Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
public:research:conferences:wistp2015 [2015-09-03 13:42] – Page moved from public:research:confnotes:wistp2015 to public:research:conferences:wistp2015 mukroppublic:research:conferences:wistp2015 [2024-01-17 15:39] (current) – removed xjancar
Line 1: Line 1:
-====== Conference notes: WISTP2015, TRUST2015 ====== 
- 
-  * TRUST 2015: http://www.ics.forth.gr/trust2015/program.html 
-  * WISTP 2015: http://wistp2015.wistp.org/ 
- 
-**Paper: Tassos Dimitriou and Ioannis Krontiris, Privacy-respecting Auctions as Incentive Mechanisms in Mobile Crowd Sensing** 
-  * sensing data via user mobile phones 
-  * motivation for users - micropayments 
-  * to keep payments low, auction is used 
-  * user generates keypair, encrypt bid under public key, then publish private key -> winner is selected by report server 
-  * how to provide payments to anonymous (during auction) users? 
-  * payment made via tokens later payed by bank (e-cash, problem with colluding report server and bank -> reveal user identity) 
-  * payment made via blind signatures 
-  * nice attack from audience: user selects N different pseudonyms, set very low bidding price => wins bids  
-  * ? can we use bitcoin for that? - can be used 
-  * ? autonomous execution without user interaction? - can be done, except to improve utilization score  
-  * ? is report server trusted entity? - trusted to select winner and pay 
- 
- 
-**Paper: Alejandro Calleja, Pedro Peris-Lopez and Juan E. Tapiador, Electrical Heart Signals can be Monitored from the Moon: Security Implications for IPI-based Protocols** 
-  * Implantable medical devices 
-  * similar to RFID, except need for emergency mode - in problems, direct access from medstaff is possible 
-  * wireless connectivity used for remote monitoring 
-  * use of biosignals to authenticate -> used in emergency (have access to ECG anyway) - already published paper 
-  * this paper: how well we can estimate ECG using webcam (malware on computer)? 
-  * practical experiment PPG sensor (true value) + webcam measurement -> similarity measured  
-  * results: ~60% similarity (50% is baseline random guess) 
-  * dynamic quantifier - almost no correlation (doesn't work) 
-  * scalar quantifier - 60-95% success (avg 70% similarity) 
-  * ? what features were extracted from webcam picture? Movement of nose. But very noisy data, better cam cam improve (but lost of attacker vector with malware-controled webcam) 
-  * ? Why not use fingerprint as additional factor to authenticate?  
- 
-**Paper: Neyire Deniz Sarier, Private Minutia-based Fingerprint Matching** 
-  * biometrics IBE approach, multimodal biometrics 
-  * inherent noise in biometric samples -> error-tolerant schemes necessary 
-  * removal of Random oracle model (reason: if hash function is used in ROM, then scheme is insecure (generic result?)) 
-  * naive model for PSI (send multiple hashes of measured biometrics - vulnerable to pre-image recovery in case of low-entropy inputs), DH-base PSI-CA (Enhacing privacy and trust in electonic communities, 1999, acm) 
-  * Faster private set intersection base on OT extension, usenix 2014 
- 
-**Paper: David Jaeger, Amir Azodi, Feng Cheng and Christoph Meinel, Normalizing Security Events with a Hierarchical Knowledge Base** 
-  * trying to improve situation with system logs normalization 
-  * then correlate events for security incidents 
-  * unified extractor and convertor into same log structure  
-  * speed 37000 events/sec (8 cores) - usable for big company  
-  * ? implementation of compiler for regular expressions that compiles many RE together and then executed faster then every RE one-by-one. 
- 
-**Paper: Konstantinos Fysarakis, Charalampos Konstantourakis, Konstantinos Rantos, Charalampos Manifavas and Ioannis Papaefstathiou, WSACd - A Usable Access Control Framework for Smart Home Devices** 
-  * XACML - extensible acces control markup language  
-  * DPWS protocol (UPnP for large networks) used to transfer message of events, server decides based on policy  
-  * implementation on Android tablet 
-  * Register device inside system, set own policies for usage, smart device is sensor providing data 
-  * intended for e-health scenario (combination of requirements from multiple parties) 
- 
-**Invited talk: Formal definitions in crypto** 
-  * inputs and outputs of algorithm 
-  * security goal and thread model 
-  * security game: challenger and attacker -> asks attacker to breach security goal 
-  * lack of unconditionally secure schemes => what are assumptions? 
-  * proofs of security. Usually in form of reduction scheme -> assumption or scheme -> known hard problem 
-    * proof then usually proof by contradiction: I can use my scheme to solve effciently known hard problem -> if my scheme is not hard, neither is knwon hard problem 
-  * semantic security (!even single bit, hard to work with) -> ciphetext indistinguishability (Goldwasser, Mically, equivalent) IND-CPA 
-  * ciphetetxt-only, choosen-plaintext CPA, choosen ciphetext CCA- now also algorithm substitution attacks (incorrect generation of parameters)  
-  * IND-CPA: attacker is supplying two messages (crafted by an attacker) 
-  * which IND-xxx is used? Depending on what you can (as an author of scheme) prove :) 
-  * only in 2010: What happens if I will use private key on message not encrypted by my public key? -> Robustness property (weak and strong) 
-  * overall message: many state of the art protocols are insecure, usually because of imprecise of missing proper model assumptions 
-  
-**Keynote: Anand Rajan, "Security for the Internet of Things (IoT) - Challenges & Opportunities"** 
-  * Schoda search engine for iot 
-  * device will last probably longer then PC -> implications for security 
-  * managebility is problem 
-  * just enough security for every endpoint as resources as limited (but hard to establish what is enough when device will be planted for 30 years) 
-  * devices often operates in groups 
-  * usability is critical (no manual configuration, but possibility to manage large number of devices) 
-  * how to connect (and discover) devices into group ?- what is right topology and mode of commmuication?  
-  * secure iot lifecycle: start secure, run secure, stay secure 
-  * problem of (security) updates 
-  * autodraha pro simulaci pohyblivych uzlu a jen docasneho kontaktu 
-  * security needs to be cradle-to-grave - question: why only grave, repurposed chips -> reincarnation? Secure erase, secure init again?  
-  * after time, some devices can start to be insecure (or owner is not sure) -> gray area of probabilistic trust - how to deal with partially compromised network? Can we use secrecy amplification protocols to reestablish trust again (our original idea of chain of trust amplification) 
-  * nice demo with car race hack to change speed of car - "exploit" to get control of car controllers, then patch command to set maximum speed to crash car. 
-  * intel trusted execution for very small CPU (MCU) - "TrustLite". Used to isolate to protect memory against attack.  
- 
-**Paper: Hamed Nemati, Mads Dam and Roberto Guanciale. "Trustworthy Memory Isolation of Linux on Embedded Devices"** 
-  * first formally verified design of direct pagging 
-  * custom slim implemlementation of direct paging, later formally verified  
-  * MMU virtualization, ARMv7 
-  * selected slim configuration doable by formal verification 
-  * blocks are typed (L1/L2 page table, D)  
-  * minimal API activate, active, create, free table 
-  * refenrence counter 
-  * HOL4 theorem prover, extended  Cambridge model for ARMv7 
-  * 5 bugs discovered during verification 
-  * Beagleboard platform to verify model (4529 LOC C + Assembly, 1500 LOC HOL4 model, 18700 LOC HOL4 proof - script for verifier) 
-  * overall efford: 19 person month to perform whole proof (!) 
-  * proof cannot be directly used to verify similar scenario (written directly for particular implementation)  
- 
-**Paper: Sourav Bhattacharya, Otto Huhta and N Asokan. "LookAhead: Augmenting Crowdsourced Website Reputation Systems With Predictive Modeling"** 
-  * target is to notify users with known unsafe webpages 
-  * based on crowsource rating 
-  * web of trust WoT (137mills users) 
-    * two categories for marking: trustwortiness, safe for child 
-    * browser extension 
-  * problem with coverage (WoT rating compared with Alexa top 1M) => still low coverage  
-  * research question: can we predict rating for unrated pages (based on content of rated pages?) 
-  * link-related links: take reputation from links target page is linking 
-    * problem: falsely linking good pages. Solved by taking just links with bad reputation 
-  * Topic Model-base features: ECDF, Latent xxx something  
-    * extracted features used for training later   
-  * performance evalution: 140000 webpages - 80k good, 60k bad, ground truth obatined from WOT  
-  * Random forest classifier 
-  * tech report: arxiv.org/pdf/1504.04730.pdf 
-  * ? bias behind rated pages?  Try to rate huge number of unrated pages and wait few months for confirmation (but bias is not completelly removed) 
-   
-**Paper: Analysis of usage patterns in Ripple protocolFrederik Armknecht, Ghassan Karame, Avikarsha Mandal, Franck Youssef and Erik Zenner. "Ripple: Overview and Outlook"** 
-  * Distributed online payment  system (2012) 
-  * trust-based credit network 
-  * second largerst after bitcoin ($280), already signed with some banks 
-  * (Stellar network - similar concept) 
-  * public ledger for transactions, threshold for inclusion into ledger is 80% from special entities called validators - proff of consent rather then proof of work (as in bitcoin)  
-  * comparison: photo, faster then bitcoin (<20 sec to commit transaction), more centralized 
-  * forking problem: two ledgers, for current Ripple settings, if 40% nodes will overlap with ledger validation, fork will ocur (doublespending...) 
-  * official statistics are probably skewed  
-    * a lot of artificial transaction not finished (only about 15% is real transcation) 
-    * most of the current accounts are inactive (might be theoretically many accounts for single person because of privacy, but unlikely) 
-  * ? inactive accounts - not used, different from validators  
- 
-**Paper: Patrick Koeberl, Vinay Phegade, Anand Rajan, Thomas Schneider, Steffen Schulz and Maria Zhdanova. "Time to Rethink: Trust Brokerage using Trusted Execution Environments" - Intel research labs** 
-  * data exists in silos - lack of sharing 
-  * secure multiparty computations (many protocols over 30 years, but still lacks efficiency and requires custom tailoring from "cryptographer") 
-  * Data de-indentification - need to filter data and customize, tough privacy to uitility tradeoff 
-  * talk's approach: TEE-based Trest Brokerage 
-    * computing infrastructire based on trusted boot 
-    * uses Intel's SGX  
-  * validation part TC is potential bottleneck (a lot of work focused on measurement, not on validation) 
- 
-**Paper: David Förster, Hans Löhr, Jan Zibuschka and Frank Kargl. "REWIRE -- Revocation without Resolution: A Privacy-friendly Revocation Mechanism for Vehicular Ad-Hoc Networks"** 
-  * vehicle to vehicle and vehicle to infrastructure communication 
-  * warnings for out of sight events (strong brakes of close, but not directly visible car) 
-  * authorization, privacy protection, revocation (misbeahving vehicles) 
-  * short-term certificates (20 per weaks - used for pseduonyms) 
-  * long-term certificate (for authentication and renew of certificates) 
-  * long-term certificate can be  replaced by anononymous credentials  
-  * if vehicle is sending invalid messages, it is reported (by pseudonym X) and then certral point sends message to particular location - if you are X, please delete your current keys, you are folty -> targets invalid, but honest vehicle 
-  * enforcement via trusted component for intentionally malicious devices -> keys are stored in secure modules 
-    * but attacker can turn off device -> delete comand is issued every time device requires new certificate  
-    * another protection: keep-alive messages undistinguisable from delete command (turn off will not help) -> but problem with car outside reach of messages -> if device is blocked, one need to visit car manufacturer => jam car -> block car . Quite controversional defense  
- 
-**Paper: Melanie Volkamer, Karen Renaud, Kristoffer Braun, Gamze Canova and Benjamin Reinheimer. Design and Field Evaluation of PassSec: Raising and Sustaining Web Surfer Risk Awareness** 
-  * PassSec - firefox extension to detect insecure websites 
-  * paper: mental model of user wrt security, automatic checks -> show additional warning in time relevant to expected mental model 
-  * field experiment -> 31 participants -> initially 60 (but these didn't replayed for questionarre)  
-  * problem: small test group 
-  * problem: the group statistics were not clear - is it average user? 
-  * problem: dropouts from study were not included in measurement (not even usage statistics from dropouts usage were presented - maybe not collected?) 
-   
-**Paper: Rainer Urian and Liqun Chen. DAA-A: Direct Anonymous Attestation with Attributes** 
-  * based on TPM 2.0 specification 
-  * flexible use of existing standard to provide new class of protocols  
- 
-