Publications

2023[ to top ]

AuthentiSense: A Scalable Behavioral Biometrics Authentication Scheme using Few-Shot Learning for Mobile Platforms. Fereidooni, Hossein; König, Jan; Rieger, Philipp; Chilese, Markus; Finke, Moritz; Goekbakan, Bora; Dmitrienko, Alexandra; Sadeghi, Ahmad-Reza; in To appear at the Network and Distributed System Security Symposium (NDSS) (2023).
- [ BibTeX ]
- [ BibSonomy-Post ]
@article{hossein2023authentisense, author = {Fereidooni, Hossein and König, Jan and Rieger, Philipp and Chilese, Markus and Finke, Moritz and Goekbakan, Bora and Dmitrienko, Alexandra and Sadeghi, Ahmad-Reza}, journal = {To appear at the Network and Distributed System Security Symposium (NDSS)}, keywords = {sss-group}, title = {AuthentiSense: A Scalable Behavioral Biometrics Authentication Scheme using Few-Shot Learning for Mobile Platforms}, year = 2023 }

2022[ to top ]

A Survey on Secure Group Communication Schemes with Focus on IoT Communication. Prantl, Thomas; Zeck, Timo; Bauer, André; Ten, Peter; Prantl, Dominik; Ben Yahya, Ala Eddine; Iffländer, Lukas; Dmitrienko, Alexandra; Krupitzer, Christian; Kounev, Samuel; in IEEE Access (2022).
- [ BibTeX ]
- [ URL ]
- [ BibSonomy-Post ]
@article{PrZeBaTePrYaIfDmKrKo_IEEEAccess_SGCSurvey, author = {Prantl, Thomas and Zeck, Timo and Bauer, André and Ten, Peter and Prantl, Dominik and Ben Yahya, Ala Eddine and Iffländer, Lukas and Dmitrienko, Alexandra and Krupitzer, Christian and Kounev, Samuel}, journal = {IEEE Access}, keywords = {sssgroup}, publisher = {IEEE}, title = {A Survey on Secure Group Communication Schemes with Focus on IoT Communication}, year = 2022 }
Ransomware Detection in Databases through Dynamic Analysis of Query Sequences. Sendner, Christoph; Iffländer, Lukas; Schindler, Sebastian; Jobst, Michael; Dmitrienko, Alexandra; Kounev, Samuel; in IEEE Conference on Communications and Network Security (CNS) (2022).
- [ BibTeX ]
- [ BibSonomy-Post ]
@conference{sendner2022ransomware, author = {Sendner, Christoph and Iffländer, Lukas and Schindler, Sebastian and Jobst, Michael and Dmitrienko, Alexandra and Kounev, Samuel}, booktitle = {IEEE Conference on Communications and Network Security (CNS)}, keywords = {sss-group}, title = {Ransomware Detection in Databases through Dynamic Analysis of Query Sequences}, year = 2022 }
Contact Discovery in Mobile Messengers: Low-cost Attacks, Quantitative Analyses, and Efficient Mitigations. Hagen, Christoph; Weinert, Christian; Sendner, Christoph; Dmitrienko, Alexandra; Schneider, Thomas; in ACM Transactions on Privacy and Security (2022).
- [ BibTeX ]
- [ BibSonomy-Post ]
@article{hagen2022contact, author = {Hagen, Christoph and Weinert, Christian and Sendner, Christoph and Dmitrienko, Alexandra and Schneider, Thomas}, journal = {ACM Transactions on Privacy and Security}, keywords = {sss-group}, title = {Contact Discovery in Mobile Messengers: Low-cost Attacks, Quantitative Analyses, and Efficient Mitigations}, year = 2022 }
An Experience Report on the Suitability of a Distributed Group Encryption Scheme for an IoT Use Case. Prantl, Thomas; Engel, Simon; Bauer, Andre; Ben Yahya, Ala Eddine; Herrnleben, Stefan; Iffländer, Lukas; Dmitrienko, Alexandra; Kounev, Samuel; in IEEE 95th Vehicular Technology Conference (VTC) (2022).
- [ BibTeX ]
- [ BibSonomy-Post ]
@inproceedings{PrEnBaAlHeIfDmKo2022-IoT/CPS-DistributedGroupEncryption, author = {Prantl, Thomas and Engel, Simon and Bauer, Andre and Ben Yahya, Ala Eddine and Herrnleben, Stefan and Iffländer, Lukas and Dmitrienko, Alexandra and Kounev, Samuel}, booktitle = {IEEE 95th Vehicular Technology Conference (VTC)}, keywords = {sss-group}, organization = {IEEE}, title = {An Experience Report on the Suitability of a Distributed Group Encryption Scheme for an IoT Use Case}, year = 2022 }
SCRAPS: Scalable Collective Remote Attestation for Pub-Sub IoT Networks with Untrusted Proxy Verifier. Petzi, Lukas; Ben Yahya, Ala Eddine; Dmitrienko, Alexandra; Tsudik, Gene; Prantl, Thomas; Kounev, Samuel; in USENIX Security (2022).
- [ Abstract ]
- [ BibTeX ]
- [ BibSonomy-Post ]
Remote Attestation (RA) is a basic security mechanism that detects malicious presence on various types of computing components, e.g., IoT devices. In a typical IoT setting, RA involves a trusted Verifier that sends a challenge to an untrusted remote Prover, which must in turn reply with a fresh and authentic evidence of being in a trustworthy state. However,most current RA schemes assume a central Verifier, which rep-resents a single point of failure. This feature is problematic when mutually suspicious stakeholders are involved. Furthermore, scalability issues arise as the number of IoT devices (Provers) grows. Although some RA schemes allow peer Provers to act as Verifiers, they involve unrealistic (for IoT devices) requirements, such as time synchronization and synchronous communication. Moreover, they incur heavy memory, computation,and communication burdens, while not considering sleeping or otherwise disconnected devices. Motivated by the need to address these limitations, we construct Scalable Collective Remote Attestation for Pub-Sub (SCRAPS), a novel collective RA scheme. It achieves scalability by outsourcing Verifier duties to a smart contract and mitigates DoS attacks against both Provers and Verifiers. It also removes the need for synchronous communication. Furthermore,RA evidence in SCRAPS is publicly verifiable, which significantly reduces the number of attestation evidence computations, thus lowering Prover burden. We report on a prototype of SCRAPS over Hyperledger Sawtooth (a blockchain geared for IoT use-cases) and evaluate its performance, scalability, and security aspects.

@proceedings{petzi2022scraps, abstract = {Remote Attestation (RA) is a basic security mechanism that detects malicious presence on various types of computing components, e.g., IoT devices. In a typical IoT setting, RA involves a trusted Verifier that sends a challenge to an untrusted remote Prover, which must in turn reply with a fresh and authentic evidence of being in a trustworthy state. However,most current RA schemes assume a central Verifier, which rep-resents a single point of failure. This feature is problematic when mutually suspicious stakeholders are involved. Furthermore, scalability issues arise as the number of IoT devices (Provers) grows. Although some RA schemes allow peer Provers to act as Verifiers, they involve unrealistic (for IoT devices) requirements, such as time synchronization and synchronous communication. Moreover, they incur heavy memory, computation,and communication burdens, while not considering sleeping or otherwise disconnected devices. Motivated by the need to address these limitations, we construct Scalable Collective Remote Attestation for Pub-Sub (SCRAPS), a novel collective RA scheme. It achieves scalability by outsourcing Verifier duties to a smart contract and mitigates DoS attacks against both Provers and Verifiers. It also removes the need for synchronous communication. Furthermore,RA evidence in SCRAPS is publicly verifiable, which significantly reduces the number of attestation evidence computations, thus lowering Prover burden. We report on a prototype of SCRAPS over Hyperledger Sawtooth (a blockchain geared for IoT use-cases) and evaluate its performance, scalability, and security aspects.}, author = {Petzi, Lukas and Ben Yahya, Ala Eddine and Dmitrienko, Alexandra and Tsudik, Gene and Prantl, Thomas and Kounev, Samuel}, booktitle = {USENIX Security}, keywords = {sss-group}, title = {SCRAPS: Scalable Collective Remote Attestation for Pub-Sub IoT Networks with Untrusted Proxy Verifier.}, year = 2022 }
FedCRI: Federated Mobile Cyber-Risk Intelligence. Fereidooni, Hossein; Dmitrienko, Alexandra; Madlener, Felix; Rieger, Phillip; Miettinen, Markus; Sadeghi, Ahmad-Reza; in The Network and Distributed System Security Symposium (NDSS) (2022).
- [ BibTeX ]
- [ BibSonomy-Post ]
@inproceedings{fereidooni2022fedcri, author = {Fereidooni, Hossein and Dmitrienko, Alexandra and Madlener, Felix and Rieger, Phillip and Miettinen, Markus and Sadeghi, Ahmad-Reza}, booktitle = {The Network and Distributed System Security Symposium (NDSS)}, keywords = {sss-group}, title = {FedCRI: Federated Mobile Cyber-Risk Intelligence}, year = 2022 }

2021[ to top ]

RIP StrandHogg: A Practical StrandHogg Attack Detection Method on Android. Stang, Jasper; Dmitrienko, Alexandra; Roth, Sascha; in 14th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec) (2021).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
StrandHogg vulnerabilities affect Android’s multitasking system and threaten up to 90% of Android platforms, which translates to millions of affected users. Existing countermeasures require modification of the OS, have usability drawbacks, or are limited to the detection of certain attack versions. In this work, we aim to develop a generic, efficient, and usability-friendly attack detection method, which does not require OS modifications and can be employed by apps installed on any vulnerable Android platform. To achieve our goal, we analyze StrandHogg attack techniques and develop two countermeasures, one using Machine Learning and the other one using ActivityCounter – a reliable attack indicator, which we could synthetically engineer. Our first approach achieves an average F1 score of 92% across all attack variations, while ActivityCounter shows superior performance and efficiently detects all attack versions without false positives. ActivityCounter is the first solution without practical limitations, which can be easily deployed in practice and protect millions of affected users.

@inproceedings{stang2021strandhogg, abstract = {StrandHogg vulnerabilities affect Android’s multitasking system and threaten up to 90% of Android platforms, which translates to millions of affected users. Existing countermeasures require modification of the OS, have usability drawbacks, or are limited to the detection of certain attack versions. In this work, we aim to develop a generic, efficient, and usability-friendly attack detection method, which does not require OS modifications and can be employed by apps installed on any vulnerable Android platform. To achieve our goal, we analyze StrandHogg attack techniques and develop two countermeasures, one using Machine Learning and the other one using ActivityCounter – a reliable attack indicator, which we could synthetically engineer. Our first approach achieves an average F1 score of 92% across all attack variations, while ActivityCounter shows superior performance and efficiently detects all attack versions without false positives. ActivityCounter is the first solution without practical limitations, which can be easily deployed in practice and protect millions of affected users.}, author = {Stang, Jasper and Dmitrienko, Alexandra and Roth, Sascha}, booktitle = {14th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec)}, keywords = {sss-group}, title = {RIP StrandHogg: A Practical StrandHogg Attack Detection Method on Android}, year = 2021 }
Performance Evaluation for a Post-Quantum Public-Key Cryptosystem. Prantl, Thomas; Prantl, Dominik; Beierlieb, Lukas; Iffländer, Lukas; Dmitrienko, Alexandra; Krupitzer, Christian; Kounev, Samuel; in IEEE 40th International Performance Computing and Communications Conference (IPCCC) (2021).
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
@inproceedings{PrPrBeIfDnKrKo2021-IPCCC-QuantumPublicKeyCryposystem, author = {Prantl, Thomas and Prantl, Dominik and Beierlieb, Lukas and Iffländer, Lukas and Dmitrienko, Alexandra and Krupitzer, Christian and Kounev, Samuel}, booktitle = {IEEE 40th International Performance Computing and Communications Conference (IPCCC)}, keywords = {sss-group}, organization = {IEEE}, title = {Performance Evaluation for a Post-Quantum Public-Key Cryptosystem}, year = 2021 }
Benchmarking of Pre- and Post-Quantum Group Encryption Schemes with Focus on IoT. Prantl, Thomas; Prantl, Dominik; Bauer, André; Iffländer, Lukas; Dmitrenko, Alexandra; Krupitzer, Christian; Kounev, Samuel; in IEEE 40th International Performance Computing and Communications Conference (IPCCC) (2021).
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
@inproceedings{PrPrBaIfDmKrKo2021-IPCCC-QuantumGroupEncryption, author = {Prantl, Thomas and Prantl, Dominik and Bauer, André and Iffländer, Lukas and Dmitrenko, Alexandra and Krupitzer, Christian and Kounev, Samuel}, booktitle = {IEEE 40th International Performance Computing and Communications Conference (IPCCC)}, keywords = {sss-group}, title = {Benchmarking of Pre- and Post-Quantum Group Encryption Schemes with Focus on IoT}, year = 2021 }
Increasing Security in Satellite Networks. Schilling, Klaus; Dmitrienko, Alexandra; in 72nd International Astronautical Congress (IAC) (2021).
- [ BibTeX ]
- [ BibSonomy-Post ]
@inproceedings{schilling2021increasing, author = {Schilling, Klaus and Dmitrienko, Alexandra}, booktitle = {72nd International Astronautical Congress (IAC)}, keywords = {sss-group}, title = {Increasing Security in Satellite Networks}, year = 2021 }
Vision: Challenges & Opportunities. Annaaram, Murali; Asokan, N.; Atli, Buse Gül; Avestimeh, Salman; Brasser, Ferdinand; Cammarota, Rosario; Dmitrienko, Alexandra; Dziedzic, Adam; Given-Wilson, Thomas; Gunn, Lachlan J.; Kerschbaum, Florian; Koushanfar, Farinaz; Legay, Axel; Miettinen, Markus; Nguyen, Thien Duc; Papernot, Nicolas; Sadeghi, Ahmad-Reza; Schunter, Matthias; Shokri, Reza; Smith, Virginia; in Vision Paper of the Private AI Collaborative Research Institute (2021).
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
@inproceedings{annaaramvision, author = {Annaaram, Murali and Asokan, N. and Atli, Buse Gül and Avestimeh, Salman and Brasser, Ferdinand and Cammarota, Rosario and Dmitrienko, Alexandra and Dziedzic, Adam and Given-Wilson, Thomas and Gunn, Lachlan J. and Kerschbaum, Florian and Koushanfar, Farinaz and Legay, Axel and Miettinen, Markus and Nguyen, Thien Duc and Papernot, Nicolas and Sadeghi, Ahmad-Reza and Schunter, Matthias and Shokri, Reza and Smith, Virginia}, booktitle = {Vision Paper of the Private AI Collaborative Research Institute}, keywords = {sss-group}, title = {Vision: Challenges & Opportunities.}, year = 2021 }
Security and Privacy Aspects of Digital Contact Tracing. Roos, Filipp; Thesis; University of Würzburg. (2021, October).
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
@mastersthesis{roos2021security, author = {Roos, Filipp}, keywords = {tracing}, month = {oct}, school = {University of Würzburg}, title = {Security and Privacy Aspects of Digital Contact Tracing}, type = {Master Thesis}, year = 2021 }
Security Analysis of UniNow App. Zimmermann, Keven; Thesis; University of Würzburg. (2021, June).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
We performed a security analysis of the UniNow application, focusing on private user data. The application was chosen for its high popularity and amount of sensitive information handled through its new contact tracing functionality. This functionality is used by many universities for mandatory contact tracing against COVID-19. Our analysis concerned the Android mobile application and all web services. After mapping the attack surface using many tools to automate the process, we tested the potential issues in order of impact. We reveal multiple security issues with low to critical severity. Most of these vulnera�bilities threatened private user data directly. In particular, we found multiple disclosed secret keys that were used to encrypt user data on the client side, among others. Fur�thermore, we show how an in-app browser as well as an open redirect vulnerability were easing phishing attacks, and how university access tokens were shared with UniNow. Our more severe findings include how sensitive data was sent automatically to Google servers through backup files, how strict SSL certificate checking was disabled deliberately for many university endpoints, how JavaScript could be injected into the email viewer, and how ap�pointment invitations could be brute forced to get sensitive information about past and future appointments. The two critical security issues concern how user accounts could be taken over by using an account identifier, and how an internal service was accessible by anyone, allowing to change university configurations and potentially make user devices sent their user’s university credentials to the attacker. We performed a responsible disclosure, which serves as a reference to UniNow, enabling them to fix the discovered issues. Our work tangibly improves the security of student data handled by the company.

@mastersthesis{noauthororeditor, abstract = {We performed a security analysis of the UniNow application, focusing on private user data. The application was chosen for its high popularity and amount of sensitive information handled through its new contact tracing functionality. This functionality is used by many universities for mandatory contact tracing against COVID-19. Our analysis concerned the Android mobile application and all web services. After mapping the attack surface using many tools to automate the process, we tested the potential issues in order of impact. We reveal multiple security issues with low to critical severity. Most of these vulnera�bilities threatened private user data directly. In particular, we found multiple disclosed secret keys that were used to encrypt user data on the client side, among others. Fur�thermore, we show how an in-app browser as well as an open redirect vulnerability were easing phishing attacks, and how university access tokens were shared with UniNow. Our more severe findings include how sensitive data was sent automatically to Google servers through backup files, how strict SSL certificate checking was disabled deliberately for many university endpoints, how JavaScript could be injected into the email viewer, and how ap�pointment invitations could be brute forced to get sensitive information about past and future appointments. The two critical security issues concern how user accounts could be taken over by using an account identifier, and how an internal service was accessible by anyone, allowing to change university configurations and potentially make user devices sent their user’s university credentials to the attacker. We performed a responsible disclosure, which serves as a reference to UniNow, enabling them to fix the discovered issues. Our work tangibly improves the security of student data handled by the company.}, author = {Zimmermann, Keven}, keywords = {thesis_supervised_by_SSS_member}, month = {jun}, school = {University of Würzburg}, title = {Security Analysis of UniNow App}, type = {Bachelor Thesis}, year = 2021 }
Towards a Group Encryption Scheme Benchmark: A View on Centralized Schemes with focus on IoT. Prantl, Thomas; Ten, Peter; Iffländer, Lukas; Herrnleben, Stefan; Dmitrenko, Alexandra; Kounev, Samuel; Krupitzer, Christian; in ACM/SPEC International Conference on Performance Engineering (ICPE) (2021).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
The number of devices connected to the Internet of Things (IoT) is continuously increasing to several billion nowadays. As those devices often share sensitive data, encryption of those data is an important issue. The pure volume of data and the complexity of communication patterns increases, and, accordingly, the importance of group encryption is recently gaining more importance. Still, the choice of the best-suited group encryption scheme for a specific application is complicated. Benchmarks can support this choice. However, while literature distinguishes three categories for the schemes (central, decentral, and hybrid), a one-fits-all benchmark seems challenging to achieve. In this paper, we go the first step towards a structured benchmark for group encryption schemes by presenting a benchmark for centralized group encryption schemes in an IoT scenario. To this end, our benchmark includes a description of workloads, a baseline scheme, a measurement setup, and metrics while also considering the requirements and features of centralized group encryption schemes.

@inproceedings{PrTeIfHeDmKo2021-ICPE-GroupEncryptionCentralizedBenchmark, abstract = {The number of devices connected to the Internet of Things (IoT) is continuously increasing to several billion nowadays. As those devices often share sensitive data, encryption of those data is an important issue. The pure volume of data and the complexity of communication patterns increases, and, accordingly, the importance of group encryption is recently gaining more importance. Still, the choice of the best-suited group encryption scheme for a specific application is complicated. Benchmarks can support this choice. However, while literature distinguishes three categories for the schemes (central, decentral, and hybrid), a one-fits-all benchmark seems challenging to achieve. In this paper, we go the first step towards a structured benchmark for group encryption schemes by presenting a benchmark for centralized group encryption schemes in an IoT scenario. To this end, our benchmark includes a description of workloads, a baseline scheme, a measurement setup, and metrics while also considering the requirements and features of centralized group encryption schemes.}, author = {Prantl, Thomas and Ten, Peter and Iffländer, Lukas and Herrnleben, Stefan and Dmitrenko, Alexandra and Kounev, Samuel and Krupitzer, Christian}, booktitle = {ACM/SPEC International Conference on Performance Engineering (ICPE)}, keywords = {sss-group}, month = {April}, series = {ICPE'21}, title = {Towards a Group Encryption Scheme Benchmark: A View on Centralized Schemes with focus on IoT}, year = 2021 }
Intrusion Detection Using Machine Learning in Databases. Schindler, Sebastian; Thesis; University of Würzburg. (2021, April).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
Ransomware is a known threat that had a severe impact on computer security in the past five years. This type of malware has caused financial losses of about $13 Billion in 2017 and 2018 combined. Ransomware makes a user’s data unavailable to them, only granting access again when they pay a ransom. Traditionally, ransomware targeted the computer’s filesystem. Database ransomware is a new variant of the same principle. Instead of targeting individual files, it logs into DBMSs remotely and destroys the data, leaving only a ransom message behind. In most cases, attackers do not create a backup copy of the data. In this case, the data cannot be restored by the attackers, even if the ransom is paid. In 2018, Jobst et al. presented DIMAQS, a MySQL plugin to mitigate these attacks by detecting malicious activity through a Petri net classifier. Our work recognizes the main drawback of this approach: The Petri net cannot be easily adapted to new attack scenarios and has to be re-engineered manually. To solve this problem, we design a machine learning classifier to replace the original one. This approach yields a model that detects all attacks in our tests. Unfortunately, the model also produces a high number of false positives when trying to detect attacks before any harmful queries are issued. Overall, our approach achieves a 85.23% f1-score. The performance impact of the revised plugin is nonexistent for OLAP workloads and stays under 15% for OLTP tasks.

@mastersthesis{noauthororeditor, abstract = {Ransomware is a known threat that had a severe impact on computer security in the past five years. This type of malware has caused financial losses of about $13 Billion in 2017 and 2018 combined. Ransomware makes a user’s data unavailable to them, only granting access again when they pay a ransom. Traditionally, ransomware targeted the computer’s filesystem. Database ransomware is a new variant of the same principle. Instead of targeting individual files, it logs into DBMSs remotely and destroys the data, leaving only a ransom message behind. In most cases, attackers do not create a backup copy of the data. In this case, the data cannot be restored by the attackers, even if the ransom is paid. In 2018, Jobst et al. presented DIMAQS, a MySQL plugin to mitigate these attacks by detecting malicious activity through a Petri net classifier. Our work recognizes the main drawback of this approach: The Petri net cannot be easily adapted to new attack scenarios and has to be re-engineered manually. To solve this problem, we design a machine learning classifier to replace the original one. This approach yields a model that detects all attacks in our tests. Unfortunately, the model also produces a high number of false positives when trying to detect attacks before any harmful queries are issued. Overall, our approach achieves a 85.23% f1-score. The performance impact of the revised plugin is nonexistent for OLAP workloads and stays under 15% for OLTP tasks.}, author = {Schindler, Sebastian}, keywords = {thesis_supervised_by_sss_member}, month = {apr}, school = {University of Würzburg}, title = {Intrusion Detection Using Machine Learning in Databases}, type = {Master Thesis}, year = 2021 }
ESCORT: Ethereum Smart COntRacTs Vulnerability Detection using Deep Neural Network and Transfer Learning. Lutz, Oliver; Chen, Huili; Fereidooni, Hossein; Sendner, Christoph; Dmitrienko, Alexandra; Sadeghi, Ahmad Reza; Koushanfar, Farinaz; in ArXiv | arXiv:2103.12607v1 (2021).
- [ Abstract ]
- [ BibTeX ]
- [ URL ]
- [ BibSonomy-Post ]
Ethereum smart contracts are automated decentralized applications on the blockchain that describe the terms of the agreement between buyers and sellers, reducing the need for trusted intermediaries and arbitration. However, the deployment of smart contracts introduces new attack vectors into the cryptocurrency systems. In particular, programming flaws in smart contracts can be and have already been exploited to gain enormous financial profits. It is thus an emerging yet crucial issue to detect vulnerabilities of different classes in contracts in an efficient manner. Existing machine learning-based vulnerability detection methods are limited and only inspect whether the smart contract is vulnerable, or train individual classifiers for each specific vulnerability, or demonstrate multi-class vulnerability detection without extensibility consideration. To overcome the scalability and generalization limitations of existing works, we propose ESCORT, the first Deep Neural Network (DNN)-based vulnerability detection framework for Ethereum smart contracts that support lightweight transfer learning on unseen security vulnerabilities, thus is extensible and generalizable. ESCORT leverages a multi-output NN architecture that consists of two parts: (i) A common feature extractor that learns the semantics of the input contract; (ii) Multiple branch structures where each branch learns a specific vulnerability type based on features obtained from the feature extractor. Experimental results show that ESCORT achieves an average F1-score of 95% on six vulnerability types and the detection time is 0.02 seconds per contract. When extended to new vulnerability types, ESCORT yields an average F1-score of 93%. To the best of our knowledge, ESCORT is the first framework that enables transfer learning on new vulnerability types with minimal modification of the DNN model architecture and re-training overhead.

@article{lutz2021escort, abstract = {Ethereum smart contracts are automated decentralized applications on the blockchain that describe the terms of the agreement between buyers and sellers, reducing the need for trusted intermediaries and arbitration. However, the deployment of smart contracts introduces new attack vectors into the cryptocurrency systems. In particular, programming flaws in smart contracts can be and have already been exploited to gain enormous financial profits. It is thus an emerging yet crucial issue to detect vulnerabilities of different classes in contracts in an efficient manner. Existing machine learning-based vulnerability detection methods are limited and only inspect whether the smart contract is vulnerable, or train individual classifiers for each specific vulnerability, or demonstrate multi-class vulnerability detection without extensibility consideration. To overcome the scalability and generalization limitations of existing works, we propose ESCORT, the first Deep Neural Network (DNN)-based vulnerability detection framework for Ethereum smart contracts that support lightweight transfer learning on unseen security vulnerabilities, thus is extensible and generalizable. ESCORT leverages a multi-output NN architecture that consists of two parts: (i) A common feature extractor that learns the semantics of the input contract; (ii) Multiple branch structures where each branch learns a specific vulnerability type based on features obtained from the feature extractor. Experimental results show that ESCORT achieves an average F1-score of 95% on six vulnerability types and the detection time is 0.02 seconds per contract. When extended to new vulnerability types, ESCORT yields an average F1-score of 93%. To the best of our knowledge, ESCORT is the first framework that enables transfer learning on new vulnerability types with minimal modification of the DNN model architecture and re-training overhead.}, author = {Lutz, Oliver and Chen, Huili and Fereidooni, Hossein and Sendner, Christoph and Dmitrienko, Alexandra and Sadeghi, Ahmad Reza and Koushanfar, Farinaz}, journal = {ArXiv | arXiv:2103.12607v1}, keywords = {technical-reports}, month = {mar}, title = {ESCORT: Ethereum Smart COntRacTs Vulnerability Detection using Deep Neural Network and Transfer Learning}, year = 2021 }
All the Numbers are US: Large-scale Abuse of Contact Discovery in Mobile Messengers. Hagen, Christoph; Weinert, Christian; Sendner, Christoph; Dmitrienko, Alexandra; Schneider, Thomas; in Network and Distributed System Security Symposium (NDSS) (2021).
- [ Abstract ]
- [ BibTeX ]
- [ URL ]
- [ Download ]
- [ BibSonomy-Post ]
Contact discovery allows users of mobile messengers to conveniently connect with people in their address book. In this work, we demonstrate that severe privacy issues exist in currently deployed contact discovery methods. Our study of three popular mobile messengers (WhatsApp, Signal, and Telegram) shows that, contrary to expectations, largescale crawling attacks are (still) possible. Using an accurate database of mobile phone number prefixes and very few resources, we have queried 10 % of US mobile phone numbers for WhatsApp and 100 % for Signal. For Telegram we find that its API exposes a wide range of sensitive information, even about numbers not registered with the service. We present interesting (crossmessenger) usage statistics, which also reveal that very few users change the default privacy settings. Regarding mitigations, we propose novel techniques to significantly limit the feasibility of our crawling attacks, especially a new incremental contact discovery scheme that strictly improves over Signal’s current approach. Furthermore, we show that currently deployed hashing-based contact discovery protocols are severely broken by comparing three methods for efficient hash reversal of mobile phone numbers. For this, we also propose a significantly improved rainbow table construction for non-uniformly distributed inputs that is of independent interest.

@inproceedings{DBLP:conf/ndss/2021, abstract = {Contact discovery allows users of mobile messengers to conveniently connect with people in their address book. In this work, we demonstrate that severe privacy issues exist in currently deployed contact discovery methods. Our study of three popular mobile messengers (WhatsApp, Signal, and Telegram) shows that, contrary to expectations, largescale crawling attacks are (still) possible. Using an accurate database of mobile phone number prefixes and very few resources, we have queried 10 % of US mobile phone numbers for WhatsApp and 100 % for Signal. For Telegram we find that its API exposes a wide range of sensitive information, even about numbers not registered with the service. We present interesting (crossmessenger) usage statistics, which also reveal that very few users change the default privacy settings. Regarding mitigations, we propose novel techniques to significantly limit the feasibility of our crawling attacks, especially a new incremental contact discovery scheme that strictly improves over Signal’s current approach. Furthermore, we show that currently deployed hashing-based contact discovery protocols are severely broken by comparing three methods for efficient hash reversal of mobile phone numbers. For this, we also propose a significantly improved rainbow table construction for non-uniformly distributed inputs that is of independent interest.}, author = {Hagen, Christoph and Weinert, Christian and Sendner, Christoph and Dmitrienko, Alexandra and Schneider, Thomas}, booktitle = {Network and Distributed System Security Symposium (NDSS)}, keywords = {sss-group}, month = {feb}, publisher = {The Internet Society}, title = {All the Numbers are US: Large-scale Abuse of Contact Discovery in Mobile Messengers}, year = 2021 }
Remote Attestation for IoT with Smart Verifier. Petzi, Lukas; Thesis; University of Würzburg. (2021, January).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
The Internet is evolving. The Internet of Things (IoT) is a disruptive technology, billions of small and smart devices are encompassing every aspect of our lives, which leads us to a new era of the Internet. IoT connects billions of heterogeneous embedded devices in large networks. Restricted capabilities of the devices in combination with various mutually mistrusting parties throughout the network pose new challenges to security. As IoT devices become increasingly important, so does trust in their secure and reliable operation. But before we can trust them, we need to establish the trust. In the past, remote attestation has emerged into a very powerful tool in order to establish trust between devices. Traditional remote attestation establishes a static trust between two devices. This approach suffers badly heterogeneity of IoT network and purely scales to a large number of devices. Furthermore, it is very vulnerable to Denial of Service attacks. Within this thesis, we present a new approach to Remote Attestation in IoT networks. Our design combines the core strength of Remote Attestation with the advantages blockchain technology in order to enable attestation and validation of attestation evidences in a scalable manner. At rst, we develop a remote attestation scheme on a low end device serving as an exemplary IoT device. Second, we design our smart verifier, a flexible system capable of validating and storing attestation evidence. The system is build on top of blockchain technology and solves several issues accompanied by Traditional Remote Attestation in IoT such as scalability and device heterogeneity. In the end, we build and evaluate a proof of concept implementation based on ARM TrustZone and Sawtooth Hyperledger. The proposed system architecture enables trust establishment in a scalable manner even in heterogeneous networks while preventing denial of service attacks

@mastersthesis{chan2019remote, abstract = {The Internet is evolving. The Internet of Things (IoT) is a disruptive technology, billions of small and smart devices are encompassing every aspect of our lives, which leads us to a new era of the Internet. IoT connects billions of heterogeneous embedded devices in large networks. Restricted capabilities of the devices in combination with various mutually mistrusting parties throughout the network pose new challenges to security. As IoT devices become increasingly important, so does trust in their secure and reliable operation. But before we can trust them, we need to establish the trust. In the past, remote attestation has emerged into a very powerful tool in order to establish trust between devices. Traditional remote attestation establishes a static trust between two devices. This approach suffers badly heterogeneity of IoT network and purely scales to a large number of devices. Furthermore, it is very vulnerable to Denial of Service attacks. Within this thesis, we present a new approach to Remote Attestation in IoT networks. Our design combines the core strength of Remote Attestation with the advantages blockchain technology in order to enable attestation and validation of attestation evidences in a scalable manner. At rst, we develop a remote attestation scheme on a low end device serving as an exemplary IoT device. Second, we design our smart verifier, a flexible system capable of validating and storing attestation evidence. The system is build on top of blockchain technology and solves several issues accompanied by Traditional Remote Attestation in IoT such as scalability and device heterogeneity. In the end, we build and evaluate a proof of concept implementation based on ARM TrustZone and Sawtooth Hyperledger. The proposed system architecture enables trust establishment in a scalable manner even in heterogeneous networks while preventing denial of service attacks}, author = {Petzi, Lukas}, booktitle = {CVPR Workshops}, keywords = {thesis_supervised_by_sss_member}, month = {jan}, school = {University of Würzburg}, title = {Remote Attestation for IoT with Smart Verifier}, type = {Bachelor Thesis}, year = 2021 }

2020[ to top ]

Aggregatable Remote Attestation for IoT. Alistarov, Vasil; Thesis; University of Würzburg. (2020, December).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
With the recent spike of Internet of Things (IoT) and "smart" devices, there has also been an increase in the amount of attacks on IoT networks. Wide-reaching attacks such as the one from the Mirai botnet in 2016 show how crucial it is to know that a device can be trusted before initiating communication. Remote Attestation (RA) is a proven method for asserting that a device is in a benign state. It is a challenge-response process between two parties, where the first checks the trustworthiness of the second. However, it is characterizable with low scalability a critical issue in the IoT sector. In our work, we model a new RA protocol, called Aggregatable Remote Attestation, which would allow a device to process multiple RA challenges simultaneously. We base it on the already existing SIMPLE architecture and implement it as a Proof-of-Concept (PoC) by modifying the code of the Security MicroVisor the core component of SIMPLE. We evaluate our work in terms of security and performance and show that it greatly outperforms the underlying SIMPLE. We discuss the relevance of our design in relation to the IoT sphere and denote a small set of potential topics for future work and research.

@mastersthesis{alistarov2020aggregatable, abstract = {With the recent spike of Internet of Things (IoT) and "smart" devices, there has also been an increase in the amount of attacks on IoT networks. Wide-reaching attacks such as the one from the Mirai botnet in 2016 show how crucial it is to know that a device can be trusted before initiating communication. Remote Attestation (RA) is a proven method for asserting that a device is in a benign state. It is a challenge-response process between two parties, where the first checks the trustworthiness of the second. However, it is characterizable with low scalability a critical issue in the IoT sector. In our work, we model a new RA protocol, called Aggregatable Remote Attestation, which would allow a device to process multiple RA challenges simultaneously. We base it on the already existing SIMPLE architecture and implement it as a Proof-of-Concept (PoC) by modifying the code of the Security MicroVisor the core component of SIMPLE. We evaluate our work in terms of security and performance and show that it greatly outperforms the underlying SIMPLE. We discuss the relevance of our design in relation to the IoT sphere and denote a small set of potential topics for future work and research.}, author = {Alistarov, Vasil}, keywords = {thesis_supervised_by_sss_member}, month = {dec}, school = {University of Würzburg}, title = {Aggregatable Remote Attestation for IoT}, type = {Bachelor Thesis}, year = 2020 }
Contact Tracing by Giant Data Collectors: Opening Pandora’s Box of Threats to Privacy, Sovereignty and National Security. Boutet, Antoine; Castelluccia, Claude; Cunche, Mathieu; Dmitrienko, Alexandra; Iovino, Vincenzo; Miettinen, Markus; Nguyen, Thien Duc; Roca, Vincent; Sadeghi, Ahmad-Reza; Vaudenay, Serge; Visconti, Ivan; Vuagnoux, Martin; (2020).
- [ Abstract ]
- [ BibTeX ]
- [ URL ]
- [ Download ]
- [ BibSonomy-Post ]
Many countries have introduced digital contact tracing apps to fight the COVID-19 pandemic. Such apps help to identify contacts between potentially infectious persons automatically and thus bear the promise of reducing the burden on manual contact tracers and increase tracing accuracy in situations in which people have difficulties identifying with whom they have been in contact. A number of different proposals for digital contact tracing systems have been made or deployed, ranging from heavily centralized to completely decentralized approaches, each with its own advantages and disadvantages in terms of tracing effectiveness and impact on user privacy. During the phase of highly dynamic evolution of these approaches, surprisingly, Google and Apple established an unprecedented friendship and agreed on a very special scheme for contact tracing, realizing this in the form of an API called GAEN that they quickly integrated into their mobile operating systems. A multitude of nationally rolled out tracing apps are now based on the GAEN approach. In this paper, we revisit such apps and the GAEN API on which they are built. In particular, we point out a number of very problematic aspects and threats that the GAEN approach creates through its security and privacy weaknesses but also through the threats that it poses on technological sovereignty and the public health system.

@techreport{boutet2020contact, abstract = {Many countries have introduced digital contact tracing apps to fight the COVID-19 pandemic. Such apps help to identify contacts between potentially infectious persons automatically and thus bear the promise of reducing the burden on manual contact tracers and increase tracing accuracy in situations in which people have difficulties identifying with whom they have been in contact. A number of different proposals for digital contact tracing systems have been made or deployed, ranging from heavily centralized to completely decentralized approaches, each with its own advantages and disadvantages in terms of tracing effectiveness and impact on user privacy. During the phase of highly dynamic evolution of these approaches, surprisingly, Google and Apple established an unprecedented friendship and agreed on a very special scheme for contact tracing, realizing this in the form of an API called GAEN that they quickly integrated into their mobile operating systems. A multitude of nationally rolled out tracing apps are now based on the GAEN approach. In this paper, we revisit such apps and the GAEN API on which they are built. In particular, we point out a number of very problematic aspects and threats that the GAEN approach creates through its security and privacy weaknesses but also through the threats that it poses on technological sovereignty and the public health system.}, author = {Boutet, Antoine and Castelluccia, Claude and Cunche, Mathieu and Dmitrienko, Alexandra and Iovino, Vincenzo and Miettinen, Markus and Nguyen, Thien Duc and Roca, Vincent and Sadeghi, Ahmad-Reza and Vaudenay, Serge and Visconti, Ivan and Vuagnoux, Martin}, institution = {{EPFL, Switzerland ; Inria, France ; JMU W{\"u}rzburg, Germany ; University of Salerno, Italy ; base23, Geneva, Switzerland ; Technical University of Darmstadt, Germany}}, keywords = {tracing}, month = {dec}, title = {Contact Tracing by Giant Data Collectors: Opening Pandora’s Box of Threats to Privacy, Sovereignty and National Security.}, type = {University works}, year = 2020 }
Evaluating the Performance of a State-of-the-Art Group-oriented Encryption Scheme for Dynamic Groups in an IoT Scenario. Prantl, Thomas; Ten, Peter; Iffländer, Lukas; Dmitrenko, Alexandra; Kounev, Samuel; Krupitzer, Christian; in IEEE 28th International Symposium on Modeling, Analysis, and Simulation of Computer and Telecommunication Systems (MASCOTS) (2020).

Acceptance Rate: 27%
- [ Abstract ]
- [ BibTeX ]
- [ BibSonomy-Post ]
New emerging technologies, such as autonomous driving, intelligent buildings, and smart cities, are promising to revolutionize user experience and offer new services. The world has to undergo large scale deployment of billions of things — cost-efficient intelligent sensors that will be interconnected into extensive networks and will collect and supply data to intelligent algorithms — to make it happen. To date, however, it is challenging to secure such an infrastructure for many-fold reasons, such as resource constraints of things, large scale deployment, manyto-many communication patterns, and dynamically changing communication groups. All these factors rule out most of the state-of-the-art encryption and key-management techniques. Group encryption algorithms are well-suitable for many-tomany communication patterns typical for IoT networks, and many of them can deal with dynamic groups. There are, however, very few constructions that could potentially fulfill the computational and storage constraints of IoT devices while providing sufficient scalability for large networks. The promising candidates, such as construction by Nishat et al. [1], were not evaluated using IoT platforms and under constraints typical for IoT networks. In this paper, we aim to fill this gap and present the evaluation of a state-of-the-art group-oriented encryption scheme by Nishat et al. to identify its applicability to IoT systems. In detail, we provide a measurement workflow, a revised version of the approach, and describe a reproducible hardware testbed. Using this evaluation environment, we analyze the performance of the encryption scheme in a typical IoT scenario from a group member perspective. The results show that all calculation times can be assumed to be constant and are always below 2 seconds. The memory requirement for permanent parameters can also be considered to be constant and are below 8.5 kbit in each case. However, the information that has to be stored temporarily for group updates has turned out to be the bottleneck of the scheme, since their memory requirements increase linearly with the group size.

@inproceedings{PrTeIfDmKo2020-MASCOTS-GroupEncryption, abstract = {New emerging technologies, such as autonomous driving, intelligent buildings, and smart cities, are promising to revolutionize user experience and offer new services. The world has to undergo large scale deployment of billions of things — cost-efficient intelligent sensors that will be interconnected into extensive networks and will collect and supply data to intelligent algorithms — to make it happen. To date, however, it is challenging to secure such an infrastructure for many-fold reasons, such as resource constraints of things, large scale deployment, manyto-many communication patterns, and dynamically changing communication groups. All these factors rule out most of the state-of-the-art encryption and key-management techniques. Group encryption algorithms are well-suitable for many-tomany communication patterns typical for IoT networks, and many of them can deal with dynamic groups. There are, however, very few constructions that could potentially fulfill the computational and storage constraints of IoT devices while providing sufficient scalability for large networks. The promising candidates, such as construction by Nishat et al. [1], were not evaluated using IoT platforms and under constraints typical for IoT networks. In this paper, we aim to fill this gap and present the evaluation of a state-of-the-art group-oriented encryption scheme by Nishat et al. to identify its applicability to IoT systems. In detail, we provide a measurement workflow, a revised version of the approach, and describe a reproducible hardware testbed. Using this evaluation environment, we analyze the performance of the encryption scheme in a typical IoT scenario from a group member perspective. The results show that all calculation times can be assumed to be constant and are always below 2 seconds. The memory requirement for permanent parameters can also be considered to be constant and are below 8.5 kbit in each case. However, the information that has to be stored temporarily for group updates has turned out to be the bottleneck of the scheme, since their memory requirements increase linearly with the group size.}, author = {Prantl, Thomas and Ten, Peter and Iffländer, Lukas and Dmitrenko, Alexandra and Kounev, Samuel and Krupitzer, Christian}, booktitle = {IEEE 28th International Symposium on Modeling, Analysis, and Simulation of Computer and Telecommunication Systems (MASCOTS)}, keywords = {sss-group}, month = {November}, note = {Acceptance Rate: 27%}, series = {MASCOTS '20}, title = {Evaluating the Performance of a State-of-the-Art Group-oriented Encryption Scheme for Dynamic Groups in an IoT Scenario}, year = 2020 }
Testbed for Security Testing of Smart Contracts. Denk, Lukas; Thesis; University of Würzburg. (2020, November).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
Ethereum, one of the most popular decentralized blockchain-based platforms [1], manages cryptocurrency worth more than 40 billion US Dollars [2]. A lot of the money is controlled by autonomous programs, so called smart contracts. They are executed on the platform and everyone can call their functions; vulnerabilities are therefore easily exploited. The immutable nature of the blockchain sharpens the problem even further by prohibiting belated bug fixes. In fact, there were several cases where attackers were able to steal cryptocurrency worth several millions of US Dollar [3]. This emphasises the need of soundly testing a smart contract before deployment. Unfortunately, existing security analysing tools each cover a different subsets of vulnerabilities [4]. Moreover, even when they test for the same security issues, they often find different results. A solid test run should therefore contain several tools, which makes the whole procedure very laborious. For these reasons, we provide a testbed which runs on a virtual machine (VM) with several smart contract security analysing tools integrated. It does not only offer a command line- but also an intuitive web interface. Both interfaces allow the user to analyse his contract with all the underlying tools in a single step. Additionally, our testbed provides a detailed report for each of the tools’ test runs as well as an overview of the overall security issues the different tools found. Our evaluation shows that our testbed identifies significantly more potential security issues than each of the compared smart contract analysing tools individually does. Indeed, we found 92% of our analysed contracts as potentially being vulnerable, while even the most sensitive tool only flagged 76% of its successfully analysed contracts. Furthermore, we observed that occasionally, two tools testing for the same vulnerability, contradict themselves in more than 81% of the contracts successfully analysed by both tools

@mastersthesis{denk2020testbed, abstract = {Ethereum, one of the most popular decentralized blockchain-based platforms [1], manages cryptocurrency worth more than 40 billion US Dollars [2]. A lot of the money is controlled by autonomous programs, so called smart contracts. They are executed on the platform and everyone can call their functions; vulnerabilities are therefore easily exploited. The immutable nature of the blockchain sharpens the problem even further by prohibiting belated bug fixes. In fact, there were several cases where attackers were able to steal cryptocurrency worth several millions of US Dollar [3]. This emphasises the need of soundly testing a smart contract before deployment. Unfortunately, existing security analysing tools each cover a different subsets of vulnerabilities [4]. Moreover, even when they test for the same security issues, they often find different results. A solid test run should therefore contain several tools, which makes the whole procedure very laborious. For these reasons, we provide a testbed which runs on a virtual machine (VM) with several smart contract security analysing tools integrated. It does not only offer a command line- but also an intuitive web interface. Both interfaces allow the user to analyse his contract with all the underlying tools in a single step. Additionally, our testbed provides a detailed report for each of the tools’ test runs as well as an overview of the overall security issues the different tools found. Our evaluation shows that our testbed identifies significantly more potential security issues than each of the compared smart contract analysing tools individually does. Indeed, we found 92% of our analysed contracts as potentially being vulnerable, while even the most sensitive tool only flagged 76% of its successfully analysed contracts. Furthermore, we observed that occasionally, two tools testing for the same vulnerability, contradict themselves in more than 81% of the contracts successfully analysed by both tools}, author = {Denk, Lukas}, keywords = {thesis_supervised_by_SSS_member}, month = {November}, school = {University of Würzburg}, title = {Testbed for Security Testing of Smart Contracts}, type = {Bachelor Thesis}, year = 2020 }
Detection of Software Vulnerabilities in Smart Contracts using Deep Learning. Lutz, Oliver; Thesis; University of Würzburg. (2020, October).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
Der Missbrauch von Programmierfehlern in Kryptowährungsplattformen kann zu großen wirtschaftlichen Schäden fuhren. Deshalb wird in dieser Arbeit analysiert, wie Deep-Learning genutzt werden kann, um Schwachstellen in Ethereum Smart Contracts aufzudecken. Als Ergebnis ist ein Framework entwickelt worden, das sich um die Datengewinnung, Vorklassifizierung und Modellbildung kummert. Mit diesem Framework können Deep-Learning-Modelle entwickelt, trainiert und evaluiert werden, um einen KI-Scanner zu erstellen. Selbst bei einfachen neuronalen Netz-Architekturen erreicht der KI-Scanner, der acht verschiedene Arten von Schwachstellen erkennen kann, eine Genauigkeit von 98%. Dieser KI-Scanner kann zur weiteren Verwendung eingesetzt werden. Er kann jedoch auch um Schwachstellentypen erweitert werden, um ein noch mächtigeres Tool zu bilden.

@mastersthesis{lutz2020detection, abstract = {Der Missbrauch von Programmierfehlern in Kryptowährungsplattformen kann zu großen wirtschaftlichen Schäden fuhren. Deshalb wird in dieser Arbeit analysiert, wie Deep-Learning genutzt werden kann, um Schwachstellen in Ethereum Smart Contracts aufzudecken. Als Ergebnis ist ein Framework entwickelt worden, das sich um die Datengewinnung, Vorklassifizierung und Modellbildung kummert. Mit diesem Framework können Deep-Learning-Modelle entwickelt, trainiert und evaluiert werden, um einen KI-Scanner zu erstellen. Selbst bei einfachen neuronalen Netz-Architekturen erreicht der KI-Scanner, der acht verschiedene Arten von Schwachstellen erkennen kann, eine Genauigkeit von 98%. Dieser KI-Scanner kann zur weiteren Verwendung eingesetzt werden. Er kann jedoch auch um Schwachstellentypen erweitert werden, um ein noch mächtigeres Tool zu bilden.}, author = {Lutz, Oliver}, keywords = {thesis_supervised_by_SSS_member}, month = {October}, school = {University of Würzburg}, title = {Detection of Software Vulnerabilities in Smart Contracts using Deep Learning}, type = {Master Thesis}, year = 2020 }
LegIoT: Ledgered Trust Management Platform for IoT. Neureither, Jens; Dmitrienko, Alexandra; Koisser, David; Brasser, Ferdinand; Sadeghi, Ahmad-Reza; in European Symposium on Research in Computer Security (ESORICS) (2020).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
We investigate and address the currently unsolved problem of trust establishment in large-scale Internet of Things (IoT) networks where heterogeneous devices and mutually mistrusting stakeholders are involved. We design, prototype and evaluate LegIoT, a novel, probabilistic trust management system that enables secure, dynamic and flexible(yet inexpensive) trust relationships in large IoT networks. The core component of LegIoT is a novel graph-based scheme that allows network devices (graph nodes) to re-use the already existing trust associations(graph edges) very efficiently; thus, significantly reducing the number of individually conducted trust assessments. Since no central trusted third party exists, LegIoT leverages Distributed Ledger Technology(DLT) to create and manage the trust relation graph in a decentralized manner.The trust assessment among devices can be instantiated by any appropriate assessment technique, for which we focus on remote attestation(integrity verification) in this paper. We prototyped LegIoT for Hyper-ledger Sawtooth and demonstrated through evaluation that the number of trust assessments in the network can be significantly reduced – e.g.,by a factor of 20 for a network of 400 nodes and factor 5 for 1000 nodes.

@inproceedings{neureither2020legiot, abstract = {We investigate and address the currently unsolved problem of trust establishment in large-scale Internet of Things (IoT) networks where heterogeneous devices and mutually mistrusting stakeholders are involved. We design, prototype and evaluate LegIoT, a novel, probabilistic trust management system that enables secure, dynamic and flexible(yet inexpensive) trust relationships in large IoT networks. The core component of LegIoT is a novel graph-based scheme that allows network devices (graph nodes) to re-use the already existing trust associations(graph edges) very efficiently; thus, significantly reducing the number of individually conducted trust assessments. Since no central trusted third party exists, LegIoT leverages Distributed Ledger Technology(DLT) to create and manage the trust relation graph in a decentralized manner.The trust assessment among devices can be instantiated by any appropriate assessment technique, for which we focus on remote attestation(integrity verification) in this paper. We prototyped LegIoT for Hyper-ledger Sawtooth and demonstrated through evaluation that the number of trust assessments in the network can be significantly reduced – e.g.,by a factor of 20 for a network of 400 nodes and factor 5 for 1000 nodes.}, author = {Neureither, Jens and Dmitrienko, Alexandra and Koisser, David and Brasser, Ferdinand and Sadeghi, Ahmad-Reza}, booktitle = {European Symposium on Research in Computer Security (ESORICS)}, keywords = {trust-management}, month = {sep}, title = {LegIoT: Ledgered Trust Management Platform for IoT}, year = 2020 }
Mind the GAP: Security & Privacy Risks of Contact Tracing Apps. Baumgärtner, Lars; Dmitrienko, Alexandra; Freisleben, Bernd; Höchst, Jonas; Kühlberg, Joshua; Mezini, Mira; Miettinen, Markus; Muhamedagic, Anel; Nguyen, Thien Duc; Penning, Alvar; Pustelnik, Dermot Frederik; Roos, Filipp; Sadeghi, Ahmad-Reza; Schwarz, Michael; Uhl, Christian; in TrustCom, Security Track (2020).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
Google and Apple have jointly provided an API for exposure notification in order to implement decentralized contract tracing apps using Bluetooth Low Energy, the so-called "Google/Apple Proposal", which we abbreviate by "GAP". We demonstrate that in real-world scenarios the current GAP design is vulnerable to (i) profiling and possibly de-anonymizing infected persons, and (ii) relay-based wormhole attacks that basically can generate fake contacts with the potential of affecting the accuracy of an app-based contact tracing system. For both types of attack, we have built tools that can easily be used on mobile phones or Raspberry Pis (e.g., Bluetooth sniffers). The goal of our work is to perform a reality check towards possibly providing empirical real-world evidence for these two privacy and security risks. We hope that our findings provide valuable input for developing secure and privacy-preserving digital contact tracing systems.

@inproceedings{baumgartner2020security, abstract = {Google and Apple have jointly provided an API for exposure notification in order to implement decentralized contract tracing apps using Bluetooth Low Energy, the so-called "Google/Apple Proposal", which we abbreviate by "GAP". We demonstrate that in real-world scenarios the current GAP design is vulnerable to (i) profiling and possibly de-anonymizing infected persons, and (ii) relay-based wormhole attacks that basically can generate fake contacts with the potential of affecting the accuracy of an app-based contact tracing system. For both types of attack, we have built tools that can easily be used on mobile phones or Raspberry Pis (e.g., Bluetooth sniffers). The goal of our work is to perform a reality check towards possibly providing empirical real-world evidence for these two privacy and security risks. We hope that our findings provide valuable input for developing secure and privacy-preserving digital contact tracing systems.}, author = {Baumgärtner, Lars and Dmitrienko, Alexandra and Freisleben, Bernd and Höchst, Jonas and Kühlberg, Joshua and Mezini, Mira and Miettinen, Markus and Muhamedagic, Anel and Nguyen, Thien Duc and Penning, Alvar and Pustelnik, Dermot Frederik and Roos, Filipp and Sadeghi, Ahmad-Reza and Schwarz, Michael and Uhl, Christian}, booktitle = {TrustCom, Security Track}, keywords = {sss-group}, month = {September}, title = {Mind the GAP: Security & Privacy Risks of Contact Tracing Apps}, year = 2020 }
All the Numbers are US: Large-scale Abuse of Contact Discovery in Mobile Messengers. Hagen, Christoph; Weinert, Christian; Sendner, Christoph; Dmitrienko, Alexandra; Schneider, Thomas; in Cryptology ePrint Archive, Report 2020/1119 (2020).
- [ BibTeX ]
- [ URL ]
- [ BibSonomy-Post ]
@article{cryptoeprint:2020:1119, author = {Hagen, Christoph and Weinert, Christian and Sendner, Christoph and Dmitrienko, Alexandra and Schneider, Thomas}, journal = {Cryptology ePrint Archive, Report 2020/1119}, keywords = {technical-reports}, month = {sep}, title = {All the Numbers are US: Large-scale Abuse of Contact Discovery in Mobile Messengers}, year = 2020 }
Evaluating the Privacy of Contact Discovery. Sendner, Christoph; Thesis; University of Würzburg. (2020, July).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
Currently deployed contact discovery of mobile messengers is based on the transmission of phone numbers to the service provider. This information is private and anonymized by hashing them. In this work, we show, that this anonymization is pseudo-anonymous and can easily be broken by an attacker. For that, we develop two hash reversal techniques: one using brute-force approach and another one using look-up databases. We provide generic architectures for each of the ap- proaches. Additionally, we provide and compare two instantiations for each. Furthermore, we evaluate and compare them to the third approach based on rainbow tables. The evaluation shows near instant lookup-times of under 0.1 ms using in-memory lookup databases, this approach is however costly in terms of memory – it would require over 10 TB RAM, which would be difficult to obtain. Our brute-force approach shows an astonishing performance, being able to reverse any mobile number in under 100 seconds using consumer-level hardware. The rainbow tables produce lookup-times of 4.5 minutes with a success rate of over 99.99%. The results of our evaluation demonstrate, that hash reversals of mobile phone numbers are practical and near instant. Thus, an attacker can easily reverse hash digests of mobile phone numbers and de-anonymize personally identifiable information – like phone numbers transmitted to the service provider of mobile messenger apps.

@mastersthesis{sendner2020contactdiscovery, abstract = {Currently deployed contact discovery of mobile messengers is based on the transmission of phone numbers to the service provider. This information is private and anonymized by hashing them. In this work, we show, that this anonymization is pseudo-anonymous and can easily be broken by an attacker. For that, we develop two hash reversal techniques: one using brute-force approach and another one using look-up databases. We provide generic architectures for each of the ap- proaches. Additionally, we provide and compare two instantiations for each. Furthermore, we evaluate and compare them to the third approach based on rainbow tables. The evaluation shows near instant lookup-times of under 0.1 ms using in-memory lookup databases, this approach is however costly in terms of memory – it would require over 10 TB RAM, which would be difficult to obtain. Our brute-force approach shows an astonishing performance, being able to reverse any mobile number in under 100 seconds using consumer-level hardware. The rainbow tables produce lookup-times of 4.5 minutes with a success rate of over 99.99%. The results of our evaluation demonstrate, that hash reversals of mobile phone numbers are practical and near instant. Thus, an attacker can easily reverse hash digests of mobile phone numbers and de-anonymize personally identifiable information – like phone numbers transmitted to the service provider of mobile messenger apps.}, author = {Sendner, Christoph}, keywords = {thesis_supervised_by_sss_member}, month = {July}, school = {University of Würzburg}, title = {Evaluating the Privacy of Contact Discovery}, type = {Master Thesis}, year = 2020 }
Mind the GAP: Security & Privacy Risks of Contact Tracing Apps. Baumgärtner, Lars; Dmitrienko, Alexandra; Freisleben, Bernd; Gruler, Alexander; Höchst, Jonas; Kühlberg, Joshua; Mezini, Mira; Mitev, Richard; Miettinen, Markus; Muhamedagic, Anel; Nguyen, Thien Duc; Penning, Alvar; Pustelnik, Dermot Frederik; Roos, Filipp; Sadeghi, Ahmad-Reza; Schwarz, Michael; Uhl, Christian; in ArXiv | arXiv:2006.05914v2 (2020).
- [ Abstract ]
- [ BibTeX ]
- [ URL ]
- [ BibSonomy-Post ]
Google and Apple have jointly provided an API for exposure notification in order to implement decentralized contract tracing apps using Bluetooth Low Energy, the so-called "Google/Apple Proposal", which we abbreviate by "GAP". We demonstrate that in real-world scenarios the current GAP design is vulnerable to (i) profiling and possibly de-anonymizing infected persons, and (ii) relay-based wormhole attacks that basically can generate fake contacts with the potential of affecting the accuracy of an app-based contact tracing system. For both types of attack, we have built tools that can easily be used on mobile phones or Raspberry Pis (e.g., Bluetooth sniffers). The goal of our work is to perform a reality check towards possibly providing empirical real-world evidence for these two privacy and security risks. We hope that our findings provide valuable input for developing secure and privacy-preserving digital contact tracing systems.

@article{mindthegap, abstract = {Google and Apple have jointly provided an API for exposure notification in order to implement decentralized contract tracing apps using Bluetooth Low Energy, the so-called "Google/Apple Proposal", which we abbreviate by "GAP". We demonstrate that in real-world scenarios the current GAP design is vulnerable to (i) profiling and possibly de-anonymizing infected persons, and (ii) relay-based wormhole attacks that basically can generate fake contacts with the potential of affecting the accuracy of an app-based contact tracing system. For both types of attack, we have built tools that can easily be used on mobile phones or Raspberry Pis (e.g., Bluetooth sniffers). The goal of our work is to perform a reality check towards possibly providing empirical real-world evidence for these two privacy and security risks. We hope that our findings provide valuable input for developing secure and privacy-preserving digital contact tracing systems.}, author = {Baumgärtner, Lars and Dmitrienko, Alexandra and Freisleben, Bernd and Gruler, Alexander and Höchst, Jonas and Kühlberg, Joshua and Mezini, Mira and Mitev, Richard and Miettinen, Markus and Muhamedagic, Anel and Nguyen, Thien Duc and Penning, Alvar and Pustelnik, Dermot Frederik and Roos, Filipp and Sadeghi, Ahmad-Reza and Schwarz, Michael and Uhl, Christian}, journal = {ArXiv | arXiv:2006.05914v2}, keywords = {technical-reports}, month = {jun}, title = {Mind the GAP: Security & Privacy Risks of Contact Tracing Apps}, year = 2020 }
SIMPL: Secure IoT Management Platform. Prantl, Thomas; Ben Yahya, Ala Eddine; Dmitrienko, Alexandra; Kounev, Samuel; Lipp, Fabian; Hock, David; Rathfelder, Christoph; Hofherr, Martin; in ITG Workshop on IT Security (ITSec) (2020).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
The proliferation of IoT devices is increasing at a fast pace, whether for private or business use. However,despite their growing popularity, their safe operation is often not guaranteed. To tackle the security challenges of modern IoT environments, the German Federal Ministry of Education and Research is funding the SIMPL project in order to support research in this area. The contribution of this paper is to introduce the main goal, objectives, and key features of SIMPL

@inproceedings{prantl2020simpl, abstract = {The proliferation of IoT devices is increasing at a fast pace, whether for private or business use. However,despite their growing popularity, their safe operation is often not guaranteed. To tackle the security challenges of modern IoT environments, the German Federal Ministry of Education and Research is funding the SIMPL project in order to support research in this area. The contribution of this paper is to introduce the main goal, objectives, and key features of SIMPL}, author = {Prantl, Thomas and Ben Yahya, Ala Eddine and Dmitrienko, Alexandra and Kounev, Samuel and Lipp, Fabian and Hock, David and Rathfelder, Christoph and Hofherr, Martin}, booktitle = {ITG Workshop on IT Security (ITSec)}, keywords = {sss-group}, month = {may}, title = {SIMPL: Secure IoT Management Platform}, year = 2020 }
Strategies for the Security Assessment of IoT Devices by Certification Authorities. Finke, Moritz Anton; Thesis; University of Würzburg; University of Würzburg. (2020, May).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
The Internet of Things (IoT) is a global infrastructure that interconnects physical and virtual things based on evolving information and communication technologies. Along with the rise of the IoT, multiple unprecedented forms of security issues and attacks have emerged. While their limited resources disallow the utilization of computing-intensive security measures, the services of IoT devices represent an attractive target for vulnerability exploitation. Certification Authorities (CAs) have responded to the trend and offer security assessments and certification for IoT devices. To ensure qualitative and fair certification, security testing requires well-defined strategies. This bachelor thesis analyzes the existing IoT security assessment models and proposes a novel, CA oriented Testing Guide Model (TGM) for standardized and reproducible assessments. The TGM describes a complete security assessment approach for application in IoT device security certification procedures of CAs. As part of the bachelor thesis, the TGM is specified, implemented, and its applicability evaluated with the help of existing IoT devices. CAs account for the security of certified products. The certification of devices that (subsequently) prove to be insecure can lead to a consumer's loss of trust in the CA. Therefore, the decision for issuing certificates must be comprehensible and made carefully. For the risk estimation of security issues and vulnerabilities, it is common to make use of numerical scoring systems. Well-defined scoring systems allow precise and reproducible estimations. In addition to the introduction of the TGM, this bachelor thesis analyzes the scoring systems established in the field of IT security in regard to their applicability for the scoring of IoT related vulnerabilities, complete IoT devices, and for the specific requirements of CAs. This thesis uncovers incompatibilities and insufficiencies in the existing systems that disallow application for the scoring of IoT devices and for application by CAs. To counter these issues, the thesis introduces a novel Security Scoring System (SSS) for rating IoT devices based on the risks of their vulnerabilities, services, and operational contexts. The SSS is integrated into the TGM, implemented in software, and evaluated with a comparison to the existing scoring systems. To summarize, the contributions of this bachelor thesis are two novel models for the security assessment of devices of the IoT: the TGM and the SSS. The models are intended to find application for CAs and both standardize and improve the security testing and assessment procedures.

@mastersthesis{finke2020strategies, abstract = {The Internet of Things (IoT) is a global infrastructure that interconnects physical and virtual things based on evolving information and communication technologies. Along with the rise of the IoT, multiple unprecedented forms of security issues and attacks have emerged. While their limited resources disallow the utilization of computing-intensive security measures, the services of IoT devices represent an attractive target for vulnerability exploitation. Certification Authorities (CAs) have responded to the trend and offer security assessments and certification for IoT devices. To ensure qualitative and fair certification, security testing requires well-defined strategies. This bachelor thesis analyzes the existing IoT security assessment models and proposes a novel, CA oriented Testing Guide Model (TGM) for standardized and reproducible assessments. The TGM describes a complete security assessment approach for application in IoT device security certification procedures of CAs. As part of the bachelor thesis, the TGM is specified, implemented, and its applicability evaluated with the help of existing IoT devices. CAs account for the security of certified products. The certification of devices that (subsequently) prove to be insecure can lead to a consumer's loss of trust in the CA. Therefore, the decision for issuing certificates must be comprehensible and made carefully. For the risk estimation of security issues and vulnerabilities, it is common to make use of numerical scoring systems. Well-defined scoring systems allow precise and reproducible estimations. In addition to the introduction of the TGM, this bachelor thesis analyzes the scoring systems established in the field of IT security in regard to their applicability for the scoring of IoT related vulnerabilities, complete IoT devices, and for the specific requirements of CAs. This thesis uncovers incompatibilities and insufficiencies in the existing systems that disallow application for the scoring of IoT devices and for application by CAs. To counter these issues, the thesis introduces a novel Security Scoring System (SSS) for rating IoT devices based on the risks of their vulnerabilities, services, and operational contexts. The SSS is integrated into the TGM, implemented in software, and evaluated with a comparison to the existing scoring systems. To summarize, the contributions of this bachelor thesis are two novel models for the security assessment of devices of the IoT: the TGM and the SSS. The models are intended to find application for CAs and both standardize and improve the security testing and assessment procedures.}, address = {University of Würzburg}, author = {Finke, Moritz Anton}, keywords = {thesis_supervised_by_SSS_member}, month = {may}, school = {University of Würzburg}, title = {Strategies for the Security Assessment of IoT Devices by Certification Authorities}, type = {Bachelor Thesis}, year = 2020 }

2019[ to top ]

Implementation and Evaluation of a Group Encryption Scheme. Ten, Peter; Thesis; University of Würzburg. (2019, December).
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
@mastersthesis{2019-BA-Peter-Ten, author = {Ten, Peter}, keywords = {thesis_supervised_by_SSS_member}, month = {December}, school = {University of Würzburg}, title = {Implementation and Evaluation of a Group Encryption Scheme}, type = {Bachelor Thesis}, year = 2019 }
DR.SGX: Automated and Adjustable Side-Channel Protection for SGX using Data Location Randomization. Brasser, Ferdinand; Capkun, Srdjan; Dmitrienko, Alexandra; Frassetto, Tommaso; Kostiainen, Kari; Sadeghi, Ahmad-Reza; in Annual Computer Security Applications Conference (ACSAC) (2019).
- [ Abstract ]
- [ BibTeX ]
- [ URL ]
- [ Download ]
- [ BibSonomy-Post ]
Recent research has demonstrated that Intel’s SGX is vulnerable to software-based side-channel attacks. In a common attack, the adversary monitors CPU caches to infer secret-dependent data accesses patterns. Known defenses have major limitations, as they require either error-prone developer assistance, incur extremely high runtime overhead, or prevent only specific attacks.In this paper, we propose data location randomization as a novel defense against side-channel attacks that target data access patterns.Our goal is to break the link between the memory observations by the adversary and the actual data accesses by the victim. We design and implement a compiler-based tool called DR.SGX that instruments the enclave code, permuting data locations at fine granularity.To prevent correlation of repeated memory accesses we periodically re-randomize all enclave data. Our solution requires no developer assistance and strikes the balance between side-channel protection and performance based on an adjustable security parameter.

@inproceedings{brasser2019drsgx, abstract = {Recent research has demonstrated that Intel’s SGX is vulnerable to software-based side-channel attacks. In a common attack, the adversary monitors CPU caches to infer secret-dependent data accesses patterns. Known defenses have major limitations, as they require either error-prone developer assistance, incur extremely high runtime overhead, or prevent only specific attacks.In this paper, we propose data location randomization as a novel defense against side-channel attacks that target data access patterns.Our goal is to break the link between the memory observations by the adversary and the actual data accesses by the victim. We design and implement a compiler-based tool called DR.SGX that instruments the enclave code, permuting data locations at fine granularity.To prevent correlation of repeated memory accesses we periodically re-randomize all enclave data. Our solution requires no developer assistance and strikes the balance between side-channel protection and performance based on an adjustable security parameter.}, author = {Brasser, Ferdinand and Capkun, Srdjan and Dmitrienko, Alexandra and Frassetto, Tommaso and Kostiainen, Kari and Sadeghi, Ahmad-Reza}, booktitle = {Annual Computer Security Applications Conference (ACSAC)}, keywords = {technical-reports}, month = {December}, publisher = {ACM}, title = {DR.SGX: Automated and Adjustable Side-Channel Protection for SGX using Data Location Randomization}, year = 2019 }
Hands off my Database: Ransomware Detection in Databases through Dynamic Analysis of Query Sequences. Iffländer, Lukas; Dmitrienko, Alexandra; Hagen, Christoph; Jobst, Michael; Kounev, Samuel; in ArXiv | arXiv:1907.06775v1 (2019).
- [ BibTeX ]
- [ URL ]
- [ BibSonomy-Post ]
@article{DBLP:journals/corr/abs-1907-06775, author = {Iffländer, Lukas and Dmitrienko, Alexandra and Hagen, Christoph and Jobst, Michael and Kounev, Samuel}, journal = {ArXiv | arXiv:1907.06775v1}, keywords = {sss-group}, month = {jul}, title = {Hands off my Database: Ransomware Detection in Databases through Dynamic Analysis of Query Sequences}, year = 2019 }

2018[ to top ]

SmarTor: Smarter Tor with Smart Contracts: Improving resilience of topology distribution in the Tor network. Greubel, Andre; Dmitrienko, Alexandra; Kounev, Samuel; in Annual Computer Security Applications Conference (ACSAC) (2018).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
In the Tor anonymity network, the distribution of topology information relies on the correct behavior of five out of the nine trusted directory authority servers. This centralization is concerning since powerful adversary might compromise these servers and conceal in-formation about honest nodes, leading to the full de-anonymization of all Tor users. Our work aims at distributing the work of these trusted authorities, such increasing resilience against attacks on core infrastructure components of the Tor network. In particular,we leverage several emerging technologies, such as blockchains,smart contracts, and trusted execution environments to design and prototype a system called SmarTor. This system replaces the directory authorities with a smart contract and a distributed network of untrusted entities responsible for bandwidth measurements. We prototyped SmarTorusing Ethereum smart contracts and Intel SGX secure hardware. In our evaluation, we show that SmarTor produces significantly more reliable and precise measurements compared to the current measurement system. Overall, our solution improves the decentralization of the Tor network, reduces trust assumptions and increases resilience against powerful adversaries like law enforcement and intelligence services.

@inproceedings{GrDmKo2018-ACSAC-SmarTor, abstract = {In the Tor anonymity network, the distribution of topology information relies on the correct behavior of five out of the nine trusted directory authority servers. This centralization is concerning since powerful adversary might compromise these servers and conceal in-formation about honest nodes, leading to the full de-anonymization of all Tor users. Our work aims at distributing the work of these trusted authorities, such increasing resilience against attacks on core infrastructure components of the Tor network. In particular,we leverage several emerging technologies, such as blockchains,smart contracts, and trusted execution environments to design and prototype a system called SmarTor. This system replaces the directory authorities with a smart contract and a distributed network of untrusted entities responsible for bandwidth measurements. We prototyped SmarTorusing Ethereum smart contracts and Intel SGX secure hardware. In our evaluation, we show that SmarTor produces significantly more reliable and precise measurements compared to the current measurement system. Overall, our solution improves the decentralization of the Tor network, reduces trust assumptions and increases resilience against powerful adversaries like law enforcement and intelligence services.}, author = {Greubel, Andre and Dmitrienko, Alexandra and Kounev, Samuel}, booktitle = {Annual Computer Security Applications Conference (ACSAC)}, keywords = {tor}, month = {December}, organization = {ACM}, title = {SmarTor: Smarter Tor with Smart Contracts: Improving resilience of topology distribution in the Tor network.}, year = 2018 }
POSTER: Efficient and Effective Ransomware Detection in Databases. Hagen, Christoph; Dmitrienko, Alexandra; Iffländer, Lukas; Jobst, Michael; Kounev, Samuel; in 34th Annual Computer Security Applications Conference (ACSAC) (2018).
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
@inproceedings{Hagen2018_EfficientandEffectiveRansomwareDetectioninDatabases, author = {Hagen, Christoph and Dmitrienko, Alexandra and Iffländer, Lukas and Jobst, Michael and Kounev, Samuel}, booktitle = {34th Annual Computer Security Applications Conference (ACSAC)}, keywords = {sss-group}, month = {December}, organization = {ACM}, title = {POSTER: Efficient and Effective Ransomware Detection in Databases}, year = 2018 }
Design of a Shared Parking System with Special Attention to Security Aspects. Englert, Simon; Thesis; University of Würzburg. (2018, August).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
As major cities are growing more and more, the parking situation in those cities is becoming more precarious than ever. Parking demand already exceeds the limited amount of parking spaces available, and thus people searching for a place to park generate a significant part of those cities traffic. This leads to frustration with drivers, more traffic jams, unnecessary use of petrol and further air pollution. The creation of new parking spaces is often either difficult or very expansive, which means existing parking spots have to be used more efficiently. Solutions realizing that idea to try and solve those problems are for the most part called intelligent parking systems. This thesis is focused on Shared Parking, a special kind of intelligent parking system, which opens the possibility of sharing a parking place between different people. This work features the design and implementation of such a system with special attention given to security aspects.

@mastersthesis{2018-BA-Simon-Engelert, abstract = {As major cities are growing more and more, the parking situation in those cities is becoming more precarious than ever. Parking demand already exceeds the limited amount of parking spaces available, and thus people searching for a place to park generate a significant part of those cities traffic. This leads to frustration with drivers, more traffic jams, unnecessary use of petrol and further air pollution. The creation of new parking spaces is often either difficult or very expansive, which means existing parking spots have to be used more efficiently. Solutions realizing that idea to try and solve those problems are for the most part called intelligent parking systems. This thesis is focused on Shared Parking, a special kind of intelligent parking system, which opens the possibility of sharing a parking place between different people. This work features the design and implementation of such a system with special attention given to security aspects.}, author = {Englert, Simon}, keywords = {thesis_supervised_by_sss_member}, month = {August}, school = {University of Würzburg}, title = {Design of a Shared Parking System with Special Attention to Security Aspects}, type = {Bachelor Thesis}, year = 2018 }
Hardening Bitcoin Against Off-Topic Data Inclusion Attacks. Seeg, Andreas; Thesis; University of Würzburg. (2018, August).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
Bitcoin is a novel peer to peer payment network that was started in 2009 and that has since flourished, gaining acceptance all over the world. By contributing their resourcefulness as network connectivity and computing power, all participants are creating the the Bitcoin network together. Designed as an open source software system, the participation rules for this network are not upheld by humans, but implemented in code, and generally allow anyone to join or leave the network at will.Since the time of Bitcoin’s inception, software errors had to be fixed and network attacks that tried to make parts of the network unavailable have been endured. This thesis provides a solution to the problem of illegal data inclusions within the blockchain, a data structure that cannot easily be changed and that has to be transmitted to participants of Bitcoin.The flaw, i.e. the possibility for any user of Bitcoin to potentially include illegal data and therefore illegalizes the whole blockchain, is not just a software flaw, but can be seen as a structural one if free participation and uncensorable payments are to be provided.The proposal to solve the problem is layered in two tiers. The first tier prevents effective data inclusion for some standard payment functions within Bitcoin. This allows participants to be certain that these transactions do not contain bad data, allowing them to be included into Bitcoin blocks. It also solves the problem of illegal data permanently occupying valuable resources on Bitcoin nodes, as parts of the provably clean transactions are generally held in RAM until they have been spent. The prevention mechanism is essentially a system that provides proof that bitcoins were sent to actual Bitcoin addresses,stopping data inclusion by address fields abusal.The second tier consists of rule changes for Bitcoin. First of all, all non-standard payment transactions are removed from Bitcoin, with the exception of the more computationally flexible and popular P2SH transactions. This limits the avenues for data inclusion in Bitcoin without destroying its flexibility or its smart contract capabilities. Then, P2SHtransactions are redesigned to allow for a more fine grained deletion of their data, so only offending parts could be removed without destroying the integrity of the rest. Finally, a special type of transaction is introduced that allows censorship of just the signature data of a P2SH transaction. This transaction has to include a payment equal to the Bitcoin provided by the previous P2SH transaction, however. By adding this requirement, the system is protected from becoming open to money creation attacks that might inflate the currency without the agreement of all participants.With these changes, illegal data inclusion becomes either impossible, or they can be re-moved without destroying the integrity of the payment system as a whole or for payments that have already happened.Implementing all proposed changes would go beyond the scope of a master thesis. Tier1 of the presented solution has been implemented as a proof-of-concept, though. As a basis, the most popular Bitcoin node software, Bitcoin Core, has been used. Additionally,the ideas behind tier 2 are explained in full, and the potential impact on the system is discussed.v This thesis also covers previous attempts to allow for data removal in similar systems. Their discussion is meant to encourage the adoption of the presented proposal, as it should causeless disruption than some more extreme measurements that might introduce centralization into a system that was meant to run decentralized.

@mastersthesis{seeg2018hardening, abstract = {Bitcoin is a novel peer to peer payment network that was started in 2009 and that has since flourished, gaining acceptance all over the world. By contributing their resourcefulness as network connectivity and computing power, all participants are creating the the Bitcoin network together. Designed as an open source software system, the participation rules for this network are not upheld by humans, but implemented in code, and generally allow anyone to join or leave the network at will.Since the time of Bitcoin’s inception, software errors had to be fixed and network attacks that tried to make parts of the network unavailable have been endured. This thesis provides a solution to the problem of illegal data inclusions within the blockchain, a data structure that cannot easily be changed and that has to be transmitted to participants of Bitcoin.The flaw, i.e. the possibility for any user of Bitcoin to potentially include illegal data and therefore illegalizes the whole blockchain, is not just a software flaw, but can be seen as a structural one if free participation and uncensorable payments are to be provided.The proposal to solve the problem is layered in two tiers. The first tier prevents effective data inclusion for some standard payment functions within Bitcoin. This allows participants to be certain that these transactions do not contain bad data, allowing them to be included into Bitcoin blocks. It also solves the problem of illegal data permanently occupying valuable resources on Bitcoin nodes, as parts of the provably clean transactions are generally held in RAM until they have been spent. The prevention mechanism is essentially a system that provides proof that bitcoins were sent to actual Bitcoin addresses,stopping data inclusion by address fields abusal.The second tier consists of rule changes for Bitcoin. First of all, all non-standard payment transactions are removed from Bitcoin, with the exception of the more computationally flexible and popular P2SH transactions. This limits the avenues for data inclusion in Bitcoin without destroying its flexibility or its smart contract capabilities. Then, P2SHtransactions are redesigned to allow for a more fine grained deletion of their data, so only offending parts could be removed without destroying the integrity of the rest. Finally, a special type of transaction is introduced that allows censorship of just the signature data of a P2SH transaction. This transaction has to include a payment equal to the Bitcoin provided by the previous P2SH transaction, however. By adding this requirement, the system is protected from becoming open to money creation attacks that might inflate the currency without the agreement of all participants.With these changes, illegal data inclusion becomes either impossible, or they can be re-moved without destroying the integrity of the payment system as a whole or for payments that have already happened.Implementing all proposed changes would go beyond the scope of a master thesis. Tier1 of the presented solution has been implemented as a proof-of-concept, though. As a basis, the most popular Bitcoin node software, Bitcoin Core, has been used. Additionally,the ideas behind tier 2 are explained in full, and the potential impact on the system is discussed.v This thesis also covers previous attempts to allow for data removal in similar systems. Their discussion is meant to encourage the adoption of the presented proposal, as it should causeless disruption than some more extreme measurements that might introduce centralization into a system that was meant to run decentralized.}, author = {Seeg, Andreas}, keywords = {thesis_supervised_by_SSS_member}, month = {aug}, school = {University of Würzburg}, title = {Hardening Bitcoin Against Off-Topic Data Inclusion Attacks}, type = {Master Thesis}, year = 2018 }
DIMAQS - Dynamic Identiﬁcation of Malicious Query Sequences. Jobst, Michael; Thesis; University of Würzburg. (2018, June).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
Ransomware is an emerging threat which imposed 5 billion USD loss in 2017 and is predicted to hit 11.5 billion in 2019. While initially targeting PC (client) platforms,recently it made a leap to server-side databases – in January 2017 we faced MongoDB Apocalypse attack, followed by other attack waves targeting a wide range of DB technologies such as MongoDB, MySQL, ElasticSearch, Cassandra, Hadoop, and CouchDB. While previous research has developed countermeasures against client-side ransomware (e.g., CryptoDrop and ShieldFS), no attention was given to the problem of server-side ransomware yet.This thesis aims to bridge this gap and presents design and implementation of the tool DIMAQS (Dynamic Identification of Malicious Query Sequences) for MySQL servers that can efficiently and effectively detect server-side ransomware. DIMAQS performs run-time monitoring of incoming queries and pattern matching using a Colored Petri Net (CPN) for attack detection. The system design of DIMAQS exhibits several novel techniques to enable efficient detection of malicious query sequences globally (i.e., without limiting detection to distinct user connections). Evaluation results show high efficiency with no false positives and no false negatives,and a very moderate performance overhead (for a run-time monitoring tool) of under5% in worst case scenarios.

@mastersthesis{jobst2018dimaqs, abstract = {Ransomware is an emerging threat which imposed 5 billion USD loss in 2017 and is predicted to hit 11.5 billion in 2019. While initially targeting PC (client) platforms,recently it made a leap to server-side databases – in January 2017 we faced MongoDB Apocalypse attack, followed by other attack waves targeting a wide range of DB technologies such as MongoDB, MySQL, ElasticSearch, Cassandra, Hadoop, and CouchDB. While previous research has developed countermeasures against client-side ransomware (e.g., CryptoDrop and ShieldFS), no attention was given to the problem of server-side ransomware yet.This thesis aims to bridge this gap and presents design and implementation of the tool DIMAQS (Dynamic Identification of Malicious Query Sequences) for MySQL servers that can efficiently and effectively detect server-side ransomware. DIMAQS performs run-time monitoring of incoming queries and pattern matching using a Colored Petri Net (CPN) for attack detection. The system design of DIMAQS exhibits several novel techniques to enable efficient detection of malicious query sequences globally (i.e., without limiting detection to distinct user connections). Evaluation results show high efficiency with no false positives and no false negatives,and a very moderate performance overhead (for a run-time monitoring tool) of under5% in worst case scenarios.}, author = {Jobst, Michael}, keywords = {thesis_supervised_by_SSS_member}, month = {June}, school = {University of Würzburg}, title = {DIMAQS - Dynamic Identiﬁcation of Malicious Query Sequences}, type = {Master Thesis}, year = 2018 }

2017[ to top ]

DR.SGX: Hardening SGX Enclaves against Cache Attacks with Data Location Randomization. Brasser, Ferdinand; Capkun, Srdjan; Dmitrienko, Alexandra; Frassetto, Tommaso; Kostiainen, Kari; Müller, Urs; Sadeghi, Ahmad-Reza; in ArXiv | arXiv:1709.09917v2 (2017).
- [ Abstract ]
- [ BibTeX ]
- [ URL ]
- [ BibSonomy-Post ]
Recent research has demonstrated that Intel’s SGX is vulnerable to software-based side-channel attacks. In a common attack, the adversary monitors CPU caches to infer secret-dependent data accesses patterns. Known defenses have major limitations, as they require either error-prone developer assistance, incur extremely high runtime overhead, or prevent only specific attacks.In this paper, we propose data location randomization as a novel defense against side-channel attacks that target data access patterns.Our goal is to break the link between the memory observations by the adversary and the actual data accesses by the victim. We design and implement a compiler-based tool called DR.SGX that instruments the enclave code, permuting data locations at fine granularity.To prevent correlation of repeated memory accesses we periodically re-randomize all enclave data. Our solution requires no developer assistance and strikes the balance between side-channel protection and performance based on an adjustable security parameter.

@inproceedings{DrSGX-2017-TR, abstract = {Recent research has demonstrated that Intel’s SGX is vulnerable to software-based side-channel attacks. In a common attack, the adversary monitors CPU caches to infer secret-dependent data accesses patterns. Known defenses have major limitations, as they require either error-prone developer assistance, incur extremely high runtime overhead, or prevent only specific attacks.In this paper, we propose data location randomization as a novel defense against side-channel attacks that target data access patterns.Our goal is to break the link between the memory observations by the adversary and the actual data accesses by the victim. We design and implement a compiler-based tool called DR.SGX that instruments the enclave code, permuting data locations at fine granularity.To prevent correlation of repeated memory accesses we periodically re-randomize all enclave data. Our solution requires no developer assistance and strikes the balance between side-channel protection and performance based on an adjustable security parameter.}, author = {Brasser, Ferdinand and Capkun, Srdjan and Dmitrienko, Alexandra and Frassetto, Tommaso and Kostiainen, Kari and Müller, Urs and Sadeghi, Ahmad-Reza}, booktitle = {ArXiv | arXiv:1709.09917v2}, keywords = {sssgroup}, month = {sep}, title = {DR.SGX: Hardening SGX Enclaves against Cache Attacks with Data Location Randomization}, year = 2017 }
Software Grand Exposure: SGX Cache Attacks Are Practical. Brasser, Ferdinand; Mller, Urs; Dmitrienko, Alexandra; Kostiainen, Kari; Capkun, Srdjan; Sadeghi, Ahmad-Reza; in ArXiv | arXiv:1702.07521v1 (2017).
- [ Abstract ]
- [ BibTeX ]
- [ URL ]
- [ Download ]
- [ BibSonomy-Post ]
Side-channel information leakage is a known limitation of SGX. Researchers have demonstrated that secret-dependent information can be extracted from enclave execution through page-fault access patterns. Consequently, various recent research efforts are actively seeking countermeasures to SGX side-channel attacks. It is widely assumed that SGX may be vulnerable to other side channels, such as cache access pattern monitoring,as well. However, prior to our work, the practicality and the extent of such information leakage was not studied.In this paper we demonstrate that cache-based attacks are indeed a serious threat to the confidentiality of SGX-protected programs. Our goal was to design an attack that is hard to mitigate using known defenses, and there-fore we mount our attack without interrupting enclave execution. This approach has major technical challenges,since the existing cache monitoring techniques experience significant noise if the victim process is not interrupted. We designed and implemented novel attack techniques to reduce this noise by leveraging the capabilities of the privileged adversary. Our attacks are able to recover confidential information from SGX enclaves,which we illustrate in two example cases: extraction of an entire RSA-2048 key during RSA decryption, and detection of specific human genome sequences during genomic indexing. We show that our attacks are more effective than previous cache attacks and harder to mitigate than previous SGX side-channel attacks.

@article{206170, abstract = {Side-channel information leakage is a known limitation of SGX. Researchers have demonstrated that secret-dependent information can be extracted from enclave execution through page-fault access patterns. Consequently, various recent research efforts are actively seeking countermeasures to SGX side-channel attacks. It is widely assumed that SGX may be vulnerable to other side channels, such as cache access pattern monitoring,as well. However, prior to our work, the practicality and the extent of such information leakage was not studied.In this paper we demonstrate that cache-based attacks are indeed a serious threat to the confidentiality of SGX-protected programs. Our goal was to design an attack that is hard to mitigate using known defenses, and there-fore we mount our attack without interrupting enclave execution. This approach has major technical challenges,since the existing cache monitoring techniques experience significant noise if the victim process is not interrupted. We designed and implemented novel attack techniques to reduce this noise by leveraging the capabilities of the privileged adversary. Our attacks are able to recover confidential information from SGX enclaves,which we illustrate in two example cases: extraction of an entire RSA-2048 key during RSA decryption, and detection of specific human genome sequences during genomic indexing. We show that our attacks are more effective than previous cache attacks and harder to mitigate than previous SGX side-channel attacks.}, address = {Vancouver, BC}, author = {Brasser, Ferdinand and Mller, Urs and Dmitrienko, Alexandra and Kostiainen, Kari and Capkun, Srdjan and Sadeghi, Ahmad-Reza}, booktitle = {USENIX Workshop on Offensive Technologies (WOOT 17)}, institution = {USENIX Association}, journal = {ArXiv | arXiv:1702.07521v1}, keywords = {sss-group}, month = {aug}, title = {Software Grand Exposure: SGX Cache Attacks Are Practical}, year = 2017 }
Secure Wallet-Assisted Offline Bitcoin Payments with Double-Spender Revocation (distinguished paper award). Dmitrienko, Alexandra; Noack, David; Yung, Moti; in ACM Conference on Information, Computer and Communications Security (AsiaCCS) (2017).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
Bitcoin seems to be the most successful cryptocurrency so far given the growing real life deployment and popularity.While Bitcoin requires clients to be online to perform trans-actions and a certain amount of time to verify them, there are many real life scenarios that demand for offline and immediate payments (e.g., mobile ticketing, vending machines,etc). However, offline payments in Bitcoin raise non-trivial security challenges, as the payee has no means to verify the received coins without having access to the Bitcoin network.Moreover, even online immediate payments are shown to be vulnerable to double-spending attacks.In this paper, we propose the first solution for Bitcoin payments, which enables secure payments with Bitcoin in offline settings and in scenarios where payments need to be immediately accepted. Our approach relies on an offline wallet and deploys several novel security mechanisms to prevent double-spending and to verify the coin validity in offline set-ting. These mechanisms achieve probabilistic security to guarantee that the attack probability is lower than the de-sired threshold. We provide a security and risk analysis as well as model security parameters for various adversaries.We further eliminate remaining risks by detection of misbehaving wallets and their revocation.We implemented our solution for mobile Android client sand instantiated an offline wallet using a microSD security card. Our implementation demonstrates that smooth integration over a very prevalent platform (Android) is possible,and that offline and online payments can practically co-exist.We also discuss alternative deployment approach for the offline wallet which does not leverage secure hardware, but instead relies on a deposit system managed by the Bitcoin network.

@inproceedings{BitcoinOffline2017, abstract = {Bitcoin seems to be the most successful cryptocurrency so far given the growing real life deployment and popularity.While Bitcoin requires clients to be online to perform trans-actions and a certain amount of time to verify them, there are many real life scenarios that demand for offline and immediate payments (e.g., mobile ticketing, vending machines,etc). However, offline payments in Bitcoin raise non-trivial security challenges, as the payee has no means to verify the received coins without having access to the Bitcoin network.Moreover, even online immediate payments are shown to be vulnerable to double-spending attacks.In this paper, we propose the first solution for Bitcoin payments, which enables secure payments with Bitcoin in offline settings and in scenarios where payments need to be immediately accepted. Our approach relies on an offline wallet and deploys several novel security mechanisms to prevent double-spending and to verify the coin validity in offline set-ting. These mechanisms achieve probabilistic security to guarantee that the attack probability is lower than the de-sired threshold. We provide a security and risk analysis as well as model security parameters for various adversaries.We further eliminate remaining risks by detection of misbehaving wallets and their revocation.We implemented our solution for mobile Android client sand instantiated an offline wallet using a microSD security card. Our implementation demonstrates that smooth integration over a very prevalent platform (Android) is possible,and that offline and online payments can practically co-exist.We also discuss alternative deployment approach for the offline wallet which does not leverage secure hardware, but instead relies on a deposit system managed by the Bitcoin network.}, author = {Dmitrienko, Alexandra and Noack, David and Yung, Moti}, booktitle = {ACM Conference on Information, Computer and Communications Security (AsiaCCS)}, keywords = {sss-group}, month = {apr}, title = {Secure Wallet-Assisted Offline Bitcoin Payments with Double-Spender Revocation (distinguished paper award)}, year = 2017 }
Secure Free-Floating Car Sharing for Offline Cars. Dmitrienko, Alexandra; Plappert, Christian; in ACM Conference on Data and Application Security and Privacy (CODASPY) (2017).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
In this paper, we present a new access control system for free-floating car sharing, which achieves a number of appealing features not available in the state-of-the-art solutions.First of all, it does not require online connection for cars,and, therefore, allows car sharing providers to expand their services to areas without reliable network coverage (e.g., with blind spots). Second, the solution is compatible to RFID cards – the most commonly deployed authentication token sin car sharing, and can be deployed on standard mobile platforms with various hardware features. Third, it is fully compatible with off-the-shelf cars and does not require any intrusive modifications to car’s internals.These new properties can be achieved due to a novel system design which deploys two-factor authentication and combines an RFID card (the real one or emulated in software) with a”soft” authentication token stored on a mobile platform. Such a combination increases security of the solution, preserves backward compatibility to RFID technology and enables great flexibility in protection of authentication secrets on the mobile platform. To demonstrate such a flexibility, we present a platform security concept which can be instantiate din various deployment options and provides the means to achieve best possible security given available hardware.We implemented our solution on Android and instantiated the platform security concept in three different deployment options. We evaluate security of our solution and report performance measurements

@inproceedings{CarSharing2017, abstract = {In this paper, we present a new access control system for free-floating car sharing, which achieves a number of appealing features not available in the state-of-the-art solutions.First of all, it does not require online connection for cars,and, therefore, allows car sharing providers to expand their services to areas without reliable network coverage (e.g., with blind spots). Second, the solution is compatible to RFID cards – the most commonly deployed authentication token sin car sharing, and can be deployed on standard mobile platforms with various hardware features. Third, it is fully compatible with off-the-shelf cars and does not require any intrusive modifications to car’s internals.These new properties can be achieved due to a novel system design which deploys two-factor authentication and combines an RFID card (the real one or emulated in software) with a”soft” authentication token stored on a mobile platform. Such a combination increases security of the solution, preserves backward compatibility to RFID technology and enables great flexibility in protection of authentication secrets on the mobile platform. To demonstrate such a flexibility, we present a platform security concept which can be instantiate din various deployment options and provides the means to achieve best possible security given available hardware.We implemented our solution on Android and instantiated the platform security concept in three different deployment options. We evaluate security of our solution and report performance measurements}, author = {Dmitrienko, Alexandra and Plappert, Christian}, booktitle = {ACM Conference on Data and Application Security and Privacy (CODASPY)}, keywords = {sss-group}, month = {mar}, title = {Secure Free-Floating Car Sharing for Offline Cars}, year = 2017 }
POSTER: Secure Free-Floating Car Sharing for Offline Cars (an outstanding poster award). Dmitrienko, Alexandra; Plappert, Christian; in ACM Conference on Data and Application Security and Privacy (CODASPY) (2017).
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
@inproceedings{BitcoinOffline2017-poster, author = {Dmitrienko, Alexandra and Plappert, Christian}, booktitle = {ACM Conference on Data and Application Security and Privacy (CODASPY)}, keywords = {sss-group}, month = {March}, title = {POSTER: Secure Free-Floating Car Sharing for Offline Cars (an outstanding poster award)}, year = 2017 }
μchain: How to Forget without Hard Forks. Puddu, Ivan; Dmitrienko, Alexandra; Capkun, Srdjan; in IACR Cryptology ePrint Archive (IACR) (2017).
- [ Abstract ]
- [ BibTeX ]
- [ URL ]
- [ Download ]
- [ BibSonomy-Post ]
In this paper, we explore an idea of making(proof-of-work) blockchains mutable. We propose and implement μchain, a mutable blockchain, that enables modifications of blockchain history. Blockchains are, by common definition,distributed and immutable data structures that store a history of events, such as transactions in a digital currency system. While the very idea of mutable event history may seem controversial at a first glance, we show thatμchain does not undermine security guarantees provided by immutable blockchains. In particular,all mutations in our system are controlled by fiat, enforced by consensus and are verifiable in the same way as regular transactions. At the same time,μchain provides a solution to a number of challenging problems, such as the patching of vulnerable smart contracts and removal of abusive content from blockchain history. It also gives rise to new blockchain applications that were not possible with immutable blockchains.For instance, governments and companies could now maintain registers of citizens and customers, while preserving their legislated rights to be forgotten. Banks could consider consolidation of cryptocurrency with traditional payments, which is hard to achieve without the ability to revert transactions. To further illustrate the power ofμchain on more concrete examples, we present two new applications, the collaborative recommendation system with the ability to censor inappropriate content, and a time-lock encryption mechanism that provides a method to decrypt messages after a certain deadline has passed.

@article{Puddu2017chainHT, abstract = {In this paper, we explore an idea of making(proof-of-work) blockchains mutable. We propose and implement μchain, a mutable blockchain, that enables modifications of blockchain history. Blockchains are, by common definition,distributed and immutable data structures that store a history of events, such as transactions in a digital currency system. While the very idea of mutable event history may seem controversial at a first glance, we show thatμchain does not undermine security guarantees provided by immutable blockchains. In particular,all mutations in our system are controlled by fiat, enforced by consensus and are verifiable in the same way as regular transactions. At the same time,μchain provides a solution to a number of challenging problems, such as the patching of vulnerable smart contracts and removal of abusive content from blockchain history. It also gives rise to new blockchain applications that were not possible with immutable blockchains.For instance, governments and companies could now maintain registers of citizens and customers, while preserving their legislated rights to be forgotten. Banks could consider consolidation of cryptocurrency with traditional payments, which is hard to achieve without the ability to revert transactions. To further illustrate the power ofμchain on more concrete examples, we present two new applications, the collaborative recommendation system with the ability to censor inappropriate content, and a time-lock encryption mechanism that provides a method to decrypt messages after a certain deadline has passed.}, author = {Puddu, Ivan and Dmitrienko, Alexandra and Capkun, Srdjan}, journal = {IACR Cryptology ePrint Archive (IACR)}, keywords = {sss-group}, month = {feb}, title = {μchain: How to Forget without Hard Forks}, year = 2017 }
Phonion: Practical Protection of Metadata in Telephony Networks. Heuser, Stephan; Reaves, Bradley; Pendyala, Praveen Kumar; Carter, Henry; Dmitrienko, Alexandra; Enck, William; Kiyavash, Negar; Sadeghi, Ahmad-Reza; Traynor, Patrick; in Proceedings on Privacy Enhancing Technologies (PoPETs) (2017).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
The majority of people across the globe rely on telephony networks as their primary means of communication. As such, many of the most sensitive personal, corporate and government related communications pass through these systems every day. Unsurprisingly, such connections are subject to a wide range of attacks. Of increasing concern is the use of metadata contained in Call Detail Records (CDRs), which contain source, destination, start time and duration of a call.This information is potentially dangerous as the very act of two parties communicating can reveal significant details about their relationship and put them in the focus of targeted observation or surveillance, which is highly critical especially for journalists and activists.To address this problem, we develop the Phonion architecture to frustrate such attacks by separating call setup functions from call delivery. Specifically, Phonion allows users to preemptively establish call circuits across multiple providers and technologies before dialing into the circuit and does not require constant Internet connectivity. Since no single carrier can determine the ultimate destination of the call, it provides unlinkability for its users and helps them to avoid passive surveillance. We define and discuss a range of adversary classes and analyze why current obfuscation technologies fail to protect users against such metadata attacks. In our extensive evaluation we further analyze advanced anonymity technologies (e.g., VoIP over Tor), which do not preserve our functional requirements for high voice quality in the absence of constant broadband Internet connectivity and compatibility with landline and feature phones. Phonion is the first practical system to provide guarantees of unlinkable communication against a range of practical adversaries in telephony systems.

@inproceedings{Phonion2017, abstract = {The majority of people across the globe rely on telephony networks as their primary means of communication. As such, many of the most sensitive personal, corporate and government related communications pass through these systems every day. Unsurprisingly, such connections are subject to a wide range of attacks. Of increasing concern is the use of metadata contained in Call Detail Records (CDRs), which contain source, destination, start time and duration of a call.This information is potentially dangerous as the very act of two parties communicating can reveal significant details about their relationship and put them in the focus of targeted observation or surveillance, which is highly critical especially for journalists and activists.To address this problem, we develop the Phonion architecture to frustrate such attacks by separating call setup functions from call delivery. Specifically, Phonion allows users to preemptively establish call circuits across multiple providers and technologies before dialing into the circuit and does not require constant Internet connectivity. Since no single carrier can determine the ultimate destination of the call, it provides unlinkability for its users and helps them to avoid passive surveillance. We define and discuss a range of adversary classes and analyze why current obfuscation technologies fail to protect users against such metadata attacks. In our extensive evaluation we further analyze advanced anonymity technologies (e.g., VoIP over Tor), which do not preserve our functional requirements for high voice quality in the absence of constant broadband Internet connectivity and compatibility with landline and feature phones. Phonion is the first practical system to provide guarantees of unlinkable communication against a range of practical adversaries in telephony systems.}, author = {Heuser, Stephan and Reaves, Bradley and Pendyala, Praveen Kumar and Carter, Henry and Dmitrienko, Alexandra and Enck, William and Kiyavash, Negar and Sadeghi, Ahmad-Reza and Traynor, Patrick}, booktitle = {Proceedings on Privacy Enhancing Technologies (PoPETs)}, keywords = {sss-group}, month = {jan}, title = {Phonion: Practical Protection of Metadata in Telephony Networks}, year = 2017 }

2016[ to top ]

POSTER: Phonion: Frustrating Telephony Metadata Analysis. Heuser, Stephan; Reaves, Bradley; Pendyala, Praveen Kumar; Carter, Henry; Dmitrienko, Alexandra; Enck, William; Sadeghi, Ahmad-Reza; Traynor, Patrick; in Network and Distributed System Security Symposium (NDSS) (2016).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
Phone companies record network use by individual customers via Call Detail Records (CDRs). CDRs contain important metadata ranging from call source and destination to duration of the connection, route through the network and identification of the network device writing the call record.Historically, CDRs have served as a means of not only properly billing customers for the services they use, but also as a way of identifying and debugging network errors.This metadata has most recently been associated with large-scale collection campaigns by intelligence agencies. While these organizations often assert that such programs are necessary to prevent crime and terrorism, privacy advocates argue that the complete cataloging of telephony actions erode civil liberties. However, what researchers and policy makers have generally failed to consider is that a range of other adversaries may also use CDRs to violate the privacy of targeted individuals. In 2006, for example, detectives hired by executives at HP were able to use social engineering to acquire phone records and determine the identity of an anonymous corporate board member who leaked sensitive information to journalists. Such attacks are not limited to private detectives, but have also been executed by jealous spouses, curious neighbors, companies paying for employee cell phones, rogue employees at cellular providers and more. In fact, last September it was revealed that Vodafone scoured a journalist’s personal phone records to discover her sources on a story about Vodafone security problems [1] . Accordingly, strong mechanisms for making analysis of CDRs difficult is crucial to the privacy of citizens across the world.Taking the importance of call metadata for user privacy into consideration, there are prior attempts to build anonymous telecommunication systems based on Voice over IP (VoIP) and anonymization networks like Tor. However, these solutions do not provide adequate quality of service for voice calls.Moreover, they require fast and reliable Internet connectivity,which might not always be available. For instance, Internet access in countries with a repressive regime can be shut down to prevent dissemination of non-censored information. Further,even if Internet access is generally available, access to the Tor network could be censored.

@inproceedings{PhonionPoster, abstract = {Phone companies record network use by individual customers via Call Detail Records (CDRs). CDRs contain important metadata ranging from call source and destination to duration of the connection, route through the network and identification of the network device writing the call record.Historically, CDRs have served as a means of not only properly billing customers for the services they use, but also as a way of identifying and debugging network errors.This metadata has most recently been associated with large-scale collection campaigns by intelligence agencies. While these organizations often assert that such programs are necessary to prevent crime and terrorism, privacy advocates argue that the complete cataloging of telephony actions erode civil liberties. However, what researchers and policy makers have generally failed to consider is that a range of other adversaries may also use CDRs to violate the privacy of targeted individuals. In 2006, for example, detectives hired by executives at HP were able to use social engineering to acquire phone records and determine the identity of an anonymous corporate board member who leaked sensitive information to journalists. Such attacks are not limited to private detectives, but have also been executed by jealous spouses, curious neighbors, companies paying for employee cell phones, rogue employees at cellular providers and more. In fact, last September it was revealed that Vodafone scoured a journalist’s personal phone records to discover her sources on a story about Vodafone security problems [1] . Accordingly, strong mechanisms for making analysis of CDRs difficult is crucial to the privacy of citizens across the world.Taking the importance of call metadata for user privacy into consideration, there are prior attempts to build anonymous telecommunication systems based on Voice over IP (VoIP) and anonymization networks like Tor. However, these solutions do not provide adequate quality of service for voice calls.Moreover, they require fast and reliable Internet connectivity,which might not always be available. For instance, Internet access in countries with a repressive regime can be shut down to prevent dissemination of non-censored information. Further,even if Internet access is generally available, access to the Tor network could be censored.}, author = {Heuser, Stephan and Reaves, Bradley and Pendyala, Praveen Kumar and Carter, Henry and Dmitrienko, Alexandra and Enck, William and Sadeghi, Ahmad-Reza and Traynor, Patrick}, booktitle = {Network and Distributed System Security Symposium (NDSS)}, keywords = {sss-group}, month = {February}, title = {POSTER: Phonion: Frustrating Telephony Metadata Analysis.}, year = 2016 }

2015[ to top ]

Security and Privacy Aspects of Mobile Platforms and Applications. Dmitrienko, Alexandra; Thesis; TU Darmstadt. (2015, April).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
Mobile smart devices (such as smartphones and tablets) emerged to dominant computing platforms for end-users. The capabilities of these convenient mini-computers seem nearly boundless: They feature compelling computing power and storage resources, new interfaces such as Near Field Communication (NFC) and Bluetooth Low Energy (BLE),connectivity to cloud services, as well as a vast number and variety of apps. By installing these apps, users can turn a mobile device into a music player, a gaming console,a navigation system, a business assistant, and more. In addition, the current trend of increased screen sizes make these devices reasonable replacements for traditional (mobile)computing platforms such as laptops.On the other hand, mobile platforms process and store the extensive amount of sensitive information about their users, ranging from the user ’s location data to credentials for online banking and enterprise Virtual Private Networks (VPNs). This raises many security and privacy concerns and makes mobile platforms attractive targets for attackers. The rapid increase in number, variety and sophistication of attacks demonstrate that the protection mechanisms offered by mobile systems today are insufficient and improvements are necessary in order to make mobile devices capable of withstanding modern security and privacy threats.This dissertation focuses on various aspects of security and privacy of mobile platforms.In particular, it consists of three parts: (i) advanced attacks on mobile platforms and countermeasures; (ii) online authentication security for mobile systems, and (iii) secure mobile applications and services.Specifically, the first part of the dissertation concentrates on advanced attacks on mobile platforms, such as code re-use attacks that hijack execution flow of benign apps without injecting malicious code, and application-level privilege escalation attacks that allow malicious or compromised apps to gain more privileges than were initially granted. In this context, we develop new advanced code re-use attack techniques that can bypass deployed protection mechanisms (e.g., Address Space Layout Randomization (ASLR)) and cannot be detected by any of the existing security tools (e.g., return address checkers). Further, we investigate the problem of application-level privilege escalation attacks on mobile platforms like Android, study and classify them, develop proof of concept exploits and propose countermeasures against these attacks. Our countermeasures can mitigate all types of application-level privilege escalation attacks, in contrast to alternative solutions proposed in literature.In the second part of the dissertation we investigate online authentication schemes frequently utilized by mobile users, such as the most common web authentication based upon the user’s passwords and the recently widespread mobile2-factor authentication(2FA) which extends the password-based approach with a secondary authenticator sent toa user ’s mobile device or generated on it (e.g, a One-time Password (OTP) or Transaction Authentication Number (TAN)). In this context we demonstrate various weaknesses ofmobile2FAschemes deployed for login verification by global Internet service providers(such as Google, Dropbox, Twitter, and Facebook) and by a popular Google Authenticator app. These weaknesses allow an attacker to impersonate legitimate users even if their mobile device with the secondary authenticator is not compromised. We then go one step further and develop a general attack method for bypassing mobile2FAschemes.Our method relies on a cross-platform infection (mobile-to-PC or PC-to-mobile) as a first step in order to compromise the Personal Computer (PC) and a mobile device of the same user. We develop proof-of-concept prototypes for a cross-platform infection and show how an attacker can bypass various instantiations of mobile2FAschemes once both devices,PC and the mobile platform, are infected. We then deliver proof-of-concept attack implementations that bypass online banking solutions based on SMS-based TAN sand visual cryptograms, as well as login verification schemes deployed by various Internet service providers. Finally, we propose a wallet-based secure solution for password-based authentication which requires no secondary authenticator, and yet provides better security guaranties than, e.g., mobile2FAschemes.The third part of the dissertation concerns design and development of security sensitive mobile applications and services. In particular, our first application allows mobile users to replace usual keys (for doors, cars, garages, etc.) with their mobile devices. It uses electronic access tokens which are generated by the central key server and then downloaded into mobile devices for user authentication. Our solution protects access tokens in transit (e.g., while they are downloaded on the mobile device) and when they are stored and processed on the mobile platform. The unique feature of our solution is offline delegation: Users can delegate (a portion of) their access rights to other users without accessing the key server. Further, our solution is efficient even when used with constraint communication interfaces like NFC.The second application we developed is devoted to resource sharing among mobile users in ad-hoc mobile networks. It enables users to, e.g., exchange files and text messages,or share their tethering connection. Our solution addresses security threats specific toresource sharing and features the required security mechanisms (e.g., access control of resources, pseudonymity for users, and accountability for resource use). One of the key features of our solution is a privacy-preserving access control of resources based on FoF Finder (FoFF) service, which provides a user-friendly means to configure access control based upon information from social networks (e.g., friendship information) while preserving user privacy (e.g., not revealing their social network identifiers).The results presented in this dissertation were included in several peer-reviewed publications [71,91,58,107,109,61,110,65,64,30] and extended technical reports [95,57,108,31]1. Some of these publications had significant impact on follow up research.For example, our publications on new forms of code re-use attacks [71,91] motivated researchers to develop more advanced forms of ASLR(e.g., [232,156,293,157]) and tore-consider the idea of using Control-Flow Integrity (CFI) (e.g., [51,300,303,182,233,77]). Further, our work on application-level privilege escalation attacks [94,57,59] was followed by many other publications addressing this problem (e.g., [106,122,209,155,146,69,63,302]). Moreover, our access control solution using mobile devices as access tokens[110,65] demonstrated significant practical impact: in2013it was chosen as a highlight of CeBIT – the world’s largest international computer expo, and was then deployed by a large enterprise to be used by tens of thousands of company employees and millions of customers.

@phdthesis{tuprints4611, abstract = {Mobile smart devices (such as smartphones and tablets) emerged to dominant computing platforms for end-users. The capabilities of these convenient mini-computers seem nearly boundless: They feature compelling computing power and storage resources, new interfaces such as Near Field Communication (NFC) and Bluetooth Low Energy (BLE),connectivity to cloud services, as well as a vast number and variety of apps. By installing these apps, users can turn a mobile device into a music player, a gaming console,a navigation system, a business assistant, and more. In addition, the current trend of increased screen sizes make these devices reasonable replacements for traditional (mobile)computing platforms such as laptops.On the other hand, mobile platforms process and store the extensive amount of sensitive information about their users, ranging from the user ’s location data to credentials for online banking and enterprise Virtual Private Networks (VPNs). This raises many security and privacy concerns and makes mobile platforms attractive targets for attackers. The rapid increase in number, variety and sophistication of attacks demonstrate that the protection mechanisms offered by mobile systems today are insufficient and improvements are necessary in order to make mobile devices capable of withstanding modern security and privacy threats.This dissertation focuses on various aspects of security and privacy of mobile platforms.In particular, it consists of three parts: (i) advanced attacks on mobile platforms and countermeasures; (ii) online authentication security for mobile systems, and (iii) secure mobile applications and services.Specifically, the first part of the dissertation concentrates on advanced attacks on mobile platforms, such as code re-use attacks that hijack execution flow of benign apps without injecting malicious code, and application-level privilege escalation attacks that allow malicious or compromised apps to gain more privileges than were initially granted. In this context, we develop new advanced code re-use attack techniques that can bypass deployed protection mechanisms (e.g., Address Space Layout Randomization (ASLR)) and cannot be detected by any of the existing security tools (e.g., return address checkers). Further, we investigate the problem of application-level privilege escalation attacks on mobile platforms like Android, study and classify them, develop proof of concept exploits and propose countermeasures against these attacks. Our countermeasures can mitigate all types of application-level privilege escalation attacks, in contrast to alternative solutions proposed in literature.In the second part of the dissertation we investigate online authentication schemes frequently utilized by mobile users, such as the most common web authentication based upon the user’s passwords and the recently widespread mobile2-factor authentication(2FA) which extends the password-based approach with a secondary authenticator sent toa user ’s mobile device or generated on it (e.g, a One-time Password (OTP) or Transaction Authentication Number (TAN)). In this context we demonstrate various weaknesses ofmobile2FAschemes deployed for login verification by global Internet service providers(such as Google, Dropbox, Twitter, and Facebook) and by a popular Google Authenticator app. These weaknesses allow an attacker to impersonate legitimate users even if their mobile device with the secondary authenticator is not compromised. We then go one step further and develop a general attack method for bypassing mobile2FAschemes.Our method relies on a cross-platform infection (mobile-to-PC or PC-to-mobile) as a first step in order to compromise the Personal Computer (PC) and a mobile device of the same user. We develop proof-of-concept prototypes for a cross-platform infection and show how an attacker can bypass various instantiations of mobile2FAschemes once both devices,PC and the mobile platform, are infected. We then deliver proof-of-concept attack implementations that bypass online banking solutions based on SMS-based TAN sand visual cryptograms, as well as login verification schemes deployed by various Internet service providers. Finally, we propose a wallet-based secure solution for password-based authentication which requires no secondary authenticator, and yet provides better security guaranties than, e.g., mobile2FAschemes.The third part of the dissertation concerns design and development of security sensitive mobile applications and services. In particular, our first application allows mobile users to replace usual keys (for doors, cars, garages, etc.) with their mobile devices. It uses electronic access tokens which are generated by the central key server and then downloaded into mobile devices for user authentication. Our solution protects access tokens in transit (e.g., while they are downloaded on the mobile device) and when they are stored and processed on the mobile platform. The unique feature of our solution is offline delegation: Users can delegate (a portion of) their access rights to other users without accessing the key server. Further, our solution is efficient even when used with constraint communication interfaces like NFC.The second application we developed is devoted to resource sharing among mobile users in ad-hoc mobile networks. It enables users to, e.g., exchange files and text messages,or share their tethering connection. Our solution addresses security threats specific toresource sharing and features the required security mechanisms (e.g., access control of resources, pseudonymity for users, and accountability for resource use). One of the key features of our solution is a privacy-preserving access control of resources based on FoF Finder (FoFF) service, which provides a user-friendly means to configure access control based upon information from social networks (e.g., friendship information) while preserving user privacy (e.g., not revealing their social network identifiers).The results presented in this dissertation were included in several peer-reviewed publications [71,91,58,107,109,61,110,65,64,30] and extended technical reports [95,57,108,31]1. Some of these publications had significant impact on follow up research.For example, our publications on new forms of code re-use attacks [71,91] motivated researchers to develop more advanced forms of ASLR(e.g., [232,156,293,157]) and tore-consider the idea of using Control-Flow Integrity (CFI) (e.g., [51,300,303,182,233,77]). Further, our work on application-level privilege escalation attacks [94,57,59] was followed by many other publications addressing this problem (e.g., [106,122,209,155,146,69,63,302]). Moreover, our access control solution using mobile devices as access tokens[110,65] demonstrated significant practical impact: in2013it was chosen as a highlight of CeBIT – the world’s largest international computer expo, and was then deployed by a large enterprise to be used by tens of thousands of company employees and millions of customers.}, author = {Dmitrienko, Alexandra}, keywords = {sss-group}, month = {April}, school = {TU Darmstadt}, title = {Security and Privacy Aspects of Mobile Platforms and Applications}, year = 2015 }
Market-driven Code Provisioning to Mobile Secure Hardware. Dmitrienko, Alexandra; Heuser, Stephan; Nguyen, Thien Duc; da Silva Ramos, Marcos; Rein, Andre; Sadeghi, Ahmad-Reza; in Financial Cryptography and Data Security Conference (FC) (2015).
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
@inproceedings{TUD-CS-2015-0005, author = {Dmitrienko, Alexandra and Heuser, Stephan and Nguyen, Thien Duc and da Silva Ramos, Marcos and Rein, Andre and Sadeghi, Ahmad-Reza}, booktitle = {Financial Cryptography and Data Security Conference (FC)}, keywords = {sss-group}, month = {January}, title = {Market-driven Code Provisioning to Mobile Secure Hardware}, year = 2015 }

2014[ to top ]

Security Analysis of Mobile Two-Factor Authentication Schemes. Dmitrienko, Alexandra; Liebchen, Christopher; Rossow, Christian; Sadeghi, Ahmad-Reza; in Intel Technology Journal (ITJ) (2014).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
Two-factor authentication (2FA) schemes aim at strengthening the security of login-password–based authentication by deploying secondary authentication tokens. In this context, mobile 2FA schemes require no additional hardware (such as a smartcard) to store and handle the secondary authentication token, and hence are considered as a reasonable trade off between security, usability, and cost. They are widely used in online banking and increasingly deployed by Internet service providers.In this article, we investigate 2FA implementations of several well-known Internet service providers such as Google, Dropbox, Twitter, and Facebook. We identify various weaknesses that allow an attacker to easily bypass 2FA, even when the secondary authentication token is not under the attacker’s control. We then go a step further and present a more general attack against mobile 2FA schemes. Our attack relies on a cross-platform infection that subverts control over both end points (PC and a mobile device) involved in the authentication protocol.We apply this attack in practice and successfully circumvent diverse schemes: SMS-based TAN solutions of four large banks, one instance of a visual TAN scheme, 2FA login verification systems of Google, Dropbox, Twitter, and Facebook accounts, and the Google Authenticator app currently used by 32 third-party service providers. Finally, we cluster and analyze hundreds of real-world malicious Android apps that target mobile 2FA schemes and show that banking Trojans already deploy mobile counterparts that steal 2FA credentials like TANs.

@article{DmLiRoSa2014, abstract = {Two-factor authentication (2FA) schemes aim at strengthening the security of login-password–based authentication by deploying secondary authentication tokens. In this context, mobile 2FA schemes require no additional hardware (such as a smartcard) to store and handle the secondary authentication token, and hence are considered as a reasonable trade off between security, usability, and cost. They are widely used in online banking and increasingly deployed by Internet service providers.In this article, we investigate 2FA implementations of several well-known Internet service providers such as Google, Dropbox, Twitter, and Facebook. We identify various weaknesses that allow an attacker to easily bypass 2FA, even when the secondary authentication token is not under the attacker’s control. We then go a step further and present a more general attack against mobile 2FA schemes. Our attack relies on a cross-platform infection that subverts control over both end points (PC and a mobile device) involved in the authentication protocol.We apply this attack in practice and successfully circumvent diverse schemes: SMS-based TAN solutions of four large banks, one instance of a visual TAN scheme, 2FA login verification systems of Google, Dropbox, Twitter, and Facebook accounts, and the Google Authenticator app currently used by 32 third-party service providers. Finally, we cluster and analyze hundreds of real-world malicious Android apps that target mobile 2FA schemes and show that banking Trojans already deploy mobile counterparts that steal 2FA credentials like TANs.}, author = {Dmitrienko, Alexandra and Liebchen, Christopher and Rossow, Christian and Sadeghi, Ahmad-Reza}, journal = {Intel Technology Journal (ITJ)}, keywords = {sss-group}, title = {Security Analysis of Mobile Two-Factor Authentication Schemes}, year = 2014 }
On the (in)security of mobile two-factor authentication. Dmitrienko, Alexandra; Liebchen, Christopher; Rossow, Christian; Sadeghi, Ahmad-Reza; in CASED TUD-CS-2014-0029 (2014).
- [ BibTeX ]
- [ BibSonomy-Post ]
@article{dmitrienko2014insecurity, author = {Dmitrienko, Alexandra and Liebchen, Christopher and Rossow, Christian and Sadeghi, Ahmad-Reza}, journal = {CASED TUD-CS-2014-0029}, keywords = {technical-reports}, title = {On the (in)security of mobile two-factor authentication}, year = 2014 }
On Offline Payments with Bitcoin. Dmitrienko, Alexandra; Noack, David; Sadeghi, Ahmad-Reza; Yung, Moti; in Workshop on Bitcoin Research (BITCOIN’14) (2014).
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
@inproceedings{bitcoin-offline, author = {Dmitrienko, Alexandra and Noack, David and Sadeghi, Ahmad-Reza and Yung, Moti}, booktitle = {Workshop on Bitcoin Research (BITCOIN'14)}, keywords = {sss-group}, month = {March}, title = {On Offline Payments with Bitcoin}, year = 2014 }
POSTER. Bitcoin2Go: Secure Offline and Fast Payments with Bitcoins. Dmitrienko, Alexandra; Noack, David; Sadeghi, Ahmad-Reza; Yung, Moti; in Financial Cryptography and Data Security Conference (FC) (2014).
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
@inproceedings{TUD-CS-2014-0039, author = {Dmitrienko, Alexandra and Noack, David and Sadeghi, Ahmad-Reza and Yung, Moti}, booktitle = {Financial Cryptography and Data Security Conference (FC)}, keywords = {sss-group}, month = {March}, title = {POSTER. Bitcoin2Go: Secure Offline and Fast Payments with Bitcoins}, year = 2014 }
On the (In)Security of Mobile Two-Factor Authentication. Dmitrienko, Alexandra; Liebchen, Christopher; Rossow, Christian; Sadeghi, Ahmad-Reza; in Financial Cryptography and Data Security Conference (FC) (2014).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
Two-factor authentication (2FA) schemes aim at strengthening the security of login password-based authentication by deploying secondary authentication tokens. In this context, mobile 2FA schemes re-quire no additional hardware (e.g., a smartcard) to store and handle the secondary authentication token, and hence are considered as a reasonable trade-off between security, usability and costs. They are widely used in online banking and increasingly deployed by Internet service providers.In this paper, we investigate 2FA implementations of several well-known Internet service providers such as Google, Dropbox, Twitter and Face-book. We identify various weaknesses that allow an attacker to easily bypass them, even when the secondary authentication token is not under attacker’s control. We then go a step further and present a more general attack against mobile 2FA schemes. Our attack relies on cross-platform infection that subverts control over both end points (PC and a mobile device) involved in the authentication protocol. We apply this at-tack in practice and successfully circumvent diverse schemes: SMS-based TAN solutions of four large banks, one instance of a visual TAN scheme,2FA login verification systems of Google, Dropbox, Twitter and Face-book accounts, and the Google Authenticator app currently used by 32third-party service providers. Finally, we cluster and analyze hundreds of real-world malicious Android apps that target mobile 2FA schemes and show that banking Trojans already deploy mobile counterparts that steal 2FA credentials like TANs.

@inproceedings{DLRS2014, abstract = {Two-factor authentication (2FA) schemes aim at strengthening the security of login password-based authentication by deploying secondary authentication tokens. In this context, mobile 2FA schemes re-quire no additional hardware (e.g., a smartcard) to store and handle the secondary authentication token, and hence are considered as a reasonable trade-off between security, usability and costs. They are widely used in online banking and increasingly deployed by Internet service providers.In this paper, we investigate 2FA implementations of several well-known Internet service providers such as Google, Dropbox, Twitter and Face-book. We identify various weaknesses that allow an attacker to easily bypass them, even when the secondary authentication token is not under attacker’s control. We then go a step further and present a more general attack against mobile 2FA schemes. Our attack relies on cross-platform infection that subverts control over both end points (PC and a mobile device) involved in the authentication protocol. We apply this at-tack in practice and successfully circumvent diverse schemes: SMS-based TAN solutions of four large banks, one instance of a visual TAN scheme,2FA login verification systems of Google, Dropbox, Twitter and Face-book accounts, and the Google Authenticator app currently used by 32third-party service providers. Finally, we cluster and analyze hundreds of real-world malicious Android apps that target mobile 2FA schemes and show that banking Trojans already deploy mobile counterparts that steal 2FA credentials like TANs.}, author = {Dmitrienko, Alexandra and Liebchen, Christopher and Rossow, Christian and Sadeghi, Ahmad-Reza}, booktitle = {Financial Cryptography and Data Security Conference (FC)}, keywords = {sss-group}, month = {March}, title = {On the (In)Security of Mobile Two-Factor Authentication}, year = 2014 }
Key2Share for Authentication Services. Busold, Christoph; Dmitrienko, Alexandra; Wachsmann, Christian; in SmartCard Workshop (SRC) (2014).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
Key2Share is a smartphone-based solution for authentication services that allows users to manage their access rights to different physical resources on their mobile device. The system is applicable to various application scenarios, such as access control to enterprise facilities, hotel rooms, houses and cars. Key2Share complies with high security standards by providing reliable protection for keys in transit and on the mobile platform. Particularly, it employs modern cryptography to protect keys in transfer and leverages secure hardware (such as smartcards) for storing and handling cryptographic secrets in isolation from untrusted code, such as mobile operating system and apps.

@inproceedings{TUD-CS-2014-0038, abstract = {Key2Share is a smartphone-based solution for authentication services that allows users to manage their access rights to different physical resources on their mobile device. The system is applicable to various application scenarios, such as access control to enterprise facilities, hotel rooms, houses and cars. Key2Share complies with high security standards by providing reliable protection for keys in transit and on the mobile platform. Particularly, it employs modern cryptography to protect keys in transfer and leverages secure hardware (such as smartcards) for storing and handling cryptographic secrets in isolation from untrusted code, such as mobile operating system and apps.}, author = {Busold, Christoph and Dmitrienko, Alexandra and Wachsmann, Christian}, booktitle = {SmartCard Workshop (SRC)}, keywords = {sss-group}, month = {February}, title = {Key2Share for Authentication Services}, year = 2014 }

2013[ to top ]

Do I know you? - Efficient and Privacy-Preserving Common Friend-Finder Protocols and Applications. Nagy, Marcin; Cristofaro, Emiliano De; Dmitrienko, Alexandra; Asokan, N.; Sadeghi, Ahmad-Reza; in Annual Computer Security Applications Conference (ACSAC) (2013).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
The increasing penetration of Online Social Networks (OSNs)prompts the need for effectively accessing and utilizing social net-working information. In numerous applications, users need to make trust and/or access control decisions involving other (possibly stranger) users, and one important factor is often the existence of common social relationships. This motivates the need for secure and privacy-preserving techniques allowing users to assess whether or not they have mutual friends.This paper introduces the Common Friends service, a frame-work for finding common friends which protects privacy of non-mutual friends and guarantees authenticity of friendships. First,we present a generic construction that reduces to secure computation of set intersection, while ensuring authenticity of announced friends via bearer capabilities. Then, we propose an efficient instantiation, based on Bloom filters, that only incurs a constant number of public-key operations and appreciably low communication overhead. Our software is designed so that developers can easily integrate Common Friends into their applications, e.g., to en-force access control based on users’ social proximity in a privacy-preserving manner. Finally, we showcase our techniques in the con-text of an existing application for sharing (tethered) Internet access,whereby users decide to share access depending on the existence of common friends. A comprehensive experimental evaluation attests to the practicality of proposed techniques.

@inproceedings{NCDAS2013, abstract = {The increasing penetration of Online Social Networks (OSNs)prompts the need for effectively accessing and utilizing social net-working information. In numerous applications, users need to make trust and/or access control decisions involving other (possibly stranger) users, and one important factor is often the existence of common social relationships. This motivates the need for secure and privacy-preserving techniques allowing users to assess whether or not they have mutual friends.This paper introduces the Common Friends service, a frame-work for finding common friends which protects privacy of non-mutual friends and guarantees authenticity of friendships. First,we present a generic construction that reduces to secure computation of set intersection, while ensuring authenticity of announced friends via bearer capabilities. Then, we propose an efficient instantiation, based on Bloom filters, that only incurs a constant number of public-key operations and appreciably low communication overhead. Our software is designed so that developers can easily integrate Common Friends into their applications, e.g., to en-force access control based on users’ social proximity in a privacy-preserving manner. Finally, we showcase our techniques in the con-text of an existing application for sharing (tethered) Internet access,whereby users decide to share access depending on the existence of common friends. A comprehensive experimental evaluation attests to the practicality of proposed techniques.}, author = {Nagy, Marcin and Cristofaro, Emiliano De and Dmitrienko, Alexandra and Asokan, N. and Sadeghi, Ahmad-Reza}, booktitle = {Annual Computer Security Applications Conference (ACSAC)}, keywords = {sss-group}, month = {dec}, organization = {ACM}, title = {Do I know you? - Efficient and Privacy-Preserving Common Friend-Finder Protocols and Applications}, year = 2013 }
Mobile Platform Security Asokan, N.; Davi, Lucas; Dmitrienko, Alexandra; Heuser, Stephan; Kostiainen, Kari; Reshetova, Elena; Sadeghi, Ahmad-Reza; in Synthesis Lectures on Information Security, Privacy, and Trust 2013 (2013). (Vol. 4) Morgan & Claypool.
- [ Abstract ]
- [ BibTeX ]
- [ BibSonomy-Post ]
Recently, mobile security has garnered considerable interest in both the research community and industry due to the popularity of smartphones. The current smartphone platforms are open systems that allow application development, also for malicious parties. To protect the mobile device, its user, and other mobile ecosystem stakeholders such as network operators, application execution is controlled by a platform security architecture. This book explores how such mobile platform security architectures work. We present a generic model for mobile platform security architectures: the model illustrates commonly used security mechanisms and techniques in mobile devices and allows a systematic comparison of different platforms. We analyze several mobile platforms using the model. In addition, this book explains hardware-security mechanisms typically present in a mobile device. We also discuss enterprise security extensions for mobile platforms and survey recent research in the area of mobile platform security. The objective of this book is to provide a comprehensive overview of the current status of mobile platform security for students, researchers, and practitioners.

@book{TUD-CS-2013-0362, abstract = {Recently, mobile security has garnered considerable interest in both the research community and industry due to the popularity of smartphones. The current smartphone platforms are open systems that allow application development, also for malicious parties. To protect the mobile device, its user, and other mobile ecosystem stakeholders such as network operators, application execution is controlled by a platform security architecture. This book explores how such mobile platform security architectures work. We present a generic model for mobile platform security architectures: the model illustrates commonly used security mechanisms and techniques in mobile devices and allows a systematic comparison of different platforms. We analyze several mobile platforms using the model. In addition, this book explains hardware-security mechanisms typically present in a mobile device. We also discuss enterprise security extensions for mobile platforms and survey recent research in the area of mobile platform security. The objective of this book is to provide a comprehensive overview of the current status of mobile platform security for students, researchers, and practitioners.}, author = {Asokan, N. and Davi, Lucas and Dmitrienko, Alexandra and Heuser, Stephan and Kostiainen, Kari and Reshetova, Elena and Sadeghi, Ahmad-Reza}, keywords = {sss-group}, month = {dec}, number = 3, publisher = {Morgan & Claypool}, series = {Synthesis Lectures on Information Security, Privacy, and Trust 2013}, title = {Mobile Platform Security}, volume = 4, year = 2013 }
Just-In-Time Code Reuse: The More Things Change, the More They Stay the Same. Snow, Kevin Z.; Davi, Lucas; Dmitrienko, Alexandra; Liebchen, Christopher; Monrose, Fabian; Sadeghi, Ahmad-Reza; in BlackHat USA (2013).
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
@inproceedings{SDDLMS2013, author = {Snow, Kevin Z. and Davi, Lucas and Dmitrienko, Alexandra and Liebchen, Christopher and Monrose, Fabian and Sadeghi, Ahmad-Reza}, booktitle = {BlackHat USA}, keywords = {sss-group}, month = {aug}, title = {Just-In-Time Code Reuse: The More Things Change, the More They Stay the Same}, year = 2013 }
CrowdShare: Secure Mobile Resource Sharing. Asokan, N.; Dmitrienko, Alexandra; Nagy, Marcin; Reshetova, Elena; Sadeghi, Ahmad-Reza; Schneider, Thomas; Stelle, Stanislaus; in International Conference on Applied Cryptography and Network Security (ACNS) (2013).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
Mobile smart devices and services have become an integral part of our daily life. In this context there are many compelling scenarios for mobile device users to share resources. A popular example is tethering. However, sharing resources also raises privacy and security issues.In this paper, we present CrowdShare, a complete framework and its (Android) implementation for secure and private resource sharing among nearby devices.CrowdShare provides pseudonymity for users, accountability of resource usage, and the possibility of specifying access control in terms of social network relationships. Further,CrowdShare preserves secure connectivity between nearby devices even in the absence of the mobile infrastructure. We have implemented CrowdShare on Android devices and report good performance results.

@inproceedings{ADNRSSS2013a, abstract = {Mobile smart devices and services have become an integral part of our daily life. In this context there are many compelling scenarios for mobile device users to share resources. A popular example is tethering. However, sharing resources also raises privacy and security issues.In this paper, we present CrowdShare, a complete framework and its (Android) implementation for secure and private resource sharing among nearby devices.CrowdShare provides pseudonymity for users, accountability of resource usage, and the possibility of specifying access control in terms of social network relationships. Further,CrowdShare preserves secure connectivity between nearby devices even in the absence of the mobile infrastructure. We have implemented CrowdShare on Android devices and report good performance results.}, author = {Asokan, N. and Dmitrienko, Alexandra and Nagy, Marcin and Reshetova, Elena and Sadeghi, Ahmad-Reza and Schneider, Thomas and Stelle, Stanislaus}, booktitle = {International Conference on Applied Cryptography and Network Security (ACNS)}, keywords = {sss-group}, month = {June}, title = {CrowdShare: Secure Mobile Resource Sharing}, year = 2013 }
Just-In-Time Code Reuse: On the Effectiveness of Fine-Grained Address Space Layout Randomization (best student paper award). Snow, Kevin Z.; Davi, Lucas; Dmitrienko, Alexandra; Liebchen, Christopher; Monrose, Fabian; Sadeghi, Ahmad-Reza; in IEEE Symposium on Security and Privacy (S&P) (2013).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
Fine-grained address space layout randomization(ASLR) has recently been proposed as a method of efficiently mitigating runtime attacks. In this paper, we introduce the design and implementation of a framework based on a novel attack strategy, dubbed just-in-time code reuse, that undermines the benefits of fine-grained ASLR. Specifically, we derail the assumptions embodied in fine-grained ASLR by exploiting the ability to repeatedly abuse a memory disclosure to map an application’s memory layout on-the-fly, dynamically discover API functions and gadgets, and JIT-compile a target program using those gadgets—all within a script environment at the time an exploit is launched. We demonstrate the power of our framework by using it in conjunction with a real-world exploit against Internet Explorer, and also provide extensive evaluations that demonstrate the practicality of just-in-time code reuse attacks. Our findings suggest that fine-grained ASLR may not be as promising as first thought.

@inproceedings{TUD-CS-2013-0026, abstract = {Fine-grained address space layout randomization(ASLR) has recently been proposed as a method of efficiently mitigating runtime attacks. In this paper, we introduce the design and implementation of a framework based on a novel attack strategy, dubbed just-in-time code reuse, that undermines the benefits of fine-grained ASLR. Specifically, we derail the assumptions embodied in fine-grained ASLR by exploiting the ability to repeatedly abuse a memory disclosure to map an application’s memory layout on-the-fly, dynamically discover API functions and gadgets, and JIT-compile a target program using those gadgets—all within a script environment at the time an exploit is launched. We demonstrate the power of our framework by using it in conjunction with a real-world exploit against Internet Explorer, and also provide extensive evaluations that demonstrate the practicality of just-in-time code reuse attacks. Our findings suggest that fine-grained ASLR may not be as promising as first thought.}, author = {Snow, Kevin Z. and Davi, Lucas and Dmitrienko, Alexandra and Liebchen, Christopher and Monrose, Fabian and Sadeghi, Ahmad-Reza}, booktitle = {IEEE Symposium on Security and Privacy (S&P)}, keywords = {sss-group}, month = {may}, title = {Just-In-Time Code Reuse: On the Effectiveness of Fine-Grained Address Space Layout Randomization (best student paper award)}, year = 2013 }
Gadge Me If You Can: Secure and Efficient Ad-hoc Instruction-Level Randomization for x86 and ARM. Davi, Lucas; Dmitrienko, Alexandra; Nürnberger, Stefan; Sadeghi, Ahmad-Reza; in ACM ASIA Conference on Computer and Communications Security (AsiaCCS) (2013).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
Code reuse attacks such as return-oriented programming are one of the most powerful threats to contemporary software. ASLR was introduced to impede these attacks by dispersing shared libraries and the executable in memory. However, in practice its entropy is rather low and, more importantly, the leakage of a single address reveals the position of a whole library in memory. The recent mitigation literature followed the route of randomization, applied it at different stages such as source code or the executable binary. However, the code segments still stay in one block. In contrast to previous work, our randomization solution, called XIFER,(1)disperses all code (executable and libraries) across the whole address space, (2) re-randomizes the address space for each run, (3) is compatible to code signing, and (4) does neither require offline static analysis nor source-code. Our prototype implementation supports the Linux ELF file format and covers both mainstream processor architectures x86 and ARM. Our evaluation demonstrates that XIFER performs efficiently at load- and during run-time (1.2% overhead).

@inproceedings{TUD-CS-2013-0042, abstract = {Code reuse attacks such as return-oriented programming are one of the most powerful threats to contemporary software. ASLR was introduced to impede these attacks by dispersing shared libraries and the executable in memory. However, in practice its entropy is rather low and, more importantly, the leakage of a single address reveals the position of a whole library in memory. The recent mitigation literature followed the route of randomization, applied it at different stages such as source code or the executable binary. However, the code segments still stay in one block. In contrast to previous work, our randomization solution, called XIFER,(1)disperses all code (executable and libraries) across the whole address space, (2) re-randomizes the address space for each run, (3) is compatible to code signing, and (4) does neither require offline static analysis nor source-code. Our prototype implementation supports the Linux ELF file format and covers both mainstream processor architectures x86 and ARM. Our evaluation demonstrates that XIFER performs efficiently at load- and during run-time (1.2% overhead).}, author = {Davi, Lucas and Dmitrienko, Alexandra and Nürnberger, Stefan and Sadeghi, Ahmad-Reza}, booktitle = {ACM ASIA Conference on Computer and Communications Security (AsiaCCS)}, keywords = {sss-group}, month = {may}, title = {Gadge Me If You Can: Secure and Efficient Ad-hoc Instruction-Level Randomization for x86 and ARM}, year = 2013 }
POSTER: Secure Smartphone-based NFC-enabled Car Immobilizer (an outstanding poster award). Busold, Christoph; Dmitrienko, Alexandra; Seudie, Herve; Taha, Ahmed; Sobhani, Majid; Wachsmann, Christian; Sadeghi, Ahmad-Reza; in ACM Conference on Data and Application Security and Privacy (CODASPY) (2013).
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
@inproceedings{TUD-CS-2013-0004a, author = {Busold, Christoph and Dmitrienko, Alexandra and Seudie, Herve and Taha, Ahmed and Sobhani, Majid and Wachsmann, Christian and Sadeghi, Ahmad-Reza}, booktitle = {ACM Conference on Data and Application Security and Privacy (CODASPY)}, keywords = {sss-group}, month = {February}, title = {POSTER: Secure Smartphone-based NFC-enabled Car Immobilizer (an outstanding poster award)}, year = 2013 }
Smart Keys for Cyber-Cars: Secure Smartphone-Based NFC-Enabled Car Immobilizer. Bertino, Elisa; Sandhu, Ravi S.; Bauer, Lujo; Park, Jaehong; in ACM Conference on Data and Application Security and Privacy (CODASPY) (2013).
- [ Abstract ]
- [ BibTeX ]
- [ URL ]
- [ Download ]
- [ BibSonomy-Post ]
Smartphones have become very popular and versatile de-vices. An emerging trend is the integration of smartphones into automotive systems and applications, particularly access control systems to unlock cars (doors and immobilizers). Smartphone-based automotive solutions promise to greatly enhance the user’s experience by providing advanced features far beyond the conventional dedicated tokens/tranponders. We present the first opensecurity framework for secure smartphone-based immobilizers. Our generic security architecture protects the electronic access tokens on the smart-phone and provides advanced features such as context-aware access policies, remote issuing and revocation of access rights and their delegation to other users. We discuss various approaches to instantiate our security architecture based on different hardware-based trusted execution environments, and elaborate on their security properties. We implemented our immobilizer system based on the latest Android-based smartphone and a microSD smartcard. Further, we support the algorithmic proofs of the security of the underlying protocols with automated formal verification tools.

@inproceedings{conf/codaspy/BusoldTWDSSS13, abstract = {Smartphones have become very popular and versatile de-vices. An emerging trend is the integration of smartphones into automotive systems and applications, particularly access control systems to unlock cars (doors and immobilizers). Smartphone-based automotive solutions promise to greatly enhance the user’s experience by providing advanced features far beyond the conventional dedicated tokens/tranponders. We present the first opensecurity framework for secure smartphone-based immobilizers. Our generic security architecture protects the electronic access tokens on the smart-phone and provides advanced features such as context-aware access policies, remote issuing and revocation of access rights and their delegation to other users. We discuss various approaches to instantiate our security architecture based on different hardware-based trusted execution environments, and elaborate on their security properties. We implemented our immobilizer system based on the latest Android-based smartphone and a microSD smartcard. Further, we support the algorithmic proofs of the security of the underlying protocols with automated formal verification tools.}, booktitle = {ACM Conference on Data and Application Security and Privacy (CODASPY)}, editor = {Bertino, Elisa and Sandhu, Ravi S. and Bauer, Lujo and Park, Jaehong}, keywords = {sss-group}, month = {feb}, publisher = {ACM}, title = {Smart Keys for Cyber-Cars: Secure Smartphone-Based NFC-Enabled Car Immobilizer}, year = 2013 }

2012[ to top ]

Over-the-air Cross-Platform Infection for Breaking mTAN-based Online Banking Authentication. Davi, Lucas; Dmitrienko, Alexandra; Liebchen, Christopher; Sadeghi, Ahmad-Reza; in BlackHat Abu Dhabi (2012).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
We present a novel stealthy cross-platform infection attack in WiFi networks. Our attack has high impact on two-factor authentication schemes that make use of mobile phones. In particular, we apply our attack to break mTAN authentication, one of the most used scheme for online banking worldwide (Europe, US, China). We present the design and implementation of the online banking Trojan which spreads over the WiFi network from the user's PC to her mobile phone and automatically pairs these devices. When paired, the host and the mobile malware deliver to the attacker authentication secrets which allow her to successfully authenticate against the online-banking portal and perform financial transactions in the name of the user. Our attack is stealthy compared to the known banking Trojans ZeuS/ZitMo and SpyEye/Spitmo, as it does not rely on phishing or naive user behavior for malware spreading and pairing. Our reference implementation targets Windows PCs and Android based smartphones, although our attack is not platform specific. To achieve cross-platform infection, we applied and adapted attack techniques such as remote code execution, privilege escalation, GOT overwriting, DLL injection and function hooking. Our attack can he implemented by knowledgeable attackers and calls for re-thinking of security measures deployed for protection of online transactions by banks.

@inproceedings{TUD-CS-2012-0230, abstract = {We present a novel stealthy cross-platform infection attack in WiFi networks. Our attack has high impact on two-factor authentication schemes that make use of mobile phones. In particular, we apply our attack to break mTAN authentication, one of the most used scheme for online banking worldwide (Europe, US, China). We present the design and implementation of the online banking Trojan which spreads over the WiFi network from the user's PC to her mobile phone and automatically pairs these devices. When paired, the host and the mobile malware deliver to the attacker authentication secrets which allow her to successfully authenticate against the online-banking portal and perform financial transactions in the name of the user. Our attack is stealthy compared to the known banking Trojans ZeuS/ZitMo and SpyEye/Spitmo, as it does not rely on phishing or naive user behavior for malware spreading and pairing. Our reference implementation targets Windows PCs and Android based smartphones, although our attack is not platform specific. To achieve cross-platform infection, we applied and adapted attack techniques such as remote code execution, privilege escalation, GOT overwriting, DLL injection and function hooking. Our attack can he implemented by knowledgeable attackers and calls for re-thinking of security measures deployed for protection of online transactions by banks.}, author = {Davi, Lucas and Dmitrienko, Alexandra and Liebchen, Christopher and Sadeghi, Ahmad-Reza}, booktitle = {BlackHat Abu Dhabi}, keywords = {sss-group}, month = {December}, title = {Over-the-air Cross-Platform Infection for Breaking mTAN-based Online Banking Authentication}, year = 2012 }
XIFER: A Software Diversity Tool Against Code-Reuse Attacks. Davi, Lucas; Dmitrienko, Alexandra; Nürnberger, Stefan; Sadeghi, Ahmad-Reza; in ACM International Workshop on Wireless of the Students, by the Students, for the Students (MOBICOM) (2012).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
The enormous growth of mobile devices and their app markets has raised many security and privacy concerns. Run-time attacks seem to be a major threat, in particular, code-reuse attacks that do not require any external code injection(e.g., return-to-libc or return-oriented programming). We present, for the first time, a code transformation tool that completely mitigates code-reuse attacks by applying software diversity to the binary at runtime. Our tool XIFER(1) randomly diversifies the code of an application over the entire memory for each invocation, (2) requires no source code or any static analysis, (3) can be applied to both Intelx86 and ARM Linux executables, and (4) induces a negligible runtime overhead of only 1% in average.

@inproceedings{TUD-CS-2012-0135, abstract = {The enormous growth of mobile devices and their app markets has raised many security and privacy concerns. Run-time attacks seem to be a major threat, in particular, code-reuse attacks that do not require any external code injection(e.g., return-to-libc or return-oriented programming). We present, for the first time, a code transformation tool that completely mitigates code-reuse attacks by applying software diversity to the binary at runtime. Our tool XIFER(1) randomly diversifies the code of an application over the entire memory for each invocation, (2) requires no source code or any static analysis, (3) can be applied to both Intelx86 and ARM Linux executables, and (4) induces a negligible runtime overhead of only 1% in average.}, author = {Davi, Lucas and Dmitrienko, Alexandra and Nürnberger, Stefan and Sadeghi, Ahmad-Reza}, booktitle = {ACM International Workshop on Wireless of the Students, by the Students, for the Students (MOBICOM)}, keywords = {sss-group}, month = {August}, title = {XIFER: A Software Diversity Tool Against Code-Reuse Attacks}, year = 2012 }
SmartTokens: Delegable Access Control with NFC-enabled Smartphones. Dmitrienko, Alexandra; Sadeghi, Ahmad-Reza; Tamrakar, Sandeep; Wachsmann, Christian; in International Conference on Trust and Trustworthy Computing (TRUST) (2012).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
Today’s smartphones and tablets offer compelling computing and storage capabilities enabling a variety of mobile applications with rich functionality. The integration of new interfaces, in particular near field communication (NFC) opens new opportunities for new applications and business models, as the most recent trend in industry for payment and ticketing shows. These applications require storing and processing security-critical data on smartphones, making them attractive targets fora variety of attacks. The state of the art to enhance platform security concerns outsourcing security-critical computations to hardware-isolated Trusted Execution Environments (TrEE). However, since these TrEEsare used by software running in commodity operating systems, malware could impersonate the software and use the TrEE in an unintended way.Further, existing NFC-based access control solutions for smartphones are either not public or based on strong assumptions that are hard to achieve in practice. We present the design and implementation of a generic access control system for NFC-enabled smartphones based on a multi-level security architecture for smartphones. Our solution allows users to delegate their access rights and addresses the bandwidth constraints of NFC.Our prototype captures electronic access to facilities, such as entrances and offices, and binds NFC operations to a software-isolated TrEE established on the widely used Android smartphone operating system. We provide a formal security analysis of our protocols and evaluated the performance of our solution.

@inproceedings{TUD-CS-2012-0071, abstract = {Today’s smartphones and tablets offer compelling computing and storage capabilities enabling a variety of mobile applications with rich functionality. The integration of new interfaces, in particular near field communication (NFC) opens new opportunities for new applications and business models, as the most recent trend in industry for payment and ticketing shows. These applications require storing and processing security-critical data on smartphones, making them attractive targets fora variety of attacks. The state of the art to enhance platform security concerns outsourcing security-critical computations to hardware-isolated Trusted Execution Environments (TrEE). However, since these TrEEsare used by software running in commodity operating systems, malware could impersonate the software and use the TrEE in an unintended way.Further, existing NFC-based access control solutions for smartphones are either not public or based on strong assumptions that are hard to achieve in practice. We present the design and implementation of a generic access control system for NFC-enabled smartphones based on a multi-level security architecture for smartphones. Our solution allows users to delegate their access rights and addresses the bandwidth constraints of NFC.Our prototype captures electronic access to facilities, such as entrances and offices, and binds NFC operations to a software-isolated TrEE established on the widely used Android smartphone operating system. We provide a formal security analysis of our protocols and evaluated the performance of our solution.}, author = {Dmitrienko, Alexandra and Sadeghi, Ahmad-Reza and Tamrakar, Sandeep and Wachsmann, Christian}, booktitle = {International Conference on Trust and Trustworthy Computing (TRUST)}, keywords = {sss-group}, month = {June}, publisher = {Springer}, title = {SmartTokens: Delegable Access Control with NFC-enabled Smartphones}, year = 2012 }
MoCFI: A Framework to Mitigate Control-Flow Attacks on Smartphones. Davi, Lucas; Dmitrienko, Alexandra; Egele, Manuel; Fischer, Thomas; Holz, Thorsten; Hund, Ralf; Nürnberger, Stefan; Sadeghi, Ahmad-Reza; in Network and Distributed System Security Symposium (NDSS) (2012).
- [ Abstract ]
- [ BibTeX ]
- [ URL ]
- [ Download ]
- [ BibSonomy-Post ]
Runtime and control-flow attacks (such as code injection or return-oriented programming) constitute one of the most severe threats to software programs. These attacks are prevalent and have been recently applied to smartphone applications as well, of which hundreds of thousands are downloaded by users every day. While a framework for control-flow integrity (CFI) enforcement, an approach to prohibit this kind of attacks, exists for the Intel x86 plat-form, there is no such a solution for smartphones.In this paper, we present a novel framework, MoCFI(Mobile CFI), that provides a general countermeasure against control-flow attacks on smartphone platforms by en-forcing CFI. We show that CFI on typical smartphone plat-forms powered by an ARM processor is technically involved due to architectural differences between ARM and Intel x86,as well as the specifics of smartphone OSes. Our framework performs CFI on-the-fly during runtime without requiring the application’s source code. For our reference implementation we chose Apple’s iOS, because it has been an attractive target for control-flow attacks. Nevertheless, our frame-work is also applicable to other ARM-based devices such as Google’s Android. Our performance evaluation demon-strates that MoCFI is efficient and does not induce notable overhead when applied to popular iOS applications.

@inproceedings{TUD-CS-2012-0001, abstract = {Runtime and control-flow attacks (such as code injection or return-oriented programming) constitute one of the most severe threats to software programs. These attacks are prevalent and have been recently applied to smartphone applications as well, of which hundreds of thousands are downloaded by users every day. While a framework for control-flow integrity (CFI) enforcement, an approach to prohibit this kind of attacks, exists for the Intel x86 plat-form, there is no such a solution for smartphones.In this paper, we present a novel framework, MoCFI(Mobile CFI), that provides a general countermeasure against control-flow attacks on smartphone platforms by en-forcing CFI. We show that CFI on typical smartphone plat-forms powered by an ARM processor is technically involved due to architectural differences between ARM and Intel x86,as well as the specifics of smartphone OSes. Our framework performs CFI on-the-fly during runtime without requiring the application’s source code. For our reference implementation we chose Apple’s iOS, because it has been an attractive target for control-flow attacks. Nevertheless, our frame-work is also applicable to other ARM-based devices such as Google’s Android. Our performance evaluation demon-strates that MoCFI is efficient and does not induce notable overhead when applied to popular iOS applications.}, author = {Davi, Lucas and Dmitrienko, Alexandra and Egele, Manuel and Fischer, Thomas and Holz, Thorsten and Hund, Ralf and Nürnberger, Stefan and Sadeghi, Ahmad-Reza}, booktitle = {Network and Distributed System Security Symposium (NDSS)}, keywords = {sss-group}, month = {feb}, publisher = {The Internet Society}, title = {MoCFI: A Framework to Mitigate Control-Flow Attacks on Smartphones}, year = 2012 }
Towards Taming Privilege-Escalation Attacks on Android. Bugiel, Sven; Davi, Lucas; Dmitrienko, Alexandra; Fischer, Thomas; Sadeghi, Ahmad-Reza; Shastry, Bhargava; in Network and Distributed System Security Symposium (NDSS) (2012).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
Android’s security framework has been an appealing subject of research in the last few years. Android has been shown to be vulnerable to application-level privilege escalation attacks, such as confused deputy attacks, and more recently, attacks by colluding applications. While most of the proposed approaches aim at solving confused deputy at-tacks, there is still no solution that simultaneously addresses collusion attacks.In this paper, we investigate the problem of designing and implementing a practical security framework for Android to protect against confused deputy and collusion attacks. We realize that defeating collusion attacks calls for a rather system-centric solution as opposed to application-dependent policy enforcement. To support our design decisions, we conduct a heuristic analysis of Android’s system behavior(with popular apps) to identify attack patterns, classify different adversary models, and point out the challenges to be tackled. Then we propose a solution for a system-centric and policy-driven runtime monitoring of communication channels between applications at multiple layers: 1) at the middleware we control IPCs between applications and indirect communication via Android system components. Moreover,inspired by the approach in QUIRE, we establish semantic links between IPCs and enable the reference monitor to verify the call-chain; 2) at the kernel level we realize mandatory access control on the file system (including Unix domain sockets) and local Internet sockets. To allow for runtime,dynamic low-level policy enforcement, we provide a callback channel between the kernel and the middleware. Finally, we evaluate the efficiency and effectiveness of our framework on known confused deputy and collusion attacks, and discuss future directions.

@inproceedings{TUD-CS-2012-0002, abstract = {Android’s security framework has been an appealing subject of research in the last few years. Android has been shown to be vulnerable to application-level privilege escalation attacks, such as confused deputy attacks, and more recently, attacks by colluding applications. While most of the proposed approaches aim at solving confused deputy at-tacks, there is still no solution that simultaneously addresses collusion attacks.In this paper, we investigate the problem of designing and implementing a practical security framework for Android to protect against confused deputy and collusion attacks. We realize that defeating collusion attacks calls for a rather system-centric solution as opposed to application-dependent policy enforcement. To support our design decisions, we conduct a heuristic analysis of Android’s system behavior(with popular apps) to identify attack patterns, classify different adversary models, and point out the challenges to be tackled. Then we propose a solution for a system-centric and policy-driven runtime monitoring of communication channels between applications at multiple layers: 1) at the middleware we control IPCs between applications and indirect communication via Android system components. Moreover,inspired by the approach in QUIRE, we establish semantic links between IPCs and enable the reference monitor to verify the call-chain; 2) at the kernel level we realize mandatory access control on the file system (including Unix domain sockets) and local Internet sockets. To allow for runtime,dynamic low-level policy enforcement, we provide a callback channel between the kernel and the middleware. Finally, we evaluate the efficiency and effectiveness of our framework on known confused deputy and collusion attacks, and discuss future directions.}, author = {Bugiel, Sven and Davi, Lucas and Dmitrienko, Alexandra and Fischer, Thomas and Sadeghi, Ahmad-Reza and Shastry, Bhargava}, booktitle = {Network and Distributed System Security Symposium (NDSS)}, keywords = {sss-group}, month = {February}, title = {Towards Taming Privilege-Escalation Attacks on Android}, year = 2012 }

2011[ to top ]

Securing the Access to Electronic Health Records on Mobile Phones. Dmitrienko, Alexandra; Hadzic, Zecir; Löhr, Hans; Sadeghi, Ahmad-Reza; Winandy, Marcel; in Biomedical Engineering Systems and Technologies (BIOSTEC) (2011).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
Mobile phones are increasingly used in the e-health domain.In this context, enabling secure access to health records from mobile de-vices is of particular importance because of the high security and privacy requirements for sensitive medical data. Standard operating systems and software, as they are deployed on current smartphones, cannot protect sensitive data appropriately, even though modern mobile hardware plat-forms often provide dedicated security features. Current mobile phones are prone to attacks by malicious software, which might gain unauthorized access to sensitive medical data.In this paper, we present a security architecture for the protection of electronic health records and authentication credentials that are used to access e-health services. Our architecture is derived from a generic solution and tailored specifically to current mobile platforms with hardware security extensions. Authentication data are protected by a trusted wallet (TruWallet), which leverages trusted hardware features of the phone and isolated application environments provided by a secure operating system. A separate application environment is used to provide runtime protection of medical data. Furthermore, we present a prototype implementation of TruWallet on the Nokia N900 mobile phone. In contrast to commodity systems, our architecture enables healthcare professionals to securely access medical data on their mobile devices without the risk of disclosing sensitive information.

@inproceedings{DLSW2011b, abstract = {Mobile phones are increasingly used in the e-health domain.In this context, enabling secure access to health records from mobile de-vices is of particular importance because of the high security and privacy requirements for sensitive medical data. Standard operating systems and software, as they are deployed on current smartphones, cannot protect sensitive data appropriately, even though modern mobile hardware plat-forms often provide dedicated security features. Current mobile phones are prone to attacks by malicious software, which might gain unauthorized access to sensitive medical data.In this paper, we present a security architecture for the protection of electronic health records and authentication credentials that are used to access e-health services. Our architecture is derived from a generic solution and tailored specifically to current mobile platforms with hardware security extensions. Authentication data are protected by a trusted wallet (TruWallet), which leverages trusted hardware features of the phone and isolated application environments provided by a secure operating system. A separate application environment is used to provide runtime protection of medical data. Furthermore, we present a prototype implementation of TruWallet on the Nokia N900 mobile phone. In contrast to commodity systems, our architecture enables healthcare professionals to securely access medical data on their mobile devices without the risk of disclosing sensitive information.}, author = {Dmitrienko, Alexandra and Hadzic, Zecir and Löhr, Hans and Sadeghi, Ahmad-Reza and Winandy, Marcel}, booktitle = {Biomedical Engineering Systems and Technologies (BIOSTEC)}, keywords = {sss-group}, title = {Securing the Access to Electronic Health Records on Mobile Phones}, year = 2011 }
A Security Architecture for Accessing Health Records on Mobile Phones. Dmitrienko, Alexandra; Hadzic, Zecir; Löhr, Hans; Sadeghi, Ahmad-Reza; Winandy, Marcel; in International Conference on Health Informatics (HEALTHINF) (2011).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
Using mobile phones to access healthcare data is an upcoming application scenario of increasing importance in the near future. However, important aspects to consider in this context are the high security and privacy requirements for sensitive medical data. Current mobile phones using standard operating systems and software cannot offer appropriate protection for sensitive data, although the hardware platform often offers dedicated security features. Malicious software (malware) like Trojan horses on the mobile phone could gain unauthorized access to sensitive medical data.In this paper, we propose a complete security framework to protect medical data (such as electronic health records) and authentication credentials that are used to access e-health servers. Derived from a generic architecture that can be used for PCs, we introduce a security architecture specifically for mobile phones, based on existing hardware security extensions. We describe security building blocks, including trusted hardware features, a security kernel providing isolated application environments as well as a secure graphical user interface, and a trusted wallet (TruWallet) for secure authentication to e-health servers. Moreover, we present a prototype implementation of the trusted wallet on a current smartphone: the Nokia N900. Based on our architecture, health care professionals can safely and securely process medical data on their mobile phones without the risk of disclosing sensitive information as compared to commodity mobile operating systems.

@inproceedings{DLSW2011, abstract = {Using mobile phones to access healthcare data is an upcoming application scenario of increasing importance in the near future. However, important aspects to consider in this context are the high security and privacy requirements for sensitive medical data. Current mobile phones using standard operating systems and software cannot offer appropriate protection for sensitive data, although the hardware platform often offers dedicated security features. Malicious software (malware) like Trojan horses on the mobile phone could gain unauthorized access to sensitive medical data.In this paper, we propose a complete security framework to protect medical data (such as electronic health records) and authentication credentials that are used to access e-health servers. Derived from a generic architecture that can be used for PCs, we introduce a security architecture specifically for mobile phones, based on existing hardware security extensions. We describe security building blocks, including trusted hardware features, a security kernel providing isolated application environments as well as a secure graphical user interface, and a trusted wallet (TruWallet) for secure authentication to e-health servers. Moreover, we present a prototype implementation of the trusted wallet on a current smartphone: the Nokia N900. Based on our architecture, health care professionals can safely and securely process medical data on their mobile phones without the risk of disclosing sensitive information as compared to commodity mobile operating systems.}, author = {Dmitrienko, Alexandra and Hadzic, Zecir and Löhr, Hans and Sadeghi, Ahmad-Reza and Winandy, Marcel}, booktitle = {International Conference on Health Informatics (HEALTHINF)}, keywords = {sss-group}, month = {October}, title = {A Security Architecture for Accessing Health Records on Mobile Phones}, year = 2011 }
Trusted Virtual Domains on OKL4: Secure Information Sharing on Smartphones. Davi, Lucas; Dmitrienko, Alexandra; Kowalski, Christoph; Winandy, Marcel; in ACM Workshop on Scalable Trusted Computing (STC) (2011).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
The flexibility and computing power of modern smartphones to install and execute various applications allows for a rich user experience but also imposes several security concerns.Smartphones that are used both for private and corporate purposes do not separate the data and applications of different security domains, and users are usually too unskilled to deploy and configure extra security mechanisms. Hence,data leakage and unwanted information flow may occur.In this paper we present the design and implementation of the Trusted Virtual Domain (TVD) security architecture for smartphones. The TVD concept separates data and applications of different security domains and automates the security configuration on devices. In particular, we build our solution on top of the OKL4 microkernel, which provides the basic isolation properties, and extend it with a framework that realizes the TVD policy enforcement for Android operating systems. Our results show that the TVD security architecture can be built and used on modern smartphones,but there are also limitations that current security kernels like OKL4 have to address to improve the user experience.

@inproceedings{TUD-CS-2011-0217, abstract = {The flexibility and computing power of modern smartphones to install and execute various applications allows for a rich user experience but also imposes several security concerns.Smartphones that are used both for private and corporate purposes do not separate the data and applications of different security domains, and users are usually too unskilled to deploy and configure extra security mechanisms. Hence,data leakage and unwanted information flow may occur.In this paper we present the design and implementation of the Trusted Virtual Domain (TVD) security architecture for smartphones. The TVD concept separates data and applications of different security domains and automates the security configuration on devices. In particular, we build our solution on top of the OKL4 microkernel, which provides the basic isolation properties, and extend it with a framework that realizes the TVD policy enforcement for Android operating systems. Our results show that the TVD security architecture can be built and used on modern smartphones,but there are also limitations that current security kernels like OKL4 have to address to improve the user experience.}, author = {Davi, Lucas and Dmitrienko, Alexandra and Kowalski, Christoph and Winandy, Marcel}, booktitle = {ACM Workshop on Scalable Trusted Computing (STC)}, keywords = {sss-group}, month = {October}, publisher = {ACM Press}, title = {Trusted Virtual Domains on OKL4: Secure Information Sharing on Smartphones}, year = 2011 }
Practical and Lightweight Domain Isolation on Android. Bugiel, Sven; Davi, Lucas; Dmitrienko, Alexandra; Heuser, Stephan; Sadeghi, Ahmad-Reza; Shastry, Bhargava; in ACM Workshop on Security and Privacy in Mobile Devices (SPSM) (2011).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
In this paper, we introduce a security framework for practical and lightweight domain isolation on Android to mitigate unauthorized data access and communication among applications of different trust levels (e.g., private and corporate). We present the design and implementation of our framework,TrustDroid, which in contrast to existing solutions enables isolation at different layers of the Android software stack:(1) at the middleware layer to prevent inter-domain application communication and data access, (2) at the kernel layer to enforce mandatory access control on the file system and on InterProcess Communication (IPC) channels, and (3) at the network layer to mediate network traffic. For instance, (3)allows network data to be only read by a particular domain,or enables basic context-based policies such as preventing Internet access by untrusted applications while an employee is connected to the company’s network.Our approach accurately addresses the demands of the business world, namely to isolate data and applications of different trust levels in a practical and lightweight way. More-over, our solution is the first leveraging mandatory access control with TOMOYO Linux on a real Android device(Nexus One). Our evaluation demonstrates that TrustDroidonly adds a negligible overhead, and in contrast to contemporary full virtualization, only minimally affects the battery’s life-time.

@inproceedings{TUD-CS-2011-0218, abstract = {In this paper, we introduce a security framework for practical and lightweight domain isolation on Android to mitigate unauthorized data access and communication among applications of different trust levels (e.g., private and corporate). We present the design and implementation of our framework,TrustDroid, which in contrast to existing solutions enables isolation at different layers of the Android software stack:(1) at the middleware layer to prevent inter-domain application communication and data access, (2) at the kernel layer to enforce mandatory access control on the file system and on InterProcess Communication (IPC) channels, and (3) at the network layer to mediate network traffic. For instance, (3)allows network data to be only read by a particular domain,or enables basic context-based policies such as preventing Internet access by untrusted applications while an employee is connected to the company’s network.Our approach accurately addresses the demands of the business world, namely to isolate data and applications of different trust levels in a practical and lightweight way. More-over, our solution is the first leveraging mandatory access control with TOMOYO Linux on a real Android device(Nexus One). Our evaluation demonstrates that TrustDroidonly adds a negligible overhead, and in contrast to contemporary full virtualization, only minimally affects the battery’s life-time.}, author = {Bugiel, Sven and Davi, Lucas and Dmitrienko, Alexandra and Heuser, Stephan and Sadeghi, Ahmad-Reza and Shastry, Bhargava}, booktitle = {ACM Workshop on Security and Privacy in Mobile Devices (SPSM)}, keywords = {sss-group}, month = {October}, publisher = {ACM Press}, title = {Practical and Lightweight Domain Isolation on Android}, year = 2011 }
POSTER: The Quest for Security against Privilege Escalation Attacks on Android. Bugiel, Sven; Davi, Lucas; Dmitrienko, Alexandra; Fischer, Thomas; Sadeghi, Ahmad-Reza; Shastry, Bhargava; in ACM Conference on Computer and Communications Security (CCS) (2011).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
In this paper we present the design and implementation of a security framework that extends the reference monitor of the Android middleware and deploys a mandatory access control on Linux kernel (based on Tomoyo [9]) aiming at detecting and preventing application-level privilege escalation attacks at runtime. In contrast to existing solutions, our framework is system-centric, efficient, detects attacks that involve communication channels controlled by both, Android middleware and the Linux kernel (particularly, Binder IPC, Internet sockets and file system). It can prevent known confused deputy attacks without false positives and is also flexible enough to prevent unknown confused deputy attack sand attacks by colluding applications (e.g., Soundcomber [11])at the cost of a small rate of false positives

@inproceedings{TUD-CS-2011-0211, abstract = {In this paper we present the design and implementation of a security framework that extends the reference monitor of the Android middleware and deploys a mandatory access control on Linux kernel (based on Tomoyo [9]) aiming at detecting and preventing application-level privilege escalation attacks at runtime. In contrast to existing solutions, our framework is system-centric, efficient, detects attacks that involve communication channels controlled by both, Android middleware and the Linux kernel (particularly, Binder IPC, Internet sockets and file system). It can prevent known confused deputy attacks without false positives and is also flexible enough to prevent unknown confused deputy attack sand attacks by colluding applications (e.g., Soundcomber [11])at the cost of a small rate of false positives}, author = {Bugiel, Sven and Davi, Lucas and Dmitrienko, Alexandra and Fischer, Thomas and Sadeghi, Ahmad-Reza and Shastry, Bhargava}, booktitle = {ACM Conference on Computer and Communications Security (CCS)}, keywords = {sss-group}, month = {October}, publisher = {ACM}, title = {POSTER: The Quest for Security against Privilege Escalation Attacks on Android}, year = 2011 }
POSTER: Control-Flow Integrity for Smartphones. Davi, Lucas; Dmitrienko, Alexandra; Egele, Manuel; Fischer, Thomas; Holz, Thorsten; Hund, Ralf; Nürnberger, Stefan; Sadeghi, Ahmad-Reza; in ACM Conference on Computer and Communications Security (CCS) (2011).
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
@inproceedings{TUD-CS-2011-0210, author = {Davi, Lucas and Dmitrienko, Alexandra and Egele, Manuel and Fischer, Thomas and Holz, Thorsten and Hund, Ralf and Nürnberger, Stefan and Sadeghi, Ahmad-Reza}, booktitle = {ACM Conference on Computer and Communications Security (CCS)}, keywords = {sss-group}, month = {October}, publisher = {ACM}, title = {POSTER: Control-Flow Integrity for Smartphones}, year = 2011 }
CFI Goes Mobile: Control-Flow Integrity for Smartphones. Davi, Lucas; Dmitrienko, Alexandra; Egele, Manuel; Fischer, Thomas; Holz, Thorsten; Hund, Ralf; Nürnberger, Stefan; Sadeghi, Ahmad-Reza; in International Workshop on Trustworthy Embedded Devices (TrustED) (2011).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
Despite extensive research over the last two decades, control-flow (or runtime) attacks on software are still prevalent. Recently, smart-phones, of which millions are in use today, have become an attractive target for adversaries. However, existing solutions are either ad-hoc or limited in their effectiveness.In this paper, we present a general countermeasure against control-flow attacks on smartphone platforms. Our approach makes use of control-flow integrity(CFI), and tackles unique challenges of the ARM architecture and smartphone platforms (e.g., application encryption and signing,closed-source OS). Our framework and implementation is efficient, since it requires no access to source code, performs CFI enforcement on-the-fly during runtime, and is compatible to memory randomization (e.g.,ASLR) and code signing/encryption. We chose Apple iPhone for our reference implementation, because it has become an attractive target for control-flow attacks due to its wide spread deployment of native code.Our performance evaluation on a real iOS device demonstrates that our implementation does not induce any notable overhead when applied to popular iOS applications.

@inproceedings{TUD-CS-2011-0281, abstract = {Despite extensive research over the last two decades, control-flow (or runtime) attacks on software are still prevalent. Recently, smart-phones, of which millions are in use today, have become an attractive target for adversaries. However, existing solutions are either ad-hoc or limited in their effectiveness.In this paper, we present a general countermeasure against control-flow attacks on smartphone platforms. Our approach makes use of control-flow integrity(CFI), and tackles unique challenges of the ARM architecture and smartphone platforms (e.g., application encryption and signing,closed-source OS). Our framework and implementation is efficient, since it requires no access to source code, performs CFI enforcement on-the-fly during runtime, and is compatible to memory randomization (e.g.,ASLR) and code signing/encryption. We chose Apple iPhone for our reference implementation, because it has become an attractive target for control-flow attacks due to its wide spread deployment of native code.Our performance evaluation on a real iOS device demonstrates that our implementation does not induce any notable overhead when applied to popular iOS applications.}, author = {Davi, Lucas and Dmitrienko, Alexandra and Egele, Manuel and Fischer, Thomas and Holz, Thorsten and Hund, Ralf and Nürnberger, Stefan and Sadeghi, Ahmad-Reza}, booktitle = {International Workshop on Trustworthy Embedded Devices (TrustED)}, keywords = {sss-group}, month = {September}, title = {CFI Goes Mobile: Control-Flow Integrity for Smartphones}, year = 2011 }
XManDroid: A New Android Evolution to Mitigate Privilege Escalation Attacks. Bugiel, Sven; Davi, Lucas; Dmitrienko, Alexandra; Fischer, Thomas; Sadeghi, Ahmad-Reza; in TR-2011-04 (2011).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
Google Android has become a popular mobile operating system which is increasingly deployed by mobile device manufactures for various platforms. Recent attacks show that Android’s permission framework is vulnerable to application-level privilege escalation attacks, i.e., an application may indirectly gain privileges to perform unauthorized actions.The existing proposals for security extensions to Android’s middle-ware (e.g., Kirin, Saint, TaintDroid, or QUIRE) can-not fully and adequately mitigate these attacks or detect Trojans such as Soundcomber that exploit covert channels in the Android system. In this paper we present the design and implementation of XManDroid(eXtended Monitoring on Android), a security framework that extends the monitoring mechanism of Android to detect and prevent application-level privilege escalation attacks at runtime based on a system-centric system policy. Our implementation dynamically analyzes applications’ transitive permission usage while inducing a minimal performance overhead unnoticeable for the user.Depending on system policy our system representation al-lows for an effective detection of (covert) channels established through the Android system services and content providers while simultaneously optimizing the rate of false positives.We evaluate the effectiveness of XManDroidon our test suite that simulates known application-level privilege escalation attacks (including Soundcomber), and demonstrate successful detection of attacks that use Android’s inter-component communication (ICC) framework (standard for most attacks). We also performed a usability test to evaluate the impact of XManDroid on the user-experience with third party applications. Moreover, we analyze sources of false positives and discuss how this rate can be further significantly reduced.

@inproceedings{BDDFS2011, abstract = {Google Android has become a popular mobile operating system which is increasingly deployed by mobile device manufactures for various platforms. Recent attacks show that Android’s permission framework is vulnerable to application-level privilege escalation attacks, i.e., an application may indirectly gain privileges to perform unauthorized actions.The existing proposals for security extensions to Android’s middle-ware (e.g., Kirin, Saint, TaintDroid, or QUIRE) can-not fully and adequately mitigate these attacks or detect Trojans such as Soundcomber that exploit covert channels in the Android system. In this paper we present the design and implementation of XManDroid(eXtended Monitoring on Android), a security framework that extends the monitoring mechanism of Android to detect and prevent application-level privilege escalation attacks at runtime based on a system-centric system policy. Our implementation dynamically analyzes applications’ transitive permission usage while inducing a minimal performance overhead unnoticeable for the user.Depending on system policy our system representation al-lows for an effective detection of (covert) channels established through the Android system services and content providers while simultaneously optimizing the rate of false positives.We evaluate the effectiveness of XManDroidon our test suite that simulates known application-level privilege escalation attacks (including Soundcomber), and demonstrate successful detection of attacks that use Android’s inter-component communication (ICC) framework (standard for most attacks). We also performed a usability test to evaluate the impact of XManDroid on the user-experience with third party applications. Moreover, we analyze sources of false positives and discuss how this rate can be further significantly reduced.}, author = {Bugiel, Sven and Davi, Lucas and Dmitrienko, Alexandra and Fischer, Thomas and Sadeghi, Ahmad-Reza}, booktitle = {TR-2011-04}, howpublished = {\url{http://www.trust.informatik.tu-darmstadt.de/publications/publication-details/?no_cache=1&tx_bibtex_pi1%5Bpub_id%5D=TUD-CS-2011-0127}}, institution = {Ruhr-University Bochum, System Security Lab}, keywords = {sss-group}, month = {April}, title = {XManDroid: A New Android Evolution to Mitigate Privilege Escalation Attacks}, year = 2011 }
Trusted embedded System Operating System (TeSOS) - Study and Design. Dmitrienko, Alexandra; Gessner, Dennis; Sadeghi, Ahmad-Reza; Schulz, Steffen; Stueble, Christian; Ullmann, Markus; in HGI-TR-2011-004 (2011).
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
@inproceedings{SSDSDU2011, author = {Dmitrienko, Alexandra and Gessner, Dennis and Sadeghi, Ahmad-Reza and Schulz, Steffen and Stueble, Christian and Ullmann, Markus}, booktitle = {HGI-TR-2011-004}, howpublished = {\url{http://www.trust.informatik.tu-darmstadt.de/fileadmin/user_upload/Group_TRUST/projects/TeSOS_Study.pdf}}, institution = {Ruhr-University Bochum, System Security Lab}, keywords = {sss-group}, month = {April}, title = {Trusted embedded System Operating System (TeSOS) - Study and Design}, year = 2011 }

2010[ to top ]

TruWalletM: Secure Web Authentication on Mobile Platforms. Bugiel, Sven; Dmitrienko, Alexandra; Kostiainen, Kari; Sadeghi, Ahmad-Reza; Winandy, Marcel; in International Conference on Trusted Systems (INTRUST) (2010).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
Mobile phones are increasingly used as general purpose computing devices with permanent Internet connection. This imposes several threats as the phone operating system (OS) is typically derived from desktop counterparts and, hence, inherits the same or similar security shortcomings. In particular, the protection of login credentials when accessing web services becomes crucial under phishing and malware at-tacks. On the other hand many modern mobile phones provide hardware-supported security mechanisms currently unused by most phone OSs.In this paper, we show how to use these mechanisms, in particular trusted execution environments, to protect the user’s login credentials.We present the design and implementation proposal (based on NokiaN900 mobile platform) of TruWalletM, a wallet-like password manager and authentication agent towards the protection of login credentials ona mobile phone without the need to trust the whole OS software. We preserve compatibility to existing standard web authentication mechanisms.

@inproceedings{BDKSW2010, abstract = {Mobile phones are increasingly used as general purpose computing devices with permanent Internet connection. This imposes several threats as the phone operating system (OS) is typically derived from desktop counterparts and, hence, inherits the same or similar security shortcomings. In particular, the protection of login credentials when accessing web services becomes crucial under phishing and malware at-tacks. On the other hand many modern mobile phones provide hardware-supported security mechanisms currently unused by most phone OSs.In this paper, we show how to use these mechanisms, in particular trusted execution environments, to protect the user’s login credentials.We present the design and implementation proposal (based on NokiaN900 mobile platform) of TruWalletM, a wallet-like password manager and authentication agent towards the protection of login credentials ona mobile phone without the need to trust the whole OS software. We preserve compatibility to existing standard web authentication mechanisms.}, author = {Bugiel, Sven and Dmitrienko, Alexandra and Kostiainen, Kari and Sadeghi, Ahmad-Reza and Winandy, Marcel}, booktitle = {International Conference on Trusted Systems (INTRUST)}, keywords = {sss-group}, month = {December}, title = {TruWalletM: Secure Web Authentication on Mobile Platforms}, year = 2010 }
Return-Oriented Programming without Returns. Checkoway, Stephen; Davi, Lucas; Dmitrienko, Alexandra; Sadeghi, Ahmad-Reza; Shacham, Hovav; Winandy, Marcel; in ACM Conference on Computer and Communications Security (CCS) (2010).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
We show that on both the x86 and ARM architectures it is possible to mount return-oriented programming attacks without using return instructions. Our attacks instead make use of certain instruction sequences that behave like a return, which occur with sufficient frequency in large libraries on (x86) Linux and (ARM) Android to allow creation of Turing-complete gadget sets. Because they do not make use of return instructions, our new attacks have negative implications for several recently proposed classes of defense against return-oriented programming: those that detect the too-frequent use of returns in the instruction stream; those that detect violations of the last-in, first-out invariant normally maintained for the return-address stack; and those that modify compilers to produce code that avoids the return instruction.

@inproceedings{CDDSSW2010, abstract = {We show that on both the x86 and ARM architectures it is possible to mount return-oriented programming attacks without using return instructions. Our attacks instead make use of certain instruction sequences that behave like a return, which occur with sufficient frequency in large libraries on (x86) Linux and (ARM) Android to allow creation of Turing-complete gadget sets. Because they do not make use of return instructions, our new attacks have negative implications for several recently proposed classes of defense against return-oriented programming: those that detect the too-frequent use of returns in the instruction stream; those that detect violations of the last-in, first-out invariant normally maintained for the return-address stack; and those that modify compilers to produce code that avoids the return instruction.}, author = {Checkoway, Stephen and Davi, Lucas and Dmitrienko, Alexandra and Sadeghi, Ahmad-Reza and Shacham, Hovav and Winandy, Marcel}, booktitle = {ACM Conference on Computer and Communications Security (CCS)}, keywords = {sss-group}, month = {October}, title = {Return-Oriented Programming without Returns}, year = 2010 }
Privilege Escalation Attacks on Android. Davi, Lucas; Dmitrienko, Alexandra; Sadeghi, Ahmad-Reza; Winandy, Marcel; in Information Security Conference (ISC) (2010).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
Android is a modern and popular software platform for smart-phones. Among its predominant features is an advanced security model which is based on application-oriented mandatory access control and sandboxing. This allows developers and users to restrict the execution of an application to the privileges it has (mandatorily) assigned at installation time. The exploitation of vulnerabilities in program code is hence believed to be confined within the privilege boundaries of an application’s sandbox. However, in this paper we show that a privilege escalation at-tack is possible. We show that a genuine application exploited at runtime or a malicious application can escalate granted permissions. Our results immediately imply that Android’s security model cannot deal with a transitive permission usage attack and Android’s sandbox model fails as a last resort against malware and sophisticated runtime attacks.

@inproceedings{DDSW2010b, abstract = {Android is a modern and popular software platform for smart-phones. Among its predominant features is an advanced security model which is based on application-oriented mandatory access control and sandboxing. This allows developers and users to restrict the execution of an application to the privileges it has (mandatorily) assigned at installation time. The exploitation of vulnerabilities in program code is hence believed to be confined within the privilege boundaries of an application’s sandbox. However, in this paper we show that a privilege escalation at-tack is possible. We show that a genuine application exploited at runtime or a malicious application can escalate granted permissions. Our results immediately imply that Android’s security model cannot deal with a transitive permission usage attack and Android’s sandbox model fails as a last resort against malware and sophisticated runtime attacks.}, author = {Davi, Lucas and Dmitrienko, Alexandra and Sadeghi, Ahmad-Reza and Winandy, Marcel}, booktitle = {Information Security Conference (ISC)}, keywords = {sss-group}, month = {October}, title = {Privilege Escalation Attacks on Android}, year = 2010 }
Key Attestation from Trusted Execution Environments. Kostiainen, Kari; Dmitrienko, Alexandra; Ekberg, Jan-Erik; Sadeghi, Ahmad-Reza; Asokan, N.; in International Conference on Trust and Trustworthy Computing (TRUST) (2010).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
Credential platforms implemented on top of Trusted Execution Environments3(TrEEs) allow users to store and use their credentials, e.g., cryptographic keys or user passwords, securely. One important requirement for a TrEE-based credential platform is the ability to attest that a credential has been created and is kept within the TrEE. Credential properties, such as usage permissions, should be also attested.Existing attestation mechanisms are limited to attesting which applications outside the TrEE are authorized to use the credential. In this paper we describe a novel key attestation mechanism that allows attestation of both TrEE internal and external key usage permissions. We have implemented this attestation mechanism for mobile phones with M-Shield TrEE.

@inproceedings{KDESA2010, abstract = {Credential platforms implemented on top of Trusted Execution Environments3(TrEEs) allow users to store and use their credentials, e.g., cryptographic keys or user passwords, securely. One important requirement for a TrEE-based credential platform is the ability to attest that a credential has been created and is kept within the TrEE. Credential properties, such as usage permissions, should be also attested.Existing attestation mechanisms are limited to attesting which applications outside the TrEE are authorized to use the credential. In this paper we describe a novel key attestation mechanism that allows attestation of both TrEE internal and external key usage permissions. We have implemented this attestation mechanism for mobile phones with M-Shield TrEE.}, author = {Kostiainen, Kari and Dmitrienko, Alexandra and Ekberg, Jan-Erik and Sadeghi, Ahmad-Reza and Asokan, N.}, booktitle = {International Conference on Trust and Trustworthy Computing (TRUST)}, keywords = {sss-group}, month = {June}, title = {Key Attestation from Trusted Execution Environments}, year = 2010 }
Return-Oriented Programming without Returns on ARM. (HGI-TR-2010-002), Davi, Lucas; Dmitrienko, Alexandra; Sadeghi, Ahmad-Reza; Winandy, Marcel; (2010).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
n this paper we present a novel and general attack method on ARM-based computing platforms.Our attack deploys the principles of return-oriented programming (ROP). However, in contrast to conventional ROP, our attack exploits jumps instead of return addresses, and hence it can circumvent return address checkers. We show that our attack is Turing-complete and can induce arbitrary change of behavior in running programs without any code injection. We instantiate our attack method on the Android platform. We present an attack example that succeeds to send unauthorized text messages(SMS) and phone calls to high-cost numbers from a user’s device. To achieve this result, our attack(i) modifies program behavior without code injection, and (ii) abuses permissions assigned to an application.

@techreport{DDSW2010a, abstract = {n this paper we present a novel and general attack method on ARM-based computing platforms.Our attack deploys the principles of return-oriented programming (ROP). However, in contrast to conventional ROP, our attack exploits jumps instead of return addresses, and hence it can circumvent return address checkers. We show that our attack is Turing-complete and can induce arbitrary change of behavior in running programs without any code injection. We instantiate our attack method on the Android platform. We present an attack example that succeeds to send unauthorized text messages(SMS) and phone calls to high-cost numbers from a user’s device. To achieve this result, our attack(i) modifies program behavior without code injection, and (ii) abuses permissions assigned to an application.}, author = {Davi, Lucas and Dmitrienko, Alexandra and Sadeghi, Ahmad-Reza and Winandy, Marcel}, howpublished = {\url{http://www.trust.rub.de/media/trust/veroeffentlichungen/2010/07/21/ROP-without-Returns-on-ARM.pdf}}, institution = {Ruhr-University Bochum, System Security Lab}, keywords = {sss-group}, month = {April}, number = {HGI-TR-2010-002}, title = {Return-Oriented Programming without Returns on ARM}, year = 2010 }

2009[ to top ]

Trusted Virtual Domains - Design, Implementation and Lessons Learned. Catuogno, Luigi; Dmitrienko, Alexandra; Sadeghi, Ahmad-Reza; Schulz, Steffen; Winandy, Marcel; Zhan, Jing; Eriksson, Konrad; Kuhlmann, Dirk; Ramunno, Gianluca; Schunter, Matthias; in International Conference on Trusted Systems (INTRUST) (2009).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
A Trusted Virtual Domain (TVD) is a coalition of virtual machines and resources (e.g., network, storage) that are distributed over multiple physical platforms and share a common security policy. The concept of TVDs and their usage scenarios have been studied extensively. However, details on certain implementation aspects have not been explored in depth yet, such as secure policy deployment and integration of heterogeneous virtualization and trusted computing technologies. In this paper, we present implementation aspects of the life cycle management of TVDs. We describe the components and protocols necessary to realize the TVD design on a cross-platform architecture and present our prototype implementation for the Xen and L4 microkernel platforms.In particular, we discuss the need for and the realization of intra-TVD access control, a hypervisor abstraction layer for simplified TVD management, necessary components of a TVD policy and revocation issues.We believe that these integration details are essential and helpful inputs for any large-scale real-world deployment of TVD.

@inproceedings{CDSSWZEKRS09, abstract = {A Trusted Virtual Domain (TVD) is a coalition of virtual machines and resources (e.g., network, storage) that are distributed over multiple physical platforms and share a common security policy. The concept of TVDs and their usage scenarios have been studied extensively. However, details on certain implementation aspects have not been explored in depth yet, such as secure policy deployment and integration of heterogeneous virtualization and trusted computing technologies. In this paper, we present implementation aspects of the life cycle management of TVDs. We describe the components and protocols necessary to realize the TVD design on a cross-platform architecture and present our prototype implementation for the Xen and L4 microkernel platforms.In particular, we discuss the need for and the realization of intra-TVD access control, a hypervisor abstraction layer for simplified TVD management, necessary components of a TVD policy and revocation issues.We believe that these integration details are essential and helpful inputs for any large-scale real-world deployment of TVD.}, author = {Catuogno, Luigi and Dmitrienko, Alexandra and Sadeghi, Ahmad-Reza and Schulz, Steffen and Winandy, Marcel and Zhan, Jing and Eriksson, Konrad and Kuhlmann, Dirk and Ramunno, Gianluca and Schunter, Matthias}, booktitle = {International Conference on Trusted Systems (INTRUST)}, keywords = {sss-group}, month = {December}, title = {Trusted Virtual Domains - Design, Implementation and Lessons Learned}, year = 2009 }

2007[ to top ]

Zigbee-to-TCP/IP Gateway: New Opportunities for ZigBee-based Sensor Networks. Dmitrienko, Alexandra; in International Workshop on Ambient Intelligence and Embedded Systems (AmiEs) (2007).
- [ BibTeX ]
- [ BibSonomy-Post ]
@inproceedings{AD2007, author = {Dmitrienko, Alexandra}, booktitle = {International Workshop on Ambient Intelligence and Embedded Systems (AmiEs)}, keywords = {sss-group}, month = {September}, title = {Zigbee-to-TCP/IP Gateway: New Opportunities for ZigBee-based Sensor Networks}, year = 2007 }

2006[ to top ]

WIZnet W3150A network co-processor: New features for embedded devices. Dmitrienko, Alexandra; in Components and Technologies (2006).
- [ BibTeX ]
- [ BibSonomy-Post ]
@article{AD2006, author = {Dmitrienko, Alexandra}, journal = {Components and Technologies}, keywords = {sss-group}, title = {WIZnet W3150A network co-processor: New features for embedded devices}, year = 2006 }

Publications

Tag cloud of all publications:

Publications

Hinweis zum Datenschutz

Hinweis zum Datenschutz

Bildnachweise