Foundations and Practice of Security

As cyber-attacks become more sophisticated, improving the robustness of Machine Learning (ML) models must be a priority for enterprises of all sizes. To reliably compare the robustness of different ML models for cyber-attack detection in enterprise computer networks, they must be evaluated in standardized conditions. This work presents a methodical adversarial robustness benchmark of multiple decision tree ensembles with constrained adversarial examples generated from standard datasets. The robustness of regularly and adversarially trained RF, XGB, LGBM, and EBM models was evaluated on the original CICIDS2017 dataset, a corrected version of it designated as NewCICIDS, and the HIKARI dataset, which contains more recent network traffic. NewCICIDS led to models with a better performance, especially XGB and EBM, but RF and LGBM were less robust against the more recent cyber-attacks of HIKARI. Overall, the robustness of the models to adversarial cyber-attack examples was improved without their generalization to regular traffic being affected, enabling a reliable detection of suspicious activity without costly increases of false alarms.

As cars evolve to be smarter than ever, they also become susceptible to attack. Malicious entities can attempt to override automated functions by sending a series of attack signals to the smart vehicle. It is thus imperative that we create systems to detect these attacks on the fly, so that they may be discarded. Machine learning approaches are a natural choice for detecting such attacks based on the payload information. However, machine learning models typically require a large dataset for training, in order to attain good performance. With manufacturers independently gathering this data based on their own cars, it is unlikely that all this data will be available in one place. To address this issue, we explore federated solutions that learn in a distributed manner for increased smart vehicle security. We explore challenging scenarios in which we do not assume an independent and identically distributed (IID) setting for the data, which is typical in many federated learning environments. We investigate various degrees of such heterogeneity in the attack data distribution between different manufacturers, and study the effectiveness of detection systems under them. Furthermore, with a combination of techniques including triplet-mixup based augmentation and a data exchange scheme involving synthetically generated samples, we show that we can attain strong performance in the most challenging label distribution scenarios. We perform our experiments on a publicly available dataset and on a proprietary attack dataset developed for this project.

When deploying classifiers in the real world, users expect them to respond to inputs appropriately. However, traditional classifiers are not equipped to handle inputs which lie far from the distribution they were trained on. Malicious actors can exploit this defect by making adversarial perturbations designed to cause the classifier to give an incorrect output. Classification-with-rejection methods attempt to solve this problem by allowing networks to refuse to classify an input in which they have low confidence. This works well for strongly adversarial examples, but also leads to the rejection of weakly perturbed images, which intuitively could be correctly classified. To address these issues, we propose Reed-Muller Aggregation Networks (RMAggNet), a classifier inspired by Reed-Muller error-correction codes which can correct and reject inputs. This paper shows that RMAggNet can minimise incorrectness while maintaining good correctness over multiple adversarial attacks at different perturbation budgets by leveraging the ability to correct errors in the classification process. This provides an alternative classification-with-rejection method which can reduce the amount of additional processing in situations where a small number of incorrect classifications are permissible.

The increasing complexity of cyberattacks has prompted researchers to keep pace with this trend by proposing automated cyberattack classification methods. Current research directions favor supervised learning detection methods; however, they are limited by the fact that they must be continually trained on vast labelled datasets and cannot generalize to unseen events. We propose a novel unsupervised learning detection approach that performs deep packet inspection on HTTP-specific features, contrary to other works that work with generic numerical network-based features. Our method is divided into three phases: pre-processing, dimension reduction and clustering. By analyzing the content of each HTTP packet, we achieve the perfect isolation of each web attack in the CIC-IDS2017 dataset in separate clusters. Further, we run our method on real-world data collected from a honeypot platform to demonstrate its classification abilities. For future work, the proposed method could be applied to other protocols and extended with more correlation techniques to classify complex attacks.

In 2022, the Ethereum Entreprise Alliance (EEA) published a first version of EthTrust [2], a document that aims to certify the security level of smart contracts written in the Solidity language. A smart contract is a computer code whose execution is triggered by a transaction issued by a peer on a distributed network. Once deployed in a blockchain, the contract is immutable and no security flaw can be corrected. In order to provide an uninitiated user with the means to check the security level of the targeted contract before sending a transaction, it would be desirable to have a tool capable of certifying the security level of smart contracts. With this objective in mind, the work presented in this paper aims to qualify the existing tools for detecting vulnerabilities in contracts, as well as advances based on the use of AI to analyse the Solidity language. Finally, the needs and a methodology are discussed to build a tool for systematically certifying the security level of open source smart contracts.

Memory corruption is an important class of vulnerability that can be leveraged to craft control flow hijacking attacks. Control Flow Integrity (CFI) provides protection against such attacks. Application of type-based CFI policies requires information regarding the number and type of function arguments. Binary-level type recovery is inherently speculative, which motivates the need for an evaluation framework to assess the effectiveness of binary-level CFI techniques. In this work, we develop a novel and extensible framework to assess how the program analysis information we get from advanced binary analysis tools affects the efficacy of type-based CFI techniques. We introduce new and insightful metrics to quantitatively compare source independent CFI policies with their ground truth source aware counterparts. We leverage our framework to evaluate binary-level CFI policies implemented using program analysis information extracted from the IDA Pro binary analyzer and compared with the ground truth information obtained from the LLVM compiler.

Internet-of-Things (IoT) device-type fingerprinting is the process of identification of the specific type of an IoT device based on its characteristics, such as network behavior. Such fingerprinting can be used to detect anomalous behavior of the device, or even predict its behavior should it get compromised. The typical approach to fingerprint an IoT device-type is by collecting a significant number of short network trace samples from these devices when it performs various activities and use machine learning on these samples to construct the fingerprint. There are several challenges to this approach. The first challenge is identifying the exact set of packets that correspond to the observed device-type behavior when it is performing some activity. The second challenge is that a single organization may not have enough data corresponding to all possible activities of the IoT device. We propose techniques to overcome the above mentioned challenges. First, to enhance device-type fingerprinting from small data sets, we designed a sliding-window based packet analysis behavioral model that provides improved data coverage associated with the activities of the tasks. Second, to get a model of the network behavior for the different activities of IoT devices deployed at various organizations, we use distributed deep-learning model so as to protect the privacy and confidentiality of the data. Finally, we alleviate the issue of data shortage by supplementing the training data with synthetic data generated using an Adversarial Autoencoder (AAE) neural network. We evaluated our approach using three different sets of experiments using a small set of representative devices. We estimate the best sliding window size for modeling device behavior by comparing the distributed learning performance over a range of window sizes. For our distributed approach, we achieve fingerprinting accuracy in the range of 94–99%, which is an improvement over the centralized approach for the same data sets and experiments. We demonstrate accuracy of \(97\%\), on-par with state-of-the-art fingerprinting approaches, when using synthetic training data generated by our AAE. We note that, this is the first such method of fingerprinting device-types in a collaborative privacy preserving manner while alleviating small data sets.

Contrary to intuition, insecure computer network architectures are valuable assets in IT security. Indeed, such architectures (referred to as cyber-ranges) are commonly used to train red teams and test security solutions, in particular ones related to supervision security. Unfortunately, the design and deployment of these cyber-ranges is costly, as they require designing an attack scenario from scratch and then implementing it in an architecture on a case-by-case basis, through manual choices of machines/users, OS versions, available services and configuration choices. This article presents URSID, a framework for automatic deployment of cyber-ranges based on the formal description of attack scenarios. The scenario is described at the technical attack level according to the MITRE nomenclature, refined into several variations (instances) at the procedural level and then deployed in virtual multiple architectures. URSID thus automates costly manual tasks and allows to have several instances of the same scenario on architectures with different OS, software or account configurations. URSID has been successfully tested in an academic cyber attack and defense training exercise.

Phishing is one of the most common types of attacks that internet users face. To combat them, it is necessary to consider the human aspect and increase users’ awareness since users are forced to decide in the moment whether information they see is legitimate or an attack. In privacy and security research, the anchoring effect, one of the nudging approaches using cognitive biases, is expected to change people’s attitudes and/or behaviors, but its effectiveness has not been deeply explored. In this paper, we develop nudging messages against phishing attacks, using the anchoring effect. We conducted two online surveys and analyzed a total of 5000 participant responses. We observed the anchoring effect in the participants’ perception of people’s probability of being victims. Then, we used questions about this probability as anchoring messages and found that the anchoring techniques increased secure behavior intentions against phishing attacks. In addition, nudging messages that combine the anchoring effect and availability heuristics improved intentions more. Our findings suggest the use of effective nudging messages to increase people’s awareness of attacks.

Twitter faces an ongoing issue with malicious tweets from deceptive accounts engaged in phishing, scams, and spam, negatively impacting the overall Twitter user experience. In response to growing security concerns, various machine learning-based methods have been deployed to detect and analyze these malicious activities. However, the evolving nature of the threats and tactics used by malicious actors cast doubts on the effectiveness of previously employed techniques. These methods often encounter challenges in addressing URL obfuscation techniques and managing false positive predictions. In this paper, we present “IntelliTweet”, an innovative solution designed to comprehend tweet content and accurately identify malicious tweets. This is achieved by incorporating a combination of contextual and content-based features, surpassing the use of conventional features alone. IntelliTweet takes a holistic approach that includes URL analysis, sentiment analysis, Twitter user analysis, and TFIDF-based content analysis, all working in tandem to enhance malicious tweet detection. For this system, our evaluation strategy places emphasis on reducing false positives while maintaining high precision. Through comparative experiments, we have demonstrated that IntelliTweet effectively counters URL obfuscation techniques, is robust, and minimizes the false positive rate. The system achieved a 98.38% precision, a 97.54% f-measure, and yielded a false positive rate of 0.14.

Web-based scams rely on scam websites to provide fraudulent business or fake services to steal money and sensitive information from unsuspecting victims. Despite many researchers’ efforts to develop anti-scam detection techniques, their main focus has been on understanding, detecting, and analyzing scam sites. State-of-the-art anti-scam research still faces several challenges, such as acquiring a properly labeled scam dataset, especially when there is no blacklist, central repository, or previous large-scale analysis. The researchers have created labeled datasets in different ways, such as manually collecting and labeling the dataset or using a semi-automatic crawler followed by manual inspection. However, this process requires previous knowledge and understanding of the scam and much manual work.

In this paper, we propose a data-driven model to create a labeled training dataset for web-based scams that have a web presence. Given a small scam sample, our model formulates scam-related search queries and uses them on multiple search engines to search for, and collect, potential scam pages. After collecting a sufficiently large corpus of web pages, our model semi-automatically clusters the search results and creates a labeled training dataset with minimal human interaction. We have validated our model using two different scam types that we have studied in our previous work. We tested our classifiers against the databases of web pages we collected during our previous analysis of the scams and successfully detected more than 87% of the scam pages while maintaining a false positive value as low as 0.23%.

The study fills a key gap in the literature on automated and machine-assisted discovery and patching of software security vulnerabilities, which has become increasingly critical with the dramatic increase in modern software complexity, but for which graph neural network (GNN) approaches are understudied relative to traditional processes, such as manual source code auditing and fuzzing. To conduct the study, the evaluation applies models to source and binary software components sourced from the National Vulnerability Database (NVD). A new dataset is curated by extracting vulnerable code fragments from six applications with NVD-documented security flaws and converting them to four graph types using specialized tools based on code property graphs and binary semantics lifting. The data is used to train contrastive and generative learning models for comparison. VulMAE achieves a weighted F1 score of 0.936 and a weighted Recall of 0.938, which is the highest of all tested methods.

Cryptographic vulnerabilities can have a particularly far-reaching impact due to the ubiquity of cryptographic software. In this paper, we describe 30 cryptographic vulnerabilities, classify them according to a taxonomy published in previous work, and compile useful information about this class of vulnerabilities. After discovering that many cryptographic vulnerabilities are caused by the use of functions that are known to be insecure, we investigate the efficacy of a straightforward lexical checker to warn programmers of the most typical errors.

The exponential growth of cyberattacks in recent years has highlighted the inadequacy of existing detection mechanisms and therefore the need to develop more relevant predictive models and methods in the field of Cyber Threat Intelligence (CTI). Many cybersecurity systems use behavioral indicators of compromise (IoCs), such as tactics, techniques, and procedures (TTPs), to design their defense strategies and detect future attacks attempts in an early stage. Typically, behavioral IoCs are gathered from unstructured incident reports, often written in natural language, and are typically extracted with manual analysis by cybersecurity experts. However, due to the huge number of reports daily released, this task has become more difficult and time-consuming to make it effective. In this paper, we propose a framework based on Bidirectional Encoder Representations from Transformers (BERT) to identify and recognize behavioral IoCs in incident reports. The results of our contribution showed a significant improvement of the F1-score compared to the state-of-the-art works.

Significant advances in the language processing field are providing new innovations, including the ability to analyze code for weaknesses. Typically, analyzing code security is performed by tools that use known vulnerable patterns, which may not adequately represent the intricacies of vulnerabilities in real-world projects. Such tools can fail to detect non-standard weaknesses in code samples, potentially leading to a loss of personal and financial information for end users of the code. Using language-based models to detect weaknesses that would have otherwise been missed by the currently available analysis tools is a promising new avenue of vulnerability detection. In this research, we employ 25 different models to evaluate the security of code samples. Using an existing dataset of insecure code, we prompt each model to detect weaknesses in the vulnerable code. Our findings indicate that most models are ill-equipped to deal with insecure code. Through our analysis, we identify strategies for improving weakness detection using language models.

Recent techniques have significantly improved fuzzing, discovering many vulnerabilities in various software systems. However, certain types of systems, such as network protocols, are still challenging to fuzz. This article presents two enhancements that allow efficient fuzzing of network protocols. The first is Desock+, which simulates a network socket and supports different POSIX options to make Desock+ suitable for faster network protocol fuzzing. The second is Green-Fuzz, which sends input messages in one go and reduces the system-call overhead while fuzzing network protocols. We applied this modification to AFLNet, but it could be applied to any fuzzer for stateful systems. This is the maximum overhead we can avoid, when doing out-process fuzzing on stateful systems. Our evaluation shows that these enhancements make AFLNet up to four times faster.

Malware is advancing at a rapid pace, and it is becoming more stealthy, resilient, and aware of the existing detection methods. A similar trend in mobile crypto-ransomware can be expected soon. Thus, it is crucial to investigate the problem of new variants of mobile crypto-ransomware that may emerge in the near future. Hence, this work investigates how next-generation advanced mobile crypto-ransomware can evade the existing state-of-the-art detection metrics and how it is possible to neutralize this threat. After reviewing the current data-centric crypto-ransomware detection metrics, we investigate the possibility of evading them. We demonstrate the threat posed by next-generation mobile crypto-ransomware by implementing a crypto-ransomware targeted for the Android operating system called Maskware. Maskware uses partial encryption and mimics the behavior of legitimate applications in terms of data manipulation. We evaluate the effectiveness of common crypto-ransomware detection metrics, including entropy, data transformation, and file structure, in the detection of Maskware. We demonstrate that such metrics are ineffective in detecting Maskware. Hence, this article suggests using more efficient and effective methods to combat such malware and proposes a novel solution. The evaluation results of the proposed solution demonstrate that it can effectively detect Maskware and protect users’ data.

As the sophistication and occurrence of cyberattacks continues to rise, it is increasingly crucial for organizations to invest in threat intelligence. In this research, we propose a way to automate some part of the threat intelligence process by leveraging the MITRE ATT &CK knowledge base of attackers to correlate and attribute attackers to a specific threat group. We propose a proof of work algorithm that does not aim to completely replace network administrators, but would rather help them by giving guidance, to expedite the attribution process. We show how this algorithm can be used to give insights on attackers by using it on real-world data gathered from a honeypot made publicly available on the Internet, over a two months period. We demonstrate how we are able to first discover the different techniques used by the attackers. Then, we identify various modi operandi of different threat groups collected from the MITRE ATT &CK framework and leverage that information to expose the behaviour of attackers targeting our Honeypot. By correlating the attackers together, we manage to reconstruct more complex attack vectors and are finally able to find higher similarities between the observed attackers and the knowledge base.

Firewalls are essential components for security enforcement in a network, as they are the first layer of protection from unwanted traffic and cyber-attacks. While the requirements for efficiency led to the design of ever more complex systems, evolving from stateless to stateful firewalls, this complexity induced new vulnerabilities. In this paper, we discuss a new vulnerability present in Packet Filtering that we called Vulnerability on Firewall States (Von-FS). It is due to three factors: 1) once a state is up, traffic going through it is not checked anymore, 2) a state timeout is refreshed when a packet matches it, and 3) pushing a blocking/dropping rule in the firewall does not automatically delete obsolete states. This vulnerability can be used by legacy attacks to be more stealthy and more difficult to stop when detected. Our study shows that many commercial and open-source firewalls are subject to this vulnerability. We propose a mitigation solution that consists of deleting all obsolete states whenever a dropping rule is pushed. We evaluated this idea by patching a well-known open-source firewall, FreeBSD. Experiments show that the impact on firewall performance is very low.

Our proposed method focuses on extracting obfuscation strategies, which we evaluate using two extensive datasets comprising over 30,000 phishing kits. Within these datasets, we identified approximately 18,000 instances of dynamically generated code, resulting in only 569 unique signatures. One notable advantage of our method compared to the state-of-the-art approaches is that it can extract a partial signature even if the deobfuscation process remains incomplete. Other methods heavily rely on the payload, rendering them inconclusive when the payload cannot be extracted.

This article presents new contributions for Remote Access Trojan (RAT) analysis using symbolic execution techniques. The first part of the article identifies the challenges in the application of such an analysis, as well as the procedures put in place to address these challenges. The second part of the article presents a practical analysis of samples from known RAT families with the help of the SEMA toolchain.

Among them, the CFG fragment with the highest cosine similarity is regarded as the unpacking stub, which also detects the used packer and the OEP as the jump destination from the exit.

The emergence of deep learning has revolutionized side-channel attacks, making them a serious threat to cryptographic systems. Clock randomization is a well-established mitigation technique against side-channel attacks that, when combined with duplication, has been shown to effectively protect FPGA implementations of block ciphers and post-quantum KEMs. In this paper, we present two deep-learning-based side-channel attacks on an FPGA implementation of AES protected with the clock randomization and duplication countermeasure. The attacks are based on identifying sporadic synchronicity in the execution of the encryption rounds of the two AES cores. We remedy this vulnerability by presenting three modular additions to the original design of the countermeasure that restores its security and increases its robustness.

Despite advancements in security research, systems continue to be susceptible to all kinds of threats. To better support designers, we present a method and tool called Dubhe that can be employed during the design phase of development to harden systems against data corruption attacks. We highlight the benefits of this approach by applying it to an online seller of merchandise system to analyze various “what-if” scenarios with different defence objectives. Using our approach, Dubhe (1) analyzes the XML form of UML activity diagrams created to define the behavioural view of the system, (2) determines optimal locations for data sanitization using novel protection techniques and activity centrality concepts, and (3) communicates the results to the designers so that they can incorporate the suggestions back into their system designs. This example application of Dubhe shows that our approach can provide valuable security advice to designers to ensure that their systems are designed with protection against data corruption attacks, using only artifacts that designers would normally create during the design phase.

End-to-end encrypted messaging applications such as Signal became widely popular thanks to their capability to ensure the confidentiality and integrity of online communication. While the highest security guarantees were long reserved to two-party communication, solutions for n-party communication remained either inefficient or less secure until the standardization of the MLS Protocol (Messaging Layer Security). This new protocol offers an efficient way to provide end-to-end secure communication with the same guarantees originally offered by the Signal Protocol for two-party communication. However, both solutions still rely on a centralized component for message delivery, called the Delivery Service in the MLS Protocol. The centralization of the Delivery Service makes it an ideal target for attackers and threatens the availability of any protocol relying on MLS. In order to overcome this issue, we propose the design of a fully distributed Delivery Service that allows clients to exchange protocol messages efficiently and without any intermediary. It uses a Probabilistic Reliable-Broadcast mechanism to efficiently deliver messages and the Cascade Consensus Protocol to handle messages requiring an agreement. Our solution strengthens the availability of the MLS Protocol without compromising its security.

In July 2022, NIST selected CRYSTALS-Kyber as a new post-quantum secure public key encryption and key encapsulation mechanism to be standardized. To safeguard its shared and secret keys from side-channel attacks (SCA), countermeasures such as masking and shuffling are applied. However, the existing SCA-protected implementations of CRYSTALS-Kyber protect the decapsulation algorithm only. The encapsulation algorithm is not covered because single-trace shared key recovery attacks on encapsulation are not considered feasible. Since the same shared key is never encapsulated more than once, the attacker gets only a single trace per shared key from the execution of the encapsulation algorithm. In this paper, we demonstrate a practical single-trace shared key recovery attack on a first-order masked implementation of the encapsulation algorithm of Kyber-768 in ARM Cortex-M4 based on deep learning-assisted power analysis. Our main contribution is a new aggregation method for ensemble learning that enables enumeration during shared key recovery. Our experimental results show that a full shared key can be recovered with a 91% probability on average from a single trace captured from a different from profiling device.

Most differentially private algorithms assume a central model in which a reliable third party inserts noise to queries made on datasets, or a local model where the data owners directly perturb their data. However, the central model is vulnerable via a single point of failure, and the local model has the disadvantage that the utility of the data deteriorates significantly. The recently proposed shuffle model is an intermediate framework between the central and local paradigms. In the shuffle model, data owners send their locally privatized data to a server where messages are shuffled randomly, making it impossible to trace the link between a privatized message and the corresponding sender. In this paper, we theoretically derive the tightest known differential privacy guarantee for the shuffle models with k-Randomized Response (k-RR) local randomizers, under histogram queries, and we denoise the histogram produced by the shuffle model using the matrix inversion method to evaluate the utility of the privacy mechanism. We perform experiments on both synthetic and real data to compare the privacy-utility trade-off of the shuffle model with that of the central one privatized by adding the state-of-the-art Gaussian noise to each bin. We see that the difference in statistical utilities between the central and the shuffle models shows that they are almost comparable under the same level of differential privacy protection.