Over the past three decades, standardizing organizations (e.g., the National Institute of Standards and Technology and Internet Engineering Task Force) have investigated the efficiency of cryptographic algorithms and provided (technical) guidelines for practitioners. For example, the (Datagram) Transport Layer Security “(D)TLS” 1.2/1.3 was designed to help industries implement and integrate such methods through underpinning infrastructures of Internet of Everything (IoE) environments with efficiency and efficacy in mind. The main goal underpinning such protocols is to protect the Internet connections between IoE machines from malicious activities such as unauthorized eavesdropping, monitoring, and tampering with messages. In theory, these protocols are supposed to be secure. Still, most existing implementations partially follow the standard features of (D)TLS 1.2/3, leaving them vulnerable to risks such as side-channel and network attacks. In this paper, we critically review the standard protocols deployed for the security management of data and connected machines, and also examine the recently discovered vulnerabilities that lead to successful zero-day attacks in IoE environments. Then, we discuss various potential countermeasures in the form of organizational policy enforcement strategies and mitigation approaches that can be used by cybersecurity practitioners, decision- and policy-makers. Finally, we identify both proactive and reactive solutions for further consideration and study, as well as propose alternative mechanisms and e-governance policies for standardizing organizations and engineers in future solution designs.

The Internet of Medical Things (IoMT) is getting extreme attraction as it motivates unprecedented growth in the healthcare industry. Security breaches in IoMT can lead to threatening patients’ lives. For IoMT, existing medical remote attestation techniques (EMRATs) have limitations such as neglecting operational symptoms of compromised systems, like inconsistent medical sensor readings. Moreover, EMRATs do not enable medical-forensic-based attestation history and are inefficient for mutual attestation between a doctor network and a sensor network monitoring a patient. This mutual attestation guarantees safe remote surgeries. In this paper for IoMT, we present a novel remote attestation protocol, BDMFA (Blockchain-supported and Deep learning Medical Forensic-enabling Attestation), to overcome the limitations of EMRATs. BDMFA utilizes deep learning and Blockchain to learn from sensor readings and store attestation history. We prove that BDMFA is resilient to a higher number of attacks than that resisted by EMRATs. Moreover, we present a proof-of-concept implementation for BDMFA using SMART (Secure and Minimal Architecture for Root of Trust). We proved the practical feasibility of BDMFA by implementing it using Omnetpp equipped with Castalia. For a system with 50 patient-sensors and 25 doctor-terminals, BDMFA needed only 2.6 s to complete attestation and less communication cost than that needed for related state-of-the-art protocols by 28.4%. For larger systems, we carried comparative analysis confirming that our proposed protocol BDMFA requires less cost and is more scalable and efficient than related protocols.

The performance of distributed averaging depends heavily on the underlying topology. In various fields, including compressed sensing, multi-party computation, and abstract graph theory, graphs may be expected to be free of short cycles, i.e. to have high girth. Though extensive analyses and heuristics exist for optimising the performance of distributed averaging in general networks, these studies do not consider girth. As such, it is not clear what happens to convergence time when a graph is stretched to a higher girth.

In this work, we introduce the optimal graph stretching problem, wherein we are interested in finding the set of edges for a particular graph that ensures optimal convergence time under constraint of a minimal girth. We compare various methods for choosing which edges to remove, and use various convergence heuristics to speed up the searching process. We generate many graphs with varying parameters, stretch and optimise them, and measure the duration of distributed averaging. We find that stretching by itself significantly increases convergence time. This decrease can be counteracted with a subsequent repair phase, guided by a convergence time heuristic. Existing heuristics are capable, but may be suboptimal.

Android operating system restricts access to data by enabling data control flow and permission systems to reduce the risk of information theft. Therefore, attackers are constantly looking for alternative and stealthy approaches to exfiltrate private data from a targeted device. This paper presents CovertPower, a covert channel attack that exfiltrates user data by actively inducing power consumption on Android devices. At the transmitting end, our CovertPower app modulates binary data into a timed resource workload (e.g., processor, write-on-memory), producing power consumption bursts. On the receiving end, we acquire power consumption traces via a low-cost hardware tool that can be easily concealed in USB wall-socket adapters or powerbanks. Therefore, a signal processing-based decoder analyzes such traces and retrieves the exfiltrated information. We demonstrate the feasibility of our attack with a thorough experimental evaluation on 14 mobile devices and various real-world settings such as display state, ongoing activities, and charging technologies. Our attack achieves a transfer speed of up to 10bps with a high bit sequence similarity on most devices and settings considered.

Decentralised learning has recently gained traction as an alternative to federated learning in which both data and coordination are distributed over its users. To preserve the confidentiality of users' data, decentralised learning relies on differential privacy, multi-party computation, or a combination thereof. However, running multiple privacy-preserving summations in sequence may allow adversaries to perform reconstruction attacks. Unfortunately, current reconstruction countermeasures either cannot trivially be adapted to the distributed setting, or add excessive amounts of noise.

In this work, we first show that passive honest-but-curious adversaries can infer other users' private data after several privacy-preserving summations. For example, in subgraphs with 18 users, we show that only three passive honest-but-curious adversaries succeed at reconstructing private data 11.0% of the time, requiring an average of 8.8 summations per adversary. The success rate depends only on the adversaries' direct neighbourhood, and is independent of the size of the full network. We consider weak adversaries that do not control the graph topology, cannot exploit the inner workings of the summation protocol, and do not have auxiliary knowledge; and show that these adversaries can still infer private data.

We develop a mathematical understanding of how reconstruction relates to topology and propose the first topology-based decentralised defence against reconstruction attacks. Specifically, we show that reconstruction requires a number of adversaries linear in the length of the network's shortest cycle. Consequently, exact reconstruction attacks over privacy-preserving summations are impossible in acyclic networks.

Our work is a stepping stone for a formal theory of topology-based decentralised reconstruction defences. Such a theory would generalise our countermeasure beyond summation, define confidentiality in terms of entropy, and describe the interactions with (topology-aware) differential privacy.

Federated Learning is an approach that enables multiple devices to collectively train a shared model without sharing raw data, thereby preserving data privacy. However, federated learning systems are vulnerable to data-poisoning attacks during the training and updating stages. Three data-poisoning attacks-label flipping, feature poisoning, and VagueGAN-are tested on FL models across one out of ten clients using the CIC and UNSW datasets. For label flipping, we randomly modify labels of benign data; for feature poisoning, we alter highly influential features identified by the Random Forest technique; and for VagueGAN, we generate adversarial examples using Generative Adversarial Networks. Adversarial samples constitute a small portion of each dataset. In this study, we vary the percentages by which adversaries can modify datasets to observe their impact on the Client and Server sides. Experimental findings indicate that label flipping and VagueGAN attacks do not significantly affect server accuracy, as they are easily detectable by the Server. In contrast, feature poisoning attacks subtly undermine model performance while maintaining high accuracy and attack success rates, highlighting their subtlety and effectiveness. Therefore, feature poisoning attacks manipulate the server without causing a significant decrease in model accuracy, underscoring the vulnerability of federated learning systems to such sophisticated attacks. To mitigate these vulnerabilities, we explore a recent defensive approach known as Random Deep Feature Selection, which randomizes server features with varying sizes (e.g., 50 and 400) during training. This strategy has proven highly effective in minimizing the impact of such attacks, particularly on feature poisoning.

Leader-based BFT systems face potential disruption and performance degradation from malicious leaders, with current solutions often lacking scalability or greatly increasing complexity. In this paper, we introduce ABSE, an Adaptive Baseline Score-based Election approach to mitigate the negative impact of malicious leaders on leader-based BFT systems. ABSE is fully localized and proposes to accumulate scores for processes based on their contribution to consensus advancement, aiming to bypass less reliable participants when electing leaders. We present a formal treatment of ABSE, addressing the primary design and implementation challenges, defining its generic components and rules for adherence to ensure global consistency. We also apply ABSE to two different BFT protocols, demonstrating its scalability and negligible impact on protocol complexity. Finally, by building a system prototype and conducting experiments on it, we demonstrate that ABSE-enhanced protocols can effectively minimize the disruptions caused by malicious leaders, whilst incurring minimal additional resource overhead and maintaining base performance.

Smart Parking Services (SPSs) enable cruising drivers to find the nearest parking lot with available spots, reducing the traveling time, gas, and traffic congestion. However, drivers risk the exposure of sensitive location data during parking query to an untrusted Smart Parking Service Provider (SPSP). Our motivation arises from a repetitive query to an updated database, i.e., how a driver can be repetitively paired with a previously-matched-but-forgotten lot. Meanwhile, we aim to achieve repetitive query in an oblivious and unlinkable manner. In this work, we present Mnemosyne2 : decentralized and privacy-preserving smart parking with secure repetition and full verifiability. Specifically, we design repetitive, oblivious, and unlinkable Secure k Nearest Neighbor (SkNN) with basic verifiability (correctness and completeness) for encrypted-andupdated databases. We build a local Ethereum blockchain to perform driver-lot matching via smart contracts. To adapt to the lot count update, we resort to the immutable blockchain for advanced verifiability (truthfulness). Last, we utilize decentralized blacklistable anonymous credentials to guarantee identity privacy. Finally, we formally define and prove privacy and security. We conduct extensive experiments over a real-world dataset and compare Mnemosyne2 with existing work. The results show that a query only needs 8 seconds (175 ms) on average for service waiting (verification) among 500 drivers.

Range queries allow data users to outsource their data to a Cloud Server (CS) that responds to data users who submit a request with range conditions. However, security concerns hinder the wide-scale adoption. Existing works neglect item availability, fail to protect secure verification or sacrifice search accuracy for efficiency. In this paper, we propose Secure, Available, Verifiable, and Efficient (SAVE) range query processing, which has three distinctive features. (1) Secure availability checking against a malicious CS: we design a keyed index-based secure verification mechanism to check the availability of matched nodes, including validity and freshness. (2) Secure result verification: we design a targeted verification mechanism for result correctness and completeness while not compromising security. (3) Improved efficiency and accuracy: we design a lay-ered encoding method to improve search efficiency and accuracy. We formally stated and proved the security of SAVE in the random oracle model. We conducted extensive experiments over the Yelp and FourSquare dataset to validate the efficiency, e.g., a query over 10 thousand data items only needs 19.4 ms to get queried results and 3.5 ms for local verification.

The widespread exchange of digital documents in various domains has resulted in abundant private information being shared. This proliferation necessitates redaction techniques to protect sensitive content and user privacy. While numerous redaction methods exist, their effectiveness varies, with some proving more robust than others. As such, the literature proposes several deanonymization techniques, raising awareness of potential privacy threats. However, while none of these methods are successful against the most effective redaction techniques, these attacks only focus on the anonymized tokens and ignore the sentence context. In this paper, we propose RedactBuster, the first deanonymization model using sentence context to perform Named Entity Recognition on redacted text. Our methodology leverages fine-tuned state-of-the-art Transformers and Deep Learning models to determine the anonymized entity types in a document. We test RedactBuster against the most effective redaction technique and evaluate it using the publicly available Text Anonymization Benchmark (TAB). Our results show accuracy values up to 0.985 regardless of the document nature or entity type. In raising awareness of this privacy issue, we propose a countermeasure we call character evasion that helps strengthen the secrecy of sensitive information. Furthermore, we make our model and testbed open-source to aid researchers and practitioners in evaluating the resilience of novel redaction techniques and enhancing document privacy.

Hyperloop is among the most prominent future transportation systems. It involves novel technologies to allow traveling at a maximum speed of 1220km/h while guaranteeing sustainability. Due to the system's performance requirements and the critical infrastructure it represents, its safety and security must be carefully considered. In transportation systems, cyberattacks could lead to safety issues with catastrophic consequences for the population and the surrounding environment. To this day, no research inves-tigated the cybersecurity issues of the Hyperloop technology. In this paper, we provide the first analysis of the cybersecurity challenges of the interconnections between the different components of the Hyperloop ecosystem. We base our analysis on the currently available Hyperloop implementations, distilling those features that will likely be present in its final design. Moreover, we investigate possible infrastructure management approaches and their security concerns. Finally, we discuss countermeasures and future directions for the security of the Hyperloop design.

The Internet of Things rapid growth poses privacy and security challenges for the traditional key storage methods. Physical Unclonable Functions offer a potential solution but require secure fuzzy extractors to ensure reliable replication. This paper introduces X-Lock, a novel and secure computational fuzzy extractor that addresses the limitations faced by traditional solutions in resource-constrained IoT devices. X-Lock offers a reusable and robust solution, effectively mitigating the impacts of bias and correlation through its design. Leveraging the preferred state of a noisy source, X-Lock encrypts a random string of bits that can be later used as seed to generate multiple secret keys. To prove our claims, we provide a comprehensive theoretical analysis, addressing security considerations, and implement the proposed model. To evaluate the effectiveness and superiority of our proposal, we also provide practical experiments and compare the results with existing approaches. The experimental findings demonstrate the efficacy of our algorithm, showing comparable memory cost (≈2.4 KB for storing 5 keys of 128 bits) while being 3 orders of magnitude faster with respect to the state-of-the-art solution (0.086 ms against 15.51 s).

Speaker identification (SI) determines a speaker's identity based on their utterances. Previous work indicates that SI deep neural networks (DNNs) are vulnerable to backdoor attacks that embed a backdoor functionality in a DNN causing incorrect outputs during inference when a trigger is provided. This is the first work exploring SI DNNs' vulnerability to backdoor attacks using speakers' emotional prosody, resulting in dynamic, inconspicuous triggers. We used three datasets and three DNN architectures to determine the impact of using emotions as backdoor triggers on the accuracy of SI DNNs. Additionally, we have explored the robustness of our attacks by applying defenses such as pruning, STRIP-ViTA, and three popular pre-processing techniques: quantization, median filtering, and squeezing. We show that the aforementioned models are prone to our attack (EmoBack), indicating that emotional triggers (i.e., the most effective being neutral, sad, angry, and surprised prosody) can be effectively used to compromise the integrity of SI DNNs. However, our pruning experiments suggest potential ways to reinforce backdoored models against our attacks across multiple emotions, decreasing the attack success rate up to 41.4%.

Acoustic Side-Channel Attacks (ASCAs) extract sensitive information by using audio emitted from a computing devices and their peripherals. Attacks targeting keyboards are popular and have been explored in the literature. However, similar attacks targeting other human-interface peripherals, such as computer mice, are under-explored. To this end, this paper considers security leakage via acoustic signals emanating from normal mouse usage. We first confirm feasibility of such attacks by showing a proof-of-concept attack that classifies four mouse movements with 97% accuracy in a controlled environment. We then evolve the attack towards discerning twelve unique mouse movements using a smartphone to record the experiment. Using Machine Learning (ML) techniques, the model is trained on an experiment with six participants to be generalizable and discern among twelve movements with 94% accuracy. In addition, we experiment with an attack that detects a user action of closing a full-screen window on a laptop. Achieving an accuracy of 91%, this experiment highlights exploiting audio leakage from computer mouse movements in a realistic scenario.

We consider the problem of publicly verifiable privacy-preserving data aggregation in the presence of a malicious aggregator colluding with malicious users. State-of-the-art solutions either split the aggregator into two parties under the assumption that they do not collude, or require many rounds of interactivity and have non-constant verification time. In this work, we propose mPVAS, the first publicly verifiable privacy-preserving data aggregation protocol that allows arbitrary collusion, without relying on trusted third parties during execution, where verification runs in constant time. We also show three extensions to mPVAS: mPVAS+, for improved communication complexity, mPVAS-IV, for the identification of malicious users, and mPVAS-UD, for graceful handling of reduced user availability without the need to redo the setup. We show that our schemes achieve the desired confidentiality, integrity, and authenticity. Finally, through both theoretical and experimental evaluations, we show that our schemes are feasible for real-world applications.

Dynamic Wireless Power Transfer (DWPT) is a novel technology that allows charging an electric vehicle while driving thanks to a dedicated road infrastructure. DWPT's capabilities in automatically establishing charging sessions and billing without users' intervention make it prone to cybersecurity attacks. Hence, security is essential in preventing fraud, impersonation, and user tracking. To this aim, researchers proposed different solutions for authenticating users. However, recent advancements in quantum computing jeopardize classical public key cryptography, making currently existing solutions in DWPT authentication nonviable. To avoid the resource burden imposed by technology upgrades, it is essential to develop post-quantum-resistant solutions. In this paper, we propose DynamiQS, the first post-quantum secure authentication protocol for dynamic wireless charging. DynamiQS is privacy-preserving and secure against attacks on the DWPT. We leverage an Identity-Based Encryption with Lattices in the Ring Learning With Error framework. Furthermore, we show the possibility of using DynamiQS in a real environment, leveraging the results of cryptographic computation on real constrained devices and simulations. DynamiQS reaches a total time cost of around 281 ms, which is practicable in dynamic charging settings (car and charging infrastructure).

Navigation services enable users to find the shortest path from a starting point S to a destination D, reducing time, gas, and traffic congestion. Still, navigation users risk the exposure of their sensitive location data. Our motivation arises from how users can accurately, securely, and efficiently navigate from S to D while passing through k unordered stops, i.e., midway locations with a non-fixed visiting order. In this work, we formally define Semi-Constrained Navigation (SCN) and present a novel scheme Hermes to achieve accurate, secure, and efficient SCN. Specifically, we propose a divide-andconquer approach to strike a good balance between accuracy and efficiency. It recursively depth-first-searches the whole area (a navigation tree) and invokes five carefully-crafted strategies stopby-stop to compute three subpaths in three sequential subareas. We construct a path-distance oracle to encrypt the road graph and securely implement the strategies by using homomorphic encryption and garble circuits. We formally prove the security in the random oracle model and analyze the search complexity to be less than O(k²). We experiment over a real-world city map and compare with six baselines. Results show that path search with k = 4 among N = 1000 intersections requires 5.58 seconds with a 3.2% distance deviation rate and an 82.5% path similarity.

In the past decade, tens of homomorphic encryption compilers have been released, and there are good reasons for these compilers to exist. Firstly, homomorphic encryption is a powerful secure computation technique in that it is relatively easy for parties to switch from plaintext computation to secure computations when compared to techniques like secret sharing. However, the technique is mathematically involved and requires expert knowledge to express computations as homomorphic encryption operations. So, these compilers support users who might otherwise not have the time or expertise to optimize the computation manually. Another reason is that homomorphic encryption is still computationally expensive, so compilers allow users to optimize their secure computation tasks. One major shortcoming of these compilers is that they often do not allow users to use high-level primitives, such as equality checks, comparisons, and AND and OR operations between many operands. The compilers that do are either based on TFHE, requiring large bootstrapping keys that must be sent to the evaluator, or they only work in the Boolean domain, excluding many potentially more performant circuits. Moreover, compilers must reduce the multiplicative depth of the circuits they generate to minimize the noise growth inherent to these homomorphic encryption schemes. However, many compilers only consider reducing the depth as an afterthought. We propose the Oraqle compiler, which solves both problems at once by implementing depth-aware arithmetization, a technique for expressing high-level primitives as arithmetic operations that are executable by homomorphic encryption libraries. Instead of generating one possible circuit, the compiler generates multiple circuits that trade off the number of multiplications with the multiplicative depth. If the depth of the resulting circuits is low enough, they may be evaluated using a BFV or BGV library that does not require bootstrapping keys. We demonstrate that our compiler allows for significant performance gains.

Autonomous driving is a research direction that has gained enormous traction in the last few years thanks to advancements in Artificial Intelligence (AI). Depending on the level of independence from the human driver, several studies show that Autonomous Vehicles (AVs) can reduce the number of on-road crashes and decrease overall fuel emissions by improving efficiency. However, security research on this topic is mixed and presents some gaps. On one hand, these studies often neglect the intrinsic vulnerabilities of AI algorithms, which are known to compromise the security of these systems. On the other, the most prevalent attacks towards AI rely on unrealistic assumptions, such as access to the model parameters or the training dataset. As such, it is unclear if autonomous driving can still claim several advantages over human driving in real-world applications. This paper evaluates the inherent risks in autonomous driving by examining the current landscape of AV sand establishing a pragmatic threat model. Through our analysis, we develop specific claims highlighting the delicate balance between the advantages of AVs and potential security challenges in real-world scenarios. Our evaluation serves as a foundation for providing essential takeaway messages, guiding both researchers and practitioners at various stages of the automation pipeline. In doing so, we contribute valuable insights to advance the discourse on the security and viability of autonomous driving in real-world applications.

Modern cars' complexity and increased reliance on electronic components have made them a prime target for attackers. In particular, the in-vehicle communication system is one of the major attack surfaces, with the Controller Area Network (CAN) being the most used protocol. CAN connects electronic components with each other, allowing them to communicate and carry out control functions, as well as managing the vehicle state. However, these components, called Electronic Control Units (ECUs), can also be exploited for malicious purposes. Indeed, since the CAN bus was not designed with security features, attackers can exploit its vulnerabilities to compromise ECUs and corrupt the communication, allowing for remote vehicle control, disabling breaks, and engine shutdowns, causing significant safety threats. In response to the absence of standardized authentication protocols within the automotive domain, researchers propose diverse solutions, each with unique strengths and vulnerabilities. However, the continuous influx of new protocols and potential oversights in meeting security requirements and essential operational features further complicate the implementability of these protocols. This paper comprehensively reviews and compares the 15 most prominent authentication protocols for the CAN bus. Our analysis emphasizes their strengths and weaknesses, evaluating their alignment with critical security requirements for automotive authentication. Additionally, we evaluate protocols based on essential operational criteria that contribute to ease of implementation in predefined infrastructures, enhancing overall reliability and reducing the probability of successful attacks. Our study reveals a prevalent focus on defending against external attackers in existing protocols, exposing vulnerabilities to internal threats. Notably, authentication protocols employing hash chains, Mixed Message Authentication Codes, and asymmetric encryption techniques emerge as the most effective approaches. Through our comparative study, we classify the considered protocols based on their security attributes and suitability for implementation, providing valuable insights for future developments in the field.