With software-as-a-service becoming mainstream, more and applications are delivered to the client through Web. Unlike a desktop application, web application is split into browser-side server-side components. A subset of application's internal information flows inevitably exposed on network. We show that despite encryption, such side-channel leak realistic serious threat user privacy. Specifically, we found surprisingly detailed sensitive being leaked out from number high-profile,...

With more IoT devices entering the consumer market, it becomes imperative to detect their security vulnerabilities before an attacker does.Existing binary analysis based approaches only work on firmware, which is less accessible except for those equipped with special tools extracting code from device.To address this challenge in analysis, we present paper a novel automatic fuzzing framework, called IOTFUZZER, aims at finding memory corruption without access firmware images.The key idea upon...

With the Internet becoming dominant channel for marketing and promotion, online advertisements are also increasingly used illegal purposes such as propagating malware, scamming, click frauds, etc. To understand gravity of these malicious advertising activities, which we call malvertising, perform a large-scale study through analyzing ad-related Web traces crawled over three-month period. Our reveals rampancy malvertising: hundreds top ranking sites fell victims leading ad networks...

The emergence of cost-effective cloud services offers organizations great opportunity to reduce their cost and increase productivity. This development, however, is hampered by privacy concerns: a significant amount organizational computing workload at least partially involves sensitive data therefore cannot be directly outsourced the public cloud. scale these tasks also renders existing secure outsourcing techniques less applicable. A natural solution split task, keeping computation on...

One rising trend in today's consumer electronics is the wearable devices, e.g., smartwatches. With tens of millions smartwatches shipped, however, security implications such devices are not fully understood. Although previous studies have pointed out some privacy concerns about data that can be collected, like personalized health information, threat considered low as leaked highly sensitive and there no real attack implemented. In this paper we investigate a problem coming from sensors...

Previous research about sensor based attacks on Android platform focused mainly accessing or controlling over sensitive components, such as camera, microphone and GPS. These approaches obtain data from sensors directly need corresponding invoking permissions.

The popularity of mobile devices has made people's lives more convenient, but threatened privacy at the same time. As end users are becoming and concerned on protection their private information, it is even harder for hackers to track a specific user by using conventional technologies. For example, cookies might be cleared regularly. Besides, OS designers have developed series measures cope with tracker. Apple stopped apps accessing UDIDs, Android phones use some special permissions protect...

With the proliferation of Internet Things, there is a growing interest in embedded system attacks, e.g., key extraction attacks and firmware modification attacks. Code execution tracking, as first step to locate vulnerable instruction pieces for conduct control-flow integrity checking against therefore great value. Because systems, especially legacy have limited resources may not support software or hardware update, it important design low-cost code tracking methods that require little...

Accurate face recognition techniques make a series of critical applications possible: policemen could employ it to retrieve criminals' faces from surveillance video streams; cross boarder travelers pass authentication inspection line without the involvement officers. Nonetheless, when public security heavily relies on such intelligent systems, designers should deliberately consider emerging attacks aiming at misleading those systems employing recognition. We propose kind brand new attack...

Many new specialized hardware components have been integrated into Android smartphones to improve mobility and usability, such as touchscreen, Bluetooth module, NFC controller. At the system level, kernel of is built on Linux inherits its device management mechanisms. However, security implications surfaced from integration tailored are not fully understood. In this paper, we make first attempt evaluate implications. As a result, identify critical information leakage channel interrupt...

Since Android has become the dominator of smartphone operating system market with a share 86.8%, number malicious applications are increasing rapidly as well. Such large volume diversified malware variants forced researchers to investigate new methods by using machine learning since it provides powerful ability for detection. static analysis plays an important role in security and opcode been shown effective representation malware, some them use Dalvik opcodes features adopt detect malware....

The IoT (Internet of Things) technology has been widely adopted in recent years and profoundly changed the people's daily lives. However, meantime, such a fast-growing also introduced new privacy issues, which need to be better understood measured. In this work, we look into how private information can leaked from network traffic generated smart home network. Although researchers have proposed techniques infer device types or user behaviors under clean experiment setup, effectiveness...

Physical unclonable functions (PUFs) have been adopted in many resource-constrained Internet of Things (IoT) applications to provide effective and lightweight solutions for device authentication. However, an attacker can collect challenge–response pairs (CRPs) a strong PUF, build machine learning (ML) model mimic its behavior, i.e., predicting the responses unseen challenges with high accuracy. Although several PUFs proposed resist such modeling attacks, they incur hardware overhead....

A web application is a "two-part" program, with its components deployed both in the browser and server. The communication between these two inevitably leaks out program's internal states to those eavesdropping on traffic, simply through side channel features of such as packet length timing, even if traffic entirely encrypted. Our recent study shows that side-channel are fundamental realistic: set popular applications found disclose highly sensitive user data one's family incomes, health...

Inspired by the boom of consumer IoT market, many device manufacturers, start-up companies and technology giants have jumped into space. Unfortunately, exciting utility rapid marketization IoT, come at expense privacy security. Industry reports academic work revealed attacks on systems, resulting in leakage, property loss large-scale availability problems. To mitigate such threats, a few solutions been proposed. However, it is still less clear what are impacts they can ecosystem. In this...

Motivated by the prevalence of OAuth-related vulnerabilities in wild, large-scale security testing real-world OAuth 2.0 implementations have received increasing attention lately [31,37,42]. However, these existing works either rely on manual discovery new or perform automated for specific, previously-known across a large number implementations. In this work, we propose an adaptive model-based framework to automated, assessments practice. Key advantages our approach include (1) its ability...

Face authentication systems are becoming increasingly prevalent, especially with the rapid development of Deep Learning technologies. However, human facial information is easy to be captured and reproduced, which makes face vulnerable various attacks. Liveness detection an important defense technique prevent such attacks, but existing solutions did not provide clear strong security guarantees, in terms time. To overcome these limitations, we propose a new liveness protocol called Flashing...

In this paper, we seek to better understand Android obfuscation and depict a holistic view of the usage through large-scale investigation in wild. particular, focus on four popular approaches: identifier renaming, string encryption, Java reflection, packing. To obtain meaningful statistical results, designed efficient lightweight detection models for each technique applied them our massive APK datasets (collected from Google Play, multiple third-party markets, malware databases). We have...

With the development of demand response technologies, pricing scheme in smart grids is moving from flat to multiple (MP), which facilitates energy saving at consumer side. However, flexible policy may be exploited for stealthy reduction utility bills. In this paper, we present a hidden electricity theft (HET) attack by exploiting emerging MP scheme. The basic idea that attackers can tamper with meters cheat some consumed under lower price. To construct HET attack, propose an optimization...

Bluetooth is a widely used communication technology, especially under the scenarios of mobile computing and Internet Things.Once paired with host device, device then can exchange commands data, such as voice, keyboard/mouse inputs, network, blood pressure so on, host.Due to sensitivity data commands, some security measures have already been built into protocol, like authentication, encryption, authorization, etc.However, according our studies on protocol well its implementation Android...