Information Systems Security and Privacy

Off-chain networks have recently emerged as a scalable solution for blockchains, allowing to increase the overall transaction throughput by reducing the number of transactions on the blockchain. However, off-chain networks typically require additional bootstrapping and route discovery functionality to determine viable routes. For example, the Lightning Network (LN) uses two mechanisms in conjunction: gossiping and probing. This paper shows that these mechanisms introduce novel vulnerabilities. In particular, we present two attacks. The first one, which we shall call a probing attack, enables an adversary to determine the (hidden) balance of a channel or route through active probing and differentiating the response messages from the route participants. The second one, which we shall call a timing attack, enables the adversary to determine the logical distance to the target in hops, given that geographical data of LN nodes is often publicly listed, or can be inferred from allocated IP addresses. We explore the setup and implementation of these attacks and address both the theoretical and practical limitations these attacks are subject to. Finally, we propose possible remediations and offer directions for further research on this topic.

Internet of Things or IoT deployments are becoming more and more common. The list of use-cases for IoT is getting longer and longer, but some examples are smart home appliances and wireless sensor networks. When IoT devices are deployed and used over an extended time, it is not guaranteed that one owner will control the IoT devices over their entire lifetime. If the ownership of an IoT system shall be transferred between two entities, secure ownership transfer arises.

In this paper we propose a protocol that enables secure ownership transfer of constrained IoT devices. The protocol is resource-efficient and only rely on symmetric cryptography for the IoT devices. The protocol has been rigorously analyzed to prove the state security requirements. The security analysis has been done partially using formal protocol verification tools, particularly Tamarin Prover. To show our proposed protocol’s resource efficiency, we have done a proof of concept implementation. This implementation, for constrained IoT devices, has been used to verify the efficiency of the protocol. The results presented in this paper, an extend version of previously published work on secure ownership transfer protocols for constrained IoT devices by the same authors.

Over the last few years, the interest in blockchain platforms has fostered the implementation of a number of distributed ledger-based solutions for the exchange of information, assets and digitized goods in both the private and the public sectors. While proposing promising alternatives to the original Bitcoin protocol is an important goal that the bulk of the effort in blockchain community has been focused on, it may not be enough. A major challenge faced by blockchain systems goes beyond the ability to superficially explore their attack surface, and firstly must consider the importance of studying the functioning of their underlying consensus protocols also in the form of non-functional properties such as security and safety. It is to this extent that recent research has started to rigorously analyze the Bitcoin protocol and its close variants, whilst BFT-like systems have not received equal attention so far. In this paper, we focus on the XRP Ledger with the aim to lay down the first steps towards the complete formalization of its unique consensus mechanism. We provide a thorough description of its different phases and present an analysis of some of its properties, which will be suitable as a basis for future research in the same vein.

The paper proposes an alternative email account protection to prevent a very specific targeting email attacks where an attacker can impersonate a legitimate/trusted sender to steal personal information to the recipient. Authorship mechanism based on the analysis of the author’s writing style and implemented through binary traditional and deep learning classifiers is applied to build the email verification mechanism. A flexible architecture, where the authorship component can be placed in different locations, is proposed. Due to its location and consequently to the email data available, can be exploited an individual writing style, or an end to end writing style learning related to the sender-receiver communication. The system is validated on two different dataset (i) the well-known public Enron dataset, with the experiments showing the author verification accuracy of 96.5% and 99% respectively for the individual and end to end writing style learning and (ii) our private dataset, with accuracy results of 98.3% and 97%. An alternative classification training, that exploits the partition of the dataset in subsets having approximately the same length, is presented. From the results obtained is proved how such training approach outperforms the traditional training where emails of different lengths are contained in the same training dataset. The overall results obtained proved that the authorship mechanism proposed is a promising alternative support technique exploitable as an email anti-scam or anti-theft tool to guarantee secure email communication.

The paper deals with the topic of lightweight authentication and secure communication for constrained hardware devices such as IoT or embedded devices. In the paper, protocols based on both symmetric and asymmetric schemes are presented, utilizing a PUF/TRNG combined module, showing it is advantageous to have single module that will allow generation of both TRNG and PUF at the same time. This approach minimizes implementation requirements and operational resource consumption. Moreover, it allows the simplification of the overall key management process as the proposed protocols do not require to store secrets on the devices themselves. This paper is the extended and revised version of the paper entitled “Lightweight Authentication and Secure Communication Suitable for IoT Devices” [1] presented at the 6th International Conference on Information Systems Security and Privacy (ICISSP) 2020.

With the ongoing digitalization, identity data leakage and identity theft are a growing threat to individuals, companies and public security in general. For most existing classes of cyber threats, there exists established techniques and even services that generate valuable threat intelligence feeds, however, generating feeds about identity breaches is not deeply researched yet. Even if there are first services for preventing or mitigating identity thefts, most of these services heavily rely on the assumption that the latest leak data is discovered, however, not a single comprehensive study is known which examines how this precondition is fulfilled. In this paper, we introduce a new method for generating a threat intelligence feed about identity breaches so that all the existing preventive and mitigating services can react in a timely manner. Therefore, we develop a system that automatically classifies and extracts threat intelligence information out of an extensive amount of security related news articles. We show that this approach vastly reduces the manual effort for the identity security services, hence, increasing their efficiency.

The Lightning Network is a decentralized bidirectional payment solution using the Bitcoin blockchain. In an earlier paper, we analyzed the secrecy and authenticity properties of the four subprotocols of the network and found that the key agreement protocol does not guarantee authenticity wrt. the responder. In this paper, we continue the analysis of the key agreement protocol using ProVerif and amend the protocol such that authenticity holds.

Privacy policies summarization tools can provide information about the contents of a privacy policy in a short and usable format. Although these automated tools can support users in understanding the information in privacy policies, they rely on machine learning techniques for the analysis of textual data to generate these summaries and can therefore contain errors which may affect the reliability of their results. A few of the existing privacy policy summarization tools provide some explanatory information about their performance, but the effects of this information on the user have not been validated. In this paper, an experimental study was conducted to evaluate whether explanatory information, in the form of justification and confidence measures, has an effect on understanding of the privacy policy content and on perception of the tool. The results indicate that participants have a more positive perception of the tool in terms of behavioral intention, perceived trustworthiness and usefulness when the summary includes a fragment of the policy as justification for the outcome. However, including a confidence measure in the summary did not have a significant effect on perception of the tool, and did not appear to communicate the possibility of incorrect results. This study contributes findings regarding user perception of automated privacy policy summarization that takes into consideration how explanatory information affects this perception. The implications of the findings for the design of privacy policy summarization tools are discussed.

Nowadays Vehicle-to-Vehicle communication (V2V) plays an increasingly important role, not only in terms of safety, but also in other areas of Intelligent Transport Systems (ITS). However, privacy is often underestimated in this context. In this paper we describe an extended version of our Harmonized Group Mix (HGM). HGM has the objective of enabling the privacy-friendly data exchange between vehicles in an ITS without neglecting other requirements such as integrity. In contrast to other approaches a complex organizational structure is not required and HGM is thus easily applicable. Rather, the idea of a Mix system is transferred to ITS communication, but the ITS-specific real-time requirements can still be met. The simultaneous use of group signatures can ensure a high degree of k-anonymity and prevent the tracking of participants. A distributed knowledge approach provides trust but at the same times allows revealing fraudsters. In addition to a detailed security analysis, this paper evaluates the approach using the simulation framework Veins and focuses on the exact vehicle movements and the groups formation respectively changes over time and their influence on each other.

Group behaviour is a relatively under researched field in research pertaining to information security. Most behavioural studies in information security focus on the individual and how he/she reasons and eventually behaves. Recent investigations into security group behaviour have revealed that the context within which the members of a group function plays an important role. Behavioural threshold analysis has been identified as a possible tool to evaluate security group behaviour and provide insights into the possible influence of the group’s contextual milieu. Based on earlier research on contextual factors in information security, this paper embodies an elaboration on the theoretical and practical implications of the previous work by comparing two distinct information security group behaviour experiments. The contextual environments for the two experiments include a group of employees in an industry setting, as well as a group of students that reside together in a university residence. These experiments are discussed, firstly by looking at the information security behavioural threshold analysis results for the two groups, and secondly, by expounding on the external contextual factors that play a part in the formation and eventual practice of information security behaviour in a group setting. The paper concludes by reflecting on the research aims and possible future work. This research has shown that external contextual factors play an important role in information security group behaviour and its effect should be taken into account in the strategies of managing information security.

The exponential increase in the adoption of the Internet of Things (IoT) technology combined with the usual lack of security measures carried by such devices have brought up new risks and security challenges to networks. IoT devices are prone to be easily compromised and used as magnification platforms for record-breaking cyber-attacks (i.e., Distributed Denial-of-Service attacks). Intrusion detection systems based on machine learning aim to detect such threats effectively, overcoming the security limitations on networks. In this regard, data quantity and quality is key to build effective detection models. These data are scarce and limited to small-sized networks for IoT environments. This research addresses this gap generating a labelled behavioral IoT data set, composed of normal and actual botnet network traffic in a medium-sized IoT network (up to 83 devices). Mirai, BashLite and Torii real botnet malware are deployed and data from early stages of botnet deployment is acquired (i.e., infection, propagation and communication with C&C stages). Supervised (i.e. classification) and unsupervised (i.e., anomaly detection) machine learning models are built with the data acquired as a demonstration of the suitability and reliability of the collected data set for effective machine learning-based botnet detection intrusion detection systems (i.e., testing, design and deployment). The IoT behavioral data set is released, being publicly available as MedBIoT data set.