Publications
29 results found
Loureiro-Koechlin C, Cordoba-Pachon JR, Coventry L, et al., 2022, Vision: Design Fiction for Cybersecurity Using Science Fiction to Help Software Developers Anticipate Problems, Pages: 79-84
Security and privacy issues are an ever-increasing problem for software systems. To address them, software developers must anticipate the problems that their developed systems may face, using a process we call 'threat assessment'. Unfortunately, given the shortage of security experts, and the need to 'think laterally', threat assessment is very difficult for many development teams. One possibility is to use stories, known as 'Design Fiction,' to help developers visualize different contexts and future use for their software. But such stories are themselves difficult to write. A recent pilot project investigated using a broad-brush threat model and fiction samples derived from existing science fiction literature to help developers create threat assessments for Health Internet-of-Things devices. The preliminary results are encouraging, and open the possibility of developing a method to support developers in threat assessment in any domain.
Hau Z, Demetriou S, Lupu EC, 2022, Using 3D Shadows to Detect Object Hiding Attacks on Autonomous Vehicle Perception, 43rd IEEE Symposium on Security and Privacy (SP), Publisher: IEEE COMPUTER SOC, Pages: 229-235, ISSN: 2639-7862
Hledikova A, Woszczyk D, Acman A, et al., 2022, Data Augmentation for Dementia Detection in Spoken Language, Interspeech Conference, Publisher: ISCA-INT SPEECH COMMUNICATION ASSOC, Pages: 2858-2862, ISSN: 2308-457X
Ismail Khan S, Woszczyk D, You C, et al., 2021, Characterizing Improper Input Validation Vulnerabilities ofMobile Crowdsourcing Services, Annual Computer Security Applications Conference
You C, Hau Z, Demetriou S, 2021, Temporal Consistency Checks to Detect LiDAR Spoofing Attacks on Autonomous Vehicle Perception, Pages: 13-18
LiDAR sensors are used widely in Autonomous Vehicles for better perceiving the environment which enables safer driving decisions. Recent work has demonstrated serious LiDAR spoofing attacks with alarming consequences. In particular, model-level LiDAR spoofing attacks aim to inject fake depth measurements to elicit ghost objects that are erroneously detected by 3D Object Detectors, resulting in hazardous driving decisions. In this work, we explore the use of motion as a physical invariant of genuine objects for detecting such attacks. Based on this, we propose a general methodology, 3D Temporal Consistency Check (3D-TC2), which leverages spatiotemporal information from motion prediction to verify objects detected by 3D Object Detectors. Our preliminary design and implementation of a 3D-TC2 prototype demonstrates very promising performance, providing more than 98% attack detection rate with a recall of 91% for detecting spoofed Vehicle (Car) objects, and is able to achieve real-time detection at 41Hz.
Woszczyk D, Lee A, Demetriou S, 2021, Open, sesame! Introducing access control to voice services, 1st Workshop on Security and Privacy for Mobile AI (MAISP), Publisher: ACM, Pages: 7-12
Personal voice assistants (VAs) are shown to be vulnerable against record–and–replay, and other acoustic attacks which allow an adversary to gain unauthorized control of connected devices within a smart home. Existing defenses either lack detection and management capabilities or are too coarse-grained to enable flexible policies on par with other computing interfaces. In this work, we present Sesame, a lightweight framework for edge devices which is the first to enable fine-grained access control of smart-home voice commands. Sesame combines three components: Automatic SpeechRecognition, Natural Language Understanding (NLU) and a Policymodule. We implemented Sesame on Android devices and demonstrate that our system can enforce security policies for both Alexa and Google Home in real-time (362ms end-to-end inference time), with a lightweight (<25MB) NLU model which exhibits minimal accuracy loss compared to its non-compact equivalent.
Mo F, Borovykh A, Malekzadeh M, et al., 2021, Quantifying and Localizing Usable Information Leakage from Neural Network Gradients
In collaborative learning, clients keep their data private and communicateonly the computed gradients of the deep neural network being trained on theirlocal data. Several recent attacks show that one can still extract privateinformation from the shared network's gradients compromising clients' privacy.In this paper, to quantify the private information leakage from gradients weadopt usable information theory. We focus on two types of private information:original information in data reconstruction attacks and latent information inattribute inference attacks. Furthermore, a sensitivity analysis over thegradients is performed to explore the underlying cause of information leakageand validate the results of the proposed framework. Finally, we conductnumerical evaluations on six benchmark datasets and four well-known deepmodels. We measure the impact of training hyperparameters, e.g., batches andepochs, as well as potential defense mechanisms, e.g., dropout and differentialprivacy. Our proposed framework enables clients to localize and quantify theprivate information leakage in a layer-wise manner, and enables a betterunderstanding of the sources of information leakage in collaborative learning,which can be used by future studies to benchmark new attacks and defensemechanisms.
Hau Z, Co KT, Demetriou S, et al., 2021, Object removal attacks on LiDAR-based 3D object detectors, NDSS 2021 Workshop, Publisher: Internet Society
LiDARs play a critical role in Autonomous Vehicles' (AVs) perception and their safe operations. Recent works have demonstrated that it is possible to spoof LiDAR return signals to elicit fake objects. In this work we demonstrate how the same physical capabilities can be used to mount a new, even more dangerous class of attacks, namely Object Removal Attacks (ORAs). ORAs aim to force 3D object detectors to fail. We leverage the default setting of LiDARs that record a single return signal per direction to perturb point clouds in the region of interest (RoI) of 3D objects. By injecting illegitimate points behind the target object, we effectively shift points away from the target objects' RoIs. Our initial results using a simple random point selection strategy show that the attack is effective in degrading the performance of commonly used 3D object detection models.
Hau Z, Co KT, Demetriou S, et al., 2021, Object Removal Attacks on LiDAR-based 3D Object Detectors
LiDARs play a critical role in Autonomous Vehicles' (AVs) perception andtheir safe operations. Recent works have demonstrated that it is possible tospoof LiDAR return signals to elicit fake objects. In this work we demonstratehow the same physical capabilities can be used to mount a new, even moredangerous class of attacks, namely Object Removal Attacks (ORAs). ORAs aim toforce 3D object detectors to fail. We leverage the default setting of LiDARsthat record a single return signal per direction to perturb point clouds in theregion of interest (RoI) of 3D objects. By injecting illegitimate points behindthe target object, we effectively shift points away from the target objects'RoIs. Our initial results using a simple random point selection strategy showthat the attack is effective in degrading the performance of commonly used 3Dobject detection models.
Mo F, Borovykh A, Malekzadeh M, et al., 2020, Layer-wise Characterization of Latent Information Leakage in Federated Learning
Training deep neural networks via federated learning allows clients to share,instead of the original data, only the model trained on their data. Prior workhas demonstrated that in practice a client's private information, unrelated tothe main learning task, can be discovered from the model's gradients, whichcompromises the promised privacy protection. However, there is still no formalapproach for quantifying the leakage of private information via the sharedupdated model or gradients. In this work, we analyze property inference attacksand define two metrics based on (i) an adaptation of the empirical$\mathcal{V}$-information, and (ii) a sensitivity analysis using Jacobianmatrices allowing us to measure changes in the gradients with respect to latentinformation. We show the applicability of our proposed metrics in localizingprivate latent information in a layer-wise manner and in two settings where (i)we have or (ii) we do not have knowledge of the attackers' capabilities. Weevaluate the proposed metrics for quantifying information leakage on threereal-world datasets using three benchmark models.
Demetriou S, Jain P, 2020, Determination of a next state of multiple IoT devices within an environment, US 10778516 B2
Examples herein relate to determining a next state in which to transition multiple IoT devices within an environment. Examples disclose determining, via operation of a state machine, a current state of the multiple IoT devices within the environment. The state machine receives contextual information. Based on the current state and the contextual information, the state machine determine a next state of the multiple IoT devices in which to transition of the multiple IoT devices within the environment.
Huang H-Y, Demetriou S, Banerjee R, et al., 2020, Smartphone security behavioral scale: a new psychometric measurement for smartphone security, Publisher: arXiv
Despite widespread use of smartphones, there is no measurement standardtargeted at smartphone security behaviors. In this paper we translate awell-known cybersecurity behavioral scale into the smartphone domain and showthat we can improve on this translation by following an establishedpsychometrics approach surveying 1011 participants. We design a new 14-itemSmartphone Security Behavioral Scale (SSBS) exhibiting high reliability andgood fit to a two-component behavioural model based on technical versus socialprotection strategies. We then demonstrate how SSBS can be applied to measurethe influence of mental health issues on smartphone security behaviorintentions. We found significant correlations that predict SSBS profiles fromthree types of MHIs. Conversely, we are able to predict presence of MHIs usingSSBS profiles.We obtain prediction AUCs of 72.1% for Internet addiction,75.8%for depression and 66.2% for insomnia.
Wang X, Yuan K, Zhou X, et al., 2020, External resource control of mobile devices, US 10685142 B2
The present disclosure provides a security enhanced channel control system useable on a wireless device comprising a policy module including at least one processor and memory, the policy module configured to store, in the memory, one or more security policies and apply a compliance check to a first system layer and a second system layer; and a first policy base stored in the memory of the policy module, the first policy base being associated with a mandatory access control (“MAC”) base and defining one more security polices for access to a plurality of channels associated with the first and second system layers. The policy module cooperates with the first policy base to establish one or more access control rules that are applied to at least one of the plurality of channels to preclude an unauthorized application from accessing at least one of the channels.
Mo F, Shamsabadi AS, Katevas K, et al., 2020, DarkneTZ: towards model privacy at the edge using trusted execution environments, Publisher: arXiv
We present DarkneTZ, a framework that uses an edge device's Trusted ExecutionEnvironment (TEE) in conjunction with model partitioning to limit the attacksurface against Deep Neural Networks (DNNs). Increasingly, edge devices(smartphones and consumer IoT devices) are equipped with pre-trained DNNs for avariety of applications. This trend comes with privacy risks as models can leakinformation about their training data through effective membership inferenceattacks (MIAs). We evaluate the performance of DarkneTZ, including CPUexecution time, memory usage, and accurate power consumption, using two smalland six large image classification models. Due to the limited memory of theedge device's TEE, we partition model layers into more sensitive layers (to beexecuted inside the device TEE), and a set of layers to be executed in theuntrusted part of the operating system. Our results show that even if a singlelayer is hidden, we can provide reliable model privacy and defend against stateof the art MIAs, with only 3% performance overhead. When fully utilizing theTEE, DarkneTZ provides model protections with up to 10% overhead.
Jain P, Demetriou S, Kyu-Han K, 2019, Determining car positions, US 10380889 B2
Examples provided herein describe a method for determining car positions. For example, a physical processor of an edge computing device may receive position data for a legacy car and information about a make and model of the legacy car. The first edge device may also receive, from a sensor-rich car, a set of sensor data about a set of observed cars in the vicinity of the sensor-rich car, a set of position data for the set of observed cars, and a set of visual data of the set of observed cars, wherein the set of observed cars includes the legacy car and the sensor-rich car. The edge device may then determine an updated position for the legacy car based on the set of position data for the set of observed cars, the set of visual data, and the set of sensor data and provide the updated position of the legacy car.
Hojjati A, Long Y, Demetriou S, et al., 2019, BEEER: Distributed Record and Replay for Medical Devices in Hospital Operating Rooms, Publisher: ACM, Pages: 1:1-1:10
Demetriou S, Jain P, Han K-H, 2018, CoDrive: improving automobile positioning via collaborative driving, IEEE Conference on Computer Communications (INFOCOM), Publisher: IEEE, Pages: 72-80
An increasing number of depth sensors and surrounding-aware cameras are being installed in the new generation of cars. For example, Tesla Motors uses a forward radar, a front-facing camera, and multiple ultrasonic sensors to enable its Autopilot feature. Meanwhile, older or legacy cars are expected to be around in volumes, for at least the next 10 to 15 years. Legacy car drivers rely on traditional GPS for navigation services, whose accuracy varies 5 to 10 meters in a clear line-of-sight and degrades up to 30 meters in a downtown environment. At the same time, a sensor-rich car achieves better accuracy due to high-end sensing capabilities. To bridge this gap, we propose CoDrive, a system to provide a sensor-rich car's accuracy to a legacy car. We achieve this by correcting GPS errors of a legacy car on an opportunistic encounter with a sensor-rich car. CoDrive uses smartphone GPS of all participating cars, RGB-D sensors of sensor-rich cars, and road boundaries of a traffic scene to generate optimization constraints. Our algorithm collectively reduces GPS errors, resulting in accurate reconstruction of a traffic scene's aerial view. CoDrive does not require stationary landmarks or 3D maps. We empirically evaluate CoDrive which is shown to achieve a 90% and a 30% reduction in cumulative GPS error for legacy and sensor-rich cars respectively, while preserving the shape of the traffic.
Tuncay GS, Demetriou S, Ganju K, et al., 2018, Resolving the predicament of android custom permissions, Network and Distributed System Security Symposium, Publisher: Internet Society, Pages: 1-15
Android leverages a set ofsystem permissionstoprotect platform resources. At the same time, it allows untrustedthird-party applications to declare their owncustom permissionsto regulate access to app components. However, Android treatscustom permissions the same way as system permissions eventhough they are declared by entities of different trust levels. Inthis work, we describe two new classes of vulnerabilities that arisefrom the ‘predicament’ created by mixing system and custompermissions in Android. These have been acknowledged as serioussecurity flaws by Google and we demonstrate how they can beexploited in practice to gain unauthorized access to platformresources and to compromise popular Android apps. To addressthe shortcomings of the system, we propose a new modulardesign called Cusper for the Android permission model. Cusperseparates the management of system and custom permissions andintroduces a backward-compatible naming convention for custompermissions to prevent custom permission spoofing. We validatethe correctness of Cusper by 1) introducing the first formalmodel of Android runtime permissions, 2) extending it to describeCusper, and 3) formally showing that key security propertiesthat can be violated in the current permission model arealwayssatisfied in Cusper. To demonstrate Cusper’s practicality, weimplemented it in the Android platform and showed that it isboth effective and efficient.
Srivastava A, Jain P, Demetriou S, et al., 2017, CamForensics: understanding visual privacy leaks in the wild, ACM Conference on Embedded Network Sensor Systems, Publisher: ACM
Many mobile apps, including augmented-reality games, bar-code readers, and document scanners, digitize information from the physical world by applying computer-vision algorithms to live camera data. However, because camera permissions for existing mobile operating systems are coarse (i.e., an app may access a camera's entire view or none of it), users are vulnerable to visual privacy leaks. An app violates visual privacy if it extracts information from camera data in unexpected ways. For example, a user might be surprised to find that an augmented-reality makeup app extracts text from the camera's view in addition to detecting faces. This paper presents results from the first large-scale study of visual privacy leaks in the wild. We build CamForensics to identify the kind of information that apps extract from camera data. Our extensive user surveys determine what kind of information users expected an app to extract. Finally, our results show that camera apps frequently defy users' expectations based on their descriptions.
Zhang N, Demetriou S, Mi X, et al., 2017, Understanding IoT Security Through the Data Crystal Ball: Where We Are Now and Where We Are Going To Be
Inspired by the boom of the consumer IoT market,many device manufacturers, new start-up companies and technologybehemoths have jumped into the space. Indeed, in a spanof less than 5 years, we have experienced the manifestation of anarray of solutions for the smart home, smart cities and even smartcars. Unfortunately, the exciting utility and rapid marketizationof IoTs, come at the expense of privacy and security. Online andindustry reports, and academic work have revealed a number ofattacks on IoT systems, resulting in privacy leakage, property lossand even large-scale availability problems on some of the mostinfluential Internet services (e.g. Netflix, Twitter). To mitigatesuch threats, a few new solutions have been proposed. However,it is still less clear what are the impacts they can have on theIoT ecosystem. In this work, we aim to perform a comprehensivestudy on reported attacks and defenses in the realm of IoTsaiming to find out what we know, where the current studiesfall short and how to move forward. To this end, we first builda toolkit that searches through massive amount of online datausing semantic analysis to identify over 3000 IoT-related articles(papers, reports and news). Further, by clustering such collecteddata using machine learning technologies, we are able to compareacademic views with the findings from industry and other sources,in an attempt to understand the gaps between them, the trendof the IoT security risks and new problems that need furtherattention. We systemize this process, by proposing a taxonomy forthe IoT ecosystem and organizing IoT security into five problemareas. We use this taxonomy as a beacon to assess each IoT workacross a number of properties we define. Our assessment revealsthat despite the acknowledged and growing concerns on IoTfrom both industry and academia, relevant security and privacyproblems are far from solved. We discuss how each proposedsolution can be applied to a problem area and highlight theirstrengths, assum
Demetriou S, Zhang N, Lee Y, et al., 2017, Guardian of the HAN: Thwarting Mobile Attacks on Smart-Home Devices Using OS-level Situation Awareness
A new development of smart-home systems is to use mobile apps to control IoTdevices across a Home Area Network (HAN). Those systems tend to rely on theWi-Fi router to authenticate other devices; as verified in our study, IoTvendors tend to trust all devices connected to the HAN. This treatment exposesthem to the attack from malicious apps, particularly those running onauthorized phones, which the router does not have information to control, asconfirmed in our measurement study. Mitigating this threat cannot solely relyon IoT manufacturers, which may need to change the hardware on the devices tosupport encryption, increasing the cost of the device, or software developerswho we need to trust to implement security correctly. In this work, we present a new technique to control the communication betweenthe IoT devices and their apps in a unified, backward-compatible way. Ourapproach, called Hanguard, does not require any changes to the IoT devicesthemselves, the IoT apps or the OS of the participating phones. Hanguardachieves a fine-grained, per-app protection through bridging the OS-levelsituation awareness and the router-level per-flow control: each phone runs anon-system userspace Monitor app to identify the party that attempts to accessthe protected IoT device and inform the router through a control plane of itsaccess decision; the router enforces the decision on the data plane afterverifying whether the phone should be allowed to talk to the device. Hanguarduses a role-based access control (RBAC) schema which leverages type enforcement(TE) and multi-category security (MCS) primitives to define highly flexibleaccess control rules. We implemented our design over both Android and iOS (>95%of mobile OS market share) and a popular router. Our study shows that Hanguardis both efficient and effective in practice.
Lee Y, Li T, Zhang N, et al., 2017, Ghost Installer in the Shadow: Security Analysis of App Installation on Android, 47th IEEE/IFIP Annual International Conference on Dependable Systems and Networks (DSN), Publisher: IEEE, Pages: 403-414, ISSN: 1530-0889
Demetriou S, Zhang N, Lee Y, et al., 2017, HanGuard: SDN-driven protection of smart home WiFi devices from malicious mobile apps, 10th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec), Publisher: ASSOC COMPUTING MACHINERY, Pages: 122-133
- Author Web Link
- Cite
- Citations: 21
Tuncay GS, Demetriou S, Gunter CA, 2016, Draco: A System for Uniform and Fine-grained Access Control for Web Code on Android, 23rd ACM Conference on Computer and Communications Security (CCS), Publisher: ASSOC COMPUTING MACHINERY, Pages: 104-115
- Author Web Link
- Cite
- Citations: 24
Demetriou S, Merrill W, Yang W, et al., 2015, Free for all! Assessing user data exposure to advertising libraries on android, Network and Distributed System Security (NDSS) Symposium
Demetriou S, Zhou X, Naveed M, et al., 2015, What’s in your dongle and bank account? Mandatory and discretionary protection of android external resources, Network and Distributed System Security Symposium, Publisher: Internet Society, Pages: 1-15
The pervasiveness of security-critical external re- sources (e.g accessories, online services) poses new challenges to Android security. Prior research reveals that given the BLUETOOTH and BLUETOOTH_ADMIN permissions, a malicious app on an authorized phone gains unfettered access to any Bluetooth device (e.g., Blood Glucose meter, etc.). Our study further shows that sensitive text messages from online banking services and social networks (account balance, password reset links, etc.) are completely exposed to any app with either the RECEIVE_SMS or the READ_SMS permission. Similar security risks are present in other channels (Internet, Audio and NFC) extensively used to connect the phone to assorted external devices or services. Fundamentally, the current permission-based Discre- tionary Access Control (DAC) and SEAndroid-based Mandatory Access Control (MAC) are too coarse-grained to protect those resources: whoever gets the permission to use a channel is automatically allowed to access all resources attached to it. To address this challenge, we present in this paper SEACAT, a new security system for fine-grained, flexible protection on external resources. SEACAT supports both MAC and DAC, and integrates their enforcement mechanisms across the Android middleware and the Linux kernel. It extends SEAndroid for specifying policies on external resources, and also hosts a DAC policy base. Both sets of policies are managed under the same policy engine and Access Vector Cache that support policy checks within the security hooks distributed across the framework and the Linux kernel layers, over different channels. This integrated security model was carefully designed to ensure that miscon- figured DAC policies will not affect the enforcement of MAC policies, which manufacturers and system administrators can leverage to define their security rules. In the meantime, a policy management service is offered to the ordinary Android users for setting policies that protect the resour
Naveed M, Zhou X, Demetriou S, et al., 2014, Inside job: understanding and mitigating the threat of external device mis-bonding on android, Network and Distributed System Security Symposium (NDSS 2014), Publisher: Internet Society
We found that today’s Android design allows an app with a Bluetooth permission to gain unauthorized access to any Bluetooth devices (particularly healthcare devices) and also misbind the phone with an attack device to inject data to the official apps of the original devices. We also developed an OS-level protection to address this new challenge.
Zhou X, Demetriou S, He D, et al., 2013, Identity, location, disease and more: Inferring your secrets from android public resources, Pages: 1017-1028, ISSN: 1543-7221
The design of Android is based on a set of unprotected shared resources, including those inherited from Linux (e.g., Linux public directories). However, the dramatic development in Android applications (app for short) makes available a large amount of public background information (e.g., social networks, public online services), which can potentially turn such originally harmless resource sharing into serious privacy breaches. In this paper, we report our work on this important yet understudied problem. We discovered three unexpected channels of information leaks on Android: per-app data-usage statistics, ARP information, and speaker status (on or off). By monitoring these channels, an app without any permission may acquire sensitive information such as smartphone user's identity, the disease condition she is interested in, her geo-locations and her driving route, from top-of-the-line Android apps. Furthermore, we show that using existing and new techniques, this zero-permission app can both determine when its target (a particular application) is running and send out collected data stealthily to a remote adversary. These findings call into question the soundness of the design assumptions on shared resources, and demand effective solutions. To this end, we present a mitigation mechanism for achieving a delicate balance between utility and privacy of such resources. © 2013 ACM.
Sintoris C, Yiannoutsou N, Demetriou S, et al., 2013, Discovering the invisible city: Location-based games for learning in smart cities, Interaction Design and Architecture(s), Vol: 16, Pages: 47-64, ISSN: 1826-9745
In this paper we discuss how location-based mobile games can be designed for learning in modern technology enhanced public spaces. We start with the description of the design process and we identify the main challenges faced. We elaborate the case of the game Invisible City: Rebels vs. Spies, a game to be played in a city centre using mobile devices. Through this case we highlight the adaptation of an original party game into a mobile form, the issues we faced and the key aspects conductive to learning in a smart city. It is claimed that creating mobile city games for learning is a new challenge, as our city landscapes are augmented with an increasing number of layers of digital information in which a new generation of city games are played.
This data is extracted from the Web of Science and reproduced under a licence from Thomson Reuters. You may not copy or re-distribute this data in whole or in part without the written consent of the Science business of Thomson Reuters.