Publications

2021

• All the Numbers are US: Large-scale Abuse of Contact Discovery in Mobile Messengers. Hagen, Christoph; Weinert, Christian; Sendner, Christoph; Dmitrienko, Alexandra; Schneider, Thomas; in Network and Distributed System Security Symposium (NDSS) (2021).

  (To Appear)
  [ BibTeX ] [ URL ] [ Download ]
   
  @inproceedings{DBLP:conf/ndss/2021, author = {Hagen, Christoph and Weinert, Christian and Sendner, Christoph and Dmitrienko, Alexandra and Schneider, Thomas}, booktitle = {Network and Distributed System Security Symposium (NDSS)}, keywords = {sys:relevantfor:sss-group accepted dblp myown sss-group}, note = {(To Appear)}, publisher = {The Internet Society}, title = {All the Numbers are US: Large-scale Abuse of Contact Discovery in Mobile Messengers}, year = 2021 }

2020

• LegIoT: Ledgered Trust Management Platform for IoT. Neureither, Jens; Dmitrienko, Alexandra; Koisser, David; Brasser, Ferdinand; Sadeghi, Ahmad-Reza; in European Symposium on Research in Computer Security (ESORICS) (2020).
  [ Abstract ] [ BibTeX ] [ Download ]
   
  We investigate and address the currently unsolved problem of trust establishment in large-scale Internet of Things (IoT) networks where heterogeneous devices and mutually mistrusting stakeholders are involved. We design, prototype and evaluate LegIoT, a novel, probabilistic trust management system that enables secure, dynamic and flexible(yet inexpensive) trust relationships in large IoT networks. The core component of LegIoT is a novel graph-based scheme that allows network devices (graph nodes) to re-use the already existing trust associations(graph edges) very efficiently; thus, significantly reducing the number of individually conducted trust assessments. Since no central trusted third party exists, LegIoT leverages Distributed Ledger Technology(DLT) to create and manage the trust relation graph in a decentralized manner.The trust assessment among devices can be instantiated by any appropriate assessment technique, for which we focus on remote attestation(integrity verification) in this paper. We prototyped LegIoT for Hyper-ledger Sawtooth and demonstrated through evaluation that the number of trust assessments in the network can be significantly reduced – e.g.,by a factor of 20 for a network of 400 nodes and factor 5 for 1000 nodes.
  @inproceedings{neureither2020legiot, abstract = {We investigate and address the currently unsolved problem of trust establishment in large-scale Internet of Things (IoT) networks where heterogeneous devices and mutually mistrusting stakeholders are involved. We design, prototype and evaluate LegIoT, a novel, probabilistic trust management system that enables secure, dynamic and flexible(yet inexpensive) trust relationships in large IoT networks. The core component of LegIoT is a novel graph-based scheme that allows network devices (graph nodes) to re-use the already existing trust associations(graph edges) very efficiently; thus, significantly reducing the number of individually conducted trust assessments. Since no central trusted third party exists, LegIoT leverages Distributed Ledger Technology(DLT) to create and manage the trust relation graph in a decentralized manner.The trust assessment among devices can be instantiated by any appropriate assessment technique, for which we focus on remote attestation(integrity verification) in this paper. We prototyped LegIoT for Hyper-ledger Sawtooth and demonstrated through evaluation that the number of trust assessments in the network can be significantly reduced – e.g.,by a factor of 20 for a network of 400 nodes and factor 5 for 1000 nodes.}, author = {Neureither, Jens and Dmitrienko, Alexandra and Koisser, David and Brasser, Ferdinand and Sadeghi, Ahmad-Reza}, booktitle = {European Symposium on Research in Computer Security (ESORICS)}, keywords = {blockchain myown remote-attestation sss-group trust-management}, title = {LegIoT: Ledgered Trust Management Platform for IoT}, year = 2020 }
• Mind the GAP: Security & Privacy Risks of Contact Tracing Apps. Baumgärtner, Lars; Dmitrienko, Alexandra; Freisleben, Bernd; Gruler, Alexander; Höchst, Jonas; Kühlberg, Joshua; Mezini, Mira; Miettinen, Markus; Muhamedagic, Anel; Nguyen, Thien Duc; Penning, Alvar; Pustelnik, Dermot Frederik; Roos, Filipp; Sadeghi, Ahmad-Reza; Schwarz, Michael; Uhl, Christian; in ArXiv (2020).
  [ Abstract ] [ BibTeX ] [ URL ]
   
  Contact tracing apps running on mobile devices promise to reduce the manual effort required for identifying infection chains and to increase the tracing accuracy in the presence of COVID-19. Several contract tracing apps have been proposed or deployed in practice. Also Google and Apple have announced their joint effort of providing an API for exposure notification in order to implement decentralized contract tracing apps using Bluetooth Low Energy, the so-called "Google/Apple Proposal", which we abbreviate by "GAP". Some countries have already decided or are planning to base their contact tracing apps on GAP. Several researchers have pointed out potential privacy and security risks related to most of the contact tracing approaches proposed until now, including those that claim privacy protection and are based on GAP. This report makes a first attempt towards providing empirical evidence in real-world scenarios for two such risks discussed in the literature: one concerning privacy, and the other one concerning security. In particular, we focus on a practical analysis of GAP, given that it is the foundation of several tracing apps. We demonstrate that in real-world scenarios the current GAP design is vulnerable to (i) profiling and possibly de-anonymizing infected persons, and (ii) relay-based wormhole attacks that principally can generate fake contacts with the potential of significantly affecting the accuracy of an app-based contact tracing system. For both types of attack, we have built tools that can be easily used on mobile phones or Raspberry Pis (e.g., Bluetooth sniffers). We hope that our findings provide valuable input in the process of testing and certifying contact tracing apps, e.g., as planned for the German Corona-Warn-App, ultimately guiding improvements for secure and privacy-preserving design and implementation of digital contact tracing systems.
  @article{mindthegap, abstract = {Contact tracing apps running on mobile devices promise to reduce the manual effort required for identifying infection chains and to increase the tracing accuracy in the presence of COVID-19. Several contract tracing apps have been proposed or deployed in practice. Also Google and Apple have announced their joint effort of providing an API for exposure notification in order to implement decentralized contract tracing apps using Bluetooth Low Energy, the so-called "Google/Apple Proposal", which we abbreviate by "GAP". Some countries have already decided or are planning to base their contact tracing apps on GAP. Several researchers have pointed out potential privacy and security risks related to most of the contact tracing approaches proposed until now, including those that claim privacy protection and are based on GAP. This report makes a first attempt towards providing empirical evidence in real-world scenarios for two such risks discussed in the literature: one concerning privacy, and the other one concerning security. In particular, we focus on a practical analysis of GAP, given that it is the foundation of several tracing apps. We demonstrate that in real-world scenarios the current GAP design is vulnerable to (i) profiling and possibly de-anonymizing infected persons, and (ii) relay-based wormhole attacks that principally can generate fake contacts with the potential of significantly affecting the accuracy of an app-based contact tracing system. For both types of attack, we have built tools that can be easily used on mobile phones or Raspberry Pis (e.g., Bluetooth sniffers). We hope that our findings provide valuable input in the process of testing and certifying contact tracing apps, e.g., as planned for the German Corona-Warn-App, ultimately guiding improvements for secure and privacy-preserving design and implementation of digital contact tracing systems.}, author = {Baumgärtner, Lars and Dmitrienko, Alexandra and Freisleben, Bernd and Gruler, Alexander and Höchst, Jonas and Kühlberg, Joshua and Mezini, Mira and Miettinen, Markus and Muhamedagic, Anel and Nguyen, Thien Duc and Penning, Alvar and Pustelnik, Dermot Frederik and Roos, Filipp and Sadeghi, Ahmad-Reza and Schwarz, Michael and Uhl, Christian}, journal = {ArXiv}, keywords = {myown sss-group technical-reports}, month = {jun}, title = {Mind the GAP: Security & Privacy Risks of Contact Tracing Apps}, year = 2020 }
• SIMPL: Secure IoT Management Platform. Prantl, Thomas; Ben Yahya, Ala Eddine; Dmitrienko, Alexandra; Kounev, Samuel; Lipp, Fabian; Hock, David; Rathfelder, Christoph; Hofherr, Martin; in ITG Workshop on IT Security (ITSec) (2020).
  [ Abstract ] [ BibTeX ] [ Download ]
   
  The proliferation of IoT devices is increasing at a fast pace, whether for private or business use. However,despite their growing popularity, their safe operation is often not guaranteed. To tackle the security challenges of modern IoT environments, the German Federal Ministry of Education and Research is funding the SIMPL project in order to support research in this area. The contribution of this paper is to introduce the main goal, objectives, and key features of SIMPL
  @inproceedings{noauthororeditor, abstract = {The proliferation of IoT devices is increasing at a fast pace, whether for private or business use. However,despite their growing popularity, their safe operation is often not guaranteed. To tackle the security challenges of modern IoT environments, the German Federal Ministry of Education and Research is funding the SIMPL project in order to support research in this area. The contribution of this paper is to introduce the main goal, objectives, and key features of SIMPL}, author = {Prantl, Thomas and Ben Yahya, Ala Eddine and Dmitrienko, Alexandra and Kounev, Samuel and Lipp, Fabian and Hock, David and Rathfelder, Christoph and Hofherr, Martin}, booktitle = {ITG Workshop on IT Security (ITSec)}, keywords = {sys:relevantfor:sss-group iot management myown secure simpl sss-group}, title = {SIMPL: Secure IoT Management Platform}, year = 2020 }

2019

• Implementation and Evaluation of a Group Encryption Scheme. Ten, Peter; Thesis; University of Würzburg. (2019).
  [ BibTeX ] [ Download ]
   
  @mastersthesis{2019-BA-Peter-Ten, author = {Ten, Peter}, keywords = {sys:relevantfor:sss-group encryption evaluation group scheme sss-group}, month = {December}, school = {University of W{ü}rzburg}, title = {Implementation and Evaluation of a Group Encryption Scheme}, type = {Bachelor Thesis}, year = 2019 }
• Hands Off my Database: Ransomware Detection in Databases through Dynamic Analysis of Query Sequences. Iffländer, Lukas; Dmitrienko, Alexandra; Hagen, Christoph; Jobst, Michael; Kounev, Samuel; in ArXiv (2019).
  [ BibTeX ] [ URL ] [ Download ]
   
  @article{DBLP:journals/corr/abs-1907-06775, author = {Iffl{{ä}}nder, Lukas and Dmitrienko, Alexandra and Hagen, Christoph and Jobst, Michael and Kounev, Samuel}, journal = {ArXiv}, keywords = {sys:relevantfor:sss-group Technical-Reports database myown ransomware sss-group}, title = {Hands Off my Database: Ransomware Detection in Databases through Dynamic Analysis of Query Sequences}, year = 2019 }
• DR.SGX: Automated and Adjustable Side-Channel Protection for SGX using Data Location Randomization. Brasser, Ferdinand; Capkun, Srdjan; Dmitrienko, Alexandra; Frassetto, Tommaso; Kostiainen, Kari; Sadeghi, Ahmad-Reza; in Annual Computer Security Applications Conference (ACSAC) (2019).
  [ Abstract ] [ BibTeX ] [ Download ]
   
  Recent research has demonstrated that Intel’s SGX is vulnerable to software-based side-channel attacks. In a common attack, the adversary monitors CPU caches to infer secret-dependent data accesses patterns. Known defenses have major limitations, as they require either error-prone developer assistance, incur extremely high runtime overhead, or prevent only specific attacks.In this paper, we propose data location randomization as a novel defense against side-channel attacks that target data access patterns.Our goal is to break the link between the memory observations by the adversary and the actual data accesses by the victim. We design and implement a compiler-based tool called DR.SGX that instruments the enclave code, permuting data locations at fine granularity.To prevent correlation of repeated memory accesses we periodically re-randomize all enclave data. Our solution requires no developer assistance and strikes the balance between side-channel protection and performance based on an adjustable security parameter.
  @inproceedings{BrCaDmFrKoSa2019, abstract = {Recent research has demonstrated that Intel’s SGX is vulnerable to software-based side-channel attacks. In a common attack, the adversary monitors CPU caches to infer secret-dependent data accesses patterns. Known defenses have major limitations, as they require either error-prone developer assistance, incur extremely high runtime overhead, or prevent only specific attacks.In this paper, we propose data location randomization as a novel defense against side-channel attacks that target data access patterns.Our goal is to break the link between the memory observations by the adversary and the actual data accesses by the victim. We design and implement a compiler-based tool called DR.SGX that instruments the enclave code, permuting data locations at fine granularity.To prevent correlation of repeated memory accesses we periodically re-randomize all enclave data. Our solution requires no developer assistance and strikes the balance between side-channel protection and performance based on an adjustable security parameter.}, author = {Brasser, Ferdinand and Capkun, Srdjan and Dmitrienko, Alexandra and Frassetto, Tommaso and Kostiainen, Kari and Sadeghi, Ahmad-Reza}, booktitle = {Annual Computer Security Applications Conference (ACSAC)}, keywords = {International-Conference-Workshop-Papers-Book-Chapters myown sss-group}, month = {December}, publisher = {ACM}, title = {{DR.SGX: Automated and Adjustable Side-Channel Protection for SGX using Data Location Randomization}}, year = 2019 }

2018

• Hardening Bitcoin Against Off-Topic Data Inclusion Attacks. Seeg, Andreas; Thesis; University of Würzburg. (2018).
  [ Abstract ] [ BibTeX ] [ Download ]
   
  Bitcoin is a novel peer to peer payment network that was started in 2009 and that has since flourished, gaining acceptance all over the world. By contributing their resourcefulness as network connectivity and computing power, all participants are creating the the Bitcoin network together. Designed as an open source software system, the participation rules for this network are not upheld by humans, but implemented in code, and generally allow anyone to join or leave the network at will.Since the time of Bitcoin’s inception, software errors had to be fixed and network attacks that tried to make parts of the network unavailable have been endured. This thesis provides a solution to the problem of illegal data inclusions within the blockchain, a data structure that cannot easily be changed and that has to be transmitted to participants of Bitcoin.The flaw, i.e. the possibility for any user of Bitcoin to potentially include illegal data and therefore illegalizes the whole blockchain, is not just a software flaw, but can be seen as a structural one if free participation and uncensorable payments are to be provided.The proposal to solve the problem is layered in two tiers. The first tier prevents effective data inclusion for some standard payment functions within Bitcoin. This allows participants to be certain that these transactions do not contain bad data, allowing them to be included into Bitcoin blocks. It also solves the problem of illegal data permanently occupying valuable resources on Bitcoin nodes, as parts of the provably clean transactions are generally held in RAM until they have been spent. The prevention mechanism is essentially a system that provides proof that bitcoins were sent to actual Bitcoin addresses,stopping data inclusion by address fields abusal.The second tier consists of rule changes for Bitcoin. First of all, all non-standard payment transactions are removed from Bitcoin, with the exception of the more computationally flexible and popular P2SH transactions. This limits the avenues for data inclusion in Bitcoin without destroying its flexibility or its smart contract capabilities. Then, P2SHtransactions are redesigned to allow for a more fine grained deletion of their data, so only offending parts could be removed without destroying the integrity of the rest. Finally, a special type of transaction is introduced that allows censorship of just the signature data of a P2SH transaction. This transaction has to include a payment equal to the Bitcoin provided by the previous P2SH transaction, however. By adding this requirement, the system is protected from becoming open to money creation attacks that might inflate the currency without the agreement of all participants.With these changes, illegal data inclusion becomes either impossible, or they can be re-moved without destroying the integrity of the payment system as a whole or for payments that have already happened.Implementing all proposed changes would go beyond the scope of a master thesis. Tier1 of the presented solution has been implemented as a proof-of-concept, though. As a basis, the most popular Bitcoin node software, Bitcoin Core, has been used. Additionally,the ideas behind tier 2 are explained in full, and the potential impact on the system is discussed.v This thesis also covers previous attempts to allow for data removal in similar systems. Their discussion is meant to encourage the adoption of the presented proposal, as it should causeless disruption than some more extreme measurements that might introduce centralization into a system that was meant to run decentralized.
  @mastersthesis{seeg2018hardening, abstract = {Bitcoin is a novel peer to peer payment network that was started in 2009 and that has since flourished, gaining acceptance all over the world. By contributing their resourcefulness as network connectivity and computing power, all participants are creating the the Bitcoin network together. Designed as an open source software system, the participation rules for this network are not upheld by humans, but implemented in code, and generally allow anyone to join or leave the network at will.Since the time of Bitcoin’s inception, software errors had to be fixed and network attacks that tried to make parts of the network unavailable have been endured. This thesis provides a solution to the problem of illegal data inclusions within the blockchain, a data structure that cannot easily be changed and that has to be transmitted to participants of Bitcoin.The flaw, i.e. the possibility for any user of Bitcoin to potentially include illegal data and therefore illegalizes the whole blockchain, is not just a software flaw, but can be seen as a structural one if free participation and uncensorable payments are to be provided.The proposal to solve the problem is layered in two tiers. The first tier prevents effective data inclusion for some standard payment functions within Bitcoin. This allows participants to be certain that these transactions do not contain bad data, allowing them to be included into Bitcoin blocks. It also solves the problem of illegal data permanently occupying valuable resources on Bitcoin nodes, as parts of the provably clean transactions are generally held in RAM until they have been spent. The prevention mechanism is essentially a system that provides proof that bitcoins were sent to actual Bitcoin addresses,stopping data inclusion by address fields abusal.The second tier consists of rule changes for Bitcoin. First of all, all non-standard payment transactions are removed from Bitcoin, with the exception of the more computationally flexible and popular P2SH transactions. This limits the avenues for data inclusion in Bitcoin without destroying its flexibility or its smart contract capabilities. Then, P2SHtransactions are redesigned to allow for a more fine grained deletion of their data, so only offending parts could be removed without destroying the integrity of the rest. Finally, a special type of transaction is introduced that allows censorship of just the signature data of a P2SH transaction. This transaction has to include a payment equal to the Bitcoin provided by the previous P2SH transaction, however. By adding this requirement, the system is protected from becoming open to money creation attacks that might inflate the currency without the agreement of all participants.With these changes, illegal data inclusion becomes either impossible, or they can be re-moved without destroying the integrity of the payment system as a whole or for payments that have already happened.Implementing all proposed changes would go beyond the scope of a master thesis. Tier1 of the presented solution has been implemented as a proof-of-concept, though. As a basis, the most popular Bitcoin node software, Bitcoin Core, has been used. Additionally,the ideas behind tier 2 are explained in full, and the potential impact on the system is discussed.v This thesis also covers previous attempts to allow for data removal in similar systems. Their discussion is meant to encourage the adoption of the presented proposal, as it should causeless disruption than some more extreme measurements that might introduce centralization into a system that was meant to run decentralized.}, author = {Seeg, Andreas}, keywords = {sys:relevantfor:sss-group attacks international-conference-workshop-papers-book-chapters journal-and-magazine-articles sss-group technical-reports}, month = {aug}, school = {University of W{ü}rzburg}, title = {Hardening Bitcoin Against Off-Topic Data Inclusion Attacks}, type = {Master Thesis}, year = 2018 }
• DIMAQS - Dynamic Identification of Malicious Query Sequences. Jobst, Michael; Thesis; University of Würzburg. (2018).
  [ Abstract ] [ BibTeX ] [ Download ]
   
  Ransomware is an emerging threat which imposed 5 billion USD loss in 2017 and is predicted to hit 11.5 billion in 2019. While initially targeting PC (client) platforms,recently it made a leap to server-side databases – in January 2017 we faced MongoDB Apocalypse attack, followed by other attack waves targeting a wide range of DB technologies such as MongoDB, MySQL, ElasticSearch, Cassandra, Hadoop, and CouchDB. While previous research has developed countermeasures against client-side ransomware (e.g., CryptoDrop and ShieldFS), no attention was given to the problem of server-side ransomware yet.This thesis aims to bridge this gap and presents design and implementation of the tool DIMAQS (Dynamic Identification of Malicious Query Sequences) for MySQL servers that can efficiently and effectively detect server-side ransomware. DIMAQS performs run-time monitoring of incoming queries and pattern matching using a Colored Petri Net (CPN) for attack detection. The system design of DIMAQS exhibits several novel techniques to enable efficient detection of malicious query sequences globally (i.e., without limiting detection to distinct user connections). Evaluation results show high efficiency with no false positives and no false negatives,and a very moderate performance overhead (for a run-time monitoring tool) of under5% in worst case scenarios.
  @mastersthesis{jobst2018dimaqs, abstract = {Ransomware is an emerging threat which imposed 5 billion USD loss in 2017 and is predicted to hit 11.5 billion in 2019. While initially targeting PC (client) platforms,recently it made a leap to server-side databases – in January 2017 we faced MongoDB Apocalypse attack, followed by other attack waves targeting a wide range of DB technologies such as MongoDB, MySQL, ElasticSearch, Cassandra, Hadoop, and CouchDB. While previous research has developed countermeasures against client-side ransomware (e.g., CryptoDrop and ShieldFS), no attention was given to the problem of server-side ransomware yet.This thesis aims to bridge this gap and presents design and implementation of the tool DIMAQS (Dynamic Identification of Malicious Query Sequences) for MySQL servers that can efficiently and effectively detect server-side ransomware. DIMAQS performs run-time monitoring of incoming queries and pattern matching using a Colored Petri Net (CPN) for attack detection. The system design of DIMAQS exhibits several novel techniques to enable efficient detection of malicious query sequences globally (i.e., without limiting detection to distinct user connections). Evaluation results show high efficiency with no false positives and no false negatives,and a very moderate performance overhead (for a run-time monitoring tool) of under5% in worst case scenarios.}, author = {Jobst, Michael}, keywords = {international-conference-workshop-papers-book-chapters journal-and-magazine-articles sss-group}, month = {June}, school = {University of W{ü}rzburg}, title = {DIMAQS - Dynamic Identification of Malicious Query Sequences}, type = {Master Thesis}, year = 2018 }
• Efficient and Effective Ransomware Detection in Databases. Hagen, Christoph; Dmitrienko, Alexandra; Iffländer, Lukas; Jobst, Michael; Kounev, Samuel; in 34th Annual Computer Security Applications Conference (ACSAC) (2018).
  [ BibTeX ] [ Download ]
   
  @inproceedings{Hagen2018_EfficientandEffectiveRansomwareDetectioninDatabases, author = {Hagen, Christoph and Dmitrienko, Alexandra and Iffl{ä}nder, Lukas and Jobst, Michael and Kounev, Samuel}, booktitle = {34th Annual Computer Security Applications Conference (ACSAC)}, keywords = {sys:relevantfor:sss-group International-Conference-Workshop-Papers-Book-Chapters sss-group}, month = {December}, organization = {ACM}, title = {{Efficient and Effective Ransomware Detection in Databases}}, year = 2018 }
• Design of a Shared Parking System with Special Attention to Security Aspects. Englert, Simon; Thesis; University of Würzburg. (2018).
  [ Abstract ] [ BibTeX ] [ Download ]
   
  As major cities are growing more and more, the parking situation in those cities is becoming more precarious than ever. Parking demand already exceeds the limited amount of parking spaces available, and thus people searching for a place to park generate a significant part of those cities traffic. This leads to frustration with drivers, more traffic jams, unnecessary use of petrol and further air pollution. The creation of new parking spaces is often either difficult or very expansive, which means existing parking spots have to be used more efficiently. Solutions realizing that idea to try and solve those problems are for the most part called intelligent parking systems. This thesis is focused on Shared Parking, a special kind of intelligent parking system, which opens the possibility of sharing a parking place between different people. This work features the design and implementation of such a system with special attention given to security aspects.
  @mastersthesis{2018-BA-Simon-Engelert, abstract = {As major cities are growing more and more, the parking situation in those cities is becoming more precarious than ever. Parking demand already exceeds the limited amount of parking spaces available, and thus people searching for a place to park generate a significant part of those cities traffic. This leads to frustration with drivers, more traffic jams, unnecessary use of petrol and further air pollution. The creation of new parking spaces is often either difficult or very expansive, which means existing parking spots have to be used more efficiently. Solutions realizing that idea to try and solve those problems are for the most part called intelligent parking systems. This thesis is focused on Shared Parking, a special kind of intelligent parking system, which opens the possibility of sharing a parking place between different people. This work features the design and implementation of such a system with special attention given to security aspects.}, author = {Englert, Simon}, keywords = {sys:relevantfor:sss-group sss-group}, month = {August}, school = {University of W{ü}rzburg}, title = {Design of a Shared Parking System with Special Attention to Security Aspects}, type = {Bachelor Thesis}, year = 2018 }
• SmarTor: Smarter Tor with Smart Contracts: Improving resilience of topology distribution in the Tor network. Greubel, Andre; Dmitrienko, Alexandra; Kounev, Samuel; in Annual Computer Security Applications Conference (ACSAC) (2018).
  [ Abstract ] [ BibTeX ] [ Download ]
   
  In the Tor anonymity network, the distribution of topology information relies on the correct behavior of five out of the nine trusted directory authority servers. This centralization is concerning since powerful adversary might compromise these servers and conceal in-formation about honest nodes, leading to the full de-anonymization of all Tor users. Our work aims at distributing the work of these trusted authorities, such increasing resilience against attacks on core infrastructure components of the Tor network. In particular,we leverage several emerging technologies, such as blockchains,smart contracts, and trusted execution environments to design and prototype a system called SmarTor. This system replaces the directory authorities with a smart contract and a distributed network of untrusted entities responsible for bandwidth measurements. We prototyped SmarTorusing Ethereum smart contracts and Intel SGX secure hardware. In our evaluation, we show that SmarTor produces significantly more reliable and precise measurements compared to the current measurement system. Overall, our solution improves the decentralization of the Tor network, reduces trust assumptions and increases resilience against powerful adversaries like law enforcement and intelligence services.
  @inproceedings{GrDmKo2018-ACSAC-SmarTor, abstract = {In the Tor anonymity network, the distribution of topology information relies on the correct behavior of five out of the nine trusted directory authority servers. This centralization is concerning since powerful adversary might compromise these servers and conceal in-formation about honest nodes, leading to the full de-anonymization of all Tor users. Our work aims at distributing the work of these trusted authorities, such increasing resilience against attacks on core infrastructure components of the Tor network. In particular,we leverage several emerging technologies, such as blockchains,smart contracts, and trusted execution environments to design and prototype a system called SmarTor. This system replaces the directory authorities with a smart contract and a distributed network of untrusted entities responsible for bandwidth measurements. We prototyped SmarTorusing Ethereum smart contracts and Intel SGX secure hardware. In our evaluation, we show that SmarTor produces significantly more reliable and precise measurements compared to the current measurement system. Overall, our solution improves the decentralization of the Tor network, reduces trust assumptions and increases resilience against powerful adversaries like law enforcement and intelligence services.}, author = {Greubel, Andre and Dmitrienko, Alexandra and Kounev, Samuel}, booktitle = {Annual Computer Security Applications Conference (ACSAC)}, keywords = {International-Conference-Workshop-Papers-Book-Chapters contracts myown resilience smart sss-group tor}, month = {December}, organization = {ACM}, title = {{SmarTor: Smarter Tor with Smart Contracts: Improving resilience of topology distribution in the Tor network}}, year = 2018 }

2017

• μchain: How to Forget without Hard Forks. Puddu, I.; Dmitrienko, A.; Capkun, Srdjan; in IACR Cryptology ePrint Archive (IACR) (2017).
  [ Abstract ] [ BibTeX ] [ URL ] [ Download ]
   
  In this paper, we explore an idea of making(proof-of-work) blockchains mutable. We propose and implement μchain, a mutable blockchain, that enables modifications of blockchain history. Blockchains are, by common definition,distributed and immutable data structures that store a history of events, such as transactions in a digital currency system. While the very idea of mutable event history may seem controversial at a first glance, we show thatμchain does not undermine security guarantees provided by immutable blockchains. In particular,all mutations in our system are controlled by fiat, enforced by consensus and are verifiable in the same way as regular transactions. At the same time,μchain provides a solution to a number of challenging problems, such as the patching of vulnerable smart contracts and removal of abusive content from blockchain history. It also gives rise to new blockchain applications that were not possible with immutable blockchains.For instance, governments and companies could now maintain registers of citizens and customers, while preserving their legislated rights to be forgotten. Banks could consider consolidation of cryptocurrency with traditional payments, which is hard to achieve without the ability to revert transactions. To further illustrate the power ofμchain on more concrete examples, we present two new applications, the collaborative recommendation system with the ability to censor inappropriate content, and a time-lock encryption mechanism that provides a method to decrypt messages after a certain deadline has passed.
  @article{Puddu2017chainHT, abstract = {In this paper, we explore an idea of making(proof-of-work) blockchains mutable. We propose and implement μchain, a mutable blockchain, that enables modifications of blockchain history. Blockchains are, by common definition,distributed and immutable data structures that store a history of events, such as transactions in a digital currency system. While the very idea of mutable event history may seem controversial at a first glance, we show thatμchain does not undermine security guarantees provided by immutable blockchains. In particular,all mutations in our system are controlled by fiat, enforced by consensus and are verifiable in the same way as regular transactions. At the same time,μchain provides a solution to a number of challenging problems, such as the patching of vulnerable smart contracts and removal of abusive content from blockchain history. It also gives rise to new blockchain applications that were not possible with immutable blockchains.For instance, governments and companies could now maintain registers of citizens and customers, while preserving their legislated rights to be forgotten. Banks could consider consolidation of cryptocurrency with traditional payments, which is hard to achieve without the ability to revert transactions. To further illustrate the power ofμchain on more concrete examples, we present two new applications, the collaborative recommendation system with the ability to censor inappropriate content, and a time-lock encryption mechanism that provides a method to decrypt messages after a certain deadline has passed.}, author = {Puddu, I. and Dmitrienko, A. and Capkun, Srdjan}, journal = {IACR Cryptology ePrint Archive (IACR)}, keywords = {micro-chain myown sss-group}, title = {μchain: How to Forget without Hard Forks}, year = 2017 }
• DR.SGX: Hardening SGX Enclaves against Cache Attacks with Data Location Randomization. Brasser, Ferdinand; Capkun, Srdjan; Dmitrienko, Alexandra; Frassetto, Tommaso; Kostiainen, Kari; Müller, Urs; Sadeghi, Ahmad-Reza; in ArXiv (2017).
  [ Abstract ] [ BibTeX ] [ URL ]
   
  Recent research has demonstrated that Intel’s SGX is vulnerable to software-based side-channel attacks. In a common attack, the adversary monitors CPU caches to infer secret-dependent data accesses patterns. Known defenses have major limitations, as they require either error-prone developer assistance, incur extremely high runtime overhead, or prevent only specific attacks.In this paper, we propose data location randomization as a novel defense against side-channel attacks that target data access patterns.Our goal is to break the link between the memory observations by the adversary and the actual data accesses by the victim. We design and implement a compiler-based tool called DR.SGX that instruments the enclave code, permuting data locations at fine granularity.To prevent correlation of repeated memory accesses we periodically re-randomize all enclave data. Our solution requires no developer assistance and strikes the balance between side-channel protection and performance based on an adjustable security parameter.
  @inproceedings{DrSGX-2017-TR, abstract = {Recent research has demonstrated that Intel’s SGX is vulnerable to software-based side-channel attacks. In a common attack, the adversary monitors CPU caches to infer secret-dependent data accesses patterns. Known defenses have major limitations, as they require either error-prone developer assistance, incur extremely high runtime overhead, or prevent only specific attacks.In this paper, we propose data location randomization as a novel defense against side-channel attacks that target data access patterns.Our goal is to break the link between the memory observations by the adversary and the actual data accesses by the victim. We design and implement a compiler-based tool called DR.SGX that instruments the enclave code, permuting data locations at fine granularity.To prevent correlation of repeated memory accesses we periodically re-randomize all enclave data. Our solution requires no developer assistance and strikes the balance between side-channel protection and performance based on an adjustable security parameter.}, author = {Brasser, Ferdinand and Capkun, Srdjan and Dmitrienko, Alexandra and Frassetto, Tommaso and Kostiainen, Kari and M{ü}ller, Urs and Sadeghi, Ahmad-Reza}, booktitle = {ArXiv}, keywords = {sys:relevantfor:sss-group myown sss-group}, number = {arXiv:1709.09917}, title = {{DR.SGX}: Hardening {SGX} Enclaves against Cache Attacks with Data Location Randomization}, year = 2017 }
• Secure Free-Floating Car Sharing for Offline Cars. Dmitrienko, Alexandra; Plappert, Christian; in ACM Conference on Data and Application Security and Privacy (ACM CODASPY) (2017).
  [ Abstract ] [ BibTeX ] [ Download ]
   
  In this paper, we present a new access control system for free-floating car sharing, which achieves a number of appealing features not available in the state-of-the-art solutions.First of all, it does not require online connection for cars,and, therefore, allows car sharing providers to expand their services to areas without reliable network coverage (e.g., with blind spots). Second, the solution is compatible to RFID cards – the most commonly deployed authentication token sin car sharing, and can be deployed on standard mobile platforms with various hardware features. Third, it is fully compatible with off-the-shelf cars and does not require any intrusive modifications to car’s internals.These new properties can be achieved due to a novel system design which deploys two-factor authentication and combines an RFID card (the real one or emulated in software) with a”soft” authentication token stored on a mobile platform. Such a combination increases security of the solution, preserves backward compatibility to RFID technology and enables great flexibility in protection of authentication secrets on the mobile platform. To demonstrate such a flexibility, we present a platform security concept which can be instantiate din various deployment options and provides the means to achieve best possible security given available hardware.We implemented our solution on Android and instantiated the platform security concept in three different deployment options. We evaluate security of our solution and report performance measurements
  @inproceedings{CarSharing2017, abstract = {In this paper, we present a new access control system for free-floating car sharing, which achieves a number of appealing features not available in the state-of-the-art solutions.First of all, it does not require online connection for cars,and, therefore, allows car sharing providers to expand their services to areas without reliable network coverage (e.g., with blind spots). Second, the solution is compatible to RFID cards – the most commonly deployed authentication token sin car sharing, and can be deployed on standard mobile platforms with various hardware features. Third, it is fully compatible with off-the-shelf cars and does not require any intrusive modifications to car’s internals.These new properties can be achieved due to a novel system design which deploys two-factor authentication and combines an RFID card (the real one or emulated in software) with a”soft” authentication token stored on a mobile platform. Such a combination increases security of the solution, preserves backward compatibility to RFID technology and enables great flexibility in protection of authentication secrets on the mobile platform. To demonstrate such a flexibility, we present a platform security concept which can be instantiate din various deployment options and provides the means to achieve best possible security given available hardware.We implemented our solution on Android and instantiated the platform security concept in three different deployment options. We evaluate security of our solution and report performance measurements}, author = {Dmitrienko, Alexandra and Plappert, Christian}, booktitle = {ACM Conference on Data and Application Security and Privacy (ACM CODASPY)}, keywords = {International-Conference-Workshop-Papers-Book-Chapters sss-group}, title = {Secure Free-Floating Car Sharing for Offline Cars}, year = 2017 }
• Software Grand Exposure: SGX Cache Attacks Are Practical. Brasser, Ferdinand; Müller, Urs; Dmitrienko, Alexandra; Kostiainen, Kari; Capkun, Srdjan; Sadeghi, Ahmad-Reza; in USENIX Workshop on Offensive Technologies (WOOT 17) (2017).
  [ Abstract ] [ BibTeX ] [ URL ] [ Download ]
   
  Side-channel information leakage is a known limitation of SGX. Researchers have demonstrated that secret-dependent information can be extracted from enclave execution through page-fault access patterns. Consequently, various recent research efforts are actively seeking countermeasures to SGX side-channel attacks. It is widely assumed that SGX may be vulnerable to other side channels, such as cache access pattern monitoring,as well. However, prior to our work, the practicality and the extent of such information leakage was not studied.In this paper we demonstrate that cache-based attacks are indeed a serious threat to the confidentiality of SGX-protected programs. Our goal was to design an attack that is hard to mitigate using known defenses, and there-fore we mount our attack without interrupting enclave execution. This approach has major technical challenges,since the existing cache monitoring techniques experience significant noise if the victim process is not interrupted. We designed and implemented novel attack techniques to reduce this noise by leveraging the capabilities of the privileged adversary. Our attacks are able to recover confidential information from SGX enclaves,which we illustrate in two example cases: extraction of an entire RSA-2048 key during RSA decryption, and detection of specific human genome sequences during genomic indexing. We show that our attacks are more effective than previous cache attacks and harder to mitigate than previous SGX side-channel attacks.
  @article{206170, abstract = {Side-channel information leakage is a known limitation of SGX. Researchers have demonstrated that secret-dependent information can be extracted from enclave execution through page-fault access patterns. Consequently, various recent research efforts are actively seeking countermeasures to SGX side-channel attacks. It is widely assumed that SGX may be vulnerable to other side channels, such as cache access pattern monitoring,as well. However, prior to our work, the practicality and the extent of such information leakage was not studied.In this paper we demonstrate that cache-based attacks are indeed a serious threat to the confidentiality of SGX-protected programs. Our goal was to design an attack that is hard to mitigate using known defenses, and there-fore we mount our attack without interrupting enclave execution. This approach has major technical challenges,since the existing cache monitoring techniques experience significant noise if the victim process is not interrupted. We designed and implemented novel attack techniques to reduce this noise by leveraging the capabilities of the privileged adversary. Our attacks are able to recover confidential information from SGX enclaves,which we illustrate in two example cases: extraction of an entire RSA-2048 key during RSA decryption, and detection of specific human genome sequences during genomic indexing. We show that our attacks are more effective than previous cache attacks and harder to mitigate than previous SGX side-channel attacks.}, address = {Vancouver, BC}, author = {Brasser, Ferdinand and M{ü}ller, Urs and Dmitrienko, Alexandra and Kostiainen, Kari and Capkun, Srdjan and Sadeghi, Ahmad-Reza}, booktitle = {{USENIX} Workshop on Offensive Technologies ({WOOT} 17)}, institution = {USENIX Association}, keywords = {sys:relevantfor:sss-group Attacks SGX myown sss-group}, month = {aug}, title = {Software Grand Exposure: {SGX} Cache Attacks Are Practical}, year = 2017 }
• POSTER: Secure Free-Floating Car Sharing for Offline Cars (an outstanding poster award). Dmitrienko, Alexandra; Plappert, Christian; in ACM Conference on Data and Application Security and Privacy (ACM CODASPY) (2017).
  [ BibTeX ] [ Download ]
   
  @inproceedings{BitcoinOffline2017-poster, author = {Dmitrienko, Alexandra and Plappert, Christian}, booktitle = {ACM Conference on Data and Application Security and Privacy (ACM CODASPY)}, keywords = {International-Conference-Workshop-Papers-Book-Chapters myown sss-group}, month = {March}, title = {{POSTER}: Secure Free-Floating Car Sharing for Offline Cars (an outstanding poster award)}, year = 2017 }
• Phonion: Practical Protection of Metadata in Telephony Networks. Heuser, Stephan; Reaves, Bradley; Pendyala, Praveen Kumar; Carter, Henry; Dmitrienko, Alexandra; Enck, William; Kiyavash, Negar; Sadeghi, Ahmad-Reza; Traynor, Patrick; in Proceedings on Privacy Enhancing Technologies (PoPETs) (2017).
  [ Abstract ] [ BibTeX ] [ Download ]
   
  The majority of people across the globe rely on telephony networks as their primary means of communication. As such, many of the most sensitive personal, corporate and government related communications pass through these systems every day. Unsurprisingly, such connections are subject to a wide range of attacks. Of increasing concern is the use of metadata contained in Call Detail Records (CDRs), which contain source, destination, start time and duration of a call.This information is potentially dangerous as the very act of two parties communicating can reveal significant details about their relationship and put them in the focus of targeted observation or surveillance, which is highly critical especially for journalists and activists.To address this problem, we develop the Phonion architecture to frustrate such attacks by separating call setup functions from call delivery. Specifically, Phonion allows users to preemptively establish call circuits across multiple providers and technologies before dialing into the circuit and does not require constant Internet connectivity. Since no single carrier can determine the ultimate destination of the call, it provides unlinkability for its users and helps them to avoid passive surveillance. We define and discuss a range of adversary classes and analyze why current obfuscation technologies fail to protect users against such metadata attacks. In our extensive evaluation we further analyze advanced anonymity technologies (e.g., VoIP over Tor), which do not preserve our functional requirements for high voice quality in the absence of constant broadband Internet connectivity and compatibility with landline and feature phones. Phonion is the first practical system to provide guarantees of unlinkable communication against a range of practical adversaries in telephony systems.
  @inproceedings{Phonion2017, abstract = {The majority of people across the globe rely on telephony networks as their primary means of communication. As such, many of the most sensitive personal, corporate and government related communications pass through these systems every day. Unsurprisingly, such connections are subject to a wide range of attacks. Of increasing concern is the use of metadata contained in Call Detail Records (CDRs), which contain source, destination, start time and duration of a call.This information is potentially dangerous as the very act of two parties communicating can reveal significant details about their relationship and put them in the focus of targeted observation or surveillance, which is highly critical especially for journalists and activists.To address this problem, we develop the Phonion architecture to frustrate such attacks by separating call setup functions from call delivery. Specifically, Phonion allows users to preemptively establish call circuits across multiple providers and technologies before dialing into the circuit and does not require constant Internet connectivity. Since no single carrier can determine the ultimate destination of the call, it provides unlinkability for its users and helps them to avoid passive surveillance. We define and discuss a range of adversary classes and analyze why current obfuscation technologies fail to protect users against such metadata attacks. In our extensive evaluation we further analyze advanced anonymity technologies (e.g., VoIP over Tor), which do not preserve our functional requirements for high voice quality in the absence of constant broadband Internet connectivity and compatibility with landline and feature phones. Phonion is the first practical system to provide guarantees of unlinkable communication against a range of practical adversaries in telephony systems.}, author = {Heuser, Stephan and Reaves, Bradley and Pendyala, Praveen Kumar and Carter, Henry and Dmitrienko, Alexandra and Enck, William and Kiyavash, Negar and Sadeghi, Ahmad-Reza and Traynor, Patrick}, booktitle = {Proceedings on Privacy Enhancing Technologies (PoPETs)}, keywords = {sys:relevantfor:sss-group myown sss-group}, title = {Phonion: Practical Protection of Metadata in Telephony Networks}, year = 2017 }
• Secure Wallet-Assisted Offline Bitcoin Payments with Double-Spender Revocation (distinguished paper award). Dmitrienko, Alexandra; Noack, David; Yung, Moti; in ACM Conference on Information, Computer and Communications Security (AsiaCCS) (2017).
  [ Abstract ] [ BibTeX ] [ Download ]
   
  Bitcoin seems to be the most successful cryptocurrency so far given the growing real life deployment and popularity.While Bitcoin requires clients to be online to perform trans-actions and a certain amount of time to verify them, there are many real life scenarios that demand for offline and immediate payments (e.g., mobile ticketing, vending machines,etc). However, offline payments in Bitcoin raise non-trivial security challenges, as the payee has no means to verify the received coins without having access to the Bitcoin network.Moreover, even online immediate payments are shown to be vulnerable to double-spending attacks.In this paper, we propose the first solution for Bitcoin payments, which enables secure payments with Bitcoin in offline settings and in scenarios where payments need to be immediately accepted. Our approach relies on an offline wallet and deploys several novel security mechanisms to prevent double-spending and to verify the coin validity in offline set-ting. These mechanisms achieve probabilistic security to guarantee that the attack probability is lower than the de-sired threshold. We provide a security and risk analysis as well as model security parameters for various adversaries.We further eliminate remaining risks by detection of misbehaving wallets and their revocation.We implemented our solution for mobile Android client sand instantiated an offline wallet using a microSD security card. Our implementation demonstrates that smooth integration over a very prevalent platform (Android) is possible,and that offline and online payments can practically co-exist.We also discuss alternative deployment approach for the offline wallet which does not leverage secure hardware, but instead relies on a deposit system managed by the Bitcoin network.
  @inproceedings{BitcoinOffline2017, abstract = {Bitcoin seems to be the most successful cryptocurrency so far given the growing real life deployment and popularity.While Bitcoin requires clients to be online to perform trans-actions and a certain amount of time to verify them, there are many real life scenarios that demand for offline and immediate payments (e.g., mobile ticketing, vending machines,etc). However, offline payments in Bitcoin raise non-trivial security challenges, as the payee has no means to verify the received coins without having access to the Bitcoin network.Moreover, even online immediate payments are shown to be vulnerable to double-spending attacks.In this paper, we propose the first solution for Bitcoin payments, which enables secure payments with Bitcoin in offline settings and in scenarios where payments need to be immediately accepted. Our approach relies on an offline wallet and deploys several novel security mechanisms to prevent double-spending and to verify the coin validity in offline set-ting. These mechanisms achieve probabilistic security to guarantee that the attack probability is lower than the de-sired threshold. We provide a security and risk analysis as well as model security parameters for various adversaries.We further eliminate remaining risks by detection of misbehaving wallets and their revocation.We implemented our solution for mobile Android client sand instantiated an offline wallet using a microSD security card. Our implementation demonstrates that smooth integration over a very prevalent platform (Android) is possible,and that offline and online payments can practically co-exist.We also discuss alternative deployment approach for the offline wallet which does not leverage secure hardware, but instead relies on a deposit system managed by the Bitcoin network.}, author = {Dmitrienko, Alexandra and Noack, David and Yung, Moti}, booktitle = {ACM Conference on Information, Computer and Communications Security (AsiaCCS)}, keywords = {International-Conference-Workshop-Papers-Book-Chapters sss-group}, title = {Secure Wallet-Assisted Offline {Bitcoin} Payments with Double-Spender Revocation (distinguished paper award)}, year = 2017 }

2016

• POSTER: Phonion: Frustrating Telephony Metadata Analysis. Heuser, Stephan; Reaves, Bradley; Pendyala, Praveen Kumar; Carter, Henry; Dmitrienko, Alexandra; Enck, William; Sadeghi, Ahmad-Reza; Traynor, Patrick; in Network and Distributed System Security Symposium (NDSS) (2016).
  [ Abstract ] [ BibTeX ] [ Download ]
   
  Phone companies record network use by individual customers via Call Detail Records (CDRs). CDRs contain important metadata ranging from call source and destination to duration of the connection, route through the network and identification of the network device writing the call record.Historically, CDRs have served as a means of not only properly billing customers for the services they use, but also as a way of identifying and debugging network errors.This metadata has most recently been associated with large-scale collection campaigns by intelligence agencies. While these organizations often assert that such programs are necessary to prevent crime and terrorism, privacy advocates argue that the complete cataloging of telephony actions erode civil liberties. However, what researchers and policy makers have generally failed to consider is that a range of other adversaries may also use CDRs to violate the privacy of targeted individuals. In 2006, for example, detectives hired by executives at HP were able to use social engineering to acquire phone records and determine the identity of an anonymous corporate board member who leaked sensitive information to journalists. Such attacks are not limited to private detectives, but have also been executed by jealous spouses, curious neighbors, companies paying for employee cell phones, rogue employees at cellular providers and more. In fact, last September it was revealed that Vodafone scoured a journalist’s personal phone records to discover her sources on a story about Vodafone security problems [1] . Accordingly, strong mechanisms for making analysis of CDRs difficult is crucial to the privacy of citizens across the world.Taking the importance of call metadata for user privacy into consideration, there are prior attempts to build anonymous telecommunication systems based on Voice over IP (VoIP) and anonymization networks like Tor. However, these solutions do not provide adequate quality of service for voice calls.Moreover, they require fast and reliable Internet connectivity,which might not always be available. For instance, Internet access in countries with a repressive regime can be shut down to prevent dissemination of non-censored information. Further,even if Internet access is generally available, access to the Tor network could be censored.
  @inproceedings{PhonionPoster, abstract = {Phone companies record network use by individual customers via Call Detail Records (CDRs). CDRs contain important metadata ranging from call source and destination to duration of the connection, route through the network and identification of the network device writing the call record.Historically, CDRs have served as a means of not only properly billing customers for the services they use, but also as a way of identifying and debugging network errors.This metadata has most recently been associated with large-scale collection campaigns by intelligence agencies. While these organizations often assert that such programs are necessary to prevent crime and terrorism, privacy advocates argue that the complete cataloging of telephony actions erode civil liberties. However, what researchers and policy makers have generally failed to consider is that a range of other adversaries may also use CDRs to violate the privacy of targeted individuals. In 2006, for example, detectives hired by executives at HP were able to use social engineering to acquire phone records and determine the identity of an anonymous corporate board member who leaked sensitive information to journalists. Such attacks are not limited to private detectives, but have also been executed by jealous spouses, curious neighbors, companies paying for employee cell phones, rogue employees at cellular providers and more. In fact, last September it was revealed that Vodafone scoured a journalist’s personal phone records to discover her sources on a story about Vodafone security problems [1] . Accordingly, strong mechanisms for making analysis of CDRs difficult is crucial to the privacy of citizens across the world.Taking the importance of call metadata for user privacy into consideration, there are prior attempts to build anonymous telecommunication systems based on Voice over IP (VoIP) and anonymization networks like Tor. However, these solutions do not provide adequate quality of service for voice calls.Moreover, they require fast and reliable Internet connectivity,which might not always be available. For instance, Internet access in countries with a repressive regime can be shut down to prevent dissemination of non-censored information. Further,even if Internet access is generally available, access to the Tor network could be censored.}, author = {Heuser, Stephan and Reaves, Bradley and Pendyala, Praveen Kumar and Carter, Henry and Dmitrienko, Alexandra and Enck, William and Sadeghi, Ahmad-Reza and Traynor, Patrick}, booktitle = {Network and Distributed System Security Symposium (NDSS)}, keywords = {International-Conference-Workshop-Papers-Book-Chapters sss-group}, month = {February}, title = {{POSTER}: Phonion: Frustrating Telephony Metadata Analysis}, year = 2016 }

2015

• Market-driven Code Provisioning to Mobile Secure Hardware. Dmitrienko, Alexandra; Heuser, Stephan; Nguyen, Thien Duc; da Silva Ramos, Marcos; Rein, Andre; Sadeghi, Ahmad-Reza; in Financial Cryptography and Data Security Conference (FC) (2015).
  [ BibTeX ] [ Download ]
   
  @inproceedings{TUD-CS-2015-0005, author = {Dmitrienko, Alexandra and Heuser, Stephan and Nguyen, Thien Duc and da Silva Ramos, Marcos and Rein, Andre and Sadeghi, Ahmad-Reza}, booktitle = {Financial Cryptography and Data Security Conference (FC)}, keywords = {Architecture Cards Hardware International-Conference-Workshop-Papers-Book-Chapters Java Mobile Platforms Secure Security sss-group}, month = {January}, title = {Market-driven Code Provisioning to Mobile Secure Hardware}, year = 2015 }
• Security and Privacy Aspects of Mobile Platforms and Applications. Dmitrienko, Alexandra; (2015).
  [ Abstract ] [ BibTeX ] [ Download ]
   
  Mobile smart devices (such as smartphones and tablets) emerged to dominant computing platforms for end-users. The capabilities of these convenient mini-computers seem nearly boundless: They feature compelling computing power and storage resources, new interfaces such as Near Field Communication (NFC) and Bluetooth Low Energy (BLE),connectivity to cloud services, as well as a vast number and variety of apps. By installing these apps, users can turn a mobile device into a music player, a gaming console,a navigation system, a business assistant, and more. In addition, the current trend of increased screen sizes make these devices reasonable replacements for traditional (mobile)computing platforms such as laptops.On the other hand, mobile platforms process and store the extensive amount of sensitive information about their users, ranging from the user ’s location data to credentials for online banking and enterprise Virtual Private Networks (VPNs). This raises many security and privacy concerns and makes mobile platforms attractive targets for attackers. The rapid increase in number, variety and sophistication of attacks demonstrate that the protection mechanisms offered by mobile systems today are insufficient and improvements are necessary in order to make mobile devices capable of withstanding modern security and privacy threats.This dissertation focuses on various aspects of security and privacy of mobile platforms.In particular, it consists of three parts: (i) advanced attacks on mobile platforms and countermeasures; (ii) online authentication security for mobile systems, and (iii) secure mobile applications and services.Specifically, the first part of the dissertation concentrates on advanced attacks on mobile platforms, such as code re-use attacks that hijack execution flow of benign apps without injecting malicious code, and application-level privilege escalation attacks that allow malicious or compromised apps to gain more privileges than were initially granted. In this context, we develop new advanced code re-use attack techniques that can bypass deployed protection mechanisms (e.g., Address Space Layout Randomization (ASLR)) and cannot be detected by any of the existing security tools (e.g., return address checkers). Further, we investigate the problem of application-level privilege escalation attacks on mobile platforms like Android, study and classify them, develop proof of concept exploits and propose countermeasures against these attacks. Our countermeasures can mitigate all types of application-level privilege escalation attacks, in contrast to alternative solutions proposed in literature.In the second part of the dissertation we investigate online authentication schemes frequently utilized by mobile users, such as the most common web authentication based upon the user’s passwords and the recently widespread mobile2-factor authentication(2FA) which extends the password-based approach with a secondary authenticator sent toa user ’s mobile device or generated on it (e.g, a One-time Password (OTP) or Transaction Authentication Number (TAN)). In this context we demonstrate various weaknesses ofmobile2FAschemes deployed for login verification by global Internet service providers(such as Google, Dropbox, Twitter, and Facebook) and by a popular Google Authenticator app. These weaknesses allow an attacker to impersonate legitimate users even if their mobile device with the secondary authenticator is not compromised. We then go one step further and develop a general attack method for bypassing mobile2FAschemes.Our method relies on a cross-platform infection (mobile-to-PC or PC-to-mobile) as a first step in order to compromise the Personal Computer (PC) and a mobile device of the same user. We develop proof-of-concept prototypes for a cross-platform infection and show how an attacker can bypass various instantiations of mobile2FAschemes once both devices,PC and the mobile platform, are infected. We then deliver proof-of-concept attack implementations that bypass online banking solutions based on SMS-based TAN sand visual cryptograms, as well as login verification schemes deployed by various Internet service providers. Finally, we propose a wallet-based secure solution for password-based authentication which requires no secondary authenticator, and yet provides better security guaranties than, e.g., mobile2FAschemes.The third part of the dissertation concerns design and development of security sensitive mobile applications and services. In particular, our first application allows mobile users to replace usual keys (for doors, cars, garages, etc.) with their mobile devices. It uses electronic access tokens which are generated by the central key server and then downloaded into mobile devices for user authentication. Our solution protects access tokens in transit (e.g., while they are downloaded on the mobile device) and when they are stored and processed on the mobile platform. The unique feature of our solution is offline delegation: Users can delegate (a portion of) their access rights to other users without accessing the key server. Further, our solution is efficient even when used with constraint communication interfaces like NFC.The second application we developed is devoted to resource sharing among mobile users in ad-hoc mobile networks. It enables users to, e.g., exchange files and text messages,or share their tethering connection. Our solution addresses security threats specific toresource sharing and features the required security mechanisms (e.g., access control of resources, pseudonymity for users, and accountability for resource use). One of the key features of our solution is a privacy-preserving access control of resources based on FoF Finder (FoFF) service, which provides a user-friendly means to configure access control based upon information from social networks (e.g., friendship information) while preserving user privacy (e.g., not revealing their social network identifiers).The results presented in this dissertation were included in several peer-reviewed publications [71,91,58,107,109,61,110,65,64,30] and extended technical reports [95,57,108,31]1. Some of these publications had significant impact on follow up research.For example, our publications on new forms of code re-use attacks [71,91] motivated researchers to develop more advanced forms of ASLR(e.g., [232,156,293,157]) and tore-consider the idea of using Control-Flow Integrity (CFI) (e.g., [51,300,303,182,233,77]). Further, our work on application-level privilege escalation attacks [94,57,59] was followed by many other publications addressing this problem (e.g., [106,122,209,155,146,69,63,302]). Moreover, our access control solution using mobile devices as access tokens[110,65] demonstrated significant practical impact: in2013it was chosen as a highlight of CeBIT – the world’s largest international computer expo, and was then deployed by a large enterprise to be used by tens of thousands of company employees and millions of customers.
  @phdthesis{tuprints4611, abstract = {Mobile smart devices (such as smartphones and tablets) emerged to dominant computing platforms for end-users. The capabilities of these convenient mini-computers seem nearly boundless: They feature compelling computing power and storage resources, new interfaces such as Near Field Communication (NFC) and Bluetooth Low Energy (BLE),connectivity to cloud services, as well as a vast number and variety of apps. By installing these apps, users can turn a mobile device into a music player, a gaming console,a navigation system, a business assistant, and more. In addition, the current trend of increased screen sizes make these devices reasonable replacements for traditional (mobile)computing platforms such as laptops.On the other hand, mobile platforms process and store the extensive amount of sensitive information about their users, ranging from the user ’s location data to credentials for online banking and enterprise Virtual Private Networks (VPNs). This raises many security and privacy concerns and makes mobile platforms attractive targets for attackers. The rapid increase in number, variety and sophistication of attacks demonstrate that the protection mechanisms offered by mobile systems today are insufficient and improvements are necessary in order to make mobile devices capable of withstanding modern security and privacy threats.This dissertation focuses on various aspects of security and privacy of mobile platforms.In particular, it consists of three parts: (i) advanced attacks on mobile platforms and countermeasures; (ii) online authentication security for mobile systems, and (iii) secure mobile applications and services.Specifically, the first part of the dissertation concentrates on advanced attacks on mobile platforms, such as code re-use attacks that hijack execution flow of benign apps without injecting malicious code, and application-level privilege escalation attacks that allow malicious or compromised apps to gain more privileges than were initially granted. In this context, we develop new advanced code re-use attack techniques that can bypass deployed protection mechanisms (e.g., Address Space Layout Randomization (ASLR)) and cannot be detected by any of the existing security tools (e.g., return address checkers). Further, we investigate the problem of application-level privilege escalation attacks on mobile platforms like Android, study and classify them, develop proof of concept exploits and propose countermeasures against these attacks. Our countermeasures can mitigate all types of application-level privilege escalation attacks, in contrast to alternative solutions proposed in literature.In the second part of the dissertation we investigate online authentication schemes frequently utilized by mobile users, such as the most common web authentication based upon the user’s passwords and the recently widespread mobile2-factor authentication(2FA) which extends the password-based approach with a secondary authenticator sent toa user ’s mobile device or generated on it (e.g, a One-time Password (OTP) or Transaction Authentication Number (TAN)). In this context we demonstrate various weaknesses ofmobile2FAschemes deployed for login verification by global Internet service providers(such as Google, Dropbox, Twitter, and Facebook) and by a popular Google Authenticator app. These weaknesses allow an attacker to impersonate legitimate users even if their mobile device with the secondary authenticator is not compromised. We then go one step further and develop a general attack method for bypassing mobile2FAschemes.Our method relies on a cross-platform infection (mobile-to-PC or PC-to-mobile) as a first step in order to compromise the Personal Computer (PC) and a mobile device of the same user. We develop proof-of-concept prototypes for a cross-platform infection and show how an attacker can bypass various instantiations of mobile2FAschemes once both devices,PC and the mobile platform, are infected. We then deliver proof-of-concept attack implementations that bypass online banking solutions based on SMS-based TAN sand visual cryptograms, as well as login verification schemes deployed by various Internet service providers. Finally, we propose a wallet-based secure solution for password-based authentication which requires no secondary authenticator, and yet provides better security guaranties than, e.g., mobile2FAschemes.The third part of the dissertation concerns design and development of security sensitive mobile applications and services. In particular, our first application allows mobile users to replace usual keys (for doors, cars, garages, etc.) with their mobile devices. It uses electronic access tokens which are generated by the central key server and then downloaded into mobile devices for user authentication. Our solution protects access tokens in transit (e.g., while they are downloaded on the mobile device) and when they are stored and processed on the mobile platform. The unique feature of our solution is offline delegation: Users can delegate (a portion of) their access rights to other users without accessing the key server. Further, our solution is efficient even when used with constraint communication interfaces like NFC.The second application we developed is devoted to resource sharing among mobile users in ad-hoc mobile networks. It enables users to, e.g., exchange files and text messages,or share their tethering connection. Our solution addresses security threats specific toresource sharing and features the required security mechanisms (e.g., access control of resources, pseudonymity for users, and accountability for resource use). One of the key features of our solution is a privacy-preserving access control of resources based on FoF Finder (FoFF) service, which provides a user-friendly means to configure access control based upon information from social networks (e.g., friendship information) while preserving user privacy (e.g., not revealing their social network identifiers).The results presented in this dissertation were included in several peer-reviewed publications [71,91,58,107,109,61,110,65,64,30] and extended technical reports [95,57,108,31]1. Some of these publications had significant impact on follow up research.For example, our publications on new forms of code re-use attacks [71,91] motivated researchers to develop more advanced forms of ASLR(e.g., [232,156,293,157]) and tore-consider the idea of using Control-Flow Integrity (CFI) (e.g., [51,300,303,182,233,77]). Further, our work on application-level privilege escalation attacks [94,57,59] was followed by many other publications addressing this problem (e.g., [106,122,209,155,146,69,63,302]). Moreover, our access control solution using mobile devices as access tokens[110,65] demonstrated significant practical impact: in2013it was chosen as a highlight of CeBIT – the world’s largest international computer expo, and was then deployed by a large enterprise to be used by tens of thousands of company employees and millions of customers.}, author = {Dmitrienko, Alexandra}, keywords = {Theses myown privacy security sss-group}, month = {April}, school = {TU Darmstadt}, title = {Security and Privacy Aspects of Mobile Platforms and Applications}, year = 2015 }

2014

• Security Analysis of Mobile Two-Factor Authentication Schemes. Dmitrienko, Alexandra; Liebchen, Christopher; Rossow, Christian; Sadeghi, Ahmad-Reza; in Intel Technology Journal (ITJ) (2014).
  [ Abstract ] [ BibTeX ] [ Download ]
   
  Two-factor authentication (2FA) schemes aim at strengthening the security of login-password–based authentication by deploying secondary authentication tokens. In this context, mobile 2FA schemes require no additional hardware (such as a smartcard) to store and handle the secondary authentication token, and hence are considered as a reasonable trade off between security, usability, and cost. They are widely used in online banking and increasingly deployed by Internet service providers.In this article, we investigate 2FA implementations of several well-known Internet service providers such as Google, Dropbox, Twitter, and Facebook. We identify various weaknesses that allow an attacker to easily bypass 2FA, even when the secondary authentication token is not under the attacker’s control. We then go a step further and present a more general attack against mobile 2FA schemes. Our attack relies on a cross-platform infection that subverts control over both end points (PC and a mobile device) involved in the authentication protocol.We apply this attack in practice and successfully circumvent diverse schemes: SMS-based TAN solutions of four large banks, one instance of a visual TAN scheme, 2FA login verification systems of Google, Dropbox, Twitter, and Facebook accounts, and the Google Authenticator app currently used by 32 third-party service providers. Finally, we cluster and analyze hundreds of real-world malicious Android apps that target mobile 2FA schemes and show that banking Trojans already deploy mobile counterparts that steal 2FA credentials like TANs.
  @article{DmLiRoSa2014, abstract = {Two-factor authentication (2FA) schemes aim at strengthening the security of login-password–based authentication by deploying secondary authentication tokens. In this context, mobile 2FA schemes require no additional hardware (such as a smartcard) to store and handle the secondary authentication token, and hence are considered as a reasonable trade off between security, usability, and cost. They are widely used in online banking and increasingly deployed by Internet service providers.In this article, we investigate 2FA implementations of several well-known Internet service providers such as Google, Dropbox, Twitter, and Facebook. We identify various weaknesses that allow an attacker to easily bypass 2FA, even when the secondary authentication token is not under the attacker’s control. We then go a step further and present a more general attack against mobile 2FA schemes. Our attack relies on a cross-platform infection that subverts control over both end points (PC and a mobile device) involved in the authentication protocol.We apply this attack in practice and successfully circumvent diverse schemes: SMS-based TAN solutions of four large banks, one instance of a visual TAN scheme, 2FA login verification systems of Google, Dropbox, Twitter, and Facebook accounts, and the Google Authenticator app currently used by 32 third-party service providers. Finally, we cluster and analyze hundreds of real-world malicious Android apps that target mobile 2FA schemes and show that banking Trojans already deploy mobile counterparts that steal 2FA credentials like TANs.}, author = {Dmitrienko, Alexandra and Liebchen, Christopher and Rossow, Christian and Sadeghi, Ahmad-Reza}, journal = {Intel Technology Journal (ITJ)}, keywords = {Journal-and-Magazine-Articles sss-group}, title = {Security Analysis of Mobile Two-Factor Authentication Schemes}, year = 2014 }
• On Offline Payments with Bitcoin. Poster abstract. Dmitrienko, Alexandra; Noack, David; Sadeghi, Ahmad-Reza; Yung, Moti; in Workshop on Bitcoin Research (BITCOIN'14) (2014).
  [ BibTeX ] [ Download ]
   
  @inproceedings{bitcoin-offline, author = {Dmitrienko, Alexandra and Noack, David and Sadeghi, Ahmad-Reza and Yung, Moti}, booktitle = {Workshop on Bitcoin Research (BITCOIN'14)}, keywords = {International-Conference-Workshop-Papers-Book-Chapters sss-group}, month = {March}, title = {On Offline Payments with {Bitcoin. Poster} abstract}, year = 2014 }
• Key2Share for Authentication Services. Busold, Christoph; Dmitrienko, Alexandra; Wachsmann, Christian; in SmartCard Workshop (SRC) (2014).
  [ Abstract ] [ BibTeX ] [ Download ]
   
  Key2Share is a smartphone-based solution for authentication services that allows users to manage their access rights to different physical resources on their mobile device. The system is applicable to various application scenarios, such as access control to enterprise facilities, hotel rooms, houses and cars. Key2Share complies with high security standards by providing reliable protection for keys in transit and on the mobile platform. Particularly, it employs modern cryptography to protect keys in transfer and leverages secure hardware (such as smartcards) for storing and handling cryptographic secrets in isolation from untrusted code, such as mobile operating system and apps.
  @inproceedings{TUD-CS-2014-0038, abstract = {Key2Share is a smartphone-based solution for authentication services that allows users to manage their access rights to different physical resources on their mobile device. The system is applicable to various application scenarios, such as access control to enterprise facilities, hotel rooms, houses and cars. Key2Share complies with high security standards by providing reliable protection for keys in transit and on the mobile platform. Particularly, it employs modern cryptography to protect keys in transfer and leverages secure hardware (such as smartcards) for storing and handling cryptographic secrets in isolation from untrusted code, such as mobile operating system and apps.}, author = {Busold, Christoph and Dmitrienko, Alexandra and Wachsmann, Christian}, booktitle = {SmartCard Workshop (SRC)}, keywords = {sys:relevantfor:sss-group International-Conference-Workshop-Papers-Book-Chapters myown sss-group}, month = {February}, title = {{Key2Share} for Authentication Services}, year = 2014 }
• POSTER. Bitcoin2Go: Secure Offline and Fast Payments with Bitcoins. Dmitrienko, Alexandra; Noack, David; Sadeghi, Ahmad-Reza; Yung, Moti; in Financial Cryptography and Data Security Conference (FC) (2014).
  [ BibTeX ] [ Download ]
   
  @inproceedings{TUD-CS-2014-0039, author = {Dmitrienko, Alexandra and Noack, David and Sadeghi, Ahmad-Reza and Yung, Moti}, booktitle = {Financial Cryptography and Data Security Conference (FC)}, keywords = {Bitcoin International-Conference-Workshop-Papers-Book-Chapters myown sss-group}, month = {March}, title = {{POSTER. Bitcoin2Go:} Secure Offline and Fast Payments with {Bitcoins}}, year = 2014 }
• On the (In)Security of Mobile Two-Factor Authentication. Dmitrienko, Alexandra; Liebchen, Christopher; Rossow, Christian; Sadeghi, Ahmad-Reza; in Financial Cryptography and Data Security Conference (FC) (2014).
  [ Abstract ] [ BibTeX ] [ Download ]
   
  Two-factor authentication (2FA) schemes aim at strengthening the security of login password-based authentication by deploying secondary authentication tokens. In this context, mobile 2FA schemes re-quire no additional hardware (e.g., a smartcard) to store and handle the secondary authentication token, and hence are considered as a reasonable trade-off between security, usability and costs. They are widely used in online banking and increasingly deployed by Internet service providers.In this paper, we investigate 2FA implementations of several well-known Internet service providers such as Google, Dropbox, Twitter and Face-book. We identify various weaknesses that allow an attacker to easily bypass them, even when the secondary authentication token is not under attacker’s control. We then go a step further and present a more general attack against mobile 2FA schemes. Our attack relies on cross-platform infection that subverts control over both end points (PC and a mobile device) involved in the authentication protocol. We apply this at-tack in practice and successfully circumvent diverse schemes: SMS-based TAN solutions of four large banks, one instance of a visual TAN scheme,2FA login verification systems of Google, Dropbox, Twitter and Face-book accounts, and the Google Authenticator app currently used by 32third-party service providers. Finally, we cluster and analyze hundreds of real-world malicious Android apps that target mobile 2FA schemes and show that banking Trojans already deploy mobile counterparts that steal 2FA credentials like TANs.
  @inproceedings{DLRS2014, abstract = {Two-factor authentication (2FA) schemes aim at strengthening the security of login password-based authentication by deploying secondary authentication tokens. In this context, mobile 2FA schemes re-quire no additional hardware (e.g., a smartcard) to store and handle the secondary authentication token, and hence are considered as a reasonable trade-off between security, usability and costs. They are widely used in online banking and increasingly deployed by Internet service providers.In this paper, we investigate 2FA implementations of several well-known Internet service providers such as Google, Dropbox, Twitter and Face-book. We identify various weaknesses that allow an attacker to easily bypass them, even when the secondary authentication token is not under attacker’s control. We then go a step further and present a more general attack against mobile 2FA schemes. Our attack relies on cross-platform infection that subverts control over both end points (PC and a mobile device) involved in the authentication protocol. We apply this at-tack in practice and successfully circumvent diverse schemes: SMS-based TAN solutions of four large banks, one instance of a visual TAN scheme,2FA login verification systems of Google, Dropbox, Twitter and Face-book accounts, and the Google Authenticator app currently used by 32third-party service providers. Finally, we cluster and analyze hundreds of real-world malicious Android apps that target mobile 2FA schemes and show that banking Trojans already deploy mobile counterparts that steal 2FA credentials like TANs.}, author = {Dmitrienko, Alexandra and Liebchen, Christopher and Rossow, Christian and Sadeghi, Ahmad-Reza}, booktitle = {Financial Cryptography and Data Security Conference (FC)}, keywords = {Technical-Reports Two-Factor authentication myown sss-group}, month = {March}, title = {On the (In)Security of Mobile Two-Factor Authentication}, year = 2014 }

2013

• Just-In-Time Code Reuse: The More Things Change, the More They Stay the Same. Snow, Kevin Z.; Davi, Lucas; Dmitrienko, Alexandra; Liebchen, Christopher; Monrose, Fabian; Sadeghi, Ahmad-Reza; in BlackHat USA (2013).
  [ BibTeX ] [ Download ]
   
  @inproceedings{SDDLMS2013, author = {Snow, Kevin Z. and Davi, Lucas and Dmitrienko, Alexandra and Liebchen, Christopher and Monrose, Fabian and Sadeghi, Ahmad-Reza}, booktitle = {BlackHat USA}, keywords = {International-Conference-Workshop-Papers-Book-Chapters myown sss-group}, month = {aug}, title = {{Just-In-Time} Code Reuse: The More Things Change, the More They Stay the Same}, year = 2013 }
• Do I know you? - Efficient and Privacy-Preserving Common Friend-Finder Protocols and Applications. Nagy, Marcin; Cristofaro, Emiliano De; Dmitrienko, Alexandra; Asokan, N.; Sadeghi, Ahmad-Reza; in Annual Computer Security Applications Conference (ACSAC) (2013).
  [ Abstract ] [ BibTeX ] [ Download ]
   
  The increasing penetration of Online Social Networks (OSNs)prompts the need for effectively accessing and utilizing social net-working information. In numerous applications, users need to make trust and/or access control decisions involving other (possibly stranger) users, and one important factor is often the existence of common social relationships. This motivates the need for secure and privacy-preserving techniques allowing users to assess whether or not they have mutual friends.This paper introduces the Common Friends service, a frame-work for finding common friends which protects privacy of non-mutual friends and guarantees authenticity of friendships. First,we present a generic construction that reduces to secure computation of set intersection, while ensuring authenticity of announced friends via bearer capabilities. Then, we propose an efficient instantiation, based on Bloom filters, that only incurs a constant number of public-key operations and appreciably low communication overhead. Our software is designed so that developers can easily integrate Common Friends into their applications, e.g., to en-force access control based on users’ social proximity in a privacy-preserving manner. Finally, we showcase our techniques in the con-text of an existing application for sharing (tethered) Internet access,whereby users decide to share access depending on the existence of common friends. A comprehensive experimental evaluation attests to the practicality of proposed techniques.
  @inproceedings{NCDAS2013, abstract = {The increasing penetration of Online Social Networks (OSNs)prompts the need for effectively accessing and utilizing social net-working information. In numerous applications, users need to make trust and/or access control decisions involving other (possibly stranger) users, and one important factor is often the existence of common social relationships. This motivates the need for secure and privacy-preserving techniques allowing users to assess whether or not they have mutual friends.This paper introduces the Common Friends service, a frame-work for finding common friends which protects privacy of non-mutual friends and guarantees authenticity of friendships. First,we present a generic construction that reduces to secure computation of set intersection, while ensuring authenticity of announced friends via bearer capabilities. Then, we propose an efficient instantiation, based on Bloom filters, that only incurs a constant number of public-key operations and appreciably low communication overhead. Our software is designed so that developers can easily integrate Common Friends into their applications, e.g., to en-force access control based on users’ social proximity in a privacy-preserving manner. Finally, we showcase our techniques in the con-text of an existing application for sharing (tethered) Internet access,whereby users decide to share access depending on the existence of common friends. A comprehensive experimental evaluation attests to the practicality of proposed techniques.}, author = {Nagy, Marcin and Cristofaro, Emiliano De and Dmitrienko, Alexandra and Asokan, N. and Sadeghi, Ahmad-Reza}, booktitle = {Annual Computer Security Applications Conference (ACSAC)}, keywords = {International-Conference-Workshop-Papers-Book-Chapters myown sss-group}, month = {dec}, organization = {ACM}, title = {Do {I} know you? - {Efficient} and Privacy-Preserving Common Friend-Finder Protocols and Applications}, year = 2013 }
• POSTER: Secure Smartphone-based NFC-enabled Car Immobilizer (an outstanding poster award). Busold, Christoph; Dmitrienko, Alexandra; Seudie, Herve; Taha, Ahmed; Sobhani, Majid; Wachsmann, Christian; Sadeghi, Ahmad-Reza; in ACM Conference on Data and Application Security and Privacy (ACM CODASPY) (2013).
  [ BibTeX ] [ Download ]
   
  @inproceedings{TUD-CS-2013-0004a, author = {Busold, Christoph and Dmitrienko, Alexandra and Seudie, Herve and Taha, Ahmed and Sobhani, Majid and Wachsmann, Christian and Sadeghi, Ahmad-Reza}, booktitle = {ACM Conference on Data and Application Security and Privacy (ACM CODASPY)}, keywords = {International-Conference-Workshop-Papers-Book-Chapters sss-group}, month = {February}, title = {{POSTER}: Secure Smartphone-based {NFC}-enabled Car Immobilizer (an outstanding poster award)}, year = 2013 }
• Smart Keys for Cyber-Cars: Secure Smartphone-Based NFC-Enabled Car Immobilizer. Busold, Christoph; Taha, Ahmed; Wachsmann, Christian; Dmitrienko, Alexandra; Seudie, Hervé; Sobhani, Majid; Sadeghi, Ahmad-Reza; in ACM Conference on Data and Application Security and Privacy (ACM CODASPY), E. Bertino, Sandhu, R. S., Bauer, L., Park, J. (eds.) (2013).
  [ Abstract ] [ BibTeX ] [ URL ] [ Download ]
   
  Smartphones have become very popular and versatile de-vices. An emerging trend is the integration of smartphones into automotive systems and applications, particularly access control systems to unlock cars (doors and immobilizers). Smartphone-based automotive solutions promise to greatly enhance the user’s experience by providing advanced features far beyond the conventional dedicated tokens/tranponders. We present the first opensecurity framework for secure smartphone-based immobilizers. Our generic security architecture protects the electronic access tokens on the smart-phone and provides advanced features such as context-aware access policies, remote issuing and revocation of access rights and their delegation to other users. We discuss various approaches to instantiate our security architecture based on different hardware-based trusted execution environments, and elaborate on their security properties. We implemented our immobilizer system based on the latest Android-based smartphone and a microSD smartcard. Further, we support the algorithmic proofs of the security of the underlying protocols with automated formal verification tools.
  @inproceedings{conf/codaspy/BusoldTWDSSS13, abstract = {Smartphones have become very popular and versatile de-vices. An emerging trend is the integration of smartphones into automotive systems and applications, particularly access control systems to unlock cars (doors and immobilizers). Smartphone-based automotive solutions promise to greatly enhance the user’s experience by providing advanced features far beyond the conventional dedicated tokens/tranponders. We present the first opensecurity framework for secure smartphone-based immobilizers. Our generic security architecture protects the electronic access tokens on the smart-phone and provides advanced features such as context-aware access policies, remote issuing and revocation of access rights and their delegation to other users. We discuss various approaches to instantiate our security architecture based on different hardware-based trusted execution environments, and elaborate on their security properties. We implemented our immobilizer system based on the latest Android-based smartphone and a microSD smartcard. Further, we support the algorithmic proofs of the security of the underlying protocols with automated formal verification tools.}, author = {Busold, Christoph and Taha, Ahmed and Wachsmann, Christian and Dmitrienko, Alexandra and Seudie, Hervé and Sobhani, Majid and Sadeghi, Ahmad-Reza}, booktitle = {ACM Conference on Data and Application Security and Privacy (ACM CODASPY)}, editor = {Bertino, Elisa and Sandhu, Ravi S. and Bauer, Lujo and Park, Jaehong}, keywords = {International-Conference-Workshop-Papers-Book-Chapters sss-group}, publisher = {ACM}, title = {Smart Keys for Cyber-Cars: Secure Smartphone-Based NFC-Enabled Car Immobilizer}, year = 2013 }
• Gadge Me If You Can -- Secure and Efficient Ad-hoc Instruction-Level Randomization for x86 and ARM. Davi, Lucas; Dmitrienko, Alexandra; Nürnberger, Stefan; Sadeghi, Ahmad-Reza; in ACM Conference on Computer and Communications Security (ACM CCS) (2013).
  [ Abstract ] [ BibTeX ] [ Download ]
   
  Code reuse attacks such as return-oriented programming are one of the most powerful threats to contemporary software. ASLR was introduced to impede these attacks by dispersing shared libraries and the executable in memory. However, in practice its entropy is rather low and, more importantly, the leakage of a single address reveals the position of a whole library in memory. The recent mitigation literature followed the route of randomization, applied it at different stages such as source code or the executable binary. However, the code segments still stay in one block. In contrast to previous work, our randomization solution, called XIFER,(1)disperses all code (executable and libraries) across the whole address space, (2) re-randomizes the address space for each run, (3) is compatible to code signing, and (4) does neither require offline static analysis nor source-code. Our prototype implementation supports the Linux ELF file format and covers both mainstream processor architectures x86 and ARM. Our evaluation demonstrates that XIFER performs efficiently at load- and during run-time (1.2% overhead).
  @inproceedings{TUD-CS-2013-0042, abstract = {Code reuse attacks such as return-oriented programming are one of the most powerful threats to contemporary software. ASLR was introduced to impede these attacks by dispersing shared libraries and the executable in memory. However, in practice its entropy is rather low and, more importantly, the leakage of a single address reveals the position of a whole library in memory. The recent mitigation literature followed the route of randomization, applied it at different stages such as source code or the executable binary. However, the code segments still stay in one block. In contrast to previous work, our randomization solution, called XIFER,(1)disperses all code (executable and libraries) across the whole address space, (2) re-randomizes the address space for each run, (3) is compatible to code signing, and (4) does neither require offline static analysis nor source-code. Our prototype implementation supports the Linux ELF file format and covers both mainstream processor architectures x86 and ARM. Our evaluation demonstrates that XIFER performs efficiently at load- and during run-time (1.2% overhead).}, author = {Davi, Lucas and Dmitrienko, Alexandra and N{ü}rnberger, Stefan and Sadeghi, Ahmad-Reza}, booktitle = {ACM Conference on Computer and Communications Security (ACM CCS)}, keywords = {International-Conference-Workshop-Papers-Book-Chapters myown sss-group}, month = {may}, title = {Gadge Me If You Can – Secure and Efficient Ad-hoc Instruction-Level Randomization for x86 and {ARM}}, year = 2013 }
• CrowdShare: Secure Mobile Resource Sharing. Asokan, N.; Dmitrienko, Alexandra; Nagy, Marcin; Reshetova, Elena; Sadeghi, Ahmad-Reza; Schneider, Thomas; Stelle, Stanislaus; in International Conference on Applied Cryptography and Network Security (ACNS) (2013).
  [ Abstract ] [ BibTeX ] [ Download ]
   
  Mobile smart devices and services have become an integral part of our daily life. In this context there are many compelling scenarios for mobile device users to share resources. A popular example is tethering. However, sharing resources also raises privacy and security issues.In this paper, we present CrowdShare, a complete framework and its (Android) implementation for secure and private resource sharing among nearby devices.CrowdShare provides pseudonymity for users, accountability of resource usage, and the possibility of specifying access control in terms of social network relationships. Further,CrowdShare preserves secure connectivity between nearby devices even in the absence of the mobile infrastructure. We have implemented CrowdShare on Android devices and report good performance results.
  @inproceedings{ADNRSSS2013a, abstract = {Mobile smart devices and services have become an integral part of our daily life. In this context there are many compelling scenarios for mobile device users to share resources. A popular example is tethering. However, sharing resources also raises privacy and security issues.In this paper, we present CrowdShare, a complete framework and its (Android) implementation for secure and private resource sharing among nearby devices.CrowdShare provides pseudonymity for users, accountability of resource usage, and the possibility of specifying access control in terms of social network relationships. Further,CrowdShare preserves secure connectivity between nearby devices even in the absence of the mobile infrastructure. We have implemented CrowdShare on Android devices and report good performance results.}, author = {Asokan, N. and Dmitrienko, Alexandra and Nagy, Marcin and Reshetova, Elena and Sadeghi, Ahmad-Reza and Schneider, Thomas and Stelle, Stanislaus}, booktitle = {International Conference on Applied Cryptography and Network Security (ACNS)}, keywords = {Technical-Reports sss-group}, month = {June}, title = {{CrowdShare}: Secure Mobile Resource Sharing}, year = 2013 }
• Just-In-Time Code Reuse: On the Effectiveness of Fine-Grained Address Space Layout Randomization (best student paper award). Snow, Kevin Z.; Davi, Lucas; Dmitrienko, Alexandra; Liebchen, Christopher; Monrose, Fabian; Sadeghi, Ahmad-Reza; in IEEE Symposium on Security and Privacy (S&P) (2013).
  [ Abstract ] [ BibTeX ] [ Download ]
   
  Fine-grained address space layout randomization(ASLR) has recently been proposed as a method of efficiently mitigating runtime attacks. In this paper, we introduce the design and implementation of a framework based on a novel attack strategy, dubbed just-in-time code reuse, that undermines the benefits of fine-grained ASLR. Specifically, we derail the assumptions embodied in fine-grained ASLR by exploiting the ability to repeatedly abuse a memory disclosure to map an application’s memory layout on-the-fly, dynamically discover API functions and gadgets, and JIT-compile a target program using those gadgets—all within a script environment at the time an exploit is launched. We demonstrate the power of our framework by using it in conjunction with a real-world exploit against Internet Explorer, and also provide extensive evaluations that demonstrate the practicality of just-in-time code reuse attacks. Our findings suggest that fine-grained ASLR may not be as promising as first thought.
  @inproceedings{TUD-CS-2013-0026, abstract = {Fine-grained address space layout randomization(ASLR) has recently been proposed as a method of efficiently mitigating runtime attacks. In this paper, we introduce the design and implementation of a framework based on a novel attack strategy, dubbed just-in-time code reuse, that undermines the benefits of fine-grained ASLR. Specifically, we derail the assumptions embodied in fine-grained ASLR by exploiting the ability to repeatedly abuse a memory disclosure to map an application’s memory layout on-the-fly, dynamically discover API functions and gadgets, and JIT-compile a target program using those gadgets—all within a script environment at the time an exploit is launched. We demonstrate the power of our framework by using it in conjunction with a real-world exploit against Internet Explorer, and also provide extensive evaluations that demonstrate the practicality of just-in-time code reuse attacks. Our findings suggest that fine-grained ASLR may not be as promising as first thought.}, author = {Snow, Kevin Z. and Davi, Lucas and Dmitrienko, Alexandra and Liebchen, Christopher and Monrose, Fabian and Sadeghi, Ahmad-Reza}, booktitle = {IEEE Symposium on Security and Privacy (S&P)}, keywords = {sys:relevantfor:sss-group ASLR Code International-Conference-Workshop-Papers-Book-Chapters Just-in-time myown reuse sss-group}, month = {may}, title = {Just-In-Time Code Reuse: On the Effectiveness of Fine-Grained Address Space Layout Randomization (best student paper award)}, year = 2013 }
• Mobile Platform Security Asokan, N.; Davi, Lucas; Dmitrienko, Alexandra; Heuser, Stephan; Kostiainen, Kari; Reshetova, Elena; Sadeghi, Ahmad-Reza; in Synthesis Lectures on Information Security, Privacy, and Trust 2013 (2013). (Vol. 4) Morgan & Claypool.
  [ Abstract ] [ BibTeX ]
   
  Recently, mobile security has garnered considerable interest in both the research community and industry due to the popularity of smartphones. The current smartphone platforms are open systems that allow application development, also for malicious parties. To protect the mobile device, its user, and other mobile ecosystem stakeholders such as network operators, application execution is controlled by a platform security architecture. This book explores how such mobile platform security architectures work. We present a generic model for mobile platform security architectures: the model illustrates commonly used security mechanisms and techniques in mobile devices and allows a systematic comparison of different platforms. We analyze several mobile platforms using the model. In addition, this book explains hardware-security mechanisms typically present in a mobile device. We also discuss enterprise security extensions for mobile platforms and survey recent research in the area of mobile platform security. The objective of this book is to provide a comprehensive overview of the current status of mobile platform security for students, researchers, and practitioners.
  @book{TUD-CS-2013-0362, abstract = {Recently, mobile security has garnered considerable interest in both the research community and industry due to the popularity of smartphones. The current smartphone platforms are open systems that allow application development, also for malicious parties. To protect the mobile device, its user, and other mobile ecosystem stakeholders such as network operators, application execution is controlled by a platform security architecture. This book explores how such mobile platform security architectures work. We present a generic model for mobile platform security architectures: the model illustrates commonly used security mechanisms and techniques in mobile devices and allows a systematic comparison of different platforms. We analyze several mobile platforms using the model. In addition, this book explains hardware-security mechanisms typically present in a mobile device. We also discuss enterprise security extensions for mobile platforms and survey recent research in the area of mobile platform security. The objective of this book is to provide a comprehensive overview of the current status of mobile platform security for students, researchers, and practitioners.}, author = {Asokan, N. and Davi, Lucas and Dmitrienko, Alexandra and Heuser, Stephan and Kostiainen, Kari and Reshetova, Elena and Sadeghi, Ahmad-Reza}, keywords = {myown sss-group}, month = {dec}, number = 3, publisher = {Morgan & Claypool}, series = {Synthesis Lectures on Information Security, Privacy, and Trust 2013}, title = {Mobile Platform Security}, volume = 4, year = 2013 }

2012

• MoCFI: A Framework to Mitigate Control-Flow Attacks on Smartphones. Davi, Lucas; Dmitrienko, Alexandra; Egele, Manuel; Fischer, Thomas; Holz, Thorsten; Hund, Ralf; Nürnberger, Stefan; Sadeghi, Ahmad-Reza; in Network and Distributed System Security Symposium (NDSS) (2012).
  [ Abstract ] [ BibTeX ] [ URL ] [ Download ]
   
  Runtime and control-flow attacks (such as code injection or return-oriented programming) constitute one of the most severe threats to software programs. These attacks are prevalent and have been recently applied to smartphone applications as well, of which hundreds of thousands are downloaded by users every day. While a framework for control-flow integrity (CFI) enforcement, an approach to prohibit this kind of attacks, exists for the Intel x86 plat-form, there is no such a solution for smartphones.In this paper, we present a novel framework, MoCFI(Mobile CFI), that provides a general countermeasure against control-flow attacks on smartphone platforms by en-forcing CFI. We show that CFI on typical smartphone plat-forms powered by an ARM processor is technically involved due to architectural differences between ARM and Intel x86,as well as the specifics of smartphone OSes. Our framework performs CFI on-the-fly during runtime without requiring the application’s source code. For our reference implementation we chose Apple’s iOS, because it has been an attractive target for control-flow attacks. Nevertheless, our frame-work is also applicable to other ARM-based devices such as Google’s Android. Our performance evaluation demon-strates that MoCFI is efficient and does not induce notable overhead when applied to popular iOS applications.
  @inproceedings{TUD-CS-2012-0001, abstract = {Runtime and control-flow attacks (such as code injection or return-oriented programming) constitute one of the most severe threats to software programs. These attacks are prevalent and have been recently applied to smartphone applications as well, of which hundreds of thousands are downloaded by users every day. While a framework for control-flow integrity (CFI) enforcement, an approach to prohibit this kind of attacks, exists for the Intel x86 plat-form, there is no such a solution for smartphones.In this paper, we present a novel framework, MoCFI(Mobile CFI), that provides a general countermeasure against control-flow attacks on smartphone platforms by en-forcing CFI. We show that CFI on typical smartphone plat-forms powered by an ARM processor is technically involved due to architectural differences between ARM and Intel x86,as well as the specifics of smartphone OSes. Our framework performs CFI on-the-fly during runtime without requiring the application’s source code. For our reference implementation we chose Apple’s iOS, because it has been an attractive target for control-flow attacks. Nevertheless, our frame-work is also applicable to other ARM-based devices such as Google’s Android. Our performance evaluation demon-strates that MoCFI is efficient and does not induce notable overhead when applied to popular iOS applications.}, author = {Davi, Lucas and Dmitrienko, Alexandra and Egele, Manuel and Fischer, Thomas and Holz, Thorsten and Hund, Ralf and N{ü}rnberger, Stefan and Sadeghi, Ahmad-Reza}, booktitle = {Network and Distributed System Security Symposium (NDSS)}, keywords = {sys:relevantfor:sss-group Attacks Control-Flow International-Conference-Workshop-Papers-Book-Chapters Mitigate MoCFI Smartphones myown sss-group}, month = {feb}, publisher = {The Internet Society}, title = {{MoCFI}: A Framework to Mitigate Control-Flow Attacks on Smartphones}, year = 2012 }
• Over-the-air Cross-Platform Infection for Breaking mTAN-based Online Banking Authentication. Davi, Lucas; Dmitrienko, Alexandra; Liebchen, Christopher; Sadeghi, Ahmad-Reza; in BlackHat Abu Dhabi (2012).
  [ Abstract ] [ BibTeX ] [ Download ]
   
  We present a novel stealthy cross-platform infection attack in WiFi networks. Our attack has high impact on two-factor authentication schemes that make use of mobile phones. In particular, we apply our attack to break mTAN authentication, one of the most used scheme for online banking worldwide (Europe, US, China). We present the design and implementation of the online banking Trojan which spreads over the WiFi network from the user's PC to her mobile phone and automatically pairs these devices. When paired, the host and the mobile malware deliver to the attacker authentication secrets which allow her to successfully authenticate against the online-banking portal and perform financial transactions in the name of the user. Our attack is stealthy compared to the known banking Trojans ZeuS/ZitMo and SpyEye/Spitmo, as it does not rely on phishing or naive user behavior for malware spreading and pairing. Our reference implementation targets Windows PCs and Android based smartphones, although our attack is not platform specific. To achieve cross-platform infection, we applied and adapted attack techniques such as remote code execution, privilege escalation, GOT overwriting, DLL injection and function hooking. Our attack can he implemented by knowledgeable attackers and calls for re-thinking of security measures deployed for protection of online transactions by banks.
  @inproceedings{TUD-CS-2012-0230, abstract = {We present a novel stealthy cross-platform infection attack in WiFi networks. Our attack has high impact on two-factor authentication schemes that make use of mobile phones. In particular, we apply our attack to break mTAN authentication, one of the most used scheme for online banking worldwide (Europe, US, China). We present the design and implementation of the online banking Trojan which spreads over the WiFi network from the user's PC to her mobile phone and automatically pairs these devices. When paired, the host and the mobile malware deliver to the attacker authentication secrets which allow her to successfully authenticate against the online-banking portal and perform financial transactions in the name of the user. Our attack is stealthy compared to the known banking Trojans ZeuS/ZitMo and SpyEye/Spitmo, as it does not rely on phishing or naive user behavior for malware spreading and pairing. Our reference implementation targets Windows PCs and Android based smartphones, although our attack is not platform specific. To achieve cross-platform infection, we applied and adapted attack techniques such as remote code execution, privilege escalation, GOT overwriting, DLL injection and function hooking. Our attack can he implemented by knowledgeable attackers and calls for re-thinking of security measures deployed for protection of online transactions by banks.}, author = {Davi, Lucas and Dmitrienko, Alexandra and Liebchen, Christopher and Sadeghi, Ahmad-Reza}, booktitle = {BlackHat Abu Dhabi}, keywords = {International-Conference-Workshop-Papers-Book-Chapters myown sss-group}, month = {December}, title = {Over-the-air Cross-Platform Infection for Breaking {mTAN}-based Online Banking Authentication}, year = 2012 }
• XIFER: A Software Diversity Tool Against Code-Reuse Attacks. Davi, Lucas; Dmitrienko, Alexandra; Nürnberger, Stefan; Sadeghi, Ahmad-Reza; in ACM International Workshop on Wireless of the Students, by the Students, for the Students (ACM MOBICOM) (2012).
  [ Abstract ] [ BibTeX ] [ Download ]
   
  The enormous growth of mobile devices and their app markets has raised many security and privacy concerns. Run-time attacks seem to be a major threat, in particular, code-reuse attacks that do not require any external code injection(e.g., return-to-libc or return-oriented programming). We present, for the first time, a code transformation tool that completely mitigates code-reuse attacks by applying software diversity to the binary at runtime. Our tool XIFER(1) randomly diversifies the code of an application over the entire memory for each invocation, (2) requires no source code or any static analysis, (3) can be applied to both Intelx86 and ARM Linux executables, and (4) induces a negligible runtime overhead of only 1% in average.
  @inproceedings{TUD-CS-2012-0135, abstract = {The enormous growth of mobile devices and their app markets has raised many security and privacy concerns. Run-time attacks seem to be a major threat, in particular, code-reuse attacks that do not require any external code injection(e.g., return-to-libc or return-oriented programming). We present, for the first time, a code transformation tool that completely mitigates code-reuse attacks by applying software diversity to the binary at runtime. Our tool XIFER(1) randomly diversifies the code of an application over the entire memory for each invocation, (2) requires no source code or any static analysis, (3) can be applied to both Intelx86 and ARM Linux executables, and (4) induces a negligible runtime overhead of only 1% in average.}, author = {Davi, Lucas and Dmitrienko, Alexandra and N{ü}rnberger, Stefan and Sadeghi, Ahmad-Reza}, booktitle = {ACM International Workshop on Wireless of the Students, by the Students, for the Students (ACM MOBICOM)}, keywords = {International-Conference-Workshop-Papers-Book-Chapters sss-group}, month = {August}, title = {{XIFER}: A Software Diversity Tool Against Code-Reuse Attacks}, year = 2012 }
• SmartTokens: Delegable Access Control with NFC-enabled Smartphones. Dmitrienko, Alexandra; Sadeghi, Ahmad-Reza; Tamrakar, Sandeep; Wachsmann, Christian; in International Conference on Trust and Trustworthy Computing (TRUST) (2012).
  [ Abstract ] [ BibTeX ] [ Download ]
   
  Today’s smartphones and tablets offer compelling computing and storage capabilities enabling a variety of mobile applications with rich functionality. The integration of new interfaces, in particular near field communication (NFC) opens new opportunities for new applications and business models, as the most recent trend in industry for payment and ticketing shows. These applications require storing and processing security-critical data on smartphones, making them attractive targets fora variety of attacks. The state of the art to enhance platform security concerns outsourcing security-critical computations to hardware-isolated Trusted Execution Environments (TrEE). However, since these TrEEsare used by software running in commodity operating systems, malware could impersonate the software and use the TrEE in an unintended way.Further, existing NFC-based access control solutions for smartphones are either not public or based on strong assumptions that are hard to achieve in practice. We present the design and implementation of a generic access control system for NFC-enabled smartphones based on a multi-level security architecture for smartphones. Our solution allows users to delegate their access rights and addresses the bandwidth constraints of NFC.Our prototype captures electronic access to facilities, such as entrances and offices, and binds NFC operations to a software-isolated TrEE established on the widely used Android smartphone operating system. We provide a formal security analysis of our protocols and evaluated the performance of our solution.
  @inproceedings{TUD-CS-2012-0071, abstract = {Today’s smartphones and tablets offer compelling computing and storage capabilities enabling a variety of mobile applications with rich functionality. The integration of new interfaces, in particular near field communication (NFC) opens new opportunities for new applications and business models, as the most recent trend in industry for payment and ticketing shows. These applications require storing and processing security-critical data on smartphones, making them attractive targets fora variety of attacks. The state of the art to enhance platform security concerns outsourcing security-critical computations to hardware-isolated Trusted Execution Environments (TrEE). However, since these TrEEsare used by software running in commodity operating systems, malware could impersonate the software and use the TrEE in an unintended way.Further, existing NFC-based access control solutions for smartphones are either not public or based on strong assumptions that are hard to achieve in practice. We present the design and implementation of a generic access control system for NFC-enabled smartphones based on a multi-level security architecture for smartphones. Our solution allows users to delegate their access rights and addresses the bandwidth constraints of NFC.Our prototype captures electronic access to facilities, such as entrances and offices, and binds NFC operations to a software-isolated TrEE established on the widely used Android smartphone operating system. We provide a formal security analysis of our protocols and evaluated the performance of our solution.}, author = {Dmitrienko, Alexandra and Sadeghi, Ahmad-Reza and Tamrakar, Sandeep and Wachsmann, Christian}, booktitle = {International Conference on Trust and Trustworthy Computing (TRUST)}, keywords = {myown sss-group}, month = {June}, publisher = {Springer}, title = {{SmartTokens}: Delegable Access Control with {NFC}-enabled Smartphones}, year = 2012 }
• Towards Taming Privilege-Escalation Attacks on Android. Bugiel, Sven; Davi, Lucas; Dmitrienko, Alexandra; Fischer, Thomas; Sadeghi, Ahmad-Reza; Shastry, Bhargava; in Network and Distributed System Security Symposium (NDSS) (2012).
  [ Abstract ] [ BibTeX ] [ Download ]
   
  Android’s security framework has been an appealing subject of research in the last few years. Android has been shown to be vulnerable to application-level privilege escalation attacks, such as confused deputy attacks, and more recently, attacks by colluding applications. While most of the proposed approaches aim at solving confused deputy at-tacks, there is still no solution that simultaneously addresses collusion attacks.In this paper, we investigate the problem of designing and implementing a practical security framework for Android to protect against confused deputy and collusion attacks. We realize that defeating collusion attacks calls for a rather system-centric solution as opposed to application-dependent policy enforcement. To support our design decisions, we conduct a heuristic analysis of Android’s system behavior(with popular apps) to identify attack patterns, classify different adversary models, and point out the challenges to be tackled. Then we propose a solution for a system-centric and policy-driven runtime monitoring of communication channels between applications at multiple layers: 1) at the middleware we control IPCs between applications and indirect communication via Android system components. Moreover,inspired by the approach in QUIRE, we establish semantic links between IPCs and enable the reference monitor to verify the call-chain; 2) at the kernel level we realize mandatory access control on the file system (including Unix domain sockets) and local Internet sockets. To allow for runtime,dynamic low-level policy enforcement, we provide a callback channel between the kernel and the middleware. Finally, we evaluate the efficiency and effectiveness of our framework on known confused deputy and collusion attacks, and discuss future directions.
  @inproceedings{TUD-CS-2012-0002, abstract = {Android’s security framework has been an appealing subject of research in the last few years. Android has been shown to be vulnerable to application-level privilege escalation attacks, such as confused deputy attacks, and more recently, attacks by colluding applications. While most of the proposed approaches aim at solving confused deputy at-tacks, there is still no solution that simultaneously addresses collusion attacks.In this paper, we investigate the problem of designing and implementing a practical security framework for Android to protect against confused deputy and collusion attacks. We realize that defeating collusion attacks calls for a rather system-centric solution as opposed to application-dependent policy enforcement. To support our design decisions, we conduct a heuristic analysis of Android’s system behavior(with popular apps) to identify attack patterns, classify different adversary models, and point out the challenges to be tackled. Then we propose a solution for a system-centric and policy-driven runtime monitoring of communication channels between applications at multiple layers: 1) at the middleware we control IPCs between applications and indirect communication via Android system components. Moreover,inspired by the approach in QUIRE, we establish semantic links between IPCs and enable the reference monitor to verify the call-chain; 2) at the kernel level we realize mandatory access control on the file system (including Unix domain sockets) and local Internet sockets. To allow for runtime,dynamic low-level policy enforcement, we provide a callback channel between the kernel and the middleware. Finally, we evaluate the efficiency and effectiveness of our framework on known confused deputy and collusion attacks, and discuss future directions.}, author = {Bugiel, Sven and Davi, Lucas and Dmitrienko, Alexandra and Fischer, Thomas and Sadeghi, Ahmad-Reza and Shastry, Bhargava}, booktitle = {Network and Distributed System Security Symposium (NDSS)}, keywords = {International-Conference-Workshop-Papers-Book-Chapters sss-group}, month = {February}, title = {Towards Taming Privilege-Escalation Attacks on {Android}}, year = 2012 }

2011

• XManDroid: A New Android Evolution to Mitigate Privilege Escalation Attacks. Bugiel, Sven; Davi, Lucas; Dmitrienko, Alexandra; Fischer, Thomas; Sadeghi, Ahmad-Reza; (2011).
  [ Abstract ] [ BibTeX ] [ Download ]
   
  Google Android has become a popular mobile operating system which is increasingly deployed by mobile device manufactures for various platforms. Recent attacks show that Android’s permission framework is vulnerable to application-level privilege escalation attacks, i.e., an application may indirectly gain privileges to perform unauthorized actions.The existing proposals for security extensions to Android’s middle-ware (e.g., Kirin, Saint, TaintDroid, or QUIRE) can-not fully and adequately mitigate these attacks or detect Trojans such as Soundcomber that exploit covert channels in the Android system. In this paper we present the design and implementation of XManDroid(eXtended Monitoring on Android), a security framework that extends the monitoring mechanism of Android to detect and prevent application-level privilege escalation attacks at runtime based on a system-centric system policy. Our implementation dynamically analyzes applications’ transitive permission usage while inducing a minimal performance overhead unnoticeable for the user.Depending on system policy our system representation al-lows for an effective detection of (covert) channels established through the Android system services and content providers while simultaneously optimizing the rate of false positives.We evaluate the effectiveness of XManDroidon our test suite that simulates known application-level privilege escalation attacks (including Soundcomber), and demonstrate successful detection of attacks that use Android’s inter-component communication (ICC) framework (standard for most attacks). We also performed a usability test to evaluate the impact of XManDroid on the user-experience with third party applications. Moreover, we analyze sources of false positives and discuss how this rate can be further significantly reduced.
  @inproceedings{BDDFS2011, abstract = {Google Android has become a popular mobile operating system which is increasingly deployed by mobile device manufactures for various platforms. Recent attacks show that Android’s permission framework is vulnerable to application-level privilege escalation attacks, i.e., an application may indirectly gain privileges to perform unauthorized actions.The existing proposals for security extensions to Android’s middle-ware (e.g., Kirin, Saint, TaintDroid, or QUIRE) can-not fully and adequately mitigate these attacks or detect Trojans such as Soundcomber that exploit covert channels in the Android system. In this paper we present the design and implementation of XManDroid(eXtended Monitoring on Android), a security framework that extends the monitoring mechanism of Android to detect and prevent application-level privilege escalation attacks at runtime based on a system-centric system policy. Our implementation dynamically analyzes applications’ transitive permission usage while inducing a minimal performance overhead unnoticeable for the user.Depending on system policy our system representation al-lows for an effective detection of (covert) channels established through the Android system services and content providers while simultaneously optimizing the rate of false positives.We evaluate the effectiveness of XManDroidon our test suite that simulates known application-level privilege escalation attacks (including Soundcomber), and demonstrate successful detection of attacks that use Android’s inter-component communication (ICC) framework (standard for most attacks). We also performed a usability test to evaluate the impact of XManDroid on the user-experience with third party applications. Moreover, we analyze sources of false positives and discuss how this rate can be further significantly reduced.}, author = {Bugiel, Sven and Davi, Lucas and Dmitrienko, Alexandra and Fischer, Thomas and Sadeghi, Ahmad-Reza}, howpublished = {\url{http://www.trust.informatik.tu-darmstadt.de/publications/publication-details/?no_cache=1&tx_bibtex_pi1%5Bpub_id%5D=TUD-CS-2011-0127}}, institution = {Ruhr-University Bochum, System Security Lab}, keywords = {Technical-Reports myown sss-group}, month = {April}, number = {TR-2011-04}, title = {{XManDroid}: A New {Android} Evolution to Mitigate Privilege Escalation Attacks}, year = 2011 }
• Trusted embedded System Operating System (TeSOS) -- Study and Design. Dmitrienko, Alexandra; Gessner, Dennis; Sadeghi, Ahmad-Reza; Schulz, Steffen; Stueble, Christian; Ullmann, Markus; (2011).
  [ BibTeX ] [ Download ]
   
  @inproceedings{SSDSDU2011, author = {Dmitrienko, Alexandra and Gessner, Dennis and Sadeghi, Ahmad-Reza and Schulz, Steffen and Stueble, Christian and Ullmann, Markus}, howpublished = {\url{http://www.trust.informatik.tu-darmstadt.de/fileadmin/user_upload/Group_TRUST/projects/TeSOS_Study.pdf}}, institution = {Ruhr-University Bochum, System Security Lab}, keywords = {Technical-Reports myown sss-group}, month = {April}, number = {HGI-TR-2011-004}, title = {Trusted embedded System Operating System {(TeSOS)} – Study and Design}, year = 2011 }
• POSTER: The Quest for Security against Privilege Escalation Attacks on Android. Bugiel, Sven; Davi, Lucas; Dmitrienko, Alexandra; Fischer, Thomas; Sadeghi, Ahmad-Reza; Shastry, Bhargava; in ACM Conference on Computer and Communications Security (CCS) (2011).
  [ Abstract ] [ BibTeX ] [ Download ]
   
  In this paper we present the design and implementation of a security framework that extends the reference monitor of the Android middleware and deploys a mandatory access control on Linux kernel (based on Tomoyo [9]) aiming at detecting and preventing application-level privilege escalation attacks at runtime. In contrast to existing solutions, our framework is system-centric, efficient, detects attacks that involve communication channels controlled by both, Android middleware and the Linux kernel (particularly, Binder IPC, Internet sockets and file system). It can prevent known confused deputy attacks without false positives and is also flexible enough to prevent unknown confused deputy attack sand attacks by colluding applications (e.g., Soundcomber [11])at the cost of a small rate of false positives
  @inproceedings{TUD-CS-2011-0211, abstract = {In this paper we present the design and implementation of a security framework that extends the reference monitor of the Android middleware and deploys a mandatory access control on Linux kernel (based on Tomoyo [9]) aiming at detecting and preventing application-level privilege escalation attacks at runtime. In contrast to existing solutions, our framework is system-centric, efficient, detects attacks that involve communication channels controlled by both, Android middleware and the Linux kernel (particularly, Binder IPC, Internet sockets and file system). It can prevent known confused deputy attacks without false positives and is also flexible enough to prevent unknown confused deputy attack sand attacks by colluding applications (e.g., Soundcomber [11])at the cost of a small rate of false positives}, author = {Bugiel, Sven and Davi, Lucas and Dmitrienko, Alexandra and Fischer, Thomas and Sadeghi, Ahmad-Reza and Shastry, Bhargava}, booktitle = {ACM Conference on Computer and Communications Security (CCS)}, keywords = {International-Conference-Workshop-Papers-Book-Chapters sss-group}, month = {October}, publisher = {ACM}, title = {{POSTER}: The Quest for Security against Privilege Escalation Attacks on {Android}}, year = 2011 }
• POSTER: Control-Flow Integrity for Smartphones. Davi, Lucas; Dmitrienko, Alexandra; Egele, Manuel; Fischer, Thomas; Holz, Thorsten; Hund, Ralf; Nürnberger, Stefan; Sadeghi, Ahmad-Reza; in ACM Conference on Computer and Communications Security (CCS) (2011).
  [ BibTeX ] [ Download ]
   
  @inproceedings{TUD-CS-2011-0210, author = {Davi, Lucas and Dmitrienko, Alexandra and Egele, Manuel and Fischer, Thomas and Holz, Thorsten and Hund, Ralf and N{ü}rnberger, Stefan and Sadeghi, Ahmad-Reza}, booktitle = {ACM Conference on Computer and Communications Security (CCS)}, keywords = {International-Conference-Workshop-Papers-Book-Chapters sss-group}, month = {October}, publisher = {ACM}, title = {{POSTER}: Control-Flow Integrity for Smartphones}, year = 2011 }
• A Security Architecture for Accessing Health Records on Mobile Phones. Dmitrienko, Alexandra; Hadzic, Zecir; Löhr, Hans; Sadeghi, Ahmad-Reza; Winandy, Marcel; in International Conference on Health Informatics (HEALTHINF) (2011).
  [ Abstract ] [ BibTeX ] [ Download ]
   
  Using mobile phones to access healthcare data is an upcoming application scenario of increasing importance in the near future. However, important aspects to consider in this context are the high security and privacy requirements for sensitive medical data. Current mobile phones using standard operating systems and software cannot offer appropriate protection for sensitive data, although the hardware platform often offers dedicated security features. Malicious software (malware) like Trojan horses on the mobile phone could gain unauthorized access to sensitive medical data.In this paper, we propose a complete security framework to protect medical data (such as electronic health records) and authentication credentials that are used to access e-health servers. Derived from a generic architecture that can be used for PCs, we introduce a security architecture specifically for mobile phones, based on existing hardware security extensions. We describe security building blocks, including trusted hardware features, a security kernel providing isolated application environments as well as a secure graphical user interface, and a trusted wallet (TruWallet) for secure authentication to e-health servers. Moreover, we present a prototype implementation of the trusted wallet on a current smartphone: the Nokia N900. Based on our architecture, health care professionals can safely and securely process medical data on their mobile phones without the risk of disclosing sensitive information as compared to commodity mobile operating systems.
  @inproceedings{DLSW2011, abstract = {Using mobile phones to access healthcare data is an upcoming application scenario of increasing importance in the near future. However, important aspects to consider in this context are the high security and privacy requirements for sensitive medical data. Current mobile phones using standard operating systems and software cannot offer appropriate protection for sensitive data, although the hardware platform often offers dedicated security features. Malicious software (malware) like Trojan horses on the mobile phone could gain unauthorized access to sensitive medical data.In this paper, we propose a complete security framework to protect medical data (such as electronic health records) and authentication credentials that are used to access e-health servers. Derived from a generic architecture that can be used for PCs, we introduce a security architecture specifically for mobile phones, based on existing hardware security extensions. We describe security building blocks, including trusted hardware features, a security kernel providing isolated application environments as well as a secure graphical user interface, and a trusted wallet (TruWallet) for secure authentication to e-health servers. Moreover, we present a prototype implementation of the trusted wallet on a current smartphone: the Nokia N900. Based on our architecture, health care professionals can safely and securely process medical data on their mobile phones without the risk of disclosing sensitive information as compared to commodity mobile operating systems.}, author = {Dmitrienko, Alexandra and Hadzic, Zecir and L{ö}hr, Hans and Sadeghi, Ahmad-Reza and Winandy, Marcel}, booktitle = {International Conference on Health Informatics (HEALTHINF)}, keywords = {sys:relevantfor:sss-group International-Conference-Workshop-Papers-Book-Chapters myown sss-group}, month = {October}, title = {A Security Architecture for Accessing Health Records on Mobile Phones}, year = 2011 }
• CFI Goes Mobile: Control-Flow Integrity for Smartphones. Davi, Lucas; Dmitrienko, Alexandra; Egele, Manuel; Fischer, Thomas; Holz, Thorsten; Hund, Ralf; Nürnberger, Stefan; Sadeghi, Ahmad-Reza; in International Workshop on Trustworthy Embedded Devices (TrustED) (2011).
  [ Abstract ] [ BibTeX ] [ Download ]
   
  Despite extensive research over the last two decades, control-flow (or runtime) attacks on software are still prevalent. Recently, smart-phones, of which millions are in use today, have become an attractive target for adversaries. However, existing solutions are either ad-hoc or limited in their effectiveness.In this paper, we present a general countermeasure against control-flow attacks on smartphone platforms. Our approach makes use of control-flow integrity(CFI), and tackles unique challenges of the ARM architecture and smartphone platforms (e.g., application encryption and signing,closed-source OS). Our framework and implementation is efficient, since it requires no access to source code, performs CFI enforcement on-the-fly during runtime, and is compatible to memory randomization (e.g.,ASLR) and code signing/encryption. We chose Apple iPhone for our reference implementation, because it has become an attractive target for control-flow attacks due to its wide spread deployment of native code.Our performance evaluation on a real iOS device demonstrates that our implementation does not induce any notable overhead when applied to popular iOS applications.
  @inproceedings{TUD-CS-2011-0281, abstract = {Despite extensive research over the last two decades, control-flow (or runtime) attacks on software are still prevalent. Recently, smart-phones, of which millions are in use today, have become an attractive target for adversaries. However, existing solutions are either ad-hoc or limited in their effectiveness.In this paper, we present a general countermeasure against control-flow attacks on smartphone platforms. Our approach makes use of control-flow integrity(CFI), and tackles unique challenges of the ARM architecture and smartphone platforms (e.g., application encryption and signing,closed-source OS). Our framework and implementation is efficient, since it requires no access to source code, performs CFI enforcement on-the-fly during runtime, and is compatible to memory randomization (e.g.,ASLR) and code signing/encryption. We chose Apple iPhone for our reference implementation, because it has become an attractive target for control-flow attacks due to its wide spread deployment of native code.Our performance evaluation on a real iOS device demonstrates that our implementation does not induce any notable overhead when applied to popular iOS applications.}, author = {Davi, Lucas and Dmitrienko, Alexandra and Egele, Manuel and Fischer, Thomas and Holz, Thorsten and Hund, Ralf and N{ü}rnberger, Stefan and Sadeghi, Ahmad-Reza}, booktitle = {International Workshop on Trustworthy Embedded Devices (TrustED)}, keywords = {International-Conference-Workshop-Papers-Book-Chapters myown sss-group}, month = {September}, title = {{CFI} Goes Mobile: Control-Flow Integrity for Smartphones}, year = 2011 }
• Trusted Virtual Domains on OKL4: Secure Information Sharing on Smartphones. Davi, Lucas; Dmitrienko, Alexandra; Kowalski, Christoph; Winandy, Marcel; in ACM Workshop on Scalable Trusted Computing (ACM STC) (2011).
  [ Abstract ] [ BibTeX ] [ Download ]
   
  The flexibility and computing power of modern smartphones to install and execute various applications allows for a rich user experience but also imposes several security concerns.Smartphones that are used both for private and corporate purposes do not separate the data and applications of different security domains, and users are usually too unskilled to deploy and configure extra security mechanisms. Hence,data leakage and unwanted information flow may occur.In this paper we present the design and implementation of the Trusted Virtual Domain (TVD) security architecture for smartphones. The TVD concept separates data and applications of different security domains and automates the security configuration on devices. In particular, we build our solution on top of the OKL4 microkernel, which provides the basic isolation properties, and extend it with a framework that realizes the TVD policy enforcement for Android operating systems. Our results show that the TVD security architecture can be built and used on modern smartphones,but there are also limitations that current security kernels like OKL4 have to address to improve the user experience.
  @inproceedings{TUD-CS-2011-0217, abstract = {The flexibility and computing power of modern smartphones to install and execute various applications allows for a rich user experience but also imposes several security concerns.Smartphones that are used both for private and corporate purposes do not separate the data and applications of different security domains, and users are usually too unskilled to deploy and configure extra security mechanisms. Hence,data leakage and unwanted information flow may occur.In this paper we present the design and implementation of the Trusted Virtual Domain (TVD) security architecture for smartphones. The TVD concept separates data and applications of different security domains and automates the security configuration on devices. In particular, we build our solution on top of the OKL4 microkernel, which provides the basic isolation properties, and extend it with a framework that realizes the TVD policy enforcement for Android operating systems. Our results show that the TVD security architecture can be built and used on modern smartphones,but there are also limitations that current security kernels like OKL4 have to address to improve the user experience.}, author = {Davi, Lucas and Dmitrienko, Alexandra and Kowalski, Christoph and Winandy, Marcel}, booktitle = {ACM Workshop on Scalable Trusted Computing (ACM STC)}, keywords = {International-Conference-Workshop-Papers-Book-Chapters myown sss-group}, month = {October}, publisher = {ACM Press}, title = {Trusted Virtual Domains on {OKL4}: Secure Information Sharing on Smartphones}, year = 2011 }
• Practical and Lightweight Domain Isolation on Android. Bugiel, Sven; Davi, Lucas; Dmitrienko, Alexandra; Heuser, Stephan; Sadeghi, Ahmad-Reza; Shastry, Bhargava; in ACM Workshop on Security and Privacy in Mobile Devices (SPSM) (2011).
  [ Abstract ] [ BibTeX ] [ Download ]
   
  In this paper, we introduce a security framework for practical and lightweight domain isolation on Android to mitigate unauthorized data access and communication among applications of different trust levels (e.g., private and corporate). We present the design and implementation of our framework,TrustDroid, which in contrast to existing solutions enables isolation at different layers of the Android software stack:(1) at the middleware layer to prevent inter-domain application communication and data access, (2) at the kernel layer to enforce mandatory access control on the file system and on InterProcess Communication (IPC) channels, and (3) at the network layer to mediate network traffic. For instance, (3)allows network data to be only read by a particular domain,or enables basic context-based policies such as preventing Internet access by untrusted applications while an employee is connected to the company’s network.Our approach accurately addresses the demands of the business world, namely to isolate data and applications of different trust levels in a practical and lightweight way. More-over, our solution is the first leveraging mandatory access control with TOMOYO Linux on a real Android device(Nexus One). Our evaluation demonstrates that TrustDroidonly adds a negligible overhead, and in contrast to contemporary full virtualization, only minimally affects the battery’s life-time.
  @inproceedings{TUD-CS-2011-0218, abstract = {In this paper, we introduce a security framework for practical and lightweight domain isolation on Android to mitigate unauthorized data access and communication among applications of different trust levels (e.g., private and corporate). We present the design and implementation of our framework,TrustDroid, which in contrast to existing solutions enables isolation at different layers of the Android software stack:(1) at the middleware layer to prevent inter-domain application communication and data access, (2) at the kernel layer to enforce mandatory access control on the file system and on InterProcess Communication (IPC) channels, and (3) at the network layer to mediate network traffic. For instance, (3)allows network data to be only read by a particular domain,or enables basic context-based policies such as preventing Internet access by untrusted applications while an employee is connected to the company’s network.Our approach accurately addresses the demands of the business world, namely to isolate data and applications of different trust levels in a practical and lightweight way. More-over, our solution is the first leveraging mandatory access control with TOMOYO Linux on a real Android device(Nexus One). Our evaluation demonstrates that TrustDroidonly adds a negligible overhead, and in contrast to contemporary full virtualization, only minimally affects the battery’s life-time.}, author = {Bugiel, Sven and Davi, Lucas and Dmitrienko, Alexandra and Heuser, Stephan and Sadeghi, Ahmad-Reza and Shastry, Bhargava}, booktitle = {ACM Workshop on Security and Privacy in Mobile Devices (SPSM)}, keywords = {International-Conference-Workshop-Papers-Book-Chapters sss-group}, month = {October}, publisher = {ACM Press}, title = {Practical and Lightweight Domain Isolation on {Android}}, year = 2011 }
• Securing the Access to Electronic Health Records on Mobile Phones. Dmitrienko, Alexandra; Hadzic, Zecir; Löhr, Hans; Sadeghi, Ahmad-Reza; Winandy, Marcel; in Biomedical Engineering Systems and Technologies (BIOSTEC) (2011).
  [ Abstract ] [ BibTeX ] [ Download ]
   
  Mobile phones are increasingly used in the e-health domain.In this context, enabling secure access to health records from mobile de-vices is of particular importance because of the high security and privacy requirements for sensitive medical data. Standard operating systems and software, as they are deployed on current smartphones, cannot protect sensitive data appropriately, even though modern mobile hardware plat-forms often provide dedicated security features. Current mobile phones are prone to attacks by malicious software, which might gain unauthorized access to sensitive medical data.In this paper, we present a security architecture for the protection of electronic health records and authentication credentials that are used to access e-health services. Our architecture is derived from a generic solution and tailored specifically to current mobile platforms with hardware security extensions. Authentication data are protected by a trusted wallet (TruWallet), which leverages trusted hardware features of the phone and isolated application environments provided by a secure operating system. A separate application environment is used to provide runtime protection of medical data. Furthermore, we present a prototype implementation of TruWallet on the Nokia N900 mobile phone. In contrast to commodity systems, our architecture enables healthcare professionals to securely access medical data on their mobile devices without the risk of disclosing sensitive information.
  @inproceedings{DLSW2011b, abstract = {Mobile phones are increasingly used in the e-health domain.In this context, enabling secure access to health records from mobile de-vices is of particular importance because of the high security and privacy requirements for sensitive medical data. Standard operating systems and software, as they are deployed on current smartphones, cannot protect sensitive data appropriately, even though modern mobile hardware plat-forms often provide dedicated security features. Current mobile phones are prone to attacks by malicious software, which might gain unauthorized access to sensitive medical data.In this paper, we present a security architecture for the protection of electronic health records and authentication credentials that are used to access e-health services. Our architecture is derived from a generic solution and tailored specifically to current mobile platforms with hardware security extensions. Authentication data are protected by a trusted wallet (TruWallet), which leverages trusted hardware features of the phone and isolated application environments provided by a secure operating system. A separate application environment is used to provide runtime protection of medical data. Furthermore, we present a prototype implementation of TruWallet on the Nokia N900 mobile phone. In contrast to commodity systems, our architecture enables healthcare professionals to securely access medical data on their mobile devices without the risk of disclosing sensitive information.}, author = {Dmitrienko, Alexandra and Hadzic, Zecir and L{ö}hr, Hans and Sadeghi, Ahmad-Reza and Winandy, Marcel}, booktitle = {Biomedical Engineering Systems and Technologies (BIOSTEC)}, keywords = {sys:relevantfor:sss-group International-Conference-Workshop-Papers-Book-Chapters sss-group}, title = {Securing the Access to Electronic Health Records on Mobile Phones}, year = 2011 }

2010

• Return-Oriented Programming without Returns. Checkoway, Stephen; Davi, Lucas; Dmitrienko, Alexandra; Sadeghi, Ahmad-Reza; Shacham, Hovav; Winandy, Marcel; in ACM Conference on Computer and Communications Security (CCS) (2010).
  [ Abstract ] [ BibTeX ] [ Download ]
   
  We show that on both the x86 and ARM architectures it is possible to mount return-oriented programming attacks without using return instructions. Our attacks instead make use of certain instruction sequences that behave like a return, which occur with sufficient frequency in large libraries on (x86) Linux and (ARM) Android to allow creation of Turing-complete gadget sets. Because they do not make use of return instructions, our new attacks have negative implications for several recently proposed classes of defense against return-oriented programming: those that detect the too-frequent use of returns in the instruction stream; those that detect violations of the last-in, first-out invariant normally maintained for the return-address stack; and those that modify compilers to produce code that avoids the return instruction.
  @inproceedings{CDDSSW2010, abstract = {We show that on both the x86 and ARM architectures it is possible to mount return-oriented programming attacks without using return instructions. Our attacks instead make use of certain instruction sequences that behave like a return, which occur with sufficient frequency in large libraries on (x86) Linux and (ARM) Android to allow creation of Turing-complete gadget sets. Because they do not make use of return instructions, our new attacks have negative implications for several recently proposed classes of defense against return-oriented programming: those that detect the too-frequent use of returns in the instruction stream; those that detect violations of the last-in, first-out invariant normally maintained for the return-address stack; and those that modify compilers to produce code that avoids the return instruction.}, author = {Checkoway, Stephen and Davi, Lucas and Dmitrienko, Alexandra and Sadeghi, Ahmad-Reza and Shacham, Hovav and Winandy, Marcel}, booktitle = {ACM Conference on Computer and Communications Security (CCS)}, keywords = {International-Conference-Workshop-Papers-Book-Chapters sss-group}, month = {October}, title = {Return-Oriented Programming without Returns}, year = 2010 }
• Key Attestation from Trusted Execution Environments. Kostiainen, Kari; Dmitrienko, Alexandra; Ekberg, Jan-Erik; Sadeghi, Ahmad-Reza; Asokan, N.; in International Conference on Trust and Trustworthy Computing (TRUST) (2010).
  [ Abstract ] [ BibTeX ] [ Download ]
   
  Credential platforms implemented on top of Trusted Execution Environments3(TrEEs) allow users to store and use their credentials, e.g., cryptographic keys or user passwords, securely. One important requirement for a TrEE-based credential platform is the ability to attest that a credential has been created and is kept within the TrEE. Credential properties, such as usage permissions, should be also attested.Existing attestation mechanisms are limited to attesting which applications outside the TrEE are authorized to use the credential. In this paper we describe a novel key attestation mechanism that allows attestation of both TrEE internal and external key usage permissions. We have implemented this attestation mechanism for mobile phones with M-Shield TrEE.
  @inproceedings{KDESA2010, abstract = {Credential platforms implemented on top of Trusted Execution Environments3(TrEEs) allow users to store and use their credentials, e.g., cryptographic keys or user passwords, securely. One important requirement for a TrEE-based credential platform is the ability to attest that a credential has been created and is kept within the TrEE. Credential properties, such as usage permissions, should be also attested.Existing attestation mechanisms are limited to attesting which applications outside the TrEE are authorized to use the credential. In this paper we describe a novel key attestation mechanism that allows attestation of both TrEE internal and external key usage permissions. We have implemented this attestation mechanism for mobile phones with M-Shield TrEE.}, author = {Kostiainen, Kari and Dmitrienko, Alexandra and Ekberg, Jan-Erik and Sadeghi, Ahmad-Reza and Asokan, N.}, booktitle = {International Conference on Trust and Trustworthy Computing (TRUST)}, keywords = {myown sss-group}, month = {June}, title = {Key Attestation from Trusted Execution Environments}, year = 2010 }
• Privilege Escalation Attacks on Android. Davi, Lucas; Dmitrienko, Alexandra; Sadeghi, Ahmad-Reza; Winandy, Marcel; in Information Security Conference (ISC) (2010).
  [ Abstract ] [ BibTeX ] [ Download ]
   
  Android is a modern and popular software platform for smart-phones. Among its predominant features is an advanced security model which is based on application-oriented mandatory access control and sandboxing. This allows developers and users to restrict the execution of an application to the privileges it has (mandatorily) assigned at installation time. The exploitation of vulnerabilities in program code is hence believed to be confined within the privilege boundaries of an application’s sandbox. However, in this paper we show that a privilege escalation at-tack is possible. We show that a genuine application exploited at runtime or a malicious application can escalate granted permissions. Our results immediately imply that Android’s security model cannot deal with a transitive permission usage attack and Android’s sandbox model fails as a last resort against malware and sophisticated runtime attacks.
  @inproceedings{DDSW2010b, abstract = {Android is a modern and popular software platform for smart-phones. Among its predominant features is an advanced security model which is based on application-oriented mandatory access control and sandboxing. This allows developers and users to restrict the execution of an application to the privileges it has (mandatorily) assigned at installation time. The exploitation of vulnerabilities in program code is hence believed to be confined within the privilege boundaries of an application’s sandbox. However, in this paper we show that a privilege escalation at-tack is possible. We show that a genuine application exploited at runtime or a malicious application can escalate granted permissions. Our results immediately imply that Android’s security model cannot deal with a transitive permission usage attack and Android’s sandbox model fails as a last resort against malware and sophisticated runtime attacks.}, author = {Davi, Lucas and Dmitrienko, Alexandra and Sadeghi, Ahmad-Reza and Winandy, Marcel}, booktitle = {Information Security Conference (ISC)}, keywords = {myown sss-group}, month = {October}, title = {Privilege Escalation Attacks on {Android}}, year = 2010 }
• TruWalletM: Secure Web Authentication on Mobile Platforms. Bugiel, Sven; Dmitrienko, Alexandra; Kostiainen, Kari; Sadeghi, Ahmad-Reza; Winandy, Marcel; in International Conference on Trusted Systems (INTRUST) (2010).
  [ Abstract ] [ BibTeX ] [ Download ]
   
  Mobile phones are increasingly used as general purpose computing devices with permanent Internet connection. This imposes several threats as the phone operating system (OS) is typically derived from desktop counterparts and, hence, inherits the same or similar security shortcomings. In particular, the protection of login credentials when accessing web services becomes crucial under phishing and malware at-tacks. On the other hand many modern mobile phones provide hardware-supported security mechanisms currently unused by most phone OSs.In this paper, we show how to use these mechanisms, in particular trusted execution environments, to protect the user’s login credentials.We present the design and implementation proposal (based on NokiaN900 mobile platform) of TruWalletM, a wallet-like password manager and authentication agent towards the protection of login credentials ona mobile phone without the need to trust the whole OS software. We preserve compatibility to existing standard web authentication mechanisms.
  @inproceedings{BDKSW2010, abstract = {Mobile phones are increasingly used as general purpose computing devices with permanent Internet connection. This imposes several threats as the phone operating system (OS) is typically derived from desktop counterparts and, hence, inherits the same or similar security shortcomings. In particular, the protection of login credentials when accessing web services becomes crucial under phishing and malware at-tacks. On the other hand many modern mobile phones provide hardware-supported security mechanisms currently unused by most phone OSs.In this paper, we show how to use these mechanisms, in particular trusted execution environments, to protect the user’s login credentials.We present the design and implementation proposal (based on NokiaN900 mobile platform) of TruWalletM, a wallet-like password manager and authentication agent towards the protection of login credentials ona mobile phone without the need to trust the whole OS software. We preserve compatibility to existing standard web authentication mechanisms.}, author = {Bugiel, Sven and Dmitrienko, Alexandra and Kostiainen, Kari and Sadeghi, Ahmad-Reza and Winandy, Marcel}, booktitle = {International Conference on Trusted Systems (INTRUST)}, keywords = {International-Conference-Workshop-Papers-Book-Chapters sss-group}, month = {December}, title = {{TruWalletM}: Secure Web Authentication on Mobile Platforms}, year = 2010 }
• Return-Oriented Programming without Returns on ARM. Davi, Lucas; Dmitrienko, Alexandra; Sadeghi, Ahmad-Reza; Winandy, Marcel; (2010).
  [ Abstract ] [ BibTeX ] [ Download ]
   
  n this paper we present a novel and general attack method on ARM-based computing platforms.Our attack deploys the principles of return-oriented programming (ROP). However, in contrast to conventional ROP, our attack exploits jumps instead of return addresses, and hence it can circumvent return address checkers. We show that our attack is Turing-complete and can induce arbitrary change of behavior in running programs without any code injection. We instantiate our attack method on the Android platform. We present an attack example that succeeds to send unauthorized text messages(SMS) and phone calls to high-cost numbers from a user’s device. To achieve this result, our attack(i) modifies program behavior without code injection, and (ii) abuses permissions assigned to an application.
  @inproceedings{DDSW2010a, abstract = {n this paper we present a novel and general attack method on ARM-based computing platforms.Our attack deploys the principles of return-oriented programming (ROP). However, in contrast to conventional ROP, our attack exploits jumps instead of return addresses, and hence it can circumvent return address checkers. We show that our attack is Turing-complete and can induce arbitrary change of behavior in running programs without any code injection. We instantiate our attack method on the Android platform. We present an attack example that succeeds to send unauthorized text messages(SMS) and phone calls to high-cost numbers from a user’s device. To achieve this result, our attack(i) modifies program behavior without code injection, and (ii) abuses permissions assigned to an application.}, author = {Davi, Lucas and Dmitrienko, Alexandra and Sadeghi, Ahmad-Reza and Winandy, Marcel}, howpublished = {\url{http://www.trust.rub.de/media/trust/veroeffentlichungen/2010/07/21/ROP-without-Returns-on-ARM.pdf}}, institution = {Ruhr-University Bochum, System Security Lab}, keywords = {Technical-Reports myown sss-group}, month = {April}, number = {HGI-TR-2010-002}, title = {Return-Oriented Programming without Returns on {ARM}}, year = 2010 }

2009

• Trusted Virtual Domains - Design, Implementation and Lessons Learned. Catuogno, Luigi; Dmitrienko, Alexandra; Sadeghi, Ahmad-Reza; Schulz, Steffen; Winandy, Marcel; Zhan, Jing; Eriksson, Konrad; Kuhlmann, Dirk; Ramunno, Gianluca; Schunter, Matthias; in International Conference on Trusted Systems (INTRUST) (2009).
  [ Abstract ] [ BibTeX ] [ Download ]
   
  A Trusted Virtual Domain (TVD) is a coalition of virtual machines and resources (e.g., network, storage) that are distributed over multiple physical platforms and share a common security policy. The concept of TVDs and their usage scenarios have been studied extensively. However, details on certain implementation aspects have not been explored in depth yet, such as secure policy deployment and integration of heterogeneous virtualization and trusted computing technologies. In this paper, we present implementation aspects of the life cycle management of TVDs. We describe the components and protocols necessary to realize the TVD design on a cross-platform architecture and present our prototype implementation for the Xen and L4 microkernel platforms.In particular, we discuss the need for and the realization of intra-TVD access control, a hypervisor abstraction layer for simplified TVD management, necessary components of a TVD policy and revocation issues.We believe that these integration details are essential and helpful inputs for any large-scale real-world deployment of TVD.
  @inproceedings{CDSSWZEKRS09, abstract = {A Trusted Virtual Domain (TVD) is a coalition of virtual machines and resources (e.g., network, storage) that are distributed over multiple physical platforms and share a common security policy. The concept of TVDs and their usage scenarios have been studied extensively. However, details on certain implementation aspects have not been explored in depth yet, such as secure policy deployment and integration of heterogeneous virtualization and trusted computing technologies. In this paper, we present implementation aspects of the life cycle management of TVDs. We describe the components and protocols necessary to realize the TVD design on a cross-platform architecture and present our prototype implementation for the Xen and L4 microkernel platforms.In particular, we discuss the need for and the realization of intra-TVD access control, a hypervisor abstraction layer for simplified TVD management, necessary components of a TVD policy and revocation issues.We believe that these integration details are essential and helpful inputs for any large-scale real-world deployment of TVD.}, author = {Catuogno, Luigi and Dmitrienko, Alexandra and Sadeghi, Ahmad-Reza and Schulz, Steffen and Winandy, Marcel and Zhan, Jing and Eriksson, Konrad and Kuhlmann, Dirk and Ramunno, Gianluca and Schunter, Matthias}, booktitle = {International Conference on Trusted Systems (INTRUST)}, keywords = {International-Conference-Workshop-Papers-Book-Chapters myown sss-group}, month = {December}, title = {Trusted Virtual Domains - Design, Implementation and Lessons Learned}, year = 2009 }

2007

• Zigbee-to-TCP/IP Gateway: New Opportunities for ZigBee-based Sensor Networks. Dmitrienko, Alexandra; in International Workshop on Ambient Intelligence and Embedded Systems (AmiEs) (2007).
  [ BibTeX ]
   
  @inproceedings{AD2007, author = {Dmitrienko, Alexandra}, booktitle = {International Workshop on Ambient Intelligence and Embedded Systems (AmiEs)}, keywords = {International-Conference-Workshop-Papers-Book-Chapters myown sss-group}, month = {September}, title = {{Zigbee-to-TCP/IP} Gateway: New Opportunities for {ZigBee-based} Sensor Networks}, year = 2007 }

2006

• WIZnet W3150A network co-processor: New features for embedded devices. Dmitrienko, Alexandra; in Components and Technologies (2006).
  [ BibTeX ]
   
  @article{AD2006, author = {Dmitrienko, Alexandra}, journal = {Components and Technologies}, keywords = {sys:relevantfor:sss-group Journal-and-Magazine-Articles sss-group}, title = {WIZnet {W3150A} network co-processor: New features for embedded devices}, year = 2006 }