Skip to main content

Über dieses Buch

This book constitutes the proceedings of the satellite workshops held around the 17th International Conference on Applied Cryptography and Network Security, ACNS 2019, in Bogota, Colombia, in June 2019.
The 10 papers presented in this volume were carefully reviewed and selected from 30 submissions. They stem from the following workshops:
AIBlock 2019: First International Workshop on Application Intelligence and Blockchain SecurityAIoTS 2019:First International Workshop on Articial Intelligence and Industrial Internet-of-Things SecurityCloud S&P 2019:First International Workshop on Cloud Security and PrivacyPriDA 2019:First InternationalWorkshop on Privacy-preserving Distributed Data AnalysisSiMLA 2019: First International Workshop on Security in Machine Learning and its Applications



SiMLA - Security in Machine Learning and its Applications


Risk-Based Static Authentication in Web Applications with Behavioral Biometrics and Session Context Analytics

In order to improve the security of password-based authentication in web applications, it is a common industry practice to profile users based on their sessions context, such as IP ranges and Browser type. On the other hand, behavioral dynamics such as mouse and keyword features have been proposed in order to improve authentication, but have been shown most effective only in continuous authentication scenarios. In this paper we propose to combine both fingerprinting and behavioral dynamics (for mouse and keyboard) in order to increase security of login mechanisms. We do this by using machine learning techniques that aim at high accuracy, and only occasionally raise alarms for manual inspection. Our combined approach achieves an AUC of 0.957. We discuss the practicality of our approach in industrial contexts.
Jesus Solano, Luis Camacho, Alejandro Correa, Claudio Deiro, Javier Vargas, Martín Ochoa

Using Honeypots in a Decentralized Framework to Defend Against Adversarial Machine-Learning Attacks

The market demand for online machine-learning services is increasing, and so have the threats against them. Adversarial inputs represent a new threat to Machine-Learning-as-a-Services (MLaaSs). Meticulously crafted malicious inputs can be used to mislead and confuse the learning model, even in cases where the adversary only has limited access to input and output labels. As a result, there has been an increased interest in defence techniques to combat these types of attacks. In this paper, we propose a network of High-Interaction Honeypots (HIHP) as a decentralized defence framework that prevents an adversary from corrupting the learning model. We accomplish our aim by (1) preventing the attacker from correctly learning the labels and approximating the architecture of the black-box system; (2) luring the attacker away, towards a decoy model, using Adversarial HoneyTokens; and finally (3) creating infeasible computational work for the adversary.
Fadi Younis, Ali Miri

Cloud S&P - Cloud Security and Privacy

Graphene: A Secure Cloud Communication Architecture

Due to ubiquitous-elastic computing mechanism, platform independence and sustainable architecture, cloud computing emerged as the most dominant technology. However, security threats become the most blazing issue in adopting such a diversified and innovative approach. To address some of the shortcomings of traditional security protocols (e.g., SSL/TLS), we propose a cloud communication architecture (Graphene) that can provide security for data-in-transit and authenticity of cloud users (CUs) and cloud service providers (CSPs). Graphene also protects the communication channel against some most common attacks such as man-in-the-middle (MITM) (including eavesdropping, sniffing, identity spoofing, data tampering), sensitive information disclosure, replay, compromised-key, repudiation and session hijacking attacks. This work also involves the designing of a novel high-performance cloud focused security protocol. This protocol efficiently utilizes the strength and speed of symmetric block encryption with Galois/Counter mode (GCM), cryptographic hash, public key cryptography and ephemeral key-exchange. It provides faster reconnection facility for supporting frequent connectivity and dealing with connection trade-offs. The security analysis of Graphene shows promising protection against the above discussed attacks. Graphene also outperforms TLSv1.3 (the latest stable version among the SSL successors) in performance and bandwidth consumption significantly and shows reasonable memory usage at the server-side.
Abu Faisal, Mohammad Zulkernine

A Survey on Machine Learning Applications for Software Defined Network Security

The number of machine learning (ML) applications on networking security has increased recently thanks to the availability of processing and storage capabilities. Combined with new technologies such as Software Defined Networking (SDN) and Network Function Virtualization (NFV), it becomes an even more interesting topic for the research community. In this survey, we present studies that employ ML techniques in SDN environments for security applications. The surveyed papers are classified into ML techniques (used to identify general anomalies or specific attacks) and IDS frameworks for SDN. The latter category is relevant since reviewed paers include the implementation of data collection and mitigation techniques, besides just defining a ML model, as the first category. We also identify the standard datasets, testbeds, and additional tools for researchers.
Juliana Arevalo Herrera, Jorge E. Camargo

AIBlock - Application Intelligence and Blockchain Security


A New Proof of Work for Blockchain Based on Random Multivariate Quadratic Equations

In this paper, we first present a theoretical analysis model on the Proof-of-Work (PoW) for cryptocurrency blockchain. Based on this analysis, we present a new type of PoW, which relies on the hardness of solving a set of random quadratic equations over the finite field GF(2). We will present the advantages of such a PoW, in particular, in terms of its impact on decentralization and the incentives involved, and therefore demonstrate that this is a new good alternative as a new type for PoW in blockchain applications.
Jintai Ding

SIEM-IoT: A Blockchain-Based and Distributed SIEM for the Internet of Things

The paper at hand proposes \(\mathcal {B}\)SIEM-IoT, a Security Information and Event Management solution (SIEM) for the Internet of Things (IoT) relying on blockchain to store and access security events. The security events included in the blockchain are contributed by a number of IoT sentinels in charge of protecting a group of IoT devices. A key feature here is that the blockchain guarantees a secure registry of security events. Additionally, the proposal permits SIEM functional components to be assigned to different miners servers composing a resilient and distributed SIEM. Our proposal is implemented using Ethereum and validated through different use cases and experiments.
Andrés Pardo Mesa, Fabián Ardila Rodríguez, Daniel Díaz López, Félix Gómez Mármol

Towards Blockchained Challenge-Based Collaborative Intrusion Detection

To protect distributed network resources and assets, collaborative intrusion detection systems/networks (CIDSs/CIDNs) have been widely deployed in various organizations with the purpose of detecting any potential threats. While such systems and networks are usually vulnerable to insider attacks, some kinds of trust mechanisms should be integrated in a real-world application. Challenge-based trust mechanisms are one promising solution, which can measure the trustworthiness of a node by sending challenges to other nodes. In the literature, challenge-based CIDNs have proven to be robust against common insider attacks, but it may still be susceptible to advanced insider attacks. How to further improve the robustness of challenge-based CIDNs remains an issue. Motivated by the recently rapid development of blockchains, in this work, we aim to combine these two and provide a blockchained challenge-based CIDN framework. Our evaluation shows that blockchain technology has the potential to enhance the robustness of challenge-based CIDNs in the aspects of trust management (i.e., enhancing the detection of insider nodes) and alarm aggregation (i.e., identifying untruthful inputs).
Wenjuan Li, Yu Wang, Jin Li, Man Ho Au

AIoTS - Artificial Intelligence and Industrial Internet-of-Things Security


Enhancement to the Privacy-Aware Authentication for Wi-Fi Based Indoor Positioning Systems

Indoor location-based application and services based on Wi-Fi have serious problems in terms of privacy since attackers could track users by capturing their MAC addresses. Although several initiatives have been proposed by scientific community to properly address authentication by strongly preserving privacy, there are still improvements and steps that need to be developed as it is not clearly stated what would occur if a device is lost, stole or compromised. It has not been said how an affected user should proceed in such case. In this situation, this work provides an enhancement to a previous solution based on pseudo-certificates issued by third-party authorities for anonymous authentication of mobile devices. The proposed scheme provides privacy to users willing to remove a device that has been stolen or lost. The proposed system offers security while maintaining minimal cryptographic overhead.
Jhonattan J. Barriga A., Sang Guun Yoo, Juan Carlos Polo

Design of a FDIA Resilient Protection Scheme for Power Networks by Securing Minimal Sensor Set

Recent times have witnessed increasing utilization of wide area measurements to design the transmission line protection schemes as wide area measurements improve the reliability of protection methods. Usage of ICT tools for communicating sensor measurement in power networks demands immunity and resiliency of the associated protection scheme against false data injection attack (FDIA). Immunity against malicious manipulation of sensor information is attainable by securing the communication channels connecting the sensors through cryptographic protocols, and encryption. However, securing all the sensors and communication channels is economically unviable. A practical solution involves securing a reduced set of sensors without compromising fault detection accuracy. With the aim of developing a simple, economically viable and FDIA resilient scheme under the assumption that the adversary has complete knowledge of the system dynamics, the present work proposes a logical analysis of data (LAD) based fault detection scheme. The proposed scheme identifies the minimal set of sensors for FDIA resiliency and detects the state (faulty or healthy) of the power network relying on the measurements received from the ‘minimal sensor set’ only. Validation of the proposed protection scheme on IEEE 9-bus system reveals that in addition to being FDIA resilient, it is reliable and computationally efficient.
Tanmoy Kanti Das, Subhojit Ghosh, Ebha Koley, Jianying Zhou

Strong Leakage Resilient Encryption by Hiding Partial Ciphertext

Leakage-resilient encryption is a powerful tool to protect data confidentiality against side channel attacks. In this work, we introduce a new and strong leakage setting to counter backdoor (or Trojan horse) plus covert channel attack, by relaxing the restrictions on leakage. We allow bounded leakage at anytime and anywhere and over anything. Our leakage threshold (e.g. 10000 bits) could be much larger than typical secret key (e.g. AES key or RSA private key) size. Under such a strong leakage setting, we propose an efficient encryption scheme which is semantic secure in standard setting (i.e. without leakage) and can tolerate strong continuous leakage. We manage to construct such a secure scheme under strong leakage setting, by hiding partial (e.g. 1%) ciphertext as secure as we hide the secret key using a small amount of more secure hardware resource, so that it is almost equally difficult for any adversary to steal information regarding this well-protected partial ciphertext or the secret key. We remark that, the size of such well-protected small portion of ciphertext is chosen to be much larger than the leakage threshold. We provide concrete and practical examples of such more secure hardware resource for data communication and data storage. Furthermore, we also introduce a new notion of computational entropy, as a sort of computational version of Kolmogorov complexity. Our quantitative analysis shows that, hiding partial ciphertext is a powerful countermeasure, which enables us to achieve higher security level than existing approaches in case of backdoor plus covert channel attacks. We also show the relationship between our new notion of computational entropy and existing relevant concepts, including All-or-Nothing Transform and Exposure Resilient Function. This new computation entropy formulation may have independent interests.
Jia Xu, Jianying Zhou


Weitere Informationen

Premium Partner