Smart grid (SG) networks are newly upgraded of connected objects that greatly improve reliability, efficiency, and sustainability the traditional energy infrastructure. In this respect, smart metering infrastructure (SMI) plays an important role in controlling, monitoring, managing multiple domains SG. Despite salient features SMI, security, privacy issues have been under debate because large number heterogeneous devices anticipated to be coordinated through public communication networks....

Remote attestation is a crucial security service particularly relevant to increasingly popular IoT (and other embedded) devices. It allows trusted party (verifier) learn the state of remote, and potentially malware-infected, device (prover). Most existing approaches are static in nature only check whether benign software initially loaded on prover. However, they vulnerable runtime attacks that hijack application's control or data flow, e.g., via return-oriented programming data-oriented...

The emerging and much-touted Internet of Things (IoT) presents a variety security privacy challenges. Prominent among them is the establishment trust in remote IoT devices, which typically attained via attestation, distinct service that aims to ascertain current state potentially compromised device. Remote attestation ranges from relatively heavy-weight secure hardware-based techniques, light-weight software-based ones, also includes approaches blend software (e.g., control-flow integrity)...

With the increasing amount of interconnections between vehicles, attack surface internal vehicle networks is rising steeply. Although these are shielded against external attacks, they often do not have any security to protect malicious components or adversaries who can breach network perimeter. To secure in-vehicle network, all communicating must be authenticated, and only authorized should allowed send receive messages. This achieved through use an authentication framework. Cryptography...

Attacks targeting software on embedded systems are becoming increasingly prevalent. Remote attestation is a mechanism that allows establishing trust in devices. However, existing schemes either static and cannot detect control-flow attacks, or require instrumentation of incurring high performance overheads. To overcome these limitations, we present LO-FAT, the first practical hardware-based approach to attestation. By leveraging processor hardware features commonly-used IP blocks, our...

Function-as-a-Service (FaaS) is a recent and popular cloud computing paradigm in which the function provider specifies to be run billed only for computational resources used by that function. Compared other paradigms, FaaS requires significantly more fine-grained measurement of functions' compute time memory usage. Since functions are short stateless, small ephemeral entities (e.g. individuals or underutilized data centers) can become service providers. However, this exacerbates already...

The theoretical construct of a Trusted Third Party (TTP) has the potential to solve many security and privacy challenges. In particular, TTP is an ideal way achieve secure multiparty computation---a privacy-enhancing technique in which mutually distrusting participants jointly compute function over their private inputs without revealing these inputs. Although there exist cryptographic protocols this, performance often limits them two-party case, or small number participants. However,...

To continuously improve quality and reflect changes in data, machine learning applications have to regularly retrain update their core models. We show that a differential analysis of language model snapshots before after an can reveal surprising amount detailed information about the training data. propose two new metrics---differential score rank---for analyzing leakage due updates natural perform using these metrics across models trained on several different datasets methods configurations....

Deploying machine learning models in production may allow adversaries to infer sensitive information about training data. There is a vast literature analyzing different types of inference risks, ranging from membership reconstruction attacks. Inspired by the success games (i.e. probabilistic experiments) study security properties cryptography, some authors describe privacy risks using similar game-based style. However, adversary capabilities and goals are often stated subtly ways one...

Malware checking is changing from being a local service to cloud-assisted one where users' devices query cloud server, which hosts dictionary of malware signatures, check if particular applications are potentially malware. Whilst such an architecture gains all the benefits cloud-based services, it opens up major privacy concern since can infer personal traits users based on lists queried by their devices. Private membership test (PMT) schemes remove this concern. However, known PMT do not...

Although privacy concerns in smart metering have been widely studied, relatively little attention has given to bi-directional communication between consumers and service providers. Full is necessary for incentive-based demand response (DR) protocols, such as bidding, which bid reduce their energy consumption. However, this can reveal private information about consumers. Existing proposals privacy-enhancing protocols do not support communication. To address challenge, we present a...

Intel Software Guard Extensions (SGX) is a promising hardware-based technology for protecting sensitive computations from potentially compromised system software. However, recent research has shown that SGX vulnerable to branch-shadowing -- side channel attack leaks the fine-grained (branch granularity) control flow of an enclave (SGX protected code), revealing data attacker. The previously-proposed defense mechanism, called Zigzagger, attempted hide flow, but been be ineffective if attacker...

Remote attestation is a crucial security service particularly relevant to increasingly popular IoT (and other embedded) devices. It allows trusted party (verifier) learn the state of remote, and potentially malware-infected, device (prover). Most existing approaches are static in nature only check whether benign software initially loaded on prover. However, they vulnerable run-time attacks that hijack application's control or data flow, e.g., via return-oriented programming data-oriented...

Hardware-supported security mechanisms like Intel Software Guard Extensions (SGX) provide strong guarantees, which are particularly relevant in cloud settings. However, their reliance on physical hardware conflicts with practices, migration of VMs between platforms. For instance, the SGX trusted execution environment (enclave) is bound to a single CPU. Although prior work has proposed an effective mechanism migrate enclave's data memory, it overlooks persistent state, including sealed and...

Passwords are undoubtedly the most dominant user authentication mechanism on web today. Although they inexpensive and easy-to-use, security concerns of password-based serious. Phishing theft password databases two critical concerns. The tendency users to re-use passwords across different services exacerbates impact these Current solutions addressing not fully satisfactory: typically address only one concerns; do protect from rogue servers; provide any verifiable evidence their (server-side)...

This paper presents a novel approach to cellular network coverage analysis and demonstrates the capabilities of prototype system. Location specific measurements are obtained from consumer mobile devices within network. Crowd sourcing is used generate sufficiently large dataset measurements. By visualising these in location-based context, this system can be produce high accuracy maps, improve identification cell boundaries, observe detailed level analyse dynamic characteristics

Memory-unsafe programming languages like C and C++ leave many (embedded) systems vulnerable to attacks control-flow hijacking. However, defenses against attacks, such as (fine-grained) randomization or integrity are in-effective data-oriented more expressive Data-oriented Programming (DOP) that bypass state-of-the-art defenses.

Widespread use of memory unsafe programming languages (e.g., C and C++) leaves many systems vulnerable to corruption attacks. A variety defenses have been proposed mitigate attacks that exploit errors hijack the control flow code at run-time, e.g., (fine-grained) randomization or Control Flow Integrity. However, recent work on data-oriented (DOP) demonstrated highly expressive (Turing-complete) attacks, even in presence these state-of-the-art defenses. Although multiple real-world DOP...