Cryptography and Security (cs.CR)

Abstract: This project presents an implementation and designing of safe, secure and smart home with enhanced levels of security features which uses IoT-based technology. We got our motivation for this project after learning about movement of west towards smart homes and designs. This galvanized us to engage in this work as we wanted for homeowners to have a greater control over their in-house environment while also promising more safety and security features for the denizen. This contrivance of smart-home archetype has been intended to assimilate many kinds of sensors, boards along with advanced IoT devices and programming languages all of which in conjunction validate control and monitoring prowess over discrete electronic items present in home.

Abstract: With the help of a shared pool of reconfigurable computing resources, clients of the cloud-based model can keep sensitive data remotely and access the apps and services it offers on-demand without having to worry about maintaining and storing it locally. To protect the privacy of the public auditing system that supports the cloud data exchange system. The data's owner has the ability to change it using the private key and publishes it in the cloud. The RSA Technique is used to produce key codes for the cloud services atmosphere's privacy utilizing the system's baseboard number, disc number, and client passcode for validation. The method is based on a cutting-edge User End Generated (UEG) privacy technique that minimizes the involvement of a third party and improves security checks by automatically documenting destructive activities. To strengthen extensibility, various authorization-assigning modalities and block access patterns were established together with current operational design approaches. In order to meet the demands for decentralization, fine-grained auditability, extensibility, flexibility, and privacy protection for multilevel data access in networked environments, the suggested approach makes use of blockchain technology. According to a thorough performance and security assessment, the current proposal is exceptionally safe and effective.

Abstract: Based on Article 35 of the EU (European Union) General Data Protection Regulation, a Data Protection Impact Assessment (DPIA) is necessary whenever there is a possibility of a high privacy and data protection risk to individuals caused by a new project under development. A similar process to DPIA had been previously known as Privacy Impact Assessment (PIA). We are investigating here to find out if GDPR and DPIA specifically as its privacy risk assessment tool have resolved the challenges privacy practitioners were previously facing in implementing PIA. To do so, our methodology is based on comparison and thematic analysis on two sets of focus groups we held with privacy professionals back in January 2018 (four months before GDPR came into effect) and then in November 2019 (18 months after GDPR implementation).

Abstract: Publicly available information contains valuable information for Cyber Threat Intelligence (CTI). This can be used to prevent attacks that have already taken place on other systems. Ideally, only the initial attack succeeds and all subsequent ones are detected and stopped. But while there are different standards to exchange this information, a lot of it is shared in articles or blog posts in non-standardized ways. Manually scanning through multiple online portals and news pages to discover new threats and extracting them is a time-consuming task. To automize parts of this scanning process, multiple papers propose extractors that use Natural Language Processing (NLP) to extract Indicators of Compromise (IOCs) from documents. However, while this already solves the problem of extracting the information out of documents, the search for these documents is rarely considered. In this paper, a new focused crawler is proposed called ThreatCrawl, which uses Bidirectional Encoder Representations from Transformers (BERT)-based models to classify documents and adapt its crawling path dynamically. While ThreatCrawl has difficulties to classify the specific type of Open Source Intelligence (OSINT) named in texts, e.g., IOC content, it can successfully find relevant documents and modify its path accordingly. It yields harvest rates of up to 52%, which are, to the best of our knowledge, better than the current state of the art.

Abstract: Evil twin attack on Wi-Fi network has been a challenging security problem and several solutions have been proposed to this problem. In general, evil twin attack aims to exfiltrate data, like Wi-Fi and service credentials, from the client devices and considered as a serious threat at MAC layer. IoT devices with its companion apps provides different pairing methods for provisioning. The "SmartConfig Mode", the one proposed by Texas Instrument (TI) and the "Access Point pairing mode (AP mode)" are the most common pairing modes provided by the application developer and vendor of the IoT devices. Especially, AP mode use Wi-Fi connectivity to setup IoT devices where a device activates an access point to which the mobile device running the corresponding mobile application is required to connect. In this paper, we have used evil twin attack as a weapon to test the security posture of IoT devices that use Wi-Fi network to set them up. We have designed, implemented and applied a system, called iTieProbe, that can be used in ethical hacking for discovering certain vulnerabilities during such setup. AP mode successfully completes when the mobile device is able to communicate with the IoT device via a home router over a Wi-Fi network. Our proposed system, iTieProbe, is capable of discovering several serious vulnerabilities in the commercial IoT devices that use AP mode or similar approach. We evaluated iTieProbe's efficacy on 9 IoT devices, like IoT cameras, smart plugs, Echo Dot and smart bulbs, and discovered that several of these IoT devices have certain serious threats, like leaking Wi-Fi credential of home router and creating fake IoT device, during the setup of the IoT devices.

Abstract: Performance Monitoring Unit (PMU) is a common hardware module in Intel CPUs. It can be used to record various CPU behaviors therefore it is often used for performance analysis and optimization. Of the 65536 event spaces, Intel has officially published only 200 or so. In this paper, we design a hidden PMU event collection method. And we found a large number of undocumented PMU events in CPUs of Skylake, Kabylake, and Alderlake microarchitectures. We further demonstrate the existence of these events by using them for transient execution attack detection and build-side channel attacks. This also implies that these hidden PMU events have huge exploitation potential and security threats.

Abstract: Almost 50 years after the invention of SQL, injection attacks are still top-tier vulnerabilities of today's ICT systems. Consequently, SQLi detection is still an active area of research, where the most recent works incorporate machine learning techniques into the proposed solutions. In this work, we highlight the shortcomings of the previous ML-based results focusing on four aspects: the evaluation methods, the optimization of the model parameters, the distribution of utilized datasets, and the feature selection. Since no single work explored all of these aspects satisfactorily, we fill this gap and provide an in-depth and comprehensive empirical analysis. Moreover, we cross-validate the trained models by using data from other distributions. This aspect of ML models (trained for SQLi detection) was never studied. Yet, the sensitivity of the model's performance to this is crucial for any real-life deployment. Finally, we validate our findings on a real-world industrial SQLi dataset.