-
SATversary: Adversarial Attacks on Satellite Fingerprinting
Authors:
Joshua Smailes,
Sebastian Köhler,
Simon Birnbach,
Martin Strohmeier,
Ivan Martinovic
Abstract:
As satellite systems become increasingly vulnerable to physical layer attacks via SDRs, novel countermeasures are being developed to protect critical systems, particularly those lacking cryptographic protection, or those which cannot be upgraded to support modern cryptography. Among these is transmitter fingerprinting, which provides mechanisms by which communication can be authenticated by lookin…
▽ More
As satellite systems become increasingly vulnerable to physical layer attacks via SDRs, novel countermeasures are being developed to protect critical systems, particularly those lacking cryptographic protection, or those which cannot be upgraded to support modern cryptography. Among these is transmitter fingerprinting, which provides mechanisms by which communication can be authenticated by looking at characteristics of the transmitter, expressed as impairments on the signal.
Previous works show that fingerprinting can be used to classify satellite transmitters, or authenticate them against SDR-equipped attackers under simple replay scenarios. In this paper we build upon this by looking at attacks directly targeting the fingerprinting system, with an attacker optimizing for maximum impact in jamming, spoofing, and dataset poisoning attacks, and demonstrate these attacks on the SatIQ system designed to authenticate Iridium transmitters. We show that an optimized jamming signal can cause a 50% error rate with attacker-to-victim ratios as low as -30dB (far less power than traditional jamming) and demonstrate successful identity forgery during spoofing attacks, with an attacker successfully removing their own transmitter's fingerprint from messages. We also present a data poisoning attack, enabling persistent message spoofing by altering the data used to authenticate incoming messages to include the fingerprint of the attacker's transmitter.
Finally, we show that our model trained to optimize spoofing attacks can also be used to detect spoofing and replay attacks, even when it has never seen the attacker's transmitter before. Furthermore, this technique works even when the training dataset includes only a single transmitter, enabling fingerprinting to be used to protect small constellations and even individual satellites, providing additional protection where it is needed the most.
△ Less
Submitted 6 June, 2025;
originally announced June 2025.
-
A Survey on Training-free Open-Vocabulary Semantic Segmentation
Authors:
Naomi Kombol,
Ivan Martinović,
Siniša Šegvić
Abstract:
Semantic segmentation is one of the most fundamental tasks in image understanding with a long history of research, and subsequently a myriad of different approaches. Traditional methods strive to train models up from scratch, requiring vast amounts of computational resources and training data. In the advent of moving to open-vocabulary semantic segmentation, which asks models to classify beyond le…
▽ More
Semantic segmentation is one of the most fundamental tasks in image understanding with a long history of research, and subsequently a myriad of different approaches. Traditional methods strive to train models up from scratch, requiring vast amounts of computational resources and training data. In the advent of moving to open-vocabulary semantic segmentation, which asks models to classify beyond learned categories, large quantities of finely annotated data would be prohibitively expensive. Researchers have instead turned to training-free methods where they leverage existing models made for tasks where data is more easily acquired. Specifically, this survey will cover the history, nuance, idea development and the state-of-the-art in training-free open-vocabulary semantic segmentation that leverages existing multi-modal classification models. We will first give a preliminary on the task definition followed by an overview of popular model archetypes and then spotlight over 30 approaches split into broader research branches: purely CLIP-based, those leveraging auxiliary visual foundation models and ones relying on generative methods. Subsequently, we will discuss the limitations and potential problems of current research, as well as provide some underexplored ideas for future study. We believe this survey will serve as a good onboarding read to new researchers and spark increased interest in the area.
△ Less
Submitted 28 May, 2025;
originally announced May 2025.
-
A Mobile Payment Scheme Using Biometric Identification with Mutual Authentication
Authors:
Jack Sturgess,
Ivan Martinovic
Abstract:
Cashless payment systems offer many benefits over cash, but also have some drawbacks. Fake terminals, skimming, wireless connectivity, and relay attacks are persistent problems. Attempts to overcome one problem often lead to another - for example, some systems use QR codes to avoid skimming and connexion issues, but QR codes can be stolen at distance and relayed. In this paper, we propose a novel…
▽ More
Cashless payment systems offer many benefits over cash, but also have some drawbacks. Fake terminals, skimming, wireless connectivity, and relay attacks are persistent problems. Attempts to overcome one problem often lead to another - for example, some systems use QR codes to avoid skimming and connexion issues, but QR codes can be stolen at distance and relayed. In this paper, we propose a novel mobile payment scheme based on biometric identification that provides mutual authentication to protect the user from rogue terminals. Our scheme imposes only minimal requirements on terminal hardware, does not depend on wireless connectivity between the user and the verifier during the authentication phase, and does not require the user to trust the terminal until it has authenticated itself to the user. We show that our scheme is resistant against phishing, replay, relay, and presentation attacks.
△ Less
Submitted 24 September, 2024;
originally announced September 2024.
-
KeySpace: Public Key Infrastructure Considerations in Interplanetary Networks
Authors:
Joshua Smailes,
Sebastian Köhler,
Simon Birnbach,
Martin Strohmeier,
Ivan Martinovic
Abstract:
As satellite networks expand to encompass megaconstellations and interplanetary communication, the need for effective Public Key Infrastructure (PKI) becomes increasingly pressing. This paper addresses the challenge of implementing PKI in these complex networks, identifying the essential goals and requirements.
We develop a standardized framework for comparing PKI systems across various network…
▽ More
As satellite networks expand to encompass megaconstellations and interplanetary communication, the need for effective Public Key Infrastructure (PKI) becomes increasingly pressing. This paper addresses the challenge of implementing PKI in these complex networks, identifying the essential goals and requirements.
We develop a standardized framework for comparing PKI systems across various network topologies, enabling the evaluation of their performance and security. Our results demonstrate that terrestrial PKI techniques can be adapted for use in highly distributed interplanetary networks, achieving efficient low-latency connection establishment and minimizing the impact of attacks through effective revocation mechanisms. This result has significant implications for the design of future satellite networks, as it enables the reuse of existing PKI solutions to provide increased compatibility with terrestrial networks.
We evaluate this by building the Deep Space Network Simulator (DSNS), a novel tool for efficiently simulating large space networks. Using DSNS, we conduct comprehensive simulations of connection establishment and key revocation under a range of network topologies and PKI configurations. Furthermore, we propose and evaluate two new configuration options: OCSP Hybrid, and the use of relay nodes as a firewall. Together these minimize the extent of the network an attacker can reach with a compromised key, and reduce the attacker's load on interplanetary relay links.
△ Less
Submitted 15 November, 2024; v1 submitted 20 August, 2024;
originally announced August 2024.
-
MC-PanDA: Mask Confidence for Panoptic Domain Adaptation
Authors:
Ivan Martinović,
Josip Šarić,
Siniša Šegvić
Abstract:
Domain adaptive panoptic segmentation promises to resolve the long tail of corner cases in natural scene understanding. Previous state of the art addresses this problem with cross-task consistency, careful system-level optimization and heuristic improvement of teacher predictions. In contrast, we propose to build upon remarkable capability of mask transformers to estimate their own prediction unce…
▽ More
Domain adaptive panoptic segmentation promises to resolve the long tail of corner cases in natural scene understanding. Previous state of the art addresses this problem with cross-task consistency, careful system-level optimization and heuristic improvement of teacher predictions. In contrast, we propose to build upon remarkable capability of mask transformers to estimate their own prediction uncertainty. Our method avoids noise amplification by leveraging fine-grained confidence of panoptic teacher predictions. In particular, we modulate the loss with mask-wide confidence and discourage back-propagation in pixels with uncertain teacher or confident student. Experimental evaluation on standard benchmarks reveals a substantial contribution of the proposed selection techniques. We report 47.4 PQ on Synthia to Cityscapes, which corresponds to an improvement of 6.2 percentage points over the state of the art. The source code is available at https://github.com/helen1c/MC-PanDA.
△ Less
Submitted 19 July, 2024;
originally announced July 2024.
-
UserBoost: Generating User-specific Synthetic Data for Faster Enrolment into Behavioural Biometric Systems
Authors:
George Webber,
Jack Sturgess,
Ivan Martinovic
Abstract:
Behavioural biometric authentication systems entail an enrolment period that is burdensome for the user. In this work, we explore generating synthetic gestures from a few real user gestures with generative deep learning, with the application of training a simple (i.e. non-deep-learned) authentication model. Specifically, we show that utilising synthetic data alongside real data can reduce the numb…
▽ More
Behavioural biometric authentication systems entail an enrolment period that is burdensome for the user. In this work, we explore generating synthetic gestures from a few real user gestures with generative deep learning, with the application of training a simple (i.e. non-deep-learned) authentication model. Specifically, we show that utilising synthetic data alongside real data can reduce the number of real datapoints a user must provide to enrol into a biometric system. To validate our methods, we use the publicly available dataset of WatchAuth, a system proposed in 2022 for authenticating smartwatch payments using the physical gesture of reaching towards a payment terminal. We develop a regularised autoencoder model for generating synthetic user-specific wrist motion data representing these physical gestures, and demonstrate the diversity and fidelity of our synthetic gestures. We show that using synthetic gestures in training can improve classification ability for a real-world system. Through this technique we can reduce the number of gestures required to enrol a user into a WatchAuth-like system by more than 40% without negatively impacting its error rates.
△ Less
Submitted 12 July, 2024;
originally announced July 2024.
-
Current Affairs: A Security Measurement Study of CCS EV Charging Deployments
Authors:
Marcell Szakály,
Sebastian Köhler,
Ivan Martinovic
Abstract:
Since its introduction in 2012, the Combined Charging System (CCS) has emerged as the leading technology for EV fast charging in Europe, North America and parts of Asia. The charging communication of CCS is defined by the ISO 15118 standards, which have been improved over the years. Most notably, in 2014, important security features such as Transport Layer Security (TLS) and usability enhancements…
▽ More
Since its introduction in 2012, the Combined Charging System (CCS) has emerged as the leading technology for EV fast charging in Europe, North America and parts of Asia. The charging communication of CCS is defined by the ISO 15118 standards, which have been improved over the years. Most notably, in 2014, important security features such as Transport Layer Security (TLS) and usability enhancements such as Plug and Charge were introduced.
In this paper, we conduct the first measurement study of publicly deployed CCS DC charging stations to capture the state of deployment for different protocol versions and to better understand the attack surface of the EV charging infrastructure. In our evaluation, we examine 325 chargers manufactured between April 2013 and June 2023, and installed as late as May 2024 by 26 manufacturers across 4 European countries. We find that only 12% of the charging stations we analyzed implement TLS at all, leaving all others vulnerable to attacks that have already been demonstrated many years ago. We observe an increasing trend in support for ISO 15118-2 over the years, reaching 70% of chargers manufactured in 2023. We further notice that most chargers use a decade-old firmware for their HomePlug modems, which could contain vulnerabilities that have been patched since. Finally, we discuss design flaws with the Public Key Infrastructure system used in EV charging, and propose changes to improve the adoption and availability of TLS.
△ Less
Submitted 3 February, 2025; v1 submitted 9 April, 2024;
originally announced April 2024.
-
Sticky Fingers: Resilience of Satellite Fingerprinting against Jamming Attacks
Authors:
Joshua Smailes,
Edd Salkield,
Sebastian Köhler,
Simon Birnbach,
Martin Strohmeier,
Ivan Martinovic
Abstract:
In the wake of increasing numbers of attacks on radio communication systems, a range of techniques are being deployed to increase the security of these systems. One such technique is radio fingerprinting, in which the transmitter can be identified and authenticated by observing small hardware differences expressed in the signal. Fingerprinting has been explored in particular in the defense of sate…
▽ More
In the wake of increasing numbers of attacks on radio communication systems, a range of techniques are being deployed to increase the security of these systems. One such technique is radio fingerprinting, in which the transmitter can be identified and authenticated by observing small hardware differences expressed in the signal. Fingerprinting has been explored in particular in the defense of satellite systems, many of which are insecure and cannot be retrofitted with cryptographic security.
In this paper, we evaluate the effectiveness of radio fingerprinting techniques under interference and jamming attacks, usually intended to deny service. By taking a pre-trained fingerprinting model and gathering a new dataset in which different levels of Gaussian noise and tone jamming have been added to the legitimate signal, we assess the attacker power required in order to disrupt the transmitter fingerprint such that it can no longer be recognized. We compare this to Gaussian jamming on the data portion of the signal, obtaining the remarkable result that transmitter fingerprints are still recognizable even in the presence of moderate levels of noise. Through deeper analysis of the results, we conclude that it takes a similar amount of jamming power in order to disrupt the fingerprint as it does to jam the message contents itself, so it is safe to include a fingerprinting system to authenticate satellite communication without opening up the system to easier denial-of-service attacks.
△ Less
Submitted 4 April, 2024; v1 submitted 7 February, 2024;
originally announced February 2024.
-
POSTER: spaceQUIC: Securing Communication in Computationally Constrained Spacecraft
Authors:
Joshua Smailes,
Razvan David,
Sebastian Kohler,
Simon Birnbach,
Ivan Martinovic
Abstract:
Recent years have seen a rapid increase in the number of CubeSats and other small satellites in orbit - these have highly constrained computational and communication resources, but still require robust secure communication to operate effectively.
The QUIC transport layer protocol is designed to provide efficient communication with cryptography guarantees built-in, with a particular focus on netw…
▽ More
Recent years have seen a rapid increase in the number of CubeSats and other small satellites in orbit - these have highly constrained computational and communication resources, but still require robust secure communication to operate effectively.
The QUIC transport layer protocol is designed to provide efficient communication with cryptography guarantees built-in, with a particular focus on networks with high latency and packet loss.
In this work we provide spaceQUIC, a proof of concept implementation of QUIC for NASA's "core Flight System" satellite operating system, and assess its performance.
△ Less
Submitted 22 May, 2023;
originally announced May 2023.
-
Watch This Space: Securing Satellite Communication through Resilient Transmitter Fingerprinting
Authors:
Joshua Smailes,
Sebastian Köhler,
Simon Birnbach,
Martin Strohmeier,
Ivan Martinovic
Abstract:
Due to an increase in the availability of cheap off-the-shelf radio hardware, spoofing and replay attacks on satellite ground systems have become more accessible than ever. This is particularly a problem for legacy systems, many of which do not offer cryptographic security and cannot be patched to support novel security measures.
In this paper we explore radio transmitter fingerprinting in satel…
▽ More
Due to an increase in the availability of cheap off-the-shelf radio hardware, spoofing and replay attacks on satellite ground systems have become more accessible than ever. This is particularly a problem for legacy systems, many of which do not offer cryptographic security and cannot be patched to support novel security measures.
In this paper we explore radio transmitter fingerprinting in satellite systems. We introduce the SatIQ system, proposing novel techniques for authenticating transmissions using characteristics of transmitter hardware expressed as impairments on the downlinked signal. We look in particular at high sample rate fingerprinting, making fingerprints difficult to forge without similarly high sample rate transmitting hardware, thus raising the budget for attacks. We also examine the difficulty of this approach with high levels of atmospheric noise and multipath scattering, and analyze potential solutions to this problem.
We focus on the Iridium satellite constellation, for which we collected 1705202 messages at a sample rate of 25 MS/s. We use this data to train a fingerprinting model consisting of an autoencoder combined with a Siamese neural network, enabling the model to learn an efficient encoding of message headers that preserves identifying information.
We demonstrate the system's robustness under attack by replaying messages using a Software-Defined Radio, achieving an Equal Error Rate of 0.120, and ROC AUC of 0.946. Finally, we analyze its stability over time by introducing a time gap between training and testing data, and its extensibility by introducing new transmitters which have not been seen before. We conclude that our techniques are useful for building systems that are stable over time, can be used immediately with new transmitters without retraining, and provide robustness against spoofing and replay by raising the required budget for attacks.
△ Less
Submitted 7 September, 2023; v1 submitted 11 May, 2023;
originally announced May 2023.
-
Assault and Battery: Evaluating the Security of Power Conversion Systems Against Electromagnetic Injection Attacks
Authors:
Marcell Szakály,
Sebastian Köhler,
Martin Strohmeier,
Ivan Martinovic
Abstract:
Many modern devices, including critical infrastructures, depend on the reliable operation of electrical power conversion systems. The small size and versatility of switched-mode power converters has resulted in their widespread adoption. Whereas transformer-based systems passively convert voltage, switched-mode converters feature an actively regulated feedback loop, which relies on accurate sensor…
▽ More
Many modern devices, including critical infrastructures, depend on the reliable operation of electrical power conversion systems. The small size and versatility of switched-mode power converters has resulted in their widespread adoption. Whereas transformer-based systems passively convert voltage, switched-mode converters feature an actively regulated feedback loop, which relies on accurate sensor measurements. Previous academic work has shown that many types of sensors are vulnerable to Intentional Electromagnetic Interference (IEMI) attacks, and it has been postulated that power converters, too, are affected.
In this paper, we present the first detailed study on switched-mode power converters by targeting their voltage and current sensors through IEMI attacks. We present a theoretical framework for evaluating IEMI attacks against feedback-based power supplies in the general case. We experimentally validate our theoretical predictions by analyzing multiple AC-DC and DC-DC converters, automotive grade current sensors, and dedicated battery chargers, and demonstrate the systematic vulnerability of all examined categories under real-world conditions. Finally, we demonstrate that sensor attacks on power converters can cause permanent damage to Li-Ion batteries during the charging process.
△ Less
Submitted 11 May, 2023;
originally announced May 2023.
-
Point Cloud Semantic Segmentation
Authors:
Ivan Martinović
Abstract:
Semantic segmentation is an important and well-known task in the field of computer vision, in which we attempt to assign a corresponding semantic class to each input element. When it comes to semantic segmentation of 2D images, the input elements are pixels. On the other hand, the input can also be a point cloud, where one input element represents one point in the input point cloud. By the term po…
▽ More
Semantic segmentation is an important and well-known task in the field of computer vision, in which we attempt to assign a corresponding semantic class to each input element. When it comes to semantic segmentation of 2D images, the input elements are pixels. On the other hand, the input can also be a point cloud, where one input element represents one point in the input point cloud. By the term point cloud, we refer to a set of points defined by spatial coordinates with respect to some reference coordinate system. In addition to the position of points in space, other features can also be defined for each point, such as RGB components. In this paper, we conduct semantic segmentation on the S3DIS dataset, where each point cloud represents one room. We train models on the S3DIS dataset, namely PointCNN, PointNet++, Cylinder3D, Point Transformer, and RepSurf. We compare the obtained results with respect to standard evaluation metrics for semantic segmentation and present a comparison of the models based on inference speed.
△ Less
Submitted 1 May, 2023;
originally announced May 2023.
-
Dishing Out DoS: How to Disable and Secure the Starlink User Terminal
Authors:
Joshua Smailes,
Edd Salkield,
Sebastian Köhler,
Simon Birnbach,
Ivan Martinovic
Abstract:
Satellite user terminals are a promising target for adversaries seeking to target satellite communication networks. Despite this, many protections commonly found in terrestrial routers are not present in some user terminals.
As a case study we audit the attack surface presented by the Starlink router's admin interface, using fuzzing to uncover a denial of service attack on the Starlink user term…
▽ More
Satellite user terminals are a promising target for adversaries seeking to target satellite communication networks. Despite this, many protections commonly found in terrestrial routers are not present in some user terminals.
As a case study we audit the attack surface presented by the Starlink router's admin interface, using fuzzing to uncover a denial of service attack on the Starlink user terminal. We explore the attack's impact, particularly in the cases of drive-by attackers, and attackers that are able to maintain a continuous presence on the network. Finally, we discuss wider implications, looking at lessons learned in terrestrial router security, and how to properly implement them in this new context.
△ Less
Submitted 8 March, 2023; v1 submitted 1 March, 2023;
originally announced March 2023.
-
RingAuth: Wearable Authentication using a Smart Ring
Authors:
Jack Sturgess,
Simon Birnbach,
Simon Eberz,
Ivan Martinovic
Abstract:
In this paper, we show that by using inertial sensor data generated by a smart ring, worn on the finger, the user can be authenticated when making mobile payments or when knocking on a door (for access control). The proposed system can be deployed purely in software and does not require updates to existing payment terminals or infrastructure. We also demonstrate that smart ring data can authentica…
▽ More
In this paper, we show that by using inertial sensor data generated by a smart ring, worn on the finger, the user can be authenticated when making mobile payments or when knocking on a door (for access control). The proposed system can be deployed purely in software and does not require updates to existing payment terminals or infrastructure. We also demonstrate that smart ring data can authenticate smartwatch gestures, and vice versa, allowing either device to act as an implicit second factor for the other. To validate the system, we conduct a user study (n=21) to collect inertial sensor data from users as they perform gestures, and we evaluate the system against an active impersonation attacker. Based on this data, we develop payment and access control authentication models for which we achieve EERs of 0.04 and 0.02, respectively.
△ Less
Submitted 9 December, 2022;
originally announced January 2023.
-
RADAR: A TTP-based Extensible, Explainable, and Effective System for Network Traffic Analysis and Malware Detection
Authors:
Yashovardhan Sharma,
Simon Birnbach,
Ivan Martinovic
Abstract:
Network analysis and machine learning techniques have been widely applied for building malware detection systems. Though these systems attain impressive results, they often are $(i)$ not extensible, being monolithic, well tuned for the specific task they have been designed for but very difficult to adapt and/or extend to other settings, and $(ii)$ not interpretable, being black boxes whose inner c…
▽ More
Network analysis and machine learning techniques have been widely applied for building malware detection systems. Though these systems attain impressive results, they often are $(i)$ not extensible, being monolithic, well tuned for the specific task they have been designed for but very difficult to adapt and/or extend to other settings, and $(ii)$ not interpretable, being black boxes whose inner complexity makes it impossible to link the result of detection with its root cause, making further analysis of threats a challenge. In this paper we present RADAR, an extensible and explainable system that exploits the popular TTP (Tactics, Techniques, and Procedures) ontology of adversary behaviour described in the industry-standard MITRE ATT\&CK framework in order to unequivocally identify and classify malicious behaviour using network traffic. We evaluate RADAR on a very large dataset comprising of 2,286,907 malicious and benign samples, representing a total of 84,792,452 network flows. The experimental analysis confirms that the proposed methodology can be effectively exploited: RADAR's ability to detect malware is comparable to other state-of-the-art non-interpretable systems' capabilities. To the best of our knowledge, RADAR is the first TTP-based system for malware detection that uses machine learning while being extensible and explainable.
△ Less
Submitted 13 April, 2023; v1 submitted 7 December, 2022;
originally announced December 2022.
-
Techniques for Continuous Touch-Based Authentication Modeling
Authors:
Martin Georgiev,
Simon Eberz,
Ivan Martinovic
Abstract:
The field of touch-based authentication has been rapidly developing over the last decade, creating a fragmented and difficult-to-navigate area for researchers and application developers alike due to the variety of methods investigated. In this study, we perform a systematic literature analysis of 30 studies on the techniques used for feature extraction, classification, and aggregation in touch-bas…
▽ More
The field of touch-based authentication has been rapidly developing over the last decade, creating a fragmented and difficult-to-navigate area for researchers and application developers alike due to the variety of methods investigated. In this study, we perform a systematic literature analysis of 30 studies on the techniques used for feature extraction, classification, and aggregation in touch-based authentication systems as well as the performance metrics reported by each study. Based on our findings, we design a set of experiments to compare the performance of the most frequently used techniques in the field under clearly defined conditions. In addition, we introduce three new techniques for touch-based authentication: an expanded feature set (consisting of 149 unique features), a multi-algorithm ensemble-based classifier, and a Recurrent Neural Network based stacking aggregation method. The comparison includes 14 feature sets, 11 classifiers, and 5 aggregation methods. In total, 219 model configurations are examined and we show that our novel techniques outperform the current state-of-the-art in each category. The results are also validated across three different publicly available datasets. Finally, we discuss the findings of our investigation with the aim of making the field more understandable and accessible for researchers and practitioners.
△ Less
Submitted 25 July, 2022;
originally announced July 2022.
-
Death By A Thousand COTS: Disrupting Satellite Communications using Low Earth Orbit Constellations
Authors:
Frederick Rawlins,
Richard Baker,
Ivan Martinovic
Abstract:
Satellites in Geostationary Orbit (GEO) provide a number of commercial, government, and military services around the world, offering everything from surveillance and monitoring to video calls and internet access. However a dramatic lowering of the cost-per-kilogram to space has led to a recent explosion in real and planned constellations in Low Earth Orbit (LEO) of smaller satellites. These conste…
▽ More
Satellites in Geostationary Orbit (GEO) provide a number of commercial, government, and military services around the world, offering everything from surveillance and monitoring to video calls and internet access. However a dramatic lowering of the cost-per-kilogram to space has led to a recent explosion in real and planned constellations in Low Earth Orbit (LEO) of smaller satellites. These constellations are managed remotely and it is important to consider a scenario in which an attacker gains control over the constituent satellites. In this paper we aim to understand what damage this attacker could cause, using the satellites to generate interference. To ground our analysis, we simulate a number of existing and planned LEO constellations against an example GEO constellation, and evaluate the relative effectiveness of each. Our model shows that with conservative power estimates, both current and planned constellations could disrupt GEO satellite services at every groundstation considered, with effectiveness varying considerably between locations. We analyse different patterns of interference, how they reflect the structures of the constellations creating them, and how effective they might be against a number of legitimate services. We found that real-time usage (e.g. calls, streaming) would be most affected, with 3 constellation designs able to generate thousands of outages of 30 seconds or longer over the course of the day across all groundstations.
△ Less
Submitted 28 April, 2022;
originally announced April 2022.
-
I'm Hearing (Different) Voices: Anonymous Voices to Protect User Privacy
Authors:
Henry Turner,
Giulio Lovisotto,
Simon Eberz,
Ivan Martinovic
Abstract:
In this paper, we present AltVoice -- a system designed to help user's protect their privacy when using remotely accessed voice services. The system allows a user to conceal their true voice identity information with no cooperation from the remote voice service: AltVoice re-synthesizes user's spoken audio to sound as if it has been spoken by a different, private identity. The system converts audio…
▽ More
In this paper, we present AltVoice -- a system designed to help user's protect their privacy when using remotely accessed voice services. The system allows a user to conceal their true voice identity information with no cooperation from the remote voice service: AltVoice re-synthesizes user's spoken audio to sound as if it has been spoken by a different, private identity. The system converts audio to its textual representation at its midpoint, and thus removes any linkage between the user's voice and the generated private voices. We implement AltVoice and we propose six different methods to generate private voice identities, each is based on a user-known secret. We identify the system's trade-offs, and we investigate them for each of the proposed identity generation methods. Specifically, we investigate generated voices' diversity, word error rate, perceived speech quality and the success of attackers under privacy compromise and authentication compromise attack scenarios. Our results show that AltVoice-generated voices are not easily linked to original users, enabling users to protect themselves from voice data leakages and allowing for the revocability of (generated) voice data; akin to using passwords. However the results also show further work is needed on ensuring that the produced audio is natural, and that identities of private voices are distinct from one another. We discuss the future steps into improving AltVoice and the new implications that its existence has for the creations of remotely accessed voice services.
△ Less
Submitted 13 February, 2022;
originally announced February 2022.
-
BeeHIVE: Behavioral Biometric System based on Object Interactions in Smart Environments
Authors:
Klaudia Krawiecka,
Simon Birnbach,
Simon Eberz,
Ivan Martinovic
Abstract:
The lack of standard input interfaces in the Internet of Things (IoT) ecosystems presents a challenge in securing such infrastructures. To tackle this challenge, we introduce a novel behavioral biometric system based on naturally occurring interactions with objects in smart environments. This biometric leverages existing sensors to authenticate users without requiring any hardware modifications of…
▽ More
The lack of standard input interfaces in the Internet of Things (IoT) ecosystems presents a challenge in securing such infrastructures. To tackle this challenge, we introduce a novel behavioral biometric system based on naturally occurring interactions with objects in smart environments. This biometric leverages existing sensors to authenticate users without requiring any hardware modifications of existing smart home devices. The system is designed to reduce the need for phone-based authentication mechanisms, on which smart home systems currently rely. It requires the user to approve transactions on their phone only when the user cannot be authenticated with high confidence through their interactions with the smart environment.
We conduct a real-world experiment that involves 13 participants in a company environment, using this experiment to also study mimicry attacks on our proposed system. We show that this system can provide seamless and unobtrusive authentication while still staying highly resistant to zero-effort, video, and in-person observation-based mimicry attacks. Even when at most 1% of the strongest type of mimicry attacks are successful, our system does not require the user to take out their phone to approve legitimate transactions in more than 80% of cases for a single interaction. This increases to 92% of transactions when interactions with more objects are considered.
△ Less
Submitted 18 February, 2022; v1 submitted 8 February, 2022;
originally announced February 2022.
-
Brokenwire : Wireless Disruption of CCS Electric Vehicle Charging
Authors:
Sebastian Köhler,
Richard Baker,
Martin Strohmeier,
Ivan Martinovic
Abstract:
We present a novel attack against the Combined Charging System, one of the most widely used DC rapid charging technologies for electric vehicles (EVs). Our attack, Brokenwire, interrupts necessary control communication between the vehicle and charger, causing charging sessions to abort. The attack requires only temporary physical proximity and can be conducted wirelessly from a distance, allowing…
▽ More
We present a novel attack against the Combined Charging System, one of the most widely used DC rapid charging technologies for electric vehicles (EVs). Our attack, Brokenwire, interrupts necessary control communication between the vehicle and charger, causing charging sessions to abort. The attack requires only temporary physical proximity and can be conducted wirelessly from a distance, allowing individual vehicles or entire fleets to be disrupted stealthily and simultaneously. In addition, it can be mounted with off-the-shelf radio hardware and minimal technical knowledge. By exploiting CSMA/CA behavior, only a very weak signal needs to be induced into the victim to disrupt communication - exceeding the effectiveness of broadband noise jamming by three orders of magnitude. The exploited behavior is a required part of the HomePlug Green PHY, DIN 70121 & ISO 15118 standards and all known implementations exhibit it. We first study the attack in a controlled testbed and then demonstrate it against eight vehicles and 20 chargers in real deployments. We find the attack to be successful in the real world, at ranges up to 47 m, for a power budget of less than 1 W. We further show that the attack can work between the floors of a building (e.g., multi-story parking), through perimeter fences, and from `drive-by' attacks. We present a heuristic model to estimate the number of vehicles that can be attacked simultaneously for a given output power. Brokenwire has immediate implications for a substantial proportion of the around 12 million battery EVs on the roads worldwide - and profound effects on the new wave of electrification for vehicle fleets, both for private enterprise and crucial public services, as well as electric buses, trucks and small ships. As such, we conducted a disclosure to the industry and discussed a range of mitigation techniques that could be deployed to limit the impact.
△ Less
Submitted 26 March, 2024; v1 submitted 4 February, 2022;
originally announced February 2022.
-
WatchAuth: User Authentication and Intent Recognition in Mobile Payments using a Smartwatch
Authors:
Jack Sturgess,
Simon Eberz,
Ivo Sluganovic,
Ivan Martinovic
Abstract:
In this paper, we show that the tap gesture, performed when a user 'taps' a smartwatch onto an NFC-enabled terminal to make a payment, is a biometric capable of implicitly authenticating the user and simultaneously recognising intent-to-pay. The proposed system can be deployed purely in software on the watch without requiring updates to payment terminals. It is agnostic to terminal type and positi…
▽ More
In this paper, we show that the tap gesture, performed when a user 'taps' a smartwatch onto an NFC-enabled terminal to make a payment, is a biometric capable of implicitly authenticating the user and simultaneously recognising intent-to-pay. The proposed system can be deployed purely in software on the watch without requiring updates to payment terminals. It is agnostic to terminal type and position and the intent recognition portion does not require any training data from the user. To validate the system, we conduct a user study (n=16) to collect wrist motion data from users as they interact with payment terminals and to collect long-term data from a subset of them (n=9) as they perform daily activities. Based on this data, we identify optimum gesture parameters and develop authentication and intent recognition models, for which we achieve EERs of 0.08 and 0.04, respectively.
△ Less
Submitted 11 December, 2022; v1 submitted 3 February, 2022;
originally announced February 2022.
-
FETA: Fair Evaluation of Touch-based Authentication
Authors:
Martin Georgiev,
Simon Eberz,
Henry Turner,
Giulio Lovisotto,
Ivan Martinovic
Abstract:
In this paper, we investigate common pitfalls affecting the evaluation of authentication systems based on touch dynamics. We consider different factors that lead to misrepresented performance, are incompatible with stated system and threat models or impede reproducibility and comparability with previous work. Specifically, we investigate the effects of (i) small sample sizes (both number of users…
▽ More
In this paper, we investigate common pitfalls affecting the evaluation of authentication systems based on touch dynamics. We consider different factors that lead to misrepresented performance, are incompatible with stated system and threat models or impede reproducibility and comparability with previous work. Specifically, we investigate the effects of (i) small sample sizes (both number of users and recording sessions), (ii) using different phone models in training data, (iii) selecting non-contiguous training data, (iv) inserting attacker samples in training data and (v) swipe aggregation. We perform a systematic review of 30 touch dynamics papers showing that all of them overlook at least one of these pitfalls. To quantify each pitfall's effect, we design a set of experiments and collect a new longitudinal dataset of touch interactions from 515 users over 31 days comprised of 1,194,451 unique strokes. Part of this data is collected in-lab with Android devices and the rest remotely with iOS devices, allowing us to make in-depth comparisons. We make this dataset and our code available online. Our results show significant percentage-point changes in reported mean EER for several pitfalls: including attacker data (2.55%), non-contiguous training data (3.8%) and phone model mixing (3.2%-5.8%). We show that, in a common evaluation setting, the cumulative effects of these evaluation choices result in a combined difference of 8.9% EER. We also largely observe these effects across the entire ROC curve. The pitfalls are evaluated on four distinct classifiers - SVM, Random Forest, Neural Network, and kNN. Furthermore, we explore additional considerations for fair evaluation when building touch-based authentication systems and quantify their impacts. Based on these insights, we propose a set of best practices that, will lead to more realistic and comparable reporting of results in the field.
△ Less
Submitted 9 January, 2023; v1 submitted 25 January, 2022;
originally announced January 2022.
-
Widen The Backdoor To Let More Attackers In
Authors:
Siddhartha Datta,
Giulio Lovisotto,
Ivan Martinovic,
Nigel Shadbolt
Abstract:
As collaborative learning and the outsourcing of data collection become more common, malicious actors (or agents) which attempt to manipulate the learning process face an additional obstacle as they compete with each other. In backdoor attacks, where an adversary attempts to poison a model by introducing malicious samples into the training data, adversaries have to consider that the presence of ad…
▽ More
As collaborative learning and the outsourcing of data collection become more common, malicious actors (or agents) which attempt to manipulate the learning process face an additional obstacle as they compete with each other. In backdoor attacks, where an adversary attempts to poison a model by introducing malicious samples into the training data, adversaries have to consider that the presence of additional backdoor attackers may hamper the success of their own backdoor. In this paper, we investigate the scenario of a multi-agent backdoor attack, where multiple non-colluding attackers craft and insert triggered samples in a shared dataset which is used by a model (a defender) to learn a task. We discover a clear backfiring phenomenon: increasing the number of attackers shrinks each attacker's attack success rate (ASR). We then exploit this phenomenon to minimize the collective ASR of attackers and maximize defender's robustness accuracy by (i) artificially augmenting the number of attackers, and (ii) indexing to remove the attacker's sub-dataset from the model for inference, hence proposing 2 defenses.
△ Less
Submitted 9 October, 2021;
originally announced October 2021.
-
Signal Injection Attacks against CCD Image Sensors
Authors:
Sebastian Köhler,
Richard Baker,
Ivan Martinovic
Abstract:
Since cameras have become a crucial part in many safety-critical systems and applications, such as autonomous vehicles and surveillance, a large body of academic and non-academic work has shown attacks against their main component - the image sensor. However, these attacks are limited to coarse-grained and often suspicious injections because light is used as an attack vector. Furthermore, due to t…
▽ More
Since cameras have become a crucial part in many safety-critical systems and applications, such as autonomous vehicles and surveillance, a large body of academic and non-academic work has shown attacks against their main component - the image sensor. However, these attacks are limited to coarse-grained and often suspicious injections because light is used as an attack vector. Furthermore, due to the nature of optical attacks, they require the line-of-sight between the adversary and the target camera.
In this paper, we present a novel post-transducer signal injection attack against CCD image sensors, as they are used in professional, scientific, and even military settings. We show how electromagnetic emanation can be used to manipulate the image information captured by a CCD image sensor with the granularity down to the brightness of individual pixels. We study the feasibility of our attack and then demonstrate its effects in the scenario of automatic barcode scanning. Our results indicate that the injected distortion can disrupt automated vision-based intelligent systems.
△ Less
Submitted 13 December, 2021; v1 submitted 19 August, 2021;
originally announced August 2021.
-
MalPhase: Fine-Grained Malware Detection Using Network Flow Data
Authors:
Michal Piskozub,
Fabio De Gaspari,
Frederick Barr-Smith,
Luigi V. Mancini,
Ivan Martinovic
Abstract:
Economic incentives encourage malware authors to constantly develop new, increasingly complex malware to steal sensitive data or blackmail individuals and companies into paying large ransoms. In 2017, the worldwide economic impact of cyberattacks is estimated to be between 445 and 600 billion USD, or 0.8% of global GDP. Traditionally, one of the approaches used to defend against malware is network…
▽ More
Economic incentives encourage malware authors to constantly develop new, increasingly complex malware to steal sensitive data or blackmail individuals and companies into paying large ransoms. In 2017, the worldwide economic impact of cyberattacks is estimated to be between 445 and 600 billion USD, or 0.8% of global GDP. Traditionally, one of the approaches used to defend against malware is network traffic analysis, which relies on network data to detect the presence of potentially malicious software. However, to keep up with increasing network speeds and amount of traffic, network analysis is generally limited to work on aggregated network data, which is traditionally challenging and yields mixed results. In this paper we present MalPhase, a system that was designed to cope with the limitations of aggregated flows. MalPhase features a multi-phase pipeline for malware detection, type and family classification. The use of an extended set of network flow features and a simultaneous multi-tier architecture facilitates a performance improvement for deep learning models, making them able to detect malicious flows (>98% F1) and categorize them to a respective malware type (>93% F1) and family (>91% F1). Furthermore, the use of robust features and denoising autoencoders allows MalPhase to perform well on samples with varying amounts of benign traffic mixed in. Finally, MalPhase detects unseen malware samples with performance comparable to that of known samples, even when interlaced with benign flows to reflect realistic network environments.
△ Less
Submitted 1 June, 2021;
originally announced June 2021.
-
Daily Turking: Designing Longitudinal Daily-task Studies on Mechanical Turk
Authors:
Henry Turner,
Simon Eberz,
Ivan Martinovic
Abstract:
In this paper, we present our system design for conducting longitudinal daily-task studies with the same workers throughout on Amazon Mechanical Turk. We implement this system to conduct a study into touch dynamics, and present our experiences, challenges and lessons learned from doing so. Study participants installed our application on their Apple iOS phones and completed two tasks daily for 31 d…
▽ More
In this paper, we present our system design for conducting longitudinal daily-task studies with the same workers throughout on Amazon Mechanical Turk. We implement this system to conduct a study into touch dynamics, and present our experiences, challenges and lessons learned from doing so. Study participants installed our application on their Apple iOS phones and completed two tasks daily for 31 days. Each task involves performing a series of scrolling or swiping gestures, from which behavioral information such as movement speed or pressure is extracted.
The completion of the daily tasks did not require extra interaction with the Mechanical Turk platform, yet paid workers through it. This differs somewhat from the typical rapid completion of one-off tasks that workers are used to on Amazon Mechanical Turk.
This atypical use of the platform prompted us to evaluate aspects related to long-term worker retention and engagement over the study period, in particular the impacts of payment schedule (amount and structure over time) and reminder notifications. We also investigate the specific concern of reconciling informed consent with workers' desire to complete tasks quickly.
We find that using the Mechanical Turk platform for conducting longitudinal daily task studies is a viable method to augment or replace traditional lab studies.
△ Less
Submitted 17 November, 2021; v1 submitted 26 April, 2021;
originally announced April 2021.
-
They See Me Rollin': Inherent Vulnerability of the Rolling Shutter in CMOS Image Sensors
Authors:
Sebastian Köhler,
Giulio Lovisotto,
Simon Birnbach,
Richard Baker,
Ivan Martinovic
Abstract:
In this paper, we describe how the electronic rolling shutter in CMOS image sensors can be exploited using a bright, modulated light source (e.g., an inexpensive, off-the-shelf laser), to inject fine-grained image disruptions. We demonstrate the attack on seven different CMOS cameras, ranging from cheap IoT to semi-professional surveillance cameras, to highlight the wide applicability of the rolli…
▽ More
In this paper, we describe how the electronic rolling shutter in CMOS image sensors can be exploited using a bright, modulated light source (e.g., an inexpensive, off-the-shelf laser), to inject fine-grained image disruptions. We demonstrate the attack on seven different CMOS cameras, ranging from cheap IoT to semi-professional surveillance cameras, to highlight the wide applicability of the rolling shutter attack. We model the fundamental factors affecting a rolling shutter attack in an uncontrolled setting. We then perform an exhaustive evaluation of the attack's effect on the task of object detection, investigating the effect of attack parameters. We validate our model against empirical data collected on two separate cameras, showing that by simply using information from the camera's datasheet the adversary can accurately predict the injected distortion size and optimize their attack accordingly. We find that an adversary can hide up to 75% of objects perceived by state-of-the-art detectors by selecting appropriate attack parameters. We also investigate the stealthiness of the attack in comparison to a naïve camera blinding attack, showing that common image distortion metrics can not detect the attack presence. Therefore, we present a new, accurate and lightweight enhancement to the backbone network of an object detector to recognize rolling shutter attacks. Overall, our results indicate that rolling shutter attacks can substantially reduce the performance and reliability of vision-based intelligent systems.
△ Less
Submitted 1 December, 2021; v1 submitted 25 January, 2021;
originally announced January 2021.
-
IntegriScreen: Visually Supervising Remote User Interactions on Compromised Clients
Authors:
Ivo Sluganovic,
Enis Ulqinaku,
Aritra Dhar,
Daniele Lain,
Srdjan Capkun,
Ivan Martinovic
Abstract:
Remote services and applications that users access via their local clients (laptops or desktops) usually assume that, following a successful user authentication at the beginning of the session, all subsequent communication reflects the user's intent. However, this is not true if the adversary gains control of the client and can therefore manipulate what the user sees and what is sent to the remote…
▽ More
Remote services and applications that users access via their local clients (laptops or desktops) usually assume that, following a successful user authentication at the beginning of the session, all subsequent communication reflects the user's intent. However, this is not true if the adversary gains control of the client and can therefore manipulate what the user sees and what is sent to the remote server.
To protect the user's communication with the remote server despite a potentially compromised local client, we propose the concept of continuous visual supervision by a second device equipped with a camera. Motivated by the rapid increase of the number of incoming devices with front-facing cameras, such as augmented reality headsets and smart home assistants, we build upon the core idea that the user's actual intended input is what is shown on the client's screen, despite what ends up being sent to the remote server. A statically positioned camera enabled device can, therefore, continuously analyze the client's screen to enforce that the client behaves honestly despite potentially being malicious.
We evaluate the present-day feasibility and deployability of this concept by developing a fully functional prototype, running a host of experimental tests on three different mobile devices, and by conducting a user study in which we analyze participants' use of the system during various simulated attacks. Experimental evaluation indeed confirms the feasibility of the concept of visual supervision, given that the system consistently detects over 98% of evaluated attacks, while study participants with little instruction detect the remaining attacks with high probability.
△ Less
Submitted 27 November, 2020;
originally announced November 2020.
-
Speaker Anonymization with Distribution-Preserving X-Vector Generation for the VoicePrivacy Challenge 2020
Authors:
Henry Turner,
Giulio Lovisotto,
Ivan Martinovic
Abstract:
In this paper, we present a Distribution-Preserving Voice Anonymization technique, as our submission to the VoicePrivacy Challenge 2020. We observe that the challenge baseline system generates fake X-vectors which are very similar to each other, significantly more so than those extracted from organic speakers. This difference arises from averaging many X-vectors from a pool of speakers in the anon…
▽ More
In this paper, we present a Distribution-Preserving Voice Anonymization technique, as our submission to the VoicePrivacy Challenge 2020. We observe that the challenge baseline system generates fake X-vectors which are very similar to each other, significantly more so than those extracted from organic speakers. This difference arises from averaging many X-vectors from a pool of speakers in the anonymization process, causing a loss of information. We propose a new method to generate fake X-vectors which overcomes these limitations by preserving the distributional properties of X-vectors and their intra-similarity. We use population data to learn the properties of the X-vector space, before fitting a generative model which we use to sample fake X-vectors. We show how this approach generates X-vectors that more closely follow the expected intra-similarity distribution of organic speaker X-vectors. Our method can be easily integrated with others as the anonymization component of the system and removes the need to distribute a pool of speakers to use during the anonymization. Our approach leads to an increase in EER of up to $19.4\%$ in males and $11.1\%$ in females in scenarios where enrollment and trial utterances are anonymized versus the baseline solution, demonstrating the diversity of our generated voices.
△ Less
Submitted 5 January, 2021; v1 submitted 26 October, 2020;
originally announced October 2020.
-
SOK: Building a Launchpad for Impactful Satellite Cyber-Security Research
Authors:
James Pavur,
Ivan Martinovic
Abstract:
As the space industry approaches a period of rapid change, securing both emerging and legacy satellite missions will become vital. However, space technology has been largely overlooked by the systems security community. This systematization of knowledge paper seeks to understand why this is the case and to offer a starting point for technical security researchers seeking impactful contributions be…
▽ More
As the space industry approaches a period of rapid change, securing both emerging and legacy satellite missions will become vital. However, space technology has been largely overlooked by the systems security community. This systematization of knowledge paper seeks to understand why this is the case and to offer a starting point for technical security researchers seeking impactful contributions beyond the Earth's mesosphere.
The paper begins with a cross-disciplinary synthesis of relevant threat models from a diverse array of fields, ranging from legal and policy studies to aerospace engineering. This is presented as a "threat matrix toolbox" which security researchers may leverage to motivate technical research into given attack vectors and defenses. We subsequently apply this model to an original chronology of more than 100 significant satellite hacking incidents spanning the previous 60 years. Together, these are used to assess the state-of-the-art in satellite security across four sub-domains: satellite radio-link security, space hardware security, ground station security, and operational/mission security. In each area, we note significant findings and unresolved questions lingering in other disciplines which the systems security community is aptly poised to tackle. By consolidating this research, we present the case that satellite systems security researchers can build on strong, but disparate, academic foundations and rise to meet an urgent need for future space missions.
△ Less
Submitted 21 October, 2020;
originally announced October 2020.
-
Understanding Realistic Attacks on Airborne Collision Avoidance Systems
Authors:
Matthew Smith,
Martin Strohmeier,
Vincent Lenders,
Ivan Martinovic
Abstract:
Airborne collision avoidance systems provide an onboard safety net should normal air traffic control procedures fail to keep aircraft separated. These systems are widely deployed and have been constantly refined over the past three decades, usually in response to near misses or mid-air collisions. Recent years have seen security research increasingly focus on aviation, identifying that key wireles…
▽ More
Airborne collision avoidance systems provide an onboard safety net should normal air traffic control procedures fail to keep aircraft separated. These systems are widely deployed and have been constantly refined over the past three decades, usually in response to near misses or mid-air collisions. Recent years have seen security research increasingly focus on aviation, identifying that key wireless links---some of which are used in collision avoidance---are vulnerable to attack. In this paper, we go one step further to understand whether an attacker can remotely trigger false collision avoidance alarms. Primarily considering the next-generation Airborne Collision Avoidance System X (ACAS X), we adopt a modelling approach to extract attacker constraints from technical standards before simulating collision avoidance attacks against standardized ACAS X code. We find that in 44% of cases, an attacker can successfully trigger a collision avoidance alert which on average results in a 590 ft altitude deviation; when the aircraft is at lower altitudes, this success rate rises considerably to 79%. Furthermore, we show how our simulation approach can be used to help defend against attacks by identifying where attackers are most likely to be successful.
△ Less
Submitted 2 October, 2020;
originally announced October 2020.
-
SLAP: Improving Physical Adversarial Examples with Short-Lived Adversarial Perturbations
Authors:
Giulio Lovisotto,
Henry Turner,
Ivo Sluganovic,
Martin Strohmeier,
Ivan Martinovic
Abstract:
Research into adversarial examples (AE) has developed rapidly, yet static adversarial patches are still the main technique for conducting attacks in the real world, despite being obvious, semi-permanent and unmodifiable once deployed.
In this paper, we propose Short-Lived Adversarial Perturbations (SLAP), a novel technique that allows adversaries to realize physically robust real-world AE by usi…
▽ More
Research into adversarial examples (AE) has developed rapidly, yet static adversarial patches are still the main technique for conducting attacks in the real world, despite being obvious, semi-permanent and unmodifiable once deployed.
In this paper, we propose Short-Lived Adversarial Perturbations (SLAP), a novel technique that allows adversaries to realize physically robust real-world AE by using a light projector. Attackers can project a specifically crafted adversarial perturbation onto a real-world object, transforming it into an AE. This allows the adversary greater control over the attack compared to adversarial patches: (i) projections can be dynamically turned on and off or modified at will, (ii) projections do not suffer from the locality constraint imposed by patches, making them harder to detect.
We study the feasibility of SLAP in the self-driving scenario, targeting both object detector and traffic sign recognition tasks, focusing on the detection of stop signs. We conduct experiments in a variety of ambient light conditions, including outdoors, showing how in non-bright settings the proposed method generates AE that are extremely robust, causing misclassifications on state-of-the-art networks with up to 99% success rate for a variety of angles and distances. We also demostrate that SLAP-generated AE do not present detectable behaviours seen in adversarial patches and therefore bypass SentiNet, a physical AE detection method. We evaluate other defences including an adaptive defender using adversarial learning which is able to thwart the attack effectiveness up to 80% even in favourable attacker conditions.
△ Less
Submitted 6 January, 2021; v1 submitted 8 July, 2020;
originally announced July 2020.
-
Seeing Red: PPG Biometrics Using Smartphone Cameras
Authors:
Giulio Lovisotto,
Henry Turner,
Simon Eberz,
Ivan Martinovic
Abstract:
In this paper, we propose a system that enables photoplethysmogram (PPG)-based authentication by using a smartphone camera. PPG signals are obtained by recording a video from the camera as users are resting their finger on top of the camera lens. The signals can be extracted based on subtle changes in the video that are due to changes in the light reflection properties of the skin as the blood flo…
▽ More
In this paper, we propose a system that enables photoplethysmogram (PPG)-based authentication by using a smartphone camera. PPG signals are obtained by recording a video from the camera as users are resting their finger on top of the camera lens. The signals can be extracted based on subtle changes in the video that are due to changes in the light reflection properties of the skin as the blood flows through the finger. We collect a dataset of PPG measurements from a set of 15 users over the course of 6-11 sessions per user using an iPhone X for the measurements. We design an authentication pipeline that leverages the uniqueness of each individual's cardiovascular system, identifying a set of distinctive features from each heartbeat. We conduct a set of experiments to evaluate the recognition performance of the PPG biometric trait, including cross-session scenarios which have been disregarded in previous work. We found that when aggregating sufficient samples for the decision we achieve an EER as low as 8%, but that the performance greatly decreases in the cross-session scenario, with an average EER of 20%.
△ Less
Submitted 15 April, 2020;
originally announced April 2020.
-
QPEP: A QUIC-Based Approach to Encrypted Performance Enhancing Proxies for High-Latency Satellite Broadband
Authors:
James Pavur,
Martin Strohmeier,
Vincent Lenders,
Ivan Martinovic
Abstract:
Satellite broadband services are critical infrastructures enabling advanced technologies to function in the most remote regions of the globe. However, status-quo services are often unencrypted by default and vulnerable to eavesdropping attacks. In this paper, we challenge the historical perception that over-the-air security must trade off with TCP performance in high-latency satellite networks due…
▽ More
Satellite broadband services are critical infrastructures enabling advanced technologies to function in the most remote regions of the globe. However, status-quo services are often unencrypted by default and vulnerable to eavesdropping attacks. In this paper, we challenge the historical perception that over-the-air security must trade off with TCP performance in high-latency satellite networks due to the deep-packet inspection requirements of Performance Enhancing Proxies (PEPs).
After considering why prior work in this area has failed to find wide adoption, we present an open-source encrypted-by-default PEP - QPEP - which seeks to address these issues. QPEP is built around the open QUIC standard and designed so individual customers may adopt it without ISP involvement. QPEP's performance is assessed through simulations in a replicable docker-based testbed. Across many benchmarks and network conditions, QPEP is found to avoid the perceived security-encryption trade-off in PEP design. Compared to unencrypted PEP implementations, QPEP reduces average page load times by more than 30% while also offering over-the-air privacy. Compared to the traditional VPN encryption available to customers today, QPEP more than halves average page load times. Together, these experiments lead to the conclusion that QPEP represents a promising new approach to protecting modern satellite broadband connections.
△ Less
Submitted 12 February, 2020;
originally announced February 2020.
-
Snoopy: Sniffing Your Smartwatch Passwords via Deep Sequence Learning
Authors:
Chris Xiaoxuan Lu,
Bowen Du,
Hongkai Wen,
Sen Wang,
Andrew Markham,
Ivan Martinovic,
Yiran Shen,
Niki Trigoni
Abstract:
Demand for smartwatches has taken off in recent years with new models which can run independently from smartphones and provide more useful features, becoming first-class mobile platforms. One can access online banking or even make payments on a smartwatch without a paired phone. This makes smartwatches more attractive and vulnerable to malicious attacks, which to date have been largely overlooked.…
▽ More
Demand for smartwatches has taken off in recent years with new models which can run independently from smartphones and provide more useful features, becoming first-class mobile platforms. One can access online banking or even make payments on a smartwatch without a paired phone. This makes smartwatches more attractive and vulnerable to malicious attacks, which to date have been largely overlooked. In this paper, we demonstrate Snoopy, a password extraction and inference system which is able to accurately infer passwords entered on Android/Apple watches within 20 attempts, just by eavesdropping on motion sensors. Snoopy uses a uniform framework to extract the segments of motion data when passwords are entered, and uses novel deep neural networks to infer the actual passwords. We evaluate the proposed Snoopy system in the real-world with data from 362 participants and show that our system offers a 3-fold improvement in the accuracy of inferring passwords compared to the state-of-the-art, without consuming excessive energy or computational resources. We also show that Snoopy is very resilient to user and device heterogeneity: it can be trained on crowd-sourced motion data (e.g. via Amazon Mechanical Turk), and then used to attack passwords from a new user, even if they are wearing a different model. This paper shows that, in the wrong hands, Snoopy can potentially cause serious leaks of sensitive information. By raising awareness, we invite the community and manufacturers to revisit the risks of continuous motion sensing on smart wearable devices.
△ Less
Submitted 11 December, 2019; v1 submitted 10 December, 2019;
originally announced December 2019.
-
Classi-Fly: Inferring Aircraft Categories from Open Data using Machine Learning
Authors:
Martin Strohmeier,
Matthew Smith,
Vincent Lenders,
Ivan Martinovic
Abstract:
In recent years, air traffic communication data has become easy to access, enabling novel research in many fields. Exploiting this new data source, a wide range of applications have emerged, from weather forecasting to stock market prediction, or the collection of information about military and government movements. Typically these applications require knowledge about the metadata of the aircraft,…
▽ More
In recent years, air traffic communication data has become easy to access, enabling novel research in many fields. Exploiting this new data source, a wide range of applications have emerged, from weather forecasting to stock market prediction, or the collection of information about military and government movements. Typically these applications require knowledge about the metadata of the aircraft, specifically its operator and the aircraft category.
armasuisse Science + Technology, the R\&D agency for the Swiss Armed Forces, has been developing Classi-Fly, a novel approach to obtain metadata about aircraft based on their movement patterns. We validate Classi-Fly using several hundred thousand flights collected through open source means, in conjunction with ground truth from publicly available aircraft registries containing more than two million aircraft. Classi-Fly obtains the correct aircraft category with an accuracy of over 88%, demonstrating that it can improve the meta data necessary for applications working with air traffic communication. Finally, we show that it is feasible to automatically detect specific flights such as police and surveillance missions.
△ Less
Submitted 5 August, 2020; v1 submitted 30 July, 2019;
originally announced August 2019.
-
Biometric Backdoors: A Poisoning Attack Against Unsupervised Template Updating
Authors:
Giulio Lovisotto,
Simon Eberz,
Ivan Martinovic
Abstract:
In this work, we investigate the concept of biometric backdoors: a template poisoning attack on biometric systems that allows adversaries to stealthily and effortlessly impersonate users in the long-term by exploiting the template update procedure. We show that such attacks can be carried out even by attackers with physical limitations (no digital access to the sensor) and zero knowledge of traini…
▽ More
In this work, we investigate the concept of biometric backdoors: a template poisoning attack on biometric systems that allows adversaries to stealthily and effortlessly impersonate users in the long-term by exploiting the template update procedure. We show that such attacks can be carried out even by attackers with physical limitations (no digital access to the sensor) and zero knowledge of training data (they know neither decision boundaries nor user template). Based on the adversaries' own templates, they craft several intermediate samples that incrementally bridge the distance between their own template and the legitimate user's. As these adversarial samples are added to the template, the attacker is eventually accepted alongside the legitimate user. To avoid detection, we design the attack to minimize the number of rejected samples.
We design our method to cope with the weak assumptions for the attacker and we evaluate the effectiveness of this approach on state-of-the-art face recognition pipelines based on deep neural networks. We find that in scenarios where the deep network is known, adversaries can successfully carry out the attack over 70% of cases with less than ten injection attempts. Even in black-box scenarios, we find that exploiting the transferability of adversarial samples from surrogate models can lead to successful attacks in around 15% of cases. Finally, we design a poisoning detection technique that leverages the consistent directionality of template updates in feature space to discriminate between legitimate and malicious updates. We evaluate such a countermeasure with a set of intra-user variability factors which may present the same directionality characteristics, obtaining equal error rates for the detection between 7-14% and leading to over 99% of attacks being detected after only two sample injections.
△ Less
Submitted 27 September, 2020; v1 submitted 22 May, 2019;
originally announced May 2019.
-
Safety vs. Security: Attacking Avionic Systems with Humans in the Loop
Authors:
Matthew Smith,
Martin Strohmeier,
Jon Harman,
Vincent Lenders,
Ivan Martinovic
Abstract:
Many wireless communications systems found in aircraft lack standard security mechanisms, leaving them fundamentally vulnerable to attack. With affordable software-defined radios available, a novel threat has emerged, allowing a wide range of attackers to easily interfere with wireless avionic systems. Whilst these vulnerabilities are known, concrete attacks that exploit them are still novel and n…
▽ More
Many wireless communications systems found in aircraft lack standard security mechanisms, leaving them fundamentally vulnerable to attack. With affordable software-defined radios available, a novel threat has emerged, allowing a wide range of attackers to easily interfere with wireless avionic systems. Whilst these vulnerabilities are known, concrete attacks that exploit them are still novel and not yet well understood. This is true in particular with regards to their kinetic impact on the handling of the attacked aircraft and consequently its safety.
To investigate this, we invited 30 Airbus A320 type-rated pilots to fly simulator scenarios in which they were subjected to attacks on their avionics. We implement and analyse novel wireless attacks on three safety-related systems: Traffic Collision Avoidance System (TCAS), Ground Proximity Warning System (GPWS) and the Instrument Landing System (ILS).
We found that all three analysed attack scenarios created significant control impact and cost of disruption through turnarounds, avoidance manoeuvres, and diversions. They further increased workload, distrust in the affected system, and in 38% of cases caused the attacked safety system to be switched off entirely. All pilots felt the scenarios were useful, with 93.3% feeling that simulator training for wireless attacks could be valuable.
△ Less
Submitted 20 May, 2019;
originally announced May 2019.
-
Biomedical Signals Reconstruction Under the Compressive Sensing Approach
Authors:
Ivan Martinovic,
Vesna Mandic
Abstract:
The paper analyses the possibility to recover different biomedical signals if limited number of samples is available. Having in mind that monitoring of health condition is done by measuring and observing key parameters such as heart activity through electrocardiogram or anatomy and body processes through magnetic resonance imaging, it is important to keep the quality of the reconstructed signal as…
▽ More
The paper analyses the possibility to recover different biomedical signals if limited number of samples is available. Having in mind that monitoring of health condition is done by measuring and observing key parameters such as heart activity through electrocardiogram or anatomy and body processes through magnetic resonance imaging, it is important to keep the quality of the reconstructed signal as better as possible. To recover the signal from limited set of available coefficients, the Compressive Sensing approach and optimization algorithms are used. The theory is verified by the experimental results.
△ Less
Submitted 31 January, 2018;
originally announced February 2018.
-
Intra-Library Collusion: A Potential Privacy Nightmare on Smartphones
Authors:
Vincent F. Taylor,
Alastair R. Beresford,
Ivan Martinovic
Abstract:
Smartphones contain a trove of sensitive personal data including our location, who we talk to, our habits, and our interests. Smartphone users trade access to this data by permitting apps to use it, and in return obtain functionality provided by the apps. In many cases, however, users fail to appreciate the scale or sensitivity of the data that they share with third-parties when they use apps. To…
▽ More
Smartphones contain a trove of sensitive personal data including our location, who we talk to, our habits, and our interests. Smartphone users trade access to this data by permitting apps to use it, and in return obtain functionality provided by the apps. In many cases, however, users fail to appreciate the scale or sensitivity of the data that they share with third-parties when they use apps. To this end, prior work has looked at the threat to privacy posed by apps and the third-party libraries that they embed. Prior work, however, fails to paint a realistic picture of the full threat to smartphone users, as it has typically examined apps and third-party libraries in isolation.
In this paper, we describe a novel and potentially devastating privilege escalation attack that can be performed by third-party libraries. This attack, which we call intra-library collusion, occurs when a single library embedded in more than one app on a device leverages the combined set of permissions available to it to pilfer sensitive user data. The possibility for intra-library collusion exists because libraries obtain the same privileges as their host app and popular libraries will likely be used by more than one app on a device.
Using a real-world dataset of over 30,000 smartphones, we find that many popular third-party libraries have the potential to aggregate significant sensitive data from devices by using intra-library collusion. We demonstrate that several popular libraries already collect enough data to facilitate this attack. Using historical data, we show that risks from intra-library collusion have increased significantly over the last two-and-a-half years. We conclude with recommendations for mitigating the aforementioned problems.
△ Less
Submitted 11 August, 2017;
originally announced August 2017.
-
Analyzing Privacy Breaches in the Aircraft Communications Addressing and Reporting System (ACARS)
Authors:
Matthew Smith,
Daniel Moser,
Martin Strohmeier,
Vincent Lenders,
Ivan Martinovic
Abstract:
The manner in which Aircraft Communications, Addressing and Reporting System (ACARS) is being used has significantly changed over time. Whilst originally used by commercial airliners to track their flights and provide automated timekeeping on crew, today it serves as a multi-purpose air-ground data link for many aviation stakeholders including private jet owners, state actors and military. Since A…
▽ More
The manner in which Aircraft Communications, Addressing and Reporting System (ACARS) is being used has significantly changed over time. Whilst originally used by commercial airliners to track their flights and provide automated timekeeping on crew, today it serves as a multi-purpose air-ground data link for many aviation stakeholders including private jet owners, state actors and military. Since ACARS messages are still mostly sent in the clear over a wireless channel, any sensitive information sent with ACARS can potentially lead to a privacy breach for users. Naturally, different stakeholders consider different types of data sensitive. In this paper we propose a privacy framework matching aviation stakeholders to a range of sensitive information types and assess the impact for each. Based on more than one million ACARS messages, collected over several months, we then demonstrate that current ACARS usage systematically breaches privacy for all stakeholder groups. We further support our findings with a number of cases of significant privacy issues for each group and analyze the impact of such leaks. While it is well-known that ACARS messages are susceptible to eavesdropping attacks, this work is the first to quantify the extent and impact of privacy leakage in the real world for the relevant aviation stakeholders.
△ Less
Submitted 19 May, 2017;
originally announced May 2017.
-
Robust Smartphone App Identification Via Encrypted Network Traffic Analysis
Authors:
Vincent F. Taylor,
Riccardo Spolaor,
Mauro conti,
Ivan Martinovic
Abstract:
The apps installed on a smartphone can reveal much information about a user, such as their medical conditions, sexual orientation, or religious beliefs. Additionally, the presence or absence of particular apps on a smartphone can inform an adversary who is intent on attacking the device. In this paper, we show that a passive eavesdropper can feasibly identify smartphone apps by fingerprinting the…
▽ More
The apps installed on a smartphone can reveal much information about a user, such as their medical conditions, sexual orientation, or religious beliefs. Additionally, the presence or absence of particular apps on a smartphone can inform an adversary who is intent on attacking the device. In this paper, we show that a passive eavesdropper can feasibly identify smartphone apps by fingerprinting the network traffic that they send. Although SSL/TLS hides the payload of packets, side-channel data such as packet size and direction is still leaked from encrypted connections. We use machine learning techniques to identify smartphone apps from this side-channel data. In addition to merely fingerprinting and identifying smartphone apps, we investigate how app fingerprints change over time, across devices and across different versions of apps. Additionally, we introduce strategies that enable our app classification system to identify and mitigate the effect of ambiguous traffic, i.e., traffic in common among apps such as advertisement traffic. We fully implemented a framework to fingerprint apps and ran a thorough set of experiments to assess its performance. We fingerprinted 110 of the most popular apps in the Google Play Store and were able to identify them six months later with up to 96% accuracy. Additionally, we show that app fingerprints persist to varying extents across devices and app versions.
△ Less
Submitted 20 April, 2017;
originally announced April 2017.
-
FADEWICH: Fast Deauthentication over the Wireless Channel
Authors:
Mauro Conti,
Giulio Lovisotto,
Ivan Martinovic,
Gene Tsudik
Abstract:
Both authentication and deauthentication are instrumental for preventing unauthorized access to computer and data assets. While there are obvious motivating factors for using strong authentication mechanisms, convincing users to deauthenticate is not straight-forward, since deauthentication is not considered mandatory. A user who leaves a logged-in workstation unattended (especially for a short ti…
▽ More
Both authentication and deauthentication are instrumental for preventing unauthorized access to computer and data assets. While there are obvious motivating factors for using strong authentication mechanisms, convincing users to deauthenticate is not straight-forward, since deauthentication is not considered mandatory. A user who leaves a logged-in workstation unattended (especially for a short time) is typically not inconvenienced in any way; in fact, the other way around: no annoying reauthentication is needed upon return. However, an unattended workstation is trivially susceptible to the well-known "lunchtime attack" by any nearby adversary who simply takes over the departed user's log-in session. At the same time, since deathentication does not intrinsically require user secrets, it can, in principle, be made unobtrusive. To this end, this paper designs the first automatic user deauthentication system, FADEWICH, that does not rely on biometric- or behavior-based techniques (e.g., keystroke dynamics) and does not require users to carry any devices. It uses physical properties of wireless signals and the effect of human bodies on their propagation. To assess FADEWICH's feasibility and performance, extensive experiments were conducted with its prototype. Results show that it suffices to have nine inexpensive wireless sensors deployed in a shared office setting to correctly deauthenticate all users within six seconds (90% within four seconds) after they leave their workstation's vicinity. We considered two realistic scenarios where the adversary attempts to subvert FADEWICH and showed that lunchtime attacks fail.
△ Less
Submitted 27 December, 2016;
originally announced December 2016.
-
A Localization Approach for Crowdsourced Air Traffic Communication Networks
Authors:
Martin Strohmeier,
Vincent Lenders,
Ivan Martinovic
Abstract:
In this work, we argue that current state-of-the-art methods of aircraft localization such as multilateration are insufficient, in particular for modern crowdsourced air traffic networks with random, unplanned deployment geometry. We propose an alternative, a grid-based localization approach using the k-Nearest Neighbor algorithm, to deal with the identified shortcomings. Our proposal does not req…
▽ More
In this work, we argue that current state-of-the-art methods of aircraft localization such as multilateration are insufficient, in particular for modern crowdsourced air traffic networks with random, unplanned deployment geometry. We propose an alternative, a grid-based localization approach using the k-Nearest Neighbor algorithm, to deal with the identified shortcomings. Our proposal does not require any changes to the existing air traffic protocols and transmitters, and is easily implemented using only low-cost, commercial-off-the-shelf hardware.
Using an algebraic multilateration algorithm for comparison, we evaluate our approach using real-world flight data collected with our collaborative sensor network OpenSky. We quantify its effectiveness in terms of aircraft location accuracy, surveillance coverage, and the verification of false position data. Our results show that the grid-based approach can increase the effective air traffic surveillance coverage compared to multilateration by a factor of up to 2.5. As it does not suffer from dilution of precision, it is much more robust in noisy environments and performs better in pre-existing, unplanned receiver deployments.
We further find that the mean aircraft location accuracy can be increased by up to 41% in comparison with multilateration while also being able to pinpoint the origin of potential spoofing attacks conducted from the ground.
△ Less
Submitted 21 October, 2016;
originally announced October 2016.
-
STASH: Securing transparent authentication schemes using prover-side proximity verification
Authors:
Mika Juuti,
Christian Vaas,
Ivo Sluganovic,
Hans Liljestrand,
N. Asokan,
Ivan Martinovic
Abstract:
Transparent authentication (TA) schemes are those in which a user is authenticated by a verifier without requiring explicit user interaction. By doing so, those schemes promise high usability and security simultaneously. The majority of TA implementations rely on the received signal strength as an indicator for the proximity of a user device (prover). However, such implicit proximity verification…
▽ More
Transparent authentication (TA) schemes are those in which a user is authenticated by a verifier without requiring explicit user interaction. By doing so, those schemes promise high usability and security simultaneously. The majority of TA implementations rely on the received signal strength as an indicator for the proximity of a user device (prover). However, such implicit proximity verification is not secure against an adversary who can relay messages over a larger distance. In this paper, we propose a novel approach for thwarting relay attacks in TA schemes: the prover permits access to authentication credentials only if it can confirm that it is near the verifier. We present STASH, a system for relay-resilient transparent authentication in which the prover does proximity verification by comparing its approach trajectory towards the intended verifier with known authorized reference trajectories. Trajectories are measured using low-cost sensors commonly available on personal devices. We demonstrate the security of STASH against a class of adversaries and its ease-of-use by analyzing empirical data, collected using a STASH prototype. STASH is efficient and can be easily integrated to complement existing TA schemes.
△ Less
Submitted 29 March, 2017; v1 submitted 10 October, 2016;
originally announced October 2016.
-
Quantifying Permission-Creep in the Google Play Store
Authors:
Vincent F. Taylor,
Ivan Martinovic
Abstract:
Although there are over 1,600,000 third-party Android apps in the Google Play Store, little has been conclusively shown about how their individual (and collective) permission usage has evolved over time. Recently, Android 6 overhauled the way permissions are granted by users, by switching to run-time permission requests instead of install-time permission requests. This is a welcome change, but rec…
▽ More
Although there are over 1,600,000 third-party Android apps in the Google Play Store, little has been conclusively shown about how their individual (and collective) permission usage has evolved over time. Recently, Android 6 overhauled the way permissions are granted by users, by switching to run-time permission requests instead of install-time permission requests. This is a welcome change, but recent research has shown that many users continue to accept run-time permissions blindly, leaving them at the mercy of third-party app developers and adversaries. Beyond intentionally invading privacy, highly privileged apps increase the attack surface of smartphones and are more attractive targets for adversaries. This work focuses exclusively on dangerous permissions, i.e., those permissions identified by Android as guarding access to sensitive user data. By taking snapshots of the Google Play Store over a 20-month period, we characterise changes in the number and type of dangerous permissions used by Android apps when they are updated, to gain a greater understanding of the evolution of permission usage. We found that approximately 25,000 apps asked for additional permissions every three months. Worryingly, we made statistically significant observations that free apps and highly popular apps were more likely to ask for additional permissions when they were updated. By looking at patterns in dangerous permission usage, we find evidence that suggests developers may still be failing to correctly specify the permissions their apps need.
△ Less
Submitted 10 August, 2016; v1 submitted 6 June, 2016;
originally announced June 2016.
-
On Perception and Reality in Wireless Air Traffic Communications Security
Authors:
Martin Strohmeier,
Matthias Schäfer,
Rui Pinheiro,
Vincent Lenders,
Ivan Martinovic
Abstract:
More than a dozen wireless technologies are used by air traffic communication systems during different flight phases. From a conceptual perspective, all of them are insecure as security was never part of their design. Recent contributions from academic and hacking communities have exploited this inherent vulnerability to demonstrate attacks on some of these technologies. However, not all of these…
▽ More
More than a dozen wireless technologies are used by air traffic communication systems during different flight phases. From a conceptual perspective, all of them are insecure as security was never part of their design. Recent contributions from academic and hacking communities have exploited this inherent vulnerability to demonstrate attacks on some of these technologies. However, not all of these contributions have resonated widely within aviation circles. At the same time, the security community lacks certain aviation domain knowledge, preventing aviation authorities from giving credence to their findings.
In this paper, we aim to reconcile the view of the security community and the perspective of aviation professionals concerning the safety of air traffic communication technologies. To achieve this, we first provide a systematization of the applications of wireless technologies upon which civil aviation relies. Based on these applications, we comprehensively analyze vulnerabilities, attacks, and countermeasures. We categorize the existing research on countermeasures into approaches that are applicable in the short term and research of secure new technologies deployable in the long term.
Since not all of the required aviation knowledge is codified in academic publications, we additionally examine existing aviation standards and survey 242 international aviation experts. Besides their domain knowledge, we also analyze the awareness of members of the aviation community concerning the security of wireless systems and collect their expert opinions on the potential impact of concrete attack scenarios using these technologies.
△ Less
Submitted 24 October, 2016; v1 submitted 28 February, 2016;
originally announced February 2016.
-
Subliminal Probing for Private Information via EEG-Based BCI Devices
Authors:
Mario Frank,
Tiffany Hwu,
Sakshi Jain,
Robert Knight,
Ivan Martinovic,
Prateek Mittal,
Daniele Perito,
Dawn Song
Abstract:
Martinovic et al. proposed a Brain-Computer-Interface (BCI) -based attack in which an adversary is able to infer private information about a user, such as their bank or area-of-living, by analyzing the user's brain activities. However, a key limitation of the above attack is that it is intrusive, requiring user cooperation, and is thus easily detectable and can be reported to other users. In this…
▽ More
Martinovic et al. proposed a Brain-Computer-Interface (BCI) -based attack in which an adversary is able to infer private information about a user, such as their bank or area-of-living, by analyzing the user's brain activities. However, a key limitation of the above attack is that it is intrusive, requiring user cooperation, and is thus easily detectable and can be reported to other users. In this paper, we identify and analyze a more serious threat for users of BCI devices. We propose a it subliminal attack in which the victim is attacked at the levels below his cognitive perception. Our attack involves exposing the victim to visual stimuli for a duration of 13.3 milliseconds -- a duration usually not sufficient for conscious perception. The attacker analyzes subliminal brain activity in response to these short visual stimuli to infer private information about the user. If carried out carefully, for example by hiding the visual stimuli within screen content that the user expects to see, the attack may remain undetected. As a consequence, the attacker can scale it to many victims and expose them to the attack for a long time. We experimentally demonstrate the feasibility of our subliminal attack via a proof-of-concept study carried out with 27 subjects. We conducted experiments on users wearing Electroencephalography-based BCI devices, and used portrait pictures of people as visual stimuli which were embedded within the background of an innocuous video for a time duration not exceeding 13.3 milliseconds. Our experimental results show that it is feasible for an attacker to learn relevant private information about the user, such as whether the user knows the identity of the person for which the attacker is probing.
△ Less
Submitted 29 May, 2017; v1 submitted 20 December, 2013;
originally announced December 2013.
-
On the Security of the Automatic Dependent Surveillance-Broadcast Protocol
Authors:
Martin Strohmeier,
Vincent Lenders,
Ivan Martinovic
Abstract:
Automatic dependent surveillance-broadcast (ADS-B) is the communications protocol currently being rolled out as part of next generation air transportation systems. As the heart of modern air traffic control, it will play an essential role in the protection of two billion passengers per year, besides being crucial to many other interest groups in aviation. The inherent lack of security measures in…
▽ More
Automatic dependent surveillance-broadcast (ADS-B) is the communications protocol currently being rolled out as part of next generation air transportation systems. As the heart of modern air traffic control, it will play an essential role in the protection of two billion passengers per year, besides being crucial to many other interest groups in aviation. The inherent lack of security measures in the ADS-B protocol has long been a topic in both the aviation circles and in the academic community. Due to recently published proof-of-concept attacks, the topic is becoming ever more pressing, especially with the deadline for mandatory implementation in most airspaces fast approaching.
This survey first summarizes the attacks and problems that have been reported in relation to ADS-B security. Thereafter, it surveys both the theoretical and practical efforts which have been previously conducted concerning these issues, including possible countermeasures. In addition, the survey seeks to go beyond the current state of the art and gives a detailed assessment of security measures which have been developed more generally for related wireless networks such as sensor networks and vehicular ad hoc networks, including a taxonomy of all considered approaches.
△ Less
Submitted 15 April, 2014; v1 submitted 13 July, 2013;
originally announced July 2013.
-
Air Dominance in Sensor Networks: Guarding Sensor Motes using Selective Interference
Authors:
Matthias Wilhelm,
Ivan Martinovic,
Jens B. Schmitt,
Vincent Lenders
Abstract:
Securing wireless sensor networks (WSNs) is a hard problem. In particular, network access control is notoriously difficult to achieve due to the inherent broadcast characteristics of wireless communications: an attacker can easily target any node in its transmission range and affect large parts of a sensor network simultaneously. In this paper, we therefore propose a distributed guardian system to…
▽ More
Securing wireless sensor networks (WSNs) is a hard problem. In particular, network access control is notoriously difficult to achieve due to the inherent broadcast characteristics of wireless communications: an attacker can easily target any node in its transmission range and affect large parts of a sensor network simultaneously. In this paper, we therefore propose a distributed guardian system to protect a WSN based on physically regulating channel access by means of selective interference. The guardians are deployed alongside a sensor network, inspecting all local traffic, classifying packets based on their content, and destroying any malicious packet while still on the air. In that sense, the system tries to gain "air dominance" over attackers. A key challenge in implementing the guardian system is the resulting real-time requirement in order to classify and destroy packets during transmission. We present a USRP2 software radio based guardian implementation for IEEE 802.15.4 that meets this challenge; using an FPGA-based design we can even check for the content of the very last payload byte of a packet and still prevent its reception by a potential victim mote. Our evaluation shows that the guardians effectively block 99.9% of unauthorized traffic in 802.15.4 networks in our experiments, without disturbing the legitimate operations of the WSN.
△ Less
Submitted 17 May, 2013;
originally announced May 2013.
