Publications

IoT-enabled Distributed Cyber-attacks on Transmission and Distribution Grids.

June 22, 2017

Yury Dvorkin and Siddharth Garg

The Internet of things (IoT) will make it possible to interconnect and simultaneously control distributed electrical loads. Various technical and regulatory concerns have been raised that IoT-operated loads are being deployed without appropriately considering and systematically addressing potential cyber-security challenges. Hence, one can envision a hypothetical scenario when an ensemble of IoT-controlled loads can be hacked with malicious intentions of compromising operations of the electrical grid. Under this scenario, the attacker would use geographically distributed IoT-controlled loads to alternate their net power injections into the electrical grid in such a way that may disrupt normal grid operations.

ObfusCADe: Obfuscating Additive Manufacturing CAD Models Against Counterfeiting: Invited

June 22, 2017

Nikhil Gupta, Fei Chen,Nektarios Georgios Tsoutsos and Michail Maniatakos

As additive manufacturing (AM) becomes more pervasive, its supply chains shift towards distributed business models that heavily rely on cloud resources. Despite its countless benefits, this paradigm raises significant concerns about the trustworthiness of the globalized process, as there exist several classes of cybersecurity attacks that can undermine its security guarantees. In this work, we focus on the protection of the intellectual property (IP) of 3D designs, and introduce ObfusCADe, which is a novel protection method against counterfeiting, by embedding special features in CAD models.

Security as a Service for Cloud-Enabled Internet of Controlled Things under Advanced Persistent Threats: A Contract Design Approach

June 21, 2017

Juntao Chen and Quanyan Zhu

In this paper, we aim to establish a holistic framework that integrates the cyber-physical layers of a cloud-enabled Internet of Controlled Things (IoCT) through the lens of contract theory. At the physical layer, the device uses cloud services to operate the system. The quality of cloud services is unknown to the device, and hence the device designs a menu of contracts to enable a reliable and incentive-compatible service. Based on the received contracts, the cloud service provider (SP) serves the device by determining its optimal cyber defense strategy. A contract-based FlipCloud game is used to assess the security risk and the cloud quality of service (QoS) under advanced persistent threats.

TTLock: Tenacious and traceless logic locking

June 19, 2017

Muhammad Yasin, Bodhisatwa Mazumdar, Jeyavijayan J V Rajendran and Ozgur Sinanoglu

Logic locking is an intellectual property (IP) protection technique that prevents IP piracy, reverse engineering and overbuilding attacks by the untrusted foundry or endusers. Existing logic locking techniques are all vulnerable to various attacks, such as sensitization, key-pruning and signal skew analysis enabled removal attacks. In this paper, we propose TTLock that provably withstands all known attacks. TTLock protects a designer-specified number of input patterns, enabling a controlled and provably-secure trade-off between key-pruning attack resilience and removal attack resilience. All the key-bits converge on a single signal, creating maximal interference and thus resisting sensitization attacks.

On Mitigation of Side-Channel Attacks in 3D ICs: Decorrelating Thermal Patterns from Power and Activity

June 19, 2017

Johann Knechtel and Ozgur Sinanoglu

Various side-channel attacks (SCAs) on ICs have been successfully demonstrated and also mitigated to some degree. In the context of 3D ICs, however, prior art has mainly focused on efficient implementations of classical SCA countermeasures. That is, SCAs tailored for up-and-coming 3D ICs have been overlooked so far. In this paper, we conduct such a novel study and focus on one of the most accessible and critical side channels: thermal leakage of activity and power patterns. We address the thermal leakage in 3D ICs early on during floorplanning, along with tailored extensions for power and thermal management.

Distributed Transfer Linear Support Vector Machines

June 15, 2017

Rui Zhang and Quanyan Zhu

Transfer learning has been developed to improve the performances of different but related tasks in machine learning. However, such processes become less efficient with the increase of the size of training data and the number of tasks. Moreover, privacy can be violated as some tasks may contain sensitive and private data, which are communicated between nodes and tasks. We propose a consensus-based distributed transfer learning framework, where several tasks aim to find the best linear support vector machine (SVM) classifiers in a distributed network.

A Mean-Field Stackelberg Game Approach for Obfuscation Adoption in Empirical Risk Minimization

June 8, 2017

Jeffrey Pawlick and Quanyan Zhu

Data ecosystems are becoming larger and more complex due to online tracking, wearable computing, and the Internet of Things. But privacy concerns are threatening to erode the potential benefits of these systems. Recently, users have developed obfuscation techniques that issue fake search engine queries, undermine location tracking algorithms, or evade government surveillance. Interestingly, these techniques raise two conflicts: one between each user and the machine learning algorithms which track the users, and one between the users themselves. In this paper, we use game theory to capture the first conflict with a Stackelberg game and the second conflict with a mean field game.

Security and Privacy in Cyber-Physical Systems: A Survey of Surveys

May 29, 2017

Jairo Giraldo, Esha Sarkar, Alvaro Cardenas, Michail Maniatakos and Murat Kantarcioglu

Cyber-Physical Systems (CPS) are engineered systems combining computation, communications, and physical resources. Over the last decade—alongside technical advances in CPS—a vibrant and active community of security and privacy researchers have proposed and developed a mature research agenda addressing fundamental problems and risks of CPS deployments. The field has matured to a point where there are now several CPS security surveys. In this paper we highlight the diversity of research presenting by a meta-survey of CPS security and privacy surveys.

Under the Shadow of Sunshine: Understanding and Detecting Bulletproof Hosting on Legitimate Service Provider Networks

May 24, 2017

Sumayah Alrwais, Xiaojing Liao , Xianghang Mi , Peng Wang , XiaoFeng Wang , Feng Qian , Raheem Beyah and Damon McCoy

BulletProof Hosting (BPH) services provide criminal actors with technical infrastructure that is resilient to complaints of illicit activities, which serves as a basic building block for streamlining numerous types of attacks.In this paper, we present the first systematic study on this new trend of BPH services. By collecting and analyzing a large amount of data (25 Whois snapshots of the entire IPv4 address space, 1.5 TB of passive DNS data, and longitudinal data from several blacklist feeds), we are able to identify a set of new features that uniquely characterizes BPH on sub-allocations and are costly to evade. Based upon these features, we train a classifier for detecting malicious sub-allocated network blocks, achieving a 98% recall and 1.5% false discovery rates according to our evaluation.

Tools for Automated Analysis of Cybercriminal Markets

May 23, 2017

Rebecca S. Portnoff, Sadia Afroz, Greg Durrett, Jonathan K. Kummerfeld, Taylor Berg-Kirkpatrick, Taylor Berg-Kirkpatrick, Damon McCoy, Kirill Levchenko and Vern Paxson.

Underground forums are widely used by criminals to buy and sell a host of stolen items, datasets, resources, and criminal services. These forums contain important resources for understanding cybercrime. However, the number of forums, their size, and the domain expertise required to understand the markets makes manual exploration of these forums unscalable. In this work, we propose an automated, top-down approach for analyzing underground forums. Our approach uses natural language processing and machine learning to automatically generate high-level information about underground forums, first identifying posts related to transactions, and then extracting products and prices.

To Catch a Ratter: Monitoring the Behavior of Amateur DarkComet RAT Operators in the Wild

May 23, 2017

Brown Farinholt , Mohammad Rezaeirad , Paul Pearce , Hitesh Dharmdasani, Haikuo Yin Stevens Le Blondk , Damon McCoy, Kirill Levchenko

Remote Access Trojans (RATs) give remote attackers interactive control over a compromised machine. Unlike largescale malware such as botnets, a RAT is controlled individually by a human operator interacting with the compromised machine remotely. The versatility of RATs makes them attractive to actors of all levels of sophistication: they’ve been used for espionage, information theft, voyeurism and extortion. Despite their increasing use, there are still major gaps in our understanding of RATs and their operators, including motives, intentions, procedures, and weak points where defenses might be most effective. In this work we study the use of DarkComet, a popular commercial RAT.

DeepMasterPrint: Generating Fingerprints for Presentation Attacks

May 21, 2017

Philip Bontrager, Julian Togelius and Nasir Memon

We present two related methods for creating MasterPrints, synthetic fingerprints that a fingerprint verification system identifies as many different people. Both methods start with training a Generative Adversarial Network (GAN) on a set of real fingerprint images. The generator network is then used to search for images that can be recognized as multiple individuals. The first method uses evolutionary optimization in the space of latent variables, and the second uses gradient-based search. Our method is able to design a MasterPrint that a commercial fingerprint system matches to 22% of all users in a strict security setting, and 75% of all users at a looser security setting.

Taking the Pulse of US College Campuses with Location-Based Anonymous Mobile Apps, ACM Transactions on Intelligent Systems and Technology (ACM TIST)

May 19, 2017

Yanqiu Wu, Tehila Minkus, and Keith W. Ross

We deploy GPS hacking in conjunction with location-based mobile apps to passively survey users in targeted geographical regions. Specifically, we investigate surveying students at different college campuses with Yik Yak, an anonymous mobile app that is popular on US college campuses. In addition to being campus-centric, Yik Yak’s anonymity allows students to express themselves candidly without self-censorship.

 

Mind your SMSes: Mitigating social engineering in second factor authentication

May 19, 2017

Hossein Siadati, Toan Nguyen, Payas Gupta, Markus Jakobsson, and Nasir Memon

SMS-based second factor authentication is a cornerstone for many service providers, ranging from email service providers and social networks to financial institutions and online marketplaces. Attackers have not been slow to capitalize on the vulnerabilities of this mechanism by using social engineering techniques to coerce users to forward authentication codes.

Profiling cybersecurity competition participants: Self-efficacy, decision-making and interests predict effectiveness of competitions as a recruitment tool

May 19, 2017

Sciencedirect.com site creating problemsMasooda Bashir, Colin Wee, Nasir Memon, and Boyi Guo

This paper presents the main results of a large-scale survey on cybersecurity competition participants in the past decade. 588 participants of the Cybersecurity Awareness Week (CSAW) competition were surveyed with measures of personality, interests, culture, decision-making and attachment styles in an exploratory study designed to identify the characteristics of cybersecurity competition participants.

DRAW-A-PIN: Authentication using finger-drawn PIN on touch devices

May 19, 2017

Toan Van Nguyen, Napa Sae-Bae, and Nasir Memon

This paper presents Draw-A-PIN, a user authentication system on a device with a touch interface that supports the use of PINs. In the proposed system, the user is asked to draw her PIN on the touch screen instead of typing it on a keypad. Consequently, Draw-A-PIN could offer better security by utilizing drawing traits or behavioral biometrics as an additional authentication factor beyond just the secrecy of the PIN. In addition, Draw-A-PIN inherently provides acceptability and usability by leveraging user familiarity with PINs.

Measuring the Fitness of Fitness Trackers

May 19, 2017

Chealsea G. Bender, Jason C. Hoffstot, Brian T. Combs, Sara Hooshangi, and Justin Cappos.

Data collected by fitness trackers could play an important role in improving the health and well-being of the individuals who wear them. Many insurance companies even offer monetary rewards to participants who meet certain steps or calorie goals. However, in order for it to be useful, the collected data must be accurate and also reflect real-world performance. While previous studies have compared step counts data in controlled laboratory environments for limited periods of time, few studies have been done to measure performance over longer periods of time, while the subject does real-world activities.

Malicious firmware detection with hardware performance counters

May 17, 2017

Xueyang Wang, Charalambos Konstantinou, Michail Maniatakos, Ramesh Karri, Serena Lee, Patricia Robison, Paul Stergiou, and Steve Kim

Critical infrastructure components nowadays use microprocessor-based embedded control systems. It is often infeasible, however, to employ the same level of security measures used in general purpose computing systems, due to the stringent performance and resource constraints of embedded control systems. Furthermore, as software sits atop and relies on the firmware for proper operation, software-level techniques cannot detect malicious behavior of the firmware.