Session A-1

Security 1

2:00 PM — 3:30 PM EDT
May 3 Tue, 2:00 PM — 3:30 PM EDT

Fast and Secure Key Generation with Channel Obfuscation in Slowly Varying Environments

Guyue Li and Haiyu Yang (Southeast University, China); Junqing Zhang (University of Liverpool, United Kingdom (Great Britain)); Hu Aiqun (Southeast University, China); Hongbo Liu (University of Electronic Science and Technology of China, China)

Physical-layer secret key generation has emerged as a promising solution for establishing cryptographic keys by leveraging reciprocal and time-varying wireless channels. However, existing approaches suffer from low key generation rates and vulnerabilities under various attacks in slowly varying environments. We propose a new physical-layer secret key generation approach with channel obfuscation, which improves the dynamic property of channel parameters based on random filtering and random antenna scheduling. Our approach makes one party obfuscate the channel to allow the legitimate party to obtain similar dynamic channel parameters, yet prevents a third party from inferring the obfuscation information. Our approach allows more random bits to be extracted from the obfuscated channel parameters by a joint design of the K-L transform and adaptive quantization. Results from a testbed implementation show that our approach, compared to the existing ones that we evaluate, performs the best in generating high entropy bits at a fast rate and is able to resist various attacks in slowly varying environments. Specifically, our approach can achieve a significantly faster secret bit generation rate at roughly 67 bit/pkt, and the key sequences can pass the randomness tests of the NIST test suite.

MILLIEAR: Millimeter-wave Acoustic Eavesdropping with Unconstrained Vocabulary

Pengfei Hu and Yifan Ma (Shandong University, China); Panneer Selvam Santhalingam and Parth Pathak (George Mason University, USA); Xiuzhen Cheng (Shandong University, China)

As acoustic communication systems become more common in homes and offices, eavesdropping brings significant security and privacy risks. Current approaches of acoustic eavesdropping either provide low resolution due to the use of sub-6 GHz frequencies, work only for limited words using classification, or cannot work through-wall due to the use of optical sensors. In this paper, we present MILLIEAR, a mmWave acoustic eavesdropping system that leverages the high-resolution of mmWave FMCW ranging and generative machine learning models to not only extract vibrations but to reconstruct the audio. MILLIEAR combines speaker vibration estimation with conditional generative adversarial networks to eavesdrop with unconstrained vocabulary. We implement and evaluate MILLIEAR using off-the-shelf mmWave radar deployed in different scenarios and settings. We find that it can accurately reconstruct the audio even at different distances, angles and through the wall with different insulator materials. Our subjective and objective evaluations show that the reconstructed audio has a strong similarity with the original audio.

The Hanging ROA: A Secure and Scalable Encoding Scheme for Route Origin Authorization

Yanbiao Li (Computer Network Information Center, Chinese Academy of Sciences, China); Hui Zou and Yuxuan Chen (University of Chinese Academy of Sciences & Computer Network Information Center, Chinese Academy of Sciences, China); Yinbo Xu and Zhuoran Ma (University of Chinese Academy of Sciences & Computer Network Information Center, China); Di Ma (Internet Domain Name System National Engineering Research Center, China); Ying Hu (Computer Network Information Center, Chinese Academy of Science, China); Gaogang Xie (CNIC Chinese Academy of Sciences & University of Chinese Academy of Sciences, China)

On top of the Resource Public Key Infrastructure (RPKI), the Route Origin Authorization (ROA) creates a cryptographically verifiable binding of an autonomous system to a set of IP prefixes it is authorized to originate. By their design, ROAs can protect the inter-domain routing system against prefix and sub-prefix hijacks. However, inappropriate configurations bring in vulnerabilities to other types of routing security attacks. As such, the state-of-the-art approach implements the minimal-ROA principle, eliminating the risk of using ROAs at the cost of system scalability. This paper proposes the hanging ROA, a novel bitmap-based encoding scheme for ROAs, that not only ensures strong security, but also significantly improves system scalability. According to the performance evaluation with real-world data sets, the hanging ROA outperforms the state-of-the-art approach $3$ times in terms of the compression ratio, and it can reduce the cost of a router to synchronize all validated ROA payloads by 50% ~ 60%.

Thwarting Unauthorized Voice Eavesdropping via Touch Sensing in Mobile Systems

Wenbin Huang (Hunan University, China); Wenjuan Tang (HNU, China); Kuan Zhang (University of Nebraska-Lincoln, USA); Haojin Zhu (Shanghai Jiao Tong University, China); Yaoxue Zhang (Tsinghua University, China)

Enormous mobile applications (apps) now support voice functionality for convenient user-device interaction. However, these voice-enabled apps may spitefully invoke microphone to realize voice eavesdropping with arousing security risks and privacy concerns. To explore the issue of voice eavesdropping, in this work, we first design eavesdropping apps through native development and injection development to conduct eavesdropping attack on a series of smart devices. The results demonstrate that eavesdropping could be carried out freely without any hint. To thwart voice eavesdropping, we propose a valid eavesdropping detection (EarDet) scheme based on the discovery that the activation of voice function in most apps requires authorization from the user by touching a specific voice icon. In the scheme, we construct a request-response time model using the Unix time stamps of touching the voice icon and microphone invoked. Through numerical analysis and hypothesis testing to effectively verify the pattern of app's normal access under user authorization to microphone, we could detect eavesdropping attacks by sensing whether there is a touch operation. Finally, we apply the scheme to different smart devices and test several apps. The experimental results show that the proposed EarDet scheme can achieve a high detection accuracy.

Session Chair

Qiben Yan (Michigan State University)

Session A-2

Security 2

4:00 PM — 5:30 PM EDT
May 3 Tue, 4:00 PM — 5:30 PM EDT

Backdoor Defense with Machine Unlearning

Yang Liu (Xidian University, China); MingYuan Fan (University of FuZhou, China); Cen Chen (East China Normal University, China); Ximeng Liu (Fuzhou University, China); Zhuo Ma (Xidian University, China); Wang Li (Ant Group, China); Jianfeng Ma (Xidian University, China)

Backdoor injection attack is an emerging threat to the security of neural networks, however, there still exist limited effective defense methods against the attack. In this paper, we propose BAERASER, a novel method that can erase the backdoor injected into the victim model through machine unlearning. Specifically, BAERASER mainly implements backdoor defense in two key steps. First, trigger pattern recovery is conducted to extract the trigger patterns infected by the victim model. Here, the trigger pattern recovery problem is equivalent to the one of extracting an unknown noise distribution from the victim model, which can be easily resolved by the entropy maximization based generative model. Subsequently, BAERASER leverages these recovered trigger patterns to reverse the backdoor injection procedure and induce the victim model to erase the polluted memories through a newly designed gradient ascent based machine unlearning method. Compared with the previous machine unlearning solutions, the proposed approach gets rid of the reliance on the full access to training data for retraining and shows higher effectiveness on backdoor erasing than existing fine-tuning or pruning methods. Moreover, experiments show that BAERASER can averagely lower the attack success rates of three kinds of state-of-the-art backdoor attacks by 99% on four benchmark datasets.

Revisiting Frequency Analysis against Encrypted Deduplication via Statistical Distribution

Jingwei Li, Guoli Wei, Jiacheng Liang and Yanjing Ren (University of Electronic Science and Technology of China, China); Patrick Pak-Ching Lee (The Chinese University of Hong Kong, Hong Kong); Xiaosong Zhang (University of Electronic Science and Technology of China, China)

Encrypted deduplication addresses both security and storage efficiency in large-scale storage systems: it ensures that each plaintext is encrypted to a ciphertext by a symmetric key derived from the content of the plaintext, so as to allow deduplication on the ciphertexts derived from duplicate plaintexts. However, the deterministic nature of encrypted deduplication leaks the frequencies of plaintexts, thereby allowing adversaries to launch frequency analysis against encrypted deduplication and infer the ciphertext-plaintext pairs in storage. In this paper, we revisit the security vulnerability of encrypted deduplication due to frequency analysis, and show that encrypted deduplication can be even more vulnerable to the sophisticated frequency analysis attack that exploits the underlying storage workload characteristics. We propose the distribution-based attack, which builds on a statistical approach to model the relative frequency distributions of plaintexts and ciphertexts, and improves the inference precision (i.e., have high confidence on the correctness of inferred ciphertext-plaintext pairs) of the previous attack. We evaluate the new attack against real-world storage workloads and provide insights into its actual damage.

Switching Gaussian Mixture Variational RNN for Anomaly Detection of Diverse CDN Websites

Liang Dai (Institute of Information Engineering, Chinese Academy of Sciences, China); Chen Wenchao (National Laboratory of Radar Signal Processing, Xidian University, China); Yanwei Liu (Institute of Information Engineering, Chinese Academy of Sciences, China); Antonios Argyriou (University of Thessaly, Greece); Chang Liu (University of Chinese Academy of Science, China); Tao Lin (Communication University of China, China); Wang Penghui (National Laboratory of Radar Signal Processing, Xidian University, China); Zhen Xu (Institute of Information Engineering, Chinese Academy of Sciences, China); Bo Chen (National Laboratory of Radar Signal Processing, Xidian University, China)

To conduct service quality management of industry devices or Internet infrastructures, various deep learning approaches have been used for extracting the normal patterns of multivariate Key Performance Indicators (KPIs) for unsupervised anomaly detection. However, in the scenario of Content Delivery Networks (CDN), KPIs that belong to diverse websites usually exhibit various structures at different timesteps and show the non-stationary sequential relationship between them, which is extremely difficult for the existing deep learning approaches to characterize and identify anomalies. To address this issue, we propose a switching Gaussian mixture variational recurrent neural network (SGmVRNN) suitable for multivariate CDN KPIs. Specifically, SGmVRNN introduces the variational recurrent structure and assigns its latent variables into a mixture Gaussian distribution to model complex KPI time series and capture the diversely structural and dynamical characteristics within them, while in the next step it incorporates a switching mechanism to characterize these diversities, thus learning richer representations of KPIs. For efficient inference, we develop an upward-downward autoencoding inference method which combines the bottom-up likelihood and up-bottom prior information of the parameters for accurate posterior approximation. Extensive experiments on real-world data show that SGmVRNN significantly outperforms the state-of-the-art approaches according to F1-score on CDN KPIs from diverse websites.

Towards an Efficient Defense against Deep Learning based Website Fingerprinting

Zhen Ling, Gui Xiao, Wenjia Wu, Xiaodan Gu and Ming Yang (Southeast University, China); Xinwen Fu (University of Massachusetts Lowell, USA)

Website fingerprinting (WF) attacks allow an attacker to eavesdrop on the encrypted network traffic between a victim and an anonymous communication system so as to infer the real destination websites visited by a victim. Recently, the deep learning (DL) based WF attacks are proposed to extract high level features by DL algorithms to achieve better performance than that of the traditional WF attacks and defeat the existing defense techniques. To mitigate this issue, we propose a-genetic-programming-based variant cover traffic search technique to generate defense strategies for effectively injecting dummy Tor cells into the raw Tor traffic. We randomly perform mutation operations on labeled original traffic traces by injecting dummy Tor cells into the traces to derive variant cover traffic. A high level feature distance based fitness function is designed to improve the mutation rate to discover successful variant traffic traces that can fool the DL-based WF classifiers. Then the dummy Tor cell injection patterns in the successful variant traces are extracted as defense strategies that can be applied to the Tor traffic. Extensive experiments demonstrate that we can introduce 8.1% of bandwidth overhead to significantly decrease the accuracy rate below 0.4% in the realistic open-world setting.

Session Chair

Salvatore D'Oro (Northeastern University)

Made with in Toronto · Privacy Policy · INFOCOM 2020 · INFOCOM 2021 · © 2022 Duetone Corp.