Cryptography and Security (cs.CR)

Abstract: Many studies have proposed machine-learning (ML) models for malware detection and classification, reporting an almost-perfect performance. However, they assemble ground-truth in different ways, use diverse static- and dynamic-analysis techniques for feature extraction, and even differ on what they consider a malware family. As a consequence, our community still lacks an understanding of malware classification results: whether they are tied to the nature and distribution of the collected dataset, to what extent the number of families and samples in the training dataset influence performance, and how well static and dynamic features complement each other. This work sheds light on those open questions. by investigating the key factors influencing ML-based malware detection and classification. For this, we collect the largest balanced malware dataset so far with 67K samples from 670 families (100 samples each), and train state-of-the-art models for malware detection and family classification using our dataset. Our results reveal that static features perform better than dynamic features, and that combining both only provides marginal improvement over static features. We discover no correlation between packing and classification accuracy, and that missing behaviors in dynamically-extracted features highly penalize their performance. We also demonstrate how a larger number of families to classify make the classification harder, while a higher number of samples per family increases accuracy. Finally, we find that models trained on a uniform distribution of samples per family better generalize on unseen data.

Abstract: Decentralized identity mechanisms endeavor to endow users with complete sovereignty over their digital assets within the Web3 ecosystem. Unfortunately, this benefit frequently comes at the expense of users' credential and identity privacy. Additionally, existing schemes fail to resist Sybil attacks that have long plagued Web3, and lack reasonable key recovery mechanisms to regain control of digital assets after loss. In this work, we propose LinkDID, a privacy-preserving, Sybil-resistant, and key-recoverable decentralized identity scheme that supports selective disclosure of credentials for arbitrary predicates while maintaining privacy for credentials and identities. Through an identifier association mechanism, LinkDID can privately and forcibly aggregate users' identifiers, providing Sybil resistance without relying on any external data or collateral from benign users. To enable key recovery, LinkDID permits users to establish proofs of ownership for identifiers with lost keys and request an update of corresponding keys from the decentralized ledger. We provide a detailed theoretical analysis and security proofs of LinkDID, along with an exhaustive performance evaluation that shows its ability to complete interactions in less than 10 seconds on consumer-grade devices.

Abstract: Because state-of-the-art language models are expensive to train, most practitioners must make use of one of the few publicly available language models or language model APIs. This consolidation of trust increases the potency of backdoor attacks, where an adversary tampers with a machine learning model in order to make it perform some malicious behavior on inputs that contain a predefined backdoor trigger. We show that the in-context learning ability of large language models significantly complicates the question of developing backdoor attacks, as a successful backdoor must work against various prompting strategies and should not affect the model's general purpose capabilities. We design a new attack for eliciting targeted misclassification when language models are prompted to perform a particular target task and demonstrate the feasibility of this attack by backdooring multiple large language models ranging in size from 1.3 billion to 6 billion parameters. Finally we study defenses to mitigate the potential harms of our attack: for example, while in the white-box setting we show that fine-tuning models for as few as 500 steps suffices to remove the backdoor behavior, in the black-box setting we are unable to develop a successful defense that relies on prompt engineering alone.

Abstract: The ever increasing popularity and availability of Trusted Execution Environments (TEEs) had a stark influence on microarchitectural attack research in academia, as their strong attacker model both boosts existing attack vectors and introduces several new ones. While many works have focused on Intel SGX, other TEEs like AMD SEV have recently also started to receive more attention. A common technique when attacking SGX enclaves is single-stepping, where the system's APIC timer is used to interrupt the enclave after every instruction. Single-stepping increases the temporal resolution of subsequent microarchitectural attacks to a maximum. A key driver in the proliferation of this complex attack technique was the SGX-Step framework, which offered a stable reference implementation for single-stepping and a relatively easy setup. In this paper, we demonstrate that SEV VMs can also be reliably single-stepped. To lay the foundation for further microarchitectural attack research against SEV, we introduce the reusable SEV-Step framework. Besides reliable single-stepping, SEV-Step provides easy access to common attack primitives like page fault tracking and cache attacks against SEV. All features can be used interactively from user space. We demonstrate SEV-Step's capabilities by carrying out an end-to-end cache attack against SEV that leaks the volume key of a LUKS2-encrypted disk. Finally, we show for the first time that SEV is vulnerable to Nemesis-style attacks, which allow to extract information about the type and operands of single-stepped instructions from SEV-protected VMs.

Abstract: This research aims to explore the security risks posed by compatibility and protocol differences in smart contract migration, using the migration of smart contracts from Ethereum to Arbitrum as a case study. Through literature review, online data collection, expert participation, and analysis of smart contract vulnerability cases, this paper conducts an in-depth research of the differences between Ethereum and Arbitrum in areas such as Messaging, Block Properties, Contract Address Alias, and Gas Fees. The research findings indicate the presence of certain security issues during the migration process from Ethereum to Arbitrum, such as abnormal operation of the sequencer resulting in outdated off-chain data retrieval, time-based logical errors, failed permission checks, DOS attacks, and gas loss due to L1-to-L2 transaction failures. To address these security issues, this paper proposes corresponding solutions and recommendations to ensure the security and meet the requirements of the migration process. Additionally, this research emphasizes the continued attention and support for the security issues of smart contract migration through the case of smart contract migration from Ethereum to Arbitrum. It is worth noting that this research is the first in-depth research of smart contract security migration from Ethereum to Arbitrum.

Abstract: Satellite Internet plays an increasingly important role in geopolitical conflicts. This notion was affirmed in the Ukrainian conflict escalating at the beginning of 2022, with the large-scale deployment of the Starlink satellite Internet service which consequently demonstrated the strategic importance of a free flow of information. Aside from military use, many citizens publish sensitive information on social media platforms to influence the public narrative. However, the use of satellite communication has proven to be dangerous, as the signals can be monitored by other satellites and used to triangulate the source on the ground. Unfortunately, the targeted killings of journalists have shown this threat to be effective. While the increasing deployment of satellite Internet systems gives citizens an unprecedented mouthpiece in conflicts, protecting them against localization is an unaddressed problem. To address this threat, we present AnonSat, a novel scheme to protect satellite Internet users from triangulation. AnonSat works with cheap off-the-shelf devices, leveraging long-range wireless communication to span a local network among satellite base stations. This allows rerouting users' communication to other satellite base stations, some distance away from each user, thus, preventing their localization. AnonSat is designed for easy deployment and usability, which we demonstrate with a prototype implementation. Our large-scale network simulations using real-world data sets show the effectiveness of AnonSat in various practical settings.

Abstract: We revisit the problem of designing scalable protocols for private statistics and private federated learning when each device holds its private data. Our first contribution is to propose a simple primitive that allows for efficient implementation of several commonly used algorithms, and allows for privacy accounting that is close to that in the central setting without requiring the strong trust assumptions it entails. Second, we propose a system architecture that implements this primitive and perform a security analysis of the proposed system.