Over the past three decades, standardizing organizations (e.g., the National Institute of Standards and Technology and Internet Engineering Task Force) have investigated the efficiency of cryptographic algorithms and provided (technical) guidelines for practitioners. For example, the (Datagram) Transport Layer Security “(D)TLS” 1.2/1.3 was designed to help industries implement and integrate such methods through underpinning infrastructures of Internet of Everything (IoE) environments with efficiency and efficacy in mind. The main goal underpinning such protocols is to protect the Internet connections between IoE machines from malicious activities such as unauthorized eavesdropping, monitoring, and tampering with messages. In theory, these protocols are supposed to be secure. Still, most existing implementations partially follow the standard features of (D)TLS 1.2/3, leaving them vulnerable to risks such as side-channel and network attacks. In this paper, we critically review the standard protocols deployed for the security management of data and connected machines, and also examine the recently discovered vulnerabilities that lead to successful zero-day attacks in IoE environments. Then, we discuss various potential countermeasures in the form of organizational policy enforcement strategies and mitigation approaches that can be used by cybersecurity practitioners, decision- and policy-makers. Finally, we identify both proactive and reactive solutions for further consideration and study, as well as propose alternative mechanisms and e-governance policies for standardizing organizations and engineers in future solution designs.

The Internet of Medical Things (IoMT) is getting extreme attraction as it motivates unprecedented growth in the healthcare industry. Security breaches in IoMT can lead to threatening patients’ lives. For IoMT, existing medical remote attestation techniques (EMRATs) have limitations such as neglecting operational symptoms of compromised systems, like inconsistent medical sensor readings. Moreover, EMRATs do not enable medical-forensic-based attestation history and are inefficient for mutual attestation between a doctor network and a sensor network monitoring a patient. This mutual attestation guarantees safe remote surgeries. In this paper for IoMT, we present a novel remote attestation protocol, BDMFA (Blockchain-supported and Deep learning Medical Forensic-enabling Attestation), to overcome the limitations of EMRATs. BDMFA utilizes deep learning and Blockchain to learn from sensor readings and store attestation history. We prove that BDMFA is resilient to a higher number of attacks than that resisted by EMRATs. Moreover, we present a proof-of-concept implementation for BDMFA using SMART (Secure and Minimal Architecture for Root of Trust). We proved the practical feasibility of BDMFA by implementing it using Omnetpp equipped with Castalia. For a system with 50 patient-sensors and 25 doctor-terminals, BDMFA needed only 2.6 s to complete attestation and less communication cost than that needed for related state-of-the-art protocols by 28.4%. For larger systems, we carried comparative analysis confirming that our proposed protocol BDMFA requires less cost and is more scalable and efficient than related protocols.

Leader-based BFT systems face potential disruption and performance degradation from malicious leaders, with current solutions often lacking scalability or greatly increasing complexity. In this paper, we introduce ABSE, an Adaptive Baseline Score-based Election approach to mitigate the negative impact of malicious leaders on leader-based BFT systems. ABSE is fully localized and proposes to accumulate scores for processes based on their contribution to consensus advancement, aiming to bypass less reliable participants when electing leaders. We present a formal treatment of ABSE, addressing the primary design and implementation challenges, defining its generic components and rules for adherence to ensure global consistency. We also apply ABSE to two different BFT protocols, demonstrating its scalability and negligible impact on protocol complexity. Finally, by building a system prototype and conducting experiments on it, we demonstrate that ABSE-enhanced protocols can effectively minimize the disruptions caused by malicious leaders, whilst incurring minimal additional resource overhead and maintaining base performance.

Decentralised learning has recently gained traction as an alternative to federated learning in which both data and coordination are distributed over its users. To preserve the confidentiality of users' data, decentralised learning relies on differential privacy, multi-party computation, or a combination thereof. However, running multiple privacy-preserving summations in sequence may allow adversaries to perform reconstruction attacks. Unfortunately, current reconstruction countermeasures either cannot trivially be adapted to the distributed setting, or add excessive amounts of noise.

In this work, we first show that passive honest-but-curious adversaries can infer other users' private data after several privacy-preserving summations. For example, in subgraphs with 18 users, we show that only three passive honest-but-curious adversaries succeed at reconstructing private data 11.0% of the time, requiring an average of 8.8 summations per adversary. The success rate depends only on the adversaries' direct neighbourhood, and is independent of the size of the full network. We consider weak adversaries that do not control the graph topology, cannot exploit the inner workings of the summation protocol, and do not have auxiliary knowledge; and show that these adversaries can still infer private data.

We develop a mathematical understanding of how reconstruction relates to topology and propose the first topology-based decentralised defence against reconstruction attacks. Specifically, we show that reconstruction requires a number of adversaries linear in the length of the network's shortest cycle. Consequently, exact reconstruction attacks over privacy-preserving summations are impossible in acyclic networks.

Our work is a stepping stone for a formal theory of topology-based decentralised reconstruction defences. Such a theory would generalise our countermeasure beyond summation, define confidentiality in terms of entropy, and describe the interactions with (topology-aware) differential privacy.

Federated Learning is an approach that enables multiple devices to collectively train a shared model without sharing raw data, thereby preserving data privacy. However, federated learning systems are vulnerable to data-poisoning attacks during the training and updating stages. Three data-poisoning attacks-label flipping, feature poisoning, and VagueGAN-are tested on FL models across one out of ten clients using the CIC and UNSW datasets. For label flipping, we randomly modify labels of benign data; for feature poisoning, we alter highly influential features identified by the Random Forest technique; and for VagueGAN, we generate adversarial examples using Generative Adversarial Networks. Adversarial samples constitute a small portion of each dataset. In this study, we vary the percentages by which adversaries can modify datasets to observe their impact on the Client and Server sides. Experimental findings indicate that label flipping and VagueGAN attacks do not significantly affect server accuracy, as they are easily detectable by the Server. In contrast, feature poisoning attacks subtly undermine model performance while maintaining high accuracy and attack success rates, highlighting their subtlety and effectiveness. Therefore, feature poisoning attacks manipulate the server without causing a significant decrease in model accuracy, underscoring the vulnerability of federated learning systems to such sophisticated attacks. To mitigate these vulnerabilities, we explore a recent defensive approach known as Random Deep Feature Selection, which randomizes server features with varying sizes (e.g., 50 and 400) during training. This strategy has proven highly effective in minimizing the impact of such attacks, particularly on feature poisoning.

The performance of distributed averaging depends heavily on the underlying topology. In various fields, including compressed sensing, multi-party computation, and abstract graph theory, graphs may be expected to be free of short cycles, i.e. to have high girth. Though extensive analyses and heuristics exist for optimising the performance of distributed averaging in general networks, these studies do not consider girth. As such, it is not clear what happens to convergence time when a graph is stretched to a higher girth.

In this work, we introduce the optimal graph stretching problem, wherein we are interested in finding the set of edges for a particular graph that ensures optimal convergence time under constraint of a minimal girth. We compare various methods for choosing which edges to remove, and use various convergence heuristics to speed up the searching process. We generate many graphs with varying parameters, stretch and optimise them, and measure the duration of distributed averaging. We find that stretching by itself significantly increases convergence time. This decrease can be counteracted with a subsequent repair phase, guided by a convergence time heuristic. Existing heuristics are capable, but may be suboptimal.

Lawful evidence management by law enforcement agencies during the Digital Forensics (DF) investigation is of supreme importance since it convicts suspects of crimes. Therefore, a secure and efficient evidence management system should have certain features such as tamper-resistant, traceability, auditability, privacy preservation, and fine-grained access control. Unfortunately, the state-of-the-art DF is facing new challenges due to the recent technological advancements in various areas, such as the Internet of Things (IoT), Cyber-Physical Systems (CPS), communication technologies, and cloud computing, which are heavily being used in our daily lives. These technologies are also the primary sources for evidence extraction in most crimes. Hence, forensic experts need novel tools and methodologies to keep pace with these new technologies. The inherent properties of blockchain, such as transparency, immutability, secure anonymity, and auditability, make it a suitable solution to address DF’s new challenges. To this end, we provide a compact survey on state-of-the-art blockchain-based DF investigation techniques along with their advantages and disadvantages. We will discuss all critical issues and challenges involved in forensic investigations and evidence management systems, focusing on security and privacy challenges. Moreover, blockchain-based solutions that target specific service areas such as IoT and cloud computing forensics will be discussed in detail due to their usage in many application domains. Finally, we will present the challenges that existing blockchain-based forensics solutions face, along with possible ways of addressing them.

We consider the problem of publicly verifiable privacy-preserving data aggregation in the presence of a malicious aggregator colluding with malicious users. State-of-the-art solutions either split the aggregator into two parties under the assumption that they do not collude, or require many rounds of interactivity and have non-constant verification time. In this work, we propose mPVAS, the first publicly verifiable privacy-preserving data aggregation protocol that allows arbitrary collusion, without relying on trusted third parties during execution, where verification runs in constant time. We also show three extensions to mPVAS: mPVAS+, for improved communication complexity, mPVAS-IV, for the identification of malicious users, and mPVAS-UD, for graceful handling of reduced user availability without the need to redo the setup. We show that our schemes achieve the desired confidentiality, integrity, and authenticity. Finally, through both theoretical and experimental evaluations, we show that our schemes are feasible for real-world applications.

In the Internet of Things era, the Internet demands extremely high-speed communication and data transformation. To this end, the tactile Internet has been proposed as a medium that provides the sense of touch ability, facilitating data transferability with extra-low latency in various applications ranging from industry, robotics, and healthcare to road traffic, education, and culture. Here, programmable networks are role players in approaching the tactile Internet's low latency (≈ 1ms) pillar. Several functionalities - including security - are offloaded onto the network core employing programmable in-network pipelines. From the security perspective, Artificial Intelligence (AI) is another role player that enables the line-rate inference on the core network without involving the control plane. However, integrating AI-based security solutions in programmable devices is challenging mainly because of their constrained anatomy. Furthermore, such solutions inherit well-known adversarial AI vulnerabilities, representing an additional threat to programmable networks. Considering the above, this article discusses AI-based security solutions in programmable networks, focusing on the explored modalities of integrating AI models in programmable constrained network devices. Moreover, we elaborate on the challenges and risks of relying on AI for such mechanisms. Lastly, the article brings a visionary glimpse for future trends in this regard, raising some essential questions on the indispensability of AI for security functionalities and providing some alternative solutions.

The growing integration of vehicles with external networks has led to a surge in attacks targeting their Controller Area Network (CAN) internal bus. As a countermeasure, various Intrusion Detection Systems (IDSs) have been suggested in the literature to prevent and mitigate these threats. With the increasing volume of data facilitated by the integration of Vehicle-to-Vehicle (V2V) and Vehicle-to-Infrastructure (V2I) communication networks, most of these systems rely on data-driven approaches such as Machine Learning (ML) and Deep Learning (DL) models. However, these systems are susceptible to adversarial evasion attacks. While many researchers have explored this vulnerability, their studies often involve unrealistic assumptions, lack consideration for a realistic threat model, and fail to provide effective solutions. In this paper, we present CANEDERLI (CAN Evasion Detection ResiLIence), a novel framework for securing CAN-based IDSs. Our system considers a realistic threat model and addresses the impact of adversarial attacks on DL-based detection systems. Our findings highlight strong transferability properties among diverse attack methodologies by considering multiple state-of-the-art attacks and model architectures. We analyze the impact of adversarial training in addressing this threat and propose an adaptive online adversarial training technique outclassing traditional fine-tuning methodologies with F1 scores up to 0.941. By making our framework publicly available, we aid practitioners and researchers in assessing the resilience of IDSs to a varied adversarial landscape.

Range queries allow data users to outsource their data to a Cloud Server (CS) that responds to data users who submit a request with range conditions. However, security concerns hinder the wide-scale adoption. Existing works neglect item availability, fail to protect secure verification or sacrifice search accuracy for efficiency. In this paper, we propose Secure, Available, Verifiable, and Efficient (SAVE) range query processing, which has three distinctive features. (1) Secure availability checking against a malicious CS: we design a keyed index-based secure verification mechanism to check the availability of matched nodes, including validity and freshness. (2) Secure result verification: we design a targeted verification mechanism for result correctness and completeness while not compromising security. (3) Improved efficiency and accuracy: we design a lay-ered encoding method to improve search efficiency and accuracy. We formally stated and proved the security of SAVE in the random oracle model. We conducted extensive experiments over the Yelp and FourSquare dataset to validate the efficiency, e.g., a query over 10 thousand data items only needs 19.4 ms to get queried results and 3.5 ms for local verification.

Recently, attackers have targeted machine learning systems, introducing various attacks. The backdoor attack is popular in this field and is usually realized through data poisoning. To the best of our knowledge, we are the first to investigate whether the backdoor attacks remain effective when manifold learning algorithms are applied to the poisoned dataset. We conducted our experiments using two manifold learning techniques (Autoencoder and UMAP) on two benchmark datasets (MNIST and CIFAR10) and two backdoor strategies (clean and dirty label). We performed an array of experiments using different parameters, finding that we could reach an attack success rate of 95% and 75% even after reducing our data to two dimensions using Autoencoders and UMAP, respectively.

Predicting and classifying faults in electricity networks is crucial for uninterrupted provision and keeping maintenance costs at a minimum. Thanks to the advancements in the field provided by the smart grid, several data-driven approaches have been proposed in the literature to tackle fault prediction tasks. Implementing these systems brought several improvements, such as optimal energy consumption and quick restoration. Thus, they have become an essential component of the smart grid. However, the robustness and security of these systems against adversarial attacks have not yet been extensively investigated. These attacks can impair the whole grid and cause additional damage to the infrastructure, deceiving fault detection systems and disrupting restoration. In this paper, we present FaultGuard, the first framework for fault type and zone classification resilient to adversarial attacks. To ensure the security of our system, we employ an Anomaly Detection System (ADS) leveraging a novel Generative Adversarial Network training layer to identify attacks. Furthermore, we propose a low-complexity fault prediction model and an online adversarial training technique to enhance robustness. We comprehensively evaluate the framework’s performance against various adversarial attacks using the IEEE13-AdvAttack dataset, which constitutes the state-of-the-art for resilient fault prediction benchmarking. Our model outclasses the state-of-the-art even without considering adversaries, with an accuracy of up to 0.958. Furthermore, our ADS shows attack detection capabilities with an accuracy of up to 1.000. Finally, we demonstrate how our novel training layers drastically increase performances across the whole framework, with a mean increase of 154% in ADS accuracy and 118% in model accuracy.

Web Vulnerability Assessment and Penetration Testing (Web VAPT) is a comprehensive cybersecurity process that uncovers a range of vulnerabilities which, if exploited, could compromise the integrity of web applications. In a VAPT, it is common to perform a Directory brute-forcing Attack, aiming at the identification of accessible directories of a target website. Current commercial solutions are inefficient as they are based on brute-forcing strategies that use wordlists, resulting in enormous quantities of trials for a small amount of success.

Offensive AI is a recent paradigm that integrates AI-based technologies in cyber attacks. In this work, we explore whether AI can enhance the directory enumeration process and propose a novel Language Model-based framework. Our experiments -- conducted in a testbed consisting of 1 million URLs from different web application domains (universities, hospitals, government, companies) -- demonstrate the superiority of the LM-based attack, with an average performance increase of 969%.

Threshold signature is a powerful cryptographic technique with a large number of real-life applications. As designed by Boneh and Komlo (CRYPTO’22), TAPS is a new threshold signature integrating privacy and accountability. It allows a combiner to combine t signature shares while protecting t and the signing group from the public. It also enables a tracer to trace a threshold signature to its original signing group. Despite being valuable, TAPS neglects the witnessing of tracing, i.e., leaves the tracing activity unrestrained. In this paper, we introduce Accountable and Private Threshold Signature with Hidden Witnesses (HiTAPS) that not only provides privacy and accountability, but also incorporates witnessed tracing. In specific, we first utilize Dynamic Threshold Public-Key Encryption (DTPKE) and ElGamal encryption to designate a set of t^′ witnesses for endorsing the tracing activity. We then compute a keyed-hash tag for the t^′ witnesses to initiate the tracing activity secretly. Moreover, we present an optimized protocol HiTAPS2 to reduce communication overhead of the combiner. We formalize the definitions, security, and privacy for HiTAPS. We formally prove its security and privacy. To evaluate the performance of HiTAPS and HiTAPS2, we build a prototype based on pypbc. Experimental results show that HiTAPS takes 217(370) ms to combine (track) a threshold signature of 5 signers (witnesses). The optimized HiTAPS2 only takes 137 ms to combine a threshold signature of 5 signers.

Hyperloop is among the most prominent future transportation systems. It involves novel technologies to allow traveling at a maximum speed of 1220km/h while guaranteeing sustainability. Due to the system's performance requirements and the critical infrastructure it represents, its safety and security must be carefully considered. In transportation systems, cyberattacks could lead to safety issues with catastrophic consequences for the population and the surrounding environment. To this day, no research inves-tigated the cybersecurity issues of the Hyperloop technology. In this paper, we provide the first analysis of the cybersecurity challenges of the interconnections between the different components of the Hyperloop ecosystem. We base our analysis on the currently available Hyperloop implementations, distilling those features that will likely be present in its final design. Moreover, we investigate possible infrastructure management approaches and their security concerns. Finally, we discuss countermeasures and future directions for the security of the Hyperloop design.

Existing literature on adversarial Machine Learning (ML) focuses either on showing attacks that break every ML model or defenses that withstand most attacks. Unfortunately, little consideration is given to the actual feasibility of the attack or the defense. Moreover, adversarial samples are often crafted in the “feature-space,” making the corresponding evaluations of questionable value. Simply put, the current situation does not allow one to estimate the actual threat posed by adversarial attacks, leading to a lack of secure ML systems.

We aim to clarify such confusion in this article. By considering the application of ML for Phishing Website Detection (PWD), we formalize the “evasion-space,” in which an adversarial perturbation can be introduced to fool an ML-PWD—demonstrating that even perturbations in the “feature-space” are useful. Then, we propose a realistic threat model describing evasion attacks against ML-PWD that are cheap to stage, and hence intrinsically more attractive for real phishers. After that, we perform the first statistically validated assessment of state-of-the-art ML-PWD against 12 evasion attacks. Our evaluation shows (i) the true efficacy of evasion attempts that are more likely to occur; and (ii) the impact of perturbations crafted in different evasion-spaces; our realistic evasion attempts induce a statistically significant degradation (3–10% at p< 0.05), and their cheap cost makes them a subtle threat. Notably, however, some ML-PWD are immune to our most realistic attacks (p = 0.22).

Finally, as an additional contribution of this journal publication, we are the first to propose and empirically evaluate the intriguing case wherein an attacker introduces perturbations in multiple evasion-spaces at the same time. These new results show that simultaneously applying perturbations in the problem- and feature-space can cause a drop in the detection rate from 0.95 to 0.

Our contribution paves the way for a much-needed re-assessment of adversarial attacks against ML systems for cybersecurity.

Smart Parking Services (SPSs) enable cruising drivers to find the nearest parking lot with available spots, reducing the traveling time, gas, and traffic congestion. However, drivers risk the exposure of sensitive location data during parking query to an untrusted Smart Parking Service Provider (SPSP). Our motivation arises from a repetitive query to an updated database, i.e., how a driver can be repetitively paired with a previously-matched-but-forgotten lot. Meanwhile, we aim to achieve repetitive query in an oblivious and unlinkable manner. In this work, we present Mnemosyne2 : decentralized and privacy-preserving smart parking with secure repetition and full verifiability. Specifically, we design repetitive, oblivious, and unlinkable Secure k Nearest Neighbor (SkNN) with basic verifiability (correctness and completeness) for encrypted-andupdated databases. We build a local Ethereum blockchain to perform driver-lot matching via smart contracts. To adapt to the lot count update, we resort to the immutable blockchain for advanced verifiability (truthfulness). Last, we utilize decentralized blacklistable anonymous credentials to guarantee identity privacy. Finally, we formally define and prove privacy and security. We conduct extensive experiments over a real-world dataset and compare Mnemosyne2 with existing work. The results show that a query only needs 8 seconds (175 ms) on average for service waiting (verification) among 500 drivers.

Recent advancements in Artificial Intelligence, and particularly Large Language Models (LLMs), offer promising prospects for aiding system administrators in managing the complexity of modern networks. However, despite this potential, a significant gap exists in the literature regarding the extent to which LLMs can understand computer networks. Without empirical evidence, system administrators might rely on these models without assurance of their efficacy in performing network-related tasks accurately. In this paper, we are the first to conduct an exhaustive study on LLMs' comprehension of computer networks. We formulate several research questions to determine whether LLMs can provide correct answers when supplied with a network topology and questions on it. To assess them, we developed a thorough framework for evaluating LLMs' capabilities in various network-related tasks. We evaluate our framework on multiple computer networks employing proprietary (e.g., GPT4) and open-source (e.g., Llama2) models. Our findings in general purpose LLMs using a zero-shot scenario demonstrate promising results, with the best model achieving an average accuracy of 79.3%. Proprietary LLMs achieve noteworthy results in small and medium networks, while challenges persist in comprehending complex network topologies, particularly for open-source models. Moreover, we provide insight into how prompt engineering can enhance the accuracy of some tasks.

Private set intersection protocols allow two parties with private sets of data to compute the intersection between them without leaking other information about their sets. These protocols have been studied for almost 20 years, and have been significantly improved over time, reducing both their computation and communication costs. However, when more than two parties want to compute a private set intersection, these protocols are no longer applicable. While extensions exist to the multi-party case, these protocols are significantly less efficient than the two-party case. It remains an open question to design collusion-resistant multi-party private set intersection (MPSI) protocols that come close to the efficiency of two-party protocols. This work is made more difficult by the immense variety in the proposed schemes and the lack of systematization. Moreover, each new work only considers a small subset of previously proposed protocols, leaving out important developments from older works. Finally, MPSI protocols rely on many possible constructions and building blocks that have not been summarized. This work aims to point protocol designers to gaps in research and promising directions, pointing out common security flaws and sketching a frame of reference. To this end, we focus on the semi-honest model. We conclude that current MPSI protocols are not a one-size-fits-all solution, and instead there exist many protocols that each prevail in their own application setting.