = 2011 }
• XManDroid: A New Android Evolution to Mitigate Privilege Escalation Attacks. Bugiel, Sven; Davi, Lucas; Dmitrienko, Alexandra; Fischer, Thomas; Sadeghi, Ahmad-Reza; in TR-2011-04 (2011).
  • [ Abstract ]
  • [ BibTeX ]
  • [ Download ]
  • [ BibSonomy-Post ]
  Google Android has become a popular mobile operating system which is increasingly deployed by mobile device manufactures for various platforms. Recent attacks show that Android’s permission framework is vulnerable to application-level privilege escalation attacks, i.e., an application may indirectly gain privileges to perform unauthorized actions.The existing proposals for security extensions to Android’s middle-ware (e.g., Kirin, Saint, TaintDroid, or QUIRE) can-not fully and adequately mitigate these attacks or detect Trojans such as Soundcomber that exploit covert channels in the Android system. In this paper we present the design and implementation of XManDroid(eXtended Monitoring on Android), a security framework that extends the monitoring mechanism of Android to detect and prevent application-level privilege escalation attacks at runtime based on a system-centric system policy. Our implementation dynamically analyzes applications’ transitive permission usage while inducing a minimal performance overhead unnoticeable for the user.Depending on system policy our system representation al-lows for an effective detection of (covert) channels established through the Android system services and content providers while simultaneously optimizing the rate of false positives.We evaluate the effectiveness of XManDroidon our test suite that simulates known application-level privilege escalation attacks (including Soundcomber), and demonstrate successful detection of attacks that use Android’s inter-component communication (ICC) framework (standard for most attacks). We also performed a usability test to evaluate the impact of XManDroid on the user-experience with third party applications. Moreover, we analyze sources of false positives and discuss how this rate can be further significantly reduced.

  @inproceedings{BDDFS2011, abstract = {Google Android has become a popular mobile operating system which is increasingly deployed by mobile device manufactures for various platforms. Recent attacks show that Android’s permission framework is vulnerable to application-level privilege escalation attacks, i.e., an application may indirectly gain privileges to perform unauthorized actions.The existing proposals for security extensions to Android’s middle-ware (e.g., Kirin, Saint, TaintDroid, or QUIRE) can-not fully and adequately mitigate these attacks or detect Trojans such as Soundcomber that exploit covert channels in the Android system. In this paper we present the design and implementation of XManDroid(eXtended Monitoring on Android), a security framework that extends the monitoring mechanism of Android to detect and prevent application-level privilege escalation attacks at runtime based on a system-centric system policy. Our implementation dynamically analyzes applications’ transitive permission usage while inducing a minimal performance overhead unnoticeable for the user.Depending on system policy our system representation al-lows for an effective detection of (covert) channels established through the Android system services and content providers while simultaneously optimizing the rate of false positives.We evaluate the effectiveness of XManDroidon our test suite that simulates known application-level privilege escalation attacks (including Soundcomber), and demonstrate successful detection of attacks that use Android’s inter-component communication (ICC) framework (standard for most attacks). We also performed a usability test to evaluate the impact of XManDroid on the user-experience with third party applications. Moreover, we analyze sources of false positives and discuss how this rate can be further significantly reduced.}, author = {Bugiel, Sven and Davi, Lucas and Dmitrienko, Alexandra and Fischer, Thomas and Sadeghi, Ahmad-Reza}, booktitle = {TR-2011-04}, howpublished = {\url{http://www.trust.informatik.tu-darmstadt.de/publications/publication-details/?no_cache=1&tx_bibtex_pi1%5Bpub_id%5D=TUD-CS-2011-0127}}, institution = {Ruhr-University Bochum, System Security Lab}, keywords = {Technical-Reports}, month = {04}, title = {XManDroid: A New Android Evolution to Mitigate Privilege Escalation Attacks}, year = 2011 }
• Practical and Lightweight Domain Isolation on Android. Bugiel, Sven; Davi, Lucas; Dmitrienko, Alexandra; Heuser, Stephan; Sadeghi, Ahmad-Reza; Shastry, Bhargava; in ACM Workshop on Security and Privacy in Mobile Devices (SPSM) (2011).
  • [ Abstract ]
  • [ BibTeX ]
  • [ Download ]
  • [ BibSonomy-Post ]
  In this paper, we introduce a security framework for practical and lightweight domain isolation on Android to mitigate unauthorized data access and communication among applications of different trust levels (e.g., private and corporate). We present the design and implementation of our framework,TrustDroid, which in contrast to existing solutions enables isolation at different layers of the Android software stack:(1) at the middleware layer to prevent inter-domain application communication and data access, (2) at the kernel layer to enforce mandatory access control on the file system and on InterProcess Communication (IPC) channels, and (3) at the network layer to mediate network traffic. For instance, (3)allows network data to be only read by a particular domain,or enables basic context-based policies such as preventing Internet access by untrusted applications while an employee is connected to the company’s network.Our approach accurately addresses the demands of the business world, namely to isolate data and applications of different trust levels in a practical and lightweight way. More-over, our solution is the first leveraging mandatory access control with TOMOYO Linux on a real Android device(Nexus One). Our evaluation demonstrates that TrustDroidonly adds a negligible overhead, and in contrast to contemporary full virtualization, only minimally affects the battery’s life-time.

  @inproceedings{TUD-CS-2011-0218, abstract = {In this paper, we introduce a security framework for practical and lightweight domain isolation on Android to mitigate unauthorized data access and communication among applications of different trust levels (e.g., private and corporate). We present the design and implementation of our framework,TrustDroid, which in contrast to existing solutions enables isolation at different layers of the Android software stack:(1) at the middleware layer to prevent inter-domain application communication and data access, (2) at the kernel layer to enforce mandatory access control on the file system and on InterProcess Communication (IPC) channels, and (3) at the network layer to mediate network traffic. For instance, (3)allows network data to be only read by a particular domain,or enables basic context-based policies such as preventing Internet access by untrusted applications while an employee is connected to the company’s network.Our approach accurately addresses the demands of the business world, namely to isolate data and applications of different trust levels in a practical and lightweight way. More-over, our solution is the first leveraging mandatory access control with TOMOYO Linux on a real Android device(Nexus One). Our evaluation demonstrates that TrustDroidonly adds a negligible overhead, and in contrast to contemporary full virtualization, only minimally affects the battery’s life-time.}, author = {Bugiel, Sven and Davi, Lucas and Dmitrienko, Alexandra and Heuser, Stephan and Sadeghi, Ahmad-Reza and Shastry, Bhargava}, booktitle = {ACM Workshop on Security and Privacy in Mobile Devices (SPSM)}, keywords = {International-Conference-Workshop-Papers-Book-Chapters}, month = 10, publisher = {ACM Press}, title = {Practical and Lightweight Domain Isolation on Android}, year = 2011 }
• POSTER: The Quest for Security against Privilege Escalation Attacks on Android. Bugiel, Sven; Davi, Lucas; Dmitrienko, Alexandra; Fischer, Thomas; Sadeghi, Ahmad-Reza; Shastry, Bhargava; in ACM Conference on Computer and Communications Security (CCS) (2011).
  • [ Abstract ]
  • [ BibTeX ]
  • [ Download ]
  • [ BibSonomy-Post ]
  In this paper we present the design and implementation of a security framework that extends the reference monitor of the Android middleware and deploys a mandatory access control on Linux kernel (based on Tomoyo [9]) aiming at detecting and preventing application-level privilege escalation attacks at runtime. In contrast to existing solutions, our framework is system-centric, efficient, detects attacks that involve communication channels controlled by both, Android middleware and the Linux kernel (particularly, Binder IPC, Internet sockets and file system). It can prevent known confused deputy attacks without false positives and is also flexible enough to prevent unknown confused deputy attack sand attacks by colluding applications (e.g., Soundcomber [11])at the cost of a small rate of false positives

  @inproceedings{TUD-CS-2011-0211, abstract = {In this paper we present the design and implementation of a security framework that extends the reference monitor of the Android middleware and deploys a mandatory access control on Linux kernel (based on Tomoyo [9]) aiming at detecting and preventing application-level privilege escalation attacks at runtime. In contrast to existing solutions, our framework is system-centric, efficient, detects attacks that involve communication channels controlled by both, Android middleware and the Linux kernel (particularly, Binder IPC, Internet sockets and file system). It can prevent known confused deputy attacks without false positives and is also flexible enough to prevent unknown confused deputy attack sand attacks by colluding applications (e.g., Soundcomber [11])at the cost of a small rate of false positives}, author = {Bugiel, Sven and Davi, Lucas and Dmitrienko, Alexandra and Fischer, Thomas and Sadeghi, Ahmad-Reza and Shastry, Bhargava}, booktitle = {ACM Conference on Computer and Communications Security (CCS)}, keywords = {International-Conference-Workshop-Papers-Book-Chapters}, month = 10, publisher = {ACM}, title = {POSTER: The Quest for Security against Privilege Escalation Attacks on Android}, year = 2011 }
• CFI Goes Mobile: Control-Flow Integrity for Smartphones. Davi, Lucas; Dmitrienko, Alexandra; Egele, Manuel; Fischer, Thomas; Holz, Thorsten; Hund, Ralf; Nürnberger, Stefan; Sadeghi, Ahmad-Reza; in International Workshop on Trustworthy Embedded Devices (TrustED) (2011).
  • [ Abstract ]
  • [ BibTeX ]
  • [ Download ]
  • [ BibSonomy-Post ]
  Despite extensive research over the last two decades, control-flow (or runtime) attacks on software are still prevalent. Recently, smart-phones, of which millions are in use today, have become an attractive target for adversaries. However, existing solutions are either ad-hoc or limited in their effectiveness.In this paper, we present a general countermeasure against control-flow attacks on smartphone platforms. Our approach makes use of control-flow integrity(CFI), and tackles unique challenges of the ARM architecture and smartphone platforms (e.g., application encryption and signing,closed-source OS). Our framework and implementation is efficient, since it requires no access to source code, performs CFI enforcement on-the-fly during runtime, and is compatible to memory randomization (e.g.,ASLR) and code signing/encryption. We chose Apple iPhone for our reference implementation, because it has become an attractive target for control-flow attacks due to its wide spread deployment of native code.Our performance evaluation on a real iOS device demonstrates that our implementation does not induce any notable overhead when applied to popular iOS applications.

  @inproceedings{TUD-CS-2011-0281, abstract = {Despite extensive research over the last two decades, control-flow (or runtime) attacks on software are still prevalent. Recently, smart-phones, of which millions are in use today, have become an attractive target for adversaries. However, existing solutions are either ad-hoc or limited in their effectiveness.In this paper, we present a general countermeasure against control-flow attacks on smartphone platforms. Our approach makes use of control-flow integrity(CFI), and tackles unique challenges of the ARM architecture and smartphone platforms (e.g., application encryption and signing,closed-source OS). Our framework and implementation is efficient, since it requires no access to source code, performs CFI enforcement on-the-fly during runtime, and is compatible to memory randomization (e.g.,ASLR) and code signing/encryption. We chose Apple iPhone for our reference implementation, because it has become an attractive target for control-flow attacks due to its wide spread deployment of native code.Our performance evaluation on a real iOS device demonstrates that our implementation does not induce any notable overhead when applied to popular iOS applications.}, author = {Davi, Lucas and Dmitrienko, Alexandra and Egele, Manuel and Fischer, Thomas and Holz, Thorsten and Hund, Ralf and Nürnberger, Stefan and Sadeghi, Ahmad-Reza}, booktitle = {International Workshop on Trustworthy Embedded Devices (TrustED)}, keywords = {International-Conference-Workshop-Papers-Book-Chapters}, month = {09}, title = {CFI Goes Mobile: Control-Flow Integrity for Smartphones}, year = 2011 }
• Securing the Access to Electronic Health Records on Mobile Phones. Dmitrienko, Alexandra; Hadzic, Zecir; Löhr, Hans; Sadeghi, Ahmad-Reza; Winandy, Marcel; in Biomedical Engineering Systems and Technologies (BIOSTEC) (2011).
  • [ Abstract ]
  • [ BibTeX ]
  • [ Download ]
  • [ BibSonomy-Post ]
  Mobile phones are increasingly used in the e-health domain.In this context, enabling secure access to health records from mobile de-vices is of particular importance because of the high security and privacy requirements for sensitive medical data. Standard operating systems and software, as they are deployed on current smartphones, cannot protect sensitive data appropriately, even though modern mobile hardware plat-forms often provide dedicated security features. Current mobile phones are prone to attacks by malicious software, which might gain unauthorized access to sensitive medical data.In this paper, we present a security architecture for the protection of electronic health records and authentication credentials that are used to access e-health services. Our architecture is derived from a generic solution and tailored specifically to current mobile platforms with hardware security extensions. Authentication data are protected by a trusted wallet (TruWallet), which leverages trusted hardware features of the phone and isolated application environments provided by a secure operating system. A separate application environment is used to provide runtime protection of medical data. Furthermore, we present a prototype implementation of TruWallet on the Nokia N900 mobile phone. In contrast to commodity systems, our architecture enables healthcare professionals to securely access medical data on their mobile devices without the risk of disclosing sensitive information.

  @inproceedings{DLSW2011b, abstract = {Mobile phones are increasingly used in the e-health domain.In this context, enabling secure access to health records from mobile de-vices is of particular importance because of the high security and privacy requirements for sensitive medical data. Standard operating systems and software, as they are deployed on current smartphones, cannot protect sensitive data appropriately, even though modern mobile hardware plat-forms often provide dedicated security features. Current mobile phones are prone to attacks by malicious software, which might gain unauthorized access to sensitive medical data.In this paper, we present a security architecture for the protection of electronic health records and authentication credentials that are used to access e-health services. Our architecture is derived from a generic solution and tailored specifically to current mobile platforms with hardware security extensions. Authentication data are protected by a trusted wallet (TruWallet), which leverages trusted hardware features of the phone and isolated application environments provided by a secure operating system. A separate application environment is used to provide runtime protection of medical data. Furthermore, we present a prototype implementation of TruWallet on the Nokia N900 mobile phone. In contrast to commodity systems, our architecture enables healthcare professionals to securely access medical data on their mobile devices without the risk of disclosing sensitive information.}, author = {Dmitrienko, Alexandra and Hadzic, Zecir and Löhr, Hans and Sadeghi, Ahmad-Reza and Winandy, Marcel}, booktitle = {Biomedical Engineering Systems and Technologies (BIOSTEC)}, keywords = {sys:relevantfor:sss-group}, title = {Securing the Access to Electronic Health Records on Mobile Phones}, year = 2011 }

• Return-Oriented Programming without Returns on ARM. (HGI-TR-2010-002), Davi, Lucas; Dmitrienko, Alexandra; Sadeghi, Ahmad-Reza; Winandy, Marcel; (2010).
  • [ Abstract ]
  • [ BibTeX ]
  • [ Download ]
  • [ BibSonomy-Post ]
  n this paper we present a novel and general attack method on ARM-based computing platforms.Our attack deploys the principles of return-oriented programming (ROP). However, in contrast to conventional ROP, our attack exploits jumps instead of return addresses, and hence it can circumvent return address checkers. We show that our attack is Turing-complete and can induce arbitrary change of behavior in running programs without any code injection. We instantiate our attack method on the Android platform. We present an attack example that succeeds to send unauthorized text messages(SMS) and phone calls to high-cost numbers from a user’s device. To achieve this result, our attack(i) modifies program behavior without code injection, and (ii) abuses permissions assigned to an application.

  @techreport{DDSW2010a, abstract = {n this paper we present a novel and general attack method on ARM-based computing platforms.Our attack deploys the principles of return-oriented programming (ROP). However, in contrast to conventional ROP, our attack exploits jumps instead of return addresses, and hence it can circumvent return address checkers. We show that our attack is Turing-complete and can induce arbitrary change of behavior in running programs without any code injection. We instantiate our attack method on the Android platform. We present an attack example that succeeds to send unauthorized text messages(SMS) and phone calls to high-cost numbers from a user’s device. To achieve this result, our attack(i) modifies program behavior without code injection, and (ii) abuses permissions assigned to an application.}, author = {Davi, Lucas and Dmitrienko, Alexandra and Sadeghi, Ahmad-Reza and Winandy, Marcel}, howpublished = {\url{http://www.trust.rub.de/media/trust/veroeffentlichungen/2010/07/21/ROP-without-Returns-on-ARM.pdf}}, institution = {Ruhr-University Bochum, System Security Lab}, keywords = {Technical-Reports}, month = {04}, number = {HGI-TR-2010-002}, title = {Return-Oriented Programming without Returns on ARM}, year = 2010 }
• TruWalletM: Secure Web Authentication on Mobile Platforms. Bugiel, Sven; Dmitrienko, Alexandra; Kostiainen, Kari; Sadeghi, Ahmad-Reza; Winandy, Marcel; in International Conference on Trusted Systems (INTRUST) (2010).
  • [ Abstract ]
  • [ BibTeX ]
  • [ Download ]
  • [ BibSonomy-Post ]
  Mobile phones are increasingly used as general purpose computing devices with permanent Internet connection. This imposes several threats as the phone operating system (OS) is typically derived from desktop counterparts and, hence, inherits the same or similar security shortcomings. In particular, the protection of login credentials when accessing web services becomes crucial under phishing and malware at-tacks. On the other hand many modern mobile phones provide hardware-supported security mechanisms currently unused by most phone OSs.In this paper, we show how to use these mechanisms, in particular trusted execution environments, to protect the user’s login credentials.We present the design and implementation proposal (based on NokiaN900 mobile platform) of TruWalletM, a wallet-like password manager and authentication agent towards the protection of login credentials ona mobile phone without the need to trust the whole OS software. We preserve compatibility to existing standard web authentication mechanisms.

  @inproceedings{BDKSW2010, abstract = {Mobile phones are increasingly used as general purpose computing devices with permanent Internet connection. This imposes several threats as the phone operating system (OS) is typically derived from desktop counterparts and, hence, inherits the same or similar security shortcomings. In particular, the protection of login credentials when accessing web services becomes crucial under phishing and malware at-tacks. On the other hand many modern mobile phones provide hardware-supported security mechanisms currently unused by most phone OSs.In this paper, we show how to use these mechanisms, in particular trusted execution environments, to protect the user’s login credentials.We present the design and implementation proposal (based on NokiaN900 mobile platform) of TruWalletM, a wallet-like password manager and authentication agent towards the protection of login credentials ona mobile phone without the need to trust the whole OS software. We preserve compatibility to existing standard web authentication mechanisms.}, author = {Bugiel, Sven and Dmitrienko, Alexandra and Kostiainen, Kari and Sadeghi, Ahmad-Reza and Winandy, Marcel}, booktitle = {International Conference on Trusted Systems (INTRUST)}, keywords = {International-Conference-Workshop-Papers-Book-Chapters}, month = 12, title = {TruWalletM: Secure Web Authentication on Mobile Platforms}, year = 2010 }
• Privilege Escalation Attacks on Android. Davi, Lucas; Dmitrienko, Alexandra; Sadeghi, Ahmad-Reza; Winandy, Marcel; in Information Security Conference (ISC) (2010).
  • [ Abstract ]
  • [ BibTeX ]
  • [ Download ]
  • [ BibSonomy-Post ]
  Android is a modern and popular software platform for smart-phones. Among its predominant features is an advanced security model which is based on application-oriented mandatory access control and sandboxing. This allows developers and users to restrict the execution of an application to the privileges it has (mandatorily) assigned at installation time. The exploitation of vulnerabilities in program code is hence believed to be confined within the privilege boundaries of an application’s sandbox. However, in this paper we show that a privilege escalation at-tack is possible. We show that a genuine application exploited at runtime or a malicious application can escalate granted permissions. Our results immediately imply that Android’s security model cannot deal with a transitive permission usage attack and Android’s sandbox model fails as a last resort against malware and sophisticated runtime attacks.

  @inproceedings{DDSW2010b, abstract = {Android is a modern and popular software platform for smart-phones. Among its predominant features is an advanced security model which is based on application-oriented mandatory access control and sandboxing. This allows developers and users to restrict the execution of an application to the privileges it has (mandatorily) assigned at installation time. The exploitation of vulnerabilities in program code is hence believed to be confined within the privilege boundaries of an application’s sandbox. However, in this paper we show that a privilege escalation at-tack is possible. We show that a genuine application exploited at runtime or a malicious application can escalate granted permissions. Our results immediately imply that Android’s security model cannot deal with a transitive permission usage attack and Android’s sandbox model fails as a last resort against malware and sophisticated runtime attacks.}, author = {Davi, Lucas and Dmitrienko, Alexandra and Sadeghi, Ahmad-Reza and Winandy, Marcel}, booktitle = {Information Security Conference (ISC)}, keywords = {myown}, month = 10, title = {Privilege Escalation Attacks on Android}, year = 2010 }
• Return-Oriented Programming without Returns. Checkoway, Stephen; Davi, Lucas; Dmitrienko, Alexandra; Sadeghi, Ahmad-Reza; Shacham, Hovav; Winandy, Marcel; in ACM Conference on Computer and Communications Security (CCS) (2010).
  • [ Abstract ]
  • [ BibTeX ]
  • [ Download ]
  • [ BibSonomy-Post ]
  We show that on both the x86 and ARM architectures it is possible to mount return-oriented programming attacks without using return instructions. Our attacks instead make use of certain instruction sequences that behave like a return, which occur with sufficient frequency in large libraries on (x86) Linux and (ARM) Android to allow creation of Turing-complete gadget sets. Because they do not make use of return instructions, our new attacks have negative implications for several recently proposed classes of defense against return-oriented programming: those that detect the too-frequent use of returns in the instruction stream; those that detect violations of the last-in, first-out invariant normally maintained for the return-address stack; and those that modify compilers to produce code that avoids the return instruction.

  @inproceedings{CDDSSW2010, abstract = {We show that on both the x86 and ARM architectures it is possible to mount return-oriented programming attacks without using return instructions. Our attacks instead make use of certain instruction sequences that behave like a return, which occur with sufficient frequency in large libraries on (x86) Linux and (ARM) Android to allow creation of Turing-complete gadget sets. Because they do not make use of return instructions, our new attacks have negative implications for several recently proposed classes of defense against return-oriented programming: those that detect the too-frequent use of returns in the instruction stream; those that detect violations of the last-in, first-out invariant normally maintained for the return-address stack; and those that modify compilers to produce code that avoids the return instruction.}, author = {Checkoway, Stephen and Davi, Lucas and Dmitrienko, Alexandra and Sadeghi, Ahmad-Reza and Shacham, Hovav and Winandy, Marcel}, booktitle = {ACM Conference on Computer and Communications Security (CCS)}, keywords = {International-Conference-Workshop-Papers-Book-Chapters}, month = 10, title = {Return-Oriented Programming without Returns}, year = 2010 }
• Key Attestation from Trusted Execution Environments. Kostiainen, Kari; Dmitrienko, Alexandra; Ekberg, Jan-Erik; Sadeghi, Ahmad-Reza; Asokan, N.; in International Conference on Trust and Trustworthy Computing (TRUST) (2010).
  • [ Abstract ]
  • [ BibTeX ]
  • [ Download ]
  • [ BibSonomy-Post ]
  Credential platforms implemented on top of Trusted Execution Environments3(TrEEs) allow users to store and use their credentials, e.g., cryptographic keys or user passwords, securely. One important requirement for a TrEE-based credential platform is the ability to attest that a credential has been created and is kept within the TrEE. Credential properties, such as usage permissions, should be also attested.Existing attestation mechanisms are limited to attesting which applications outside the TrEE are authorized to use the credential. In this paper we describe a novel key attestation mechanism that allows attestation of both TrEE internal and external key usage permissions. We have implemented this attestation mechanism for mobile phones with M-Shield TrEE.

  @inproceedings{KDESA2010, abstract = {Credential platforms implemented on top of Trusted Execution Environments3(TrEEs) allow users to store and use their credentials, e.g., cryptographic keys or user passwords, securely. One important requirement for a TrEE-based credential platform is the ability to attest that a credential has been created and is kept within the TrEE. Credential properties, such as usage permissions, should be also attested.Existing attestation mechanisms are limited to attesting which applications outside the TrEE are authorized to use the credential. In this paper we describe a novel key attestation mechanism that allows attestation of both TrEE internal and external key usage permissions. We have implemented this attestation mechanism for mobile phones with M-Shield TrEE.}, author = {Kostiainen, Kari and Dmitrienko, Alexandra and Ekberg, Jan-Erik and Sadeghi, Ahmad-Reza and Asokan, N.}, booktitle = {International Conference on Trust and Trustworthy Computing (TRUST)}, keywords = {myown}, month = {06}, title = {Key Attestation from Trusted Execution Environments}, year = 2010 }

• Trusted Virtual Domains - Design, Implementation and Lessons Learned. Catuogno, Luigi; Dmitrienko, Alexandra; Sadeghi, Ahmad-Reza; Schulz, Steffen; Winandy, Marcel; Zhan, Jing; Eriksson, Konrad; Kuhlmann, Dirk; Ramunno, Gianluca; Schunter, Matthias; in International Conference on Trusted Systems (INTRUST) (2009).
  • [ Abstract ]
  • [ BibTeX ]
  • [ Download ]
  • [ BibSonomy-Post ]
  A Trusted Virtual Domain (TVD) is a coalition of virtual machines and resources (e.g., network, storage) that are distributed over multiple physical platforms and share a common security policy. The concept of TVDs and their usage scenarios have been studied extensively. However, details on certain implementation aspects have not been explored in depth yet, such as secure policy deployment and integration of heterogeneous virtualization and trusted computing technologies. In this paper, we present implementation aspects of the life cycle management of TVDs. We describe the components and protocols necessary to realize the TVD design on a cross-platform architecture and present our prototype implementation for the Xen and L4 microkernel platforms.In particular, we discuss the need for and the realization of intra-TVD access control, a hypervisor abstraction layer for simplified TVD management, necessary components of a TVD policy and revocation issues.We believe that these integration details are essential and helpful inputs for any large-scale real-world deployment of TVD.

  @inproceedings{CDSSWZEKRS09, abstract = {A Trusted Virtual Domain (TVD) is a coalition of virtual machines and resources (e.g., network, storage) that are distributed over multiple physical platforms and share a common security policy. The concept of TVDs and their usage scenarios have been studied extensively. However, details on certain implementation aspects have not been explored in depth yet, such as secure policy deployment and integration of heterogeneous virtualization and trusted computing technologies. In this paper, we present implementation aspects of the life cycle management of TVDs. We describe the components and protocols necessary to realize the TVD design on a cross-platform architecture and present our prototype implementation for the Xen and L4 microkernel platforms.In particular, we discuss the need for and the realization of intra-TVD access control, a hypervisor abstraction layer for simplified TVD management, necessary components of a TVD policy and revocation issues.We believe that these integration details are essential and helpful inputs for any large-scale real-world deployment of TVD.}, author = {Catuogno, Luigi and Dmitrienko, Alexandra and Sadeghi, Ahmad-Reza and Schulz, Steffen and Winandy, Marcel and Zhan, Jing and Eriksson, Konrad and Kuhlmann, Dirk and Ramunno, Gianluca and Schunter, Matthias}, booktitle = {International Conference on Trusted Systems (INTRUST)}, keywords = {International-Conference-Workshop-Papers-Book-Chapters}, month = 12, title = {Trusted Virtual Domains - Design, Implementation and Lessons Learned}, year = 2009 }

• Zigbee-to-TCP/IP Gateway: New Opportunities for ZigBee-based Sensor Networks. Dmitrienko, Alexandra; in International Workshop on Ambient Intelligence and Embedded Systems (AmiEs) (2007).
  • [ BibTeX ]
  • [ BibSonomy-Post ]
  @inproceedings{AD2007, author = {Dmitrienko, Alexandra}, booktitle = {International Workshop on Ambient Intelligence and Embedded Systems (AmiEs)}, keywords = {International-Conference-Workshop-Papers-Book-Chapters}, month = {09}, title = {Zigbee-to-TCP/IP Gateway: New Opportunities for ZigBee-based Sensor Networks}, year = 2007 }

• WIZnet W3150A network co-processor: New features for embedded devices. Dmitrienko, Alexandra; in Components and Technologies (2006).
  • [ BibTeX ]
  • [ BibSonomy-Post ]
  @article{AD2006, author = {Dmitrienko, Alexandra}, journal = {Components and Technologies}, keywords = {sys:relevantfor:sss-group}, title = {WIZnet W3150A network co-processor: New features for embedded devices}, year = 2006 }