Skip to Content

Research Proposal

Add your abstract and contact information and we will be in touch

Thanks We will be in touch soon

Contact us

Leave a massage and we’ll get back to you

You can also reach us at:

Cyber Security Research Center @ Ben-Gurion University of the Negev
P.O.B. 653
Beer Sheva, 84105,
Israel

+972 8 6428005
+972 8 6428121
cyber-labs bgu.ac.il

Talk about a cache flow problem: This JavaScript can snoop on other browser tabs to work out what you’re visiting

Yes, even the Tor browser can be spied on by this nasty code Special report Computer science boffins have demonstrated a side-channel attack technique that bypasses recently-introduced privacy defenses, and makes even the Tor browser subject to tracking. The result: it is possible for malicious JavaScript in one web browser tab to spy on other open tabs, and work out which websites you’re visiting. This information can be used to target adverts at you based on your interests, or otherwise work out the kind of stuff you’re into and collect it in safe-keeping for future reference. Researchers Anatoly Shusterman, Lachlan Kang, Yarde...

Read More ...

Deutsche Firmen holen sich Hilfe für Cybersicherheit im Land der ständigen Alarmbereitschaft

Bösartige Kühlschränke, entführte Autos, manipulierte Algorithmen – Schutz gegen Attacken aus dem Netz ist für Staaten wie ...

Read More ...

Dojo by BullGuard and BGN Technologies Form Strategic Partnership to Develop Advanced IoT Security Technology

Dojo by BullGuard and Cyber@BGU, the Ben-Gurion Cyber Research Lab, Join Forces to Develop Advanced, Future IoT Security Technolog...

Read More ...

Slowdown Nation: Israel lags on internet speeds, choked by lack of competition

Israel slides to number 70 out of 200 nations surveyed on average download speed, as the duopoly that controls the market drags it...

Read More ...

Hackers Could Cause Havoc By Pwning Internet-Connected Irrigation Systems

Researchers at a university in Israel have found ways to turn smart irrigation systems into a botnet that could theoretically drai...

Read More ...

Sounds Odd? Your 3D Printer Could Be Hacked

New research from Ben-Gurion University of the Negev in Israel, that previously showed how easy it is to hack 3D printed drone...

Read More ...

Evil third-party screens on smartphones are able to see all that you poke

Of course researchers added machine learning to the mix too Smartphone hackers can glean secrets by analysing touchscreen user int...

Read More ...

Royal Bank of Canada invests $2m in BGU cybersecurity R&D

The collaboration aims to develop protection methods to strengthen AI and machine learning techniques, while limiting their vulnerability to threats. The Royal Bank of Canada (RBC) is investing $2 million in research at Ben-Gurion University’s (BGU) Cybersecurity Research Center, RBC and BGU’s technology transfer company BGN Technologies have announced. The funding will support the development of adversarial artificial intelligence (AI), including machine learning-based cyber mitigation techniques.The collaboration aims to develop protection methods to strengthen and evaluate the resilience of current AI and machine learning techn...

Read More ...
Mikael Häggström / Wikimedia

New hacks siphon private cryptocurrency keys from airgapped wallets

Beware of smartphones and cameras around wallets storing your digital coin. Researchers have defeated a key protection against cry...

Read More ...
Illustration by NiroWorld/Shutterstock.com

New algorithm identifies fake users on social networks

Israeli and American researchers develop generic method to detect fake accounts on most types of social networks, including Facebook and Twitter. Fraudulent user profiles – bots – are a serious and growing concern on social media. By some estimates, as many as 48 million Twitter accounts and 270 million Facebook accounts are phony, designed for nefarious purposes from ruining reputations to influencing shoppers and voters. Now, researchers from Israel’s Ben-Gurion University (BGU) of the Negev and from the University of Washington in Seattle say they have developed a generic method to detect fake accounts on most types of social network...

Read More ...

Yes, even the Tor browser can be spied on by this nasty code

Special report Computer science boffins have demonstrated a side-channel attack technique that bypasses recently-introduced privacy defenses, and makes even the Tor browser subject to tracking. The result: it is possible for malicious JavaScript in one web browser tab to spy on other open tabs, and work out which websites you’re visiting.

This information can be used to target adverts at you based on your interests, or otherwise work out the kind of stuff you’re into and collect it in safe-keeping for future reference.

Researchers Anatoly Shusterman, Lachlan Kang, Yarden Haskal, Yosef Meltser, Prateek Mittal, Yossi Oren, Yuval Yarom – from Ben-Gurion University of the Negev in Israel, the University of Adelaide in Australia, and Princeton University in the US – have devised a processor cache-based website fingerprinting attack that uses JavaScript for gathering data to identify visited websites.

The technique is described in a paper recently distributed through ArXiv called “Robust Website Fingerprinting Through the Cache Occupancy Channel.”

“The attack we demonstrated compromises ‘human secrets’: by finding out which websites a user accesses, it can teach the attacker things like a user’s sexual orientation, religious beliefs, political opinions, health conditions, etc.,” said Yossi Oren (Ben-Gurion University) and Yuval Yarom (University of Adelaide) in an email to The Register this week.

It’s thus not as serious as a remote attack technique that allows the execution of arbitrary code or exposes kernel memory, but Oren and Yarom speculate that there may be ways their browser fingerprinting method could be adapted to compromise computing secrets like encryption keys or vulnerable installed software.

In any event, the attack could have serious consequences for those using Tor in the belief that their website visits can be kept secret.

A side-channel attack (or “transient execution attack“) involves observing some portion of a computing system to collect measurements that can be used to infer otherwise privileged information. The Spectre, Meltdown, and Foreshadow vulnerabilities revealed this year all have the potential to be exploited via side-channel attack techniques.

Oren and Yarom explained their approach works at a more fundamental level than Spectre. “It works in places where Spectre cannot work (for example, across process boundaries), and the CPU patches built to protect against Spectre cannot stop it,” they said. “On the other hand, the Spectre attack is capable of recovering information at a much higher resolution than our attack.”

One of the ways these attacks have been mitigated is by limiting access to high-precision timers, by which side-channel data can be collected. When the Spectre and Meltdown vulnerabilities were first disclosed, for example, Mozilla said it would disable or reduce the precision of time sources in its Firefox browser.

But this latest browser fingerprinting technique doesn’t need a high-precision timer because it focuses on processor cache occupancy.

“Cache occupancy measures what percentage of the entire cache has been accessed over a certain time period,” explained Oren and Yarom. “The browser is very memory intensive, since it receives large amounts of data from the network and draws various outputs to the screen. This means it uses a significant portion of the cache as it loads a page.”

What’s more, it doesn’t depend on the layout of the cache, which makes cache layout randomization – a risk mitigation technique – useless for this particular approach. The attack is also unaffected by defenses against network-based fingerprinting, as when a browser fetches data from its response cache rather than the network or when network traffic shaping is employed.

Automatic identification

This fingerprinting attack involves using JavaScript to measure processor cache access latency over time as websites are loaded. These “memorygrams” are then compared via deep-learning techniques to a set of memorygrams collected by the attacker, with an eye toward automatically identifying similarities to establish a website visit. In other words, it is possible to determine which website someone’s looking at by the way their browser accesses the processor’s CPU cache while fetching and rendering on-screen the web pages. Malicious JavaScript in one tab can monitor cache accesses to identify patterns and fingerprint the sites visited by other tabs.

“‘Classical’ machine learning techniques require a human expert to find out which ‘features’ in the data are relevant for the attack,” explained Oren and Yarom. “There is a lot of research on the best features to use when performing other types of attacks. In deep learning, the computer acts as the expert and tries to find these features itself. This allows us to go straight from the data to the results. Perhaps a human researcher will be able to find better features than our deep learning algorithm did, and improve the attack even further.”

The boffins considered two scenarios: a closed world data set, where 100 memorygrams for each of 100 websites, are evaluated; and an open world data set, where 100 sensitive web pages must be distinguished from 5,000 other websites.

Using mainstream browsers on the closed set, the researchers were able to accurately classify 70 to 90 per cent of website visits. Applied to Tor, the attack managed accuracy of only 47 per cent, but when other data was considered, accuracy increased to 72 per cent. Results were similar for the open world data set – 70 to 90 per cent, with Tor identification at 83 per cent if the researchers considered not only the top output, but also checked to see whether it’s one of the top five detected results.

If the goal was simply to determine whether the website visited was sensitive or non-sensitive, accuracy increased to more than 99 per cent in the open world data set.

Oren and Yarom say their work shows that efforts to defend against side-channel attacks by reducing access to precision timing have been for naught.

“In this work we show that the whole approach is futile – we simply do not need high-resolution timers for the attack,” they said. “Similarly, some approaches for protecting from Spectre segregate sites into multiple processes. We show that this is not sufficient. We show that we can spy from one browser tab on another and even from one browser on other browsers running on the computer.”

The takeaway, they contend, is that anything short of running a single browser tab at any one point in time poses a privacy risk: if you open a second tab, JavaScript in it can snoop on the other tab. Disabling JavaScript completely will kill off the attack, but also kill off a lot of websites, which rely on JS functionality to work. And they say virtualization should be seen as a convenience feature rather than a security feature.

“If you want to visit sensitive and non-sensitive websites at the same time, use two different computers,” they said. ®

 

Source: The Register

Bösartige Kühlschränke, entführte Autos, manipulierte Algorithmen – Schutz gegen Attacken aus dem Netz ist für Staaten wie Israel überlebenswichtig.

Be’er Sheva/Tel AvivHinter „Golden Cup“ lauerte die Gefahr: Die Smartphone-App zur Fußball-WM in Russland sollte Live-Berichterstattung liefern. Doch sie nahm auch Telefonate auf, stahl Kontaktdaten und lieferte mittels GPS einen genauen Standort des Nutzers. Die Adressaten: israelische Soldaten. Der mutmaßliche Absender: die Terrorgruppe Hamas. Etwa hundert Soldaten sollen von der Schadsoftware betroffen gewesen sein, hieß es.

Ein Angriff, der einen überschaubaren Schaden anrichtete. Wohl auch, weil Israel digital so hochgerüstet ist wie kaum ein anderes Land. Israel befindet sich in permanenter Alarmbereitschaft. Abgesehen von Jordanien und Ägypten ist das Land von Feinden umgeben. Attacken auf die digitale Infrastruktur oder die Bürger sind hier Alltag.

Im Kampf dagegen setzt man nicht nur auf Eliteeinheiten. Israel ist auch zum Tummelplatz für Start-ups geworden. Und damit zum Vorbild für andere Länder – etwa Deutschland. Das kleine Land am Mittelmeer zeigt, wie Staat und Wirtschaft zusammenwirken können, um Innovation zu fördern.

Ganz anders die Situation in Deutschland: In der vergangenen Woche machten Berichte über die stockende Modernisierung der IT-Systeme der Bundeswehr die Runde. Nur ein Beispiel von vielen. Eine aktuelle Studie der Unternehmensberatung PwC kam vor wenigen Tagen zu dem Ergebnis, dass gerade einmal die Hälfte der europäischen Unternehmen über eine umfassende Cyber-Sicherheitsstrategie verfügt. Sie liegen damit auf dem vorletzten Platz – hinter Asien und Nord- und Südamerika.

Hohes Schutzbedürfnis

Abwehr und Schutz spielen in Israel seit Staatsgründung eine entscheidende Rolle, mittlerweile auch digital. Mit der Militäreinheit 8200 hat sich das Land hier ein Denkmal gesetzt. Um die Cyber-Truppe ranken sich Legenden. So soll etwa der Cyberangriff auf iranische Atomanlagen von ihr erdacht und durchgeführt worden sein.

Die Verschwiegenheit der Streitkräfte macht den „Mythos 8200“ nur noch mächtiger. Viele Rekruten der Armee machen sich nach dem Wehrdienst mit dem erworbenen technologischen Know-how selbstständig. Das Militär als digitale Kaderschmiede.

Der Markt mit dem Schutz gehört zu den dynamischsten im ohnehin schnell wachsenden Start-up-Ökosystem des Landes. Laut der israelischen Start-up-Organisation „Start-up Nation Central“ sammelten die Neugründungen 2017 rund 814 Millionen US-Dollar an Wagniskapital ein. Kein anderes Land mit Ausnahme der USA konnte eine derart hohe Summe einstreichen. Für das laufende Jahr erwarten die Analysten einen Anstieg der Investitionen auf mehr als eine Milliarde US-Dollar.

Den Grundstein hat das 1993 gegründete Unternehmen Checkpoint gelegt, das als Erfinder der Firewall gilt. Gründer Gil Shwed ist so etwas wie der Patriarch der Cyber-Szene des Landes. Jeder spricht voller Ehrfurcht von dem 50-Jährigen, der dazu beitrug, Israel als Standort für Cybersicherheit zu etablieren.

„Als das Internet entstand und für jeden zugänglich wurde, war in Israel schnell klar, dass das völlig neue Risiken bringen würde“, sagt Shwed: „Ich wollte den Zugang für jeden sicher gestalten.“ Mittlerweile werden die Aktien des Unternehmens an der Nasdaq gehandelt, zu den Kunden zählen multinationale Konzerne.

Auch immer mehr deutsche Unternehmen entdecken die digitale Kompetenz des Landes – aus gutem Grund, wie Yochai Corem, Vice President beim Technologieanbieter Cyberbit, weiß: „Viele Unternehmen erkennen keine Bedrohung und verweisen auf ihre Firewall oder gehen davon aus, dass ihnen nichts passieren wird.“ Dabei sei es für Angreifer heute sehr einfach, die Schutzmaßnahmen zu überwinden.

Cyberbit gehört zum israelischen Technologie- und Rüstungskonzern Elbit und bietet eine Trainings- und Simulationsplattform für Cybersicherheitsexperten. Die nutzte etwa der IT-Dienstleister der Sparkassen-Gruppe. Deren Sicherheitsexperten nahmen zusammen mit Kollegen von israelischen Banken an einem gemeinsamen Training in Israel teil.

Deutsche Firmen vor Ort

Konzerne wie Daimler oder Porsche sind mit eigenen Büros in Israel vor Ort, der Autozulieferer Continental übernahm Ende 2017 das IT-Sicherheitsunternehmen Argus, das vernetzte Fahrzeuge vor dem Zugriff von außen schützen soll.

Die Deutsche Telekom habe seit 2004 rund 50 Millionen US-Dollar in den Forschungsstandort in Be’er Sheva investiert, sagt Amit Keren, Managing Director des Unternehmens in Israel: „Es war der erste deutsche Konzern, der die Forschungsmöglichkeiten für die Cyber-Abwehr erkannt hat.“

Be’er Sheva liegt an der Grenze zur Wüste Negev. Es ist eine dieser Retortenstädte, die Staatsgründer Ben Gurion im Sinn hatte, als er das Ziel ausgab, „die Wüste zum Blühen“ zu bringen. Grün ist die Stadt zwar dank künstlicher Bewässerung, wirtschaftliche Blüte suchte man hier allerdings lange vergebens: Be’er Sheva gilt vielen als der Inbegriff der Peripherie, abgehängt vom Wirtschaftswunder an der Küste, sozial schwach und als Standort unattraktiv.

Ende der 60er-Jahre gründete der Staat hier die Ben Gurion Universität, um das zu ändern. Nachhaltig gefördert hat sie den Standort bislang nicht – noch nicht. Nach dem Willen der Regierung soll hier nun ein High-Tech-Park entstehen – ein Campus aus Universität, Unternehmen und den Cyber-Einheiten des Militärs.

„Die Idee ist, den größten Tech-Hub des Landes zu schaffen“, sagt Oleg Brodt, Forschungs- und Entwicklungschef von „Cyber@BGU“, eine Organisation die für die gesamte Cyber-Forschung und Kooperationen der Universität zuständig ist.

Brodt und sein Team forschen hier an den Gefahren der Zukunft – im Auftrag von Unternehmen wie der Deutschen Telekom. Auch Konzerne wie AudiIBM oder EY haben den Standort für sich entdeckt. Fragt man Brodt nach Bedrohungsszenarien der Zukunft, hat er schnell die passenden Beispiele zur Hand.

Ein Szenario ist fast so alt wie die Idee des selbstfahrenden Autos: Hacker übernehmen die Kontrolle über eines der smarten Vehikel und steuern es aus der Ferne. Forscher Brodt fürchtet allerdings ganz andere Angriffe. Die würden sich eher gegen eine ganze Serie von Automobilen richten, die abgeschaltet und die Eigentümer zum Zahlen aufgefordert werden, damit sie den Wagen wieder nutzen können. Solche Attacken seien günstiger und sehr einfach in der Masse zu wiederholen.

Mit genau dieser Möglichkeit beschäftigt sich das 2016 gegründete Start-up Cybellum. Dessen Technologie untersucht Software auf Sicherheitslücken, zu den ersten Kunden zählen vor allem Automobilhersteller und ihre Zulieferer: „Es ist wirklich erstaunlich, wie viel am Automobil mittlerweile vernetzt ist – zum Beispiel kann oft selbst das Reifenventil via Bluetooth an den Bordcomputer Informationen übermitteln“, erklärt Co-Gründer Michael Engstler.

Und das könnte am Ende gewaltige Auswirkungen haben: „Wenn eine Sicherheitslücke von den falschen Leuten entdeckt wird, könnte damit eine ganze Fahrzeugflotte angegriffen werden – das wären Millionen von Automobilen weltweit und ein erheblicher Schaden für die Hersteller.“

Immer mehr Ziele

Im Zeitalter der vernetzten Welt ist nahezu alles ein potenzielles Ziel. Forscher Brodt skizziert einen Fall, den einer seiner Studenten untersuchte. Dabei wurde die Sicherheitslücke eines smarten Kühlschranks identifiziert. Hacker könnten darüber in das Gerät eindringen und beispielsweise drohen, die Temperatur stündlich um einen Grad zu erhöhen, wenn nicht gezahlt werde.

Auf den ersten Blick ein banal wirkender Angriff, aber die Masse macht es. Allein für die privaten Haushalte prognostizierte Gartner für das Jahr 2020 weltweit über zwölf Milliarden vernetzte Geräte in privaten Haushalten. Hinzu kommen dann aber auch noch smarte Thermostate oder Feuermelder, die in den Büros von Unternehmen zum Einsatz kommen.

Oft hätten Konzerne große Probleme ihr Inventar an vernetzten Geräten zu identifizieren, meint Forscher Brodt: „Wie soll man sich dann schützen?“

Die ehemalige Kapitänin der Eliteeinheit 8200, Sivan Rauscher, ist Mitgründerin von Securing Sam. Sie glaubt, eine Lösung für das Problem zu haben: ein digitaler Fingerabdruck. „Mittels künstlicher Intelligenz weist die Cloud den Geräten den entsprechenden Schutz zu und überwacht Anomalien“, erklärt Rauscher.

Doch auch künstliche Intelligenz könne manipuliert werden, warnt Brodt. So fanden er und sein Team heraus, wie autonom fahrende Autos mithilfe von Stickern auf Verkehrsschildern durcheinander gebracht werden konnten. Die Schilder wurden nicht erkannt, oder das System las ein falsches Verkehrszeichen – mit womöglich verheerenden Folgen.

Eine im 3D-Drucker hergestellte Brille wiederum wirkte für das menschliche Auge völlig normal, war aber in der Lage, ein biometrisches Gesichtserkennungssystem komplett durcheinander zu bringen – so sehr, dass am Ende eine Person falsch identifiziert wurde.

Die Beispiel zeigen: Die weltweite Sicherheitslage im Netz ist für Israel und seine Gründer gutes Marketing. Dennoch müssen sie weiter Überzeugungsarbeit leisten, auch in Deutschland. Dax-Konzerne investierten viel, meint Cyberbit-Manager Corem: Aber bei den kleinen und mittelständischen Betrieben sei das oft noch nicht der Fall.

Immerhin: Telekom-Manager Keren stellt fest, dass die Aufmerksamkeit wachse. Aber immer noch dominiere häufig die Frage, wie sich Cybersicherheit am Ende rentiere. Seine Antwort: „Jeder hat ein Schloss an der Haustür und da gibt es keine Gespräche über Amortisierung oder einem Finanzierungsmodell.“

Source: Handelsblatt

Dojo by BullGuard and Cyber@BGU, the Ben-Gurion Cyber Research Lab, Join Forces to Develop Advanced, Future IoT Security Technologies Together to Address the Rising Tide of IoT Cybercrime

SAN FRANCISCO and BEER SHEVA, IsraelAug. 21, 2018 /PRNewswire/ — Dojo by BullGuard, a market leader in IoT security, and BGN Technologies, the technology transfer company of Ben-Gurion University of the Negev (BGU) today announced a partnership to develop advanced technologies for automated IoT threat detection utilizing artificial intelligence (AI) and highly advanced machine learning algorithms. Researchers from Cyber@BGU, the cyber research lab at BGU, one of the world’s leading sources for cybersecurity research and development, and Dojo by BullGuard will join forces to develop practical, implementable research, which will be part of the Dojo Intelligent IoT Security Platform for Communication Service Providers (CSPs).

“We’re proud to announce the launch of the new Cyber@BGU-Dojo by BullGuard research lab. Together, our mutual teams will join forces to expand the frontiers of IoT cybersecurity and move the sector forward through our findings,” said Professor Yuval Elovici, Software and Information Systems Engineering, and Director of Ben-Gurion University Cyber Research Lab.

Ben-Gurion University is considered a world leader in the field of cybersecurity research, while award-winning Dojo by BullGuard offers advanced cloud based IoT cybersecurity platform designed from the ground up for the service provider market. The Dojo Intelligent IoT Security Platform for CSPs (DIP) was designed from its early days as an IoT security solution at CSP scale, providing an end-to-end cyber security and privacy solution for all IoT connected devices. The platform is easily integrated into any CSP’s network. Using DIP, CSPs can leverage their existing network connectivity services and offer enterprise-grade cybersecurity and privacy services to their customers.

The IoT market is exploding, with consumer spending on smart home systems and services predicted to reach $158 billion by 2020 (Source: Strategy Analytics). “An estimated 80 percent of IoT devices have built-in vulnerabilities, creating a tremendously vulnerable IoT landscape,” said Yossi Atias, general manager, IoT Security at BullGuard. “Many IoT devices are not properly designed cybersecurity-wise.  As a result, they introduce multiple cybersecurity risks for both physical and digital assets, posing significant risk to data integrity and privacy. The joint research partnership between Dojo by BullGuard and Cyber@BGU will foster cybersecurity innovation. The technology will be used to advance the Security of Things, with a high level focus on threat detection and privacy issues created by IoT devices.”

About BGN Technologies

BGN Technologies is the technology company of Ben-Gurion UniversityIsrael. BGN Technologies brings technological innovations from the lab to the market and fosters research collaborations and entrepreneurship among researchers and students. To date, BGN Technologies has established over 100 startup companies in the fields of biotech, hi-tech, and cleantech as well as initiated leading technology hubs, incubators, and accelerators. Over the past decade, BGN Technologies has focused on creating long-term partnerships with multinational corporations such as Deutsche Telekom, Dell-EMC, IBM and PayPal, securing value and growth for Ben-Gurion University as well as the Negev region. For more information, visit the BGN Technologies website.

About Ben-Gurion University and Cyber@BGU

Ben-Gurion University of the Negev is the fastest growing, research university in Israel, fulfilling the vision of David Ben-Gurion, Israel’s first prime minister, who envisaged the future of Israel emerging from the Negev. From medicine to the humanities to the natural sciences, BGU conducts groundbreaking research and offers insightful instruction. The University is at the heart of Beer-Sheva’s transformation into Israel’s cyber capital, where leading multi-national corporations leverage BGU’s expertise to generate innovative R&D. A third of Israel’s engineers graduate from BGU, with that number destined to rise as the IDF moves south and sends its brightest to swell the ranks of BGU’s student body. To accommodate that growth, BGU has launched an ambitious campaign to double the size of its main campus. Cyber@BGU is an umbrella organization at Ben-Gurion University of the Negev and is home to various cybersecurity, big data analytics and AI applied research activities. Residing in a newly established R&D center at the new high tech park of Israel’s Cyber Capital, Beer Sheva, Cyber@BGU serves as a platform for the most innovative and technologically challenging projects with various industrial and governmental partners. As it counts up to its fiftieth anniversary, the University’s research becomes ever more relevant as its global reach broadens. http://in.bgu.ac.il/en/Pages/default.aspx.

About BullGuard

BullGuard is a market leader in consumer cybersecurity. We make it simple to protect everything in your digital life – from your data, to your identity and your smart home. The BullGuard product portfolio extends to PCs, Macs, and Android tablet and smartphone protection, and includes internet security, comprehensive mobile security and 24/7 identity protection. BullGuard released the world’s first IoT vulnerability scanner and leads the consumer cybersecurity industry in providing continuous innovation.

Dojo by BullGuard is an award-winning intelligent cyber defense system and service that provides the highest level of protection to consumers across all of their connected devices and smart homes. Dojo is the cornerstone of a smart home, ensuring a connected world where every consumer in every home, is smart, safe and protected.

Privately held, BullGuard is based in BucharestLondon, Silicon Valley and Herzliya, Israel. Follow us on Twitter @BullGuard and @DojoSafe, like us on Facebook at BullGuard and Dojo or learn more at https://www.bullguard.com.

All trademarks contained herein are the property of their respective owners.

 

Source: PRNewswire

Israel slides to number 70 out of 200 nations surveyed on average download speed, as the duopoly that controls the market drags its feet on fiber optics

 

The Startup Nation has slow internet.

In fact, not only is Israel’s internet speed slow, it is also increasing more slowly than other countries’. A lack of competition in the market means there is little incentive for the only two major suppliers to invest in costly infrastructure, resulting in Israelis not having the speed they need in a world that is becoming increasingly digitalized.

According to a report published last month by M-Lab that looked at internet speeds from June 2017 to May 2018, Israel ranks 70th out of 200 nations surveyed, and is losing pace compared with other nations.

The nation has an average download speed of 7.64 megabits per second, well below the global average of 9.10 Mbps, for the period studied. In the same period a year earlier, Israel ranked 60th out of the 189 nations surveyed, with an average download speed of 7.2 Mbps.

Israel’s internet speed is listed among the lowest for European states, just above Bosnia and Herzegovina, ranked 71.

Montenegro (74), Georgia (77), Albania (86), Turkey (91) and Armenia (107) were the only European countries that came in below Israel and Bosnia and Herzegovina.

The data for the report was collected by M-Lab — a partnership between New America’s Open Technology Institute, Google Open Source Research, Princeton University’s Planet Lab and others — and compiled by Cable.

“There is a lack of investment in infrastructure,” said Lavi Shiffman, a member of the board of the Israel Internet Association, a nonprofit organization dedicated to promoting the use of the internet for research and collaboration. “If you don’t march forward you go backward.”

Lavi Shiffman, a member of the Israel Internet Association (Courtesy)

It takes 1 hour, 29 minutes and 21 seconds to download a typical HD movie in Israel compared to 11 minutes and 18 seconds in Singapore, according to the report.

For the June 2017- May 18 period, Singapore topped the ranking, unchanged from the same period a year earlier, with a 60.39 Mbps average download speed. Yemen was at the bottom of the list for both periods, with an average download speed of 0.31 Mbps.

“It is difficult to actually rank internet speeds, “said Shiffman. There are many methods of calculation, he said, each yielding different averages. But even if the numbers could be quibbled about, “it is clear that we are not in a good place, and much lower than what we’d expect from Startup Nation” — with all its high tech, cybersecurity and artificial intelligence prowess. “We are not where we should be.”

The need for speed

As more things become connected to the internet — from smart cars to smart homes and fridges and TVs — faster internet speeds are needed for their use to be efficient. And research has shown that an increase in internet speed, through the penetration of fixed broadband, helps boost economic growth.

According to a 2009 World Bank study, a 10-percentage point increase in fixed broadband penetration would increase GDP growth by 1.21% in developed economies and 1.38% in developing ones. Broadband internet could have a positive effect on the economy, including the creation of new jobs and new small and medium-sized businesses, a June 2017 Knesset research department paper (Hebrew) said.

“Internet today is not a luxury, but a utility. We need it just as we need electricity, gas and water,” said Shiffman.

“Speed means opportunities,” said Oleg Brodt, chief innovation officer of the cybersecurity unit at Ben-Gurion University of the Negev (Cyber@BGU) and the R&D director for Deutsche Telecom Innovation Labs Israel. Users are moving to the cloud to perform their calculations and store their data, and to do that they need high internet speeds.

Oleg Brodt, R&D director, Deutsche Telekom Innovation Labs Israel and chief innovation officer, Cyber@BGU (Courtesy)

“Without the necessary speeds, the whole cloud economy gets hit,” as does the self-driving car revolution, since these cars need high-speed internet for the constant transmission of data to the car operators, he explained. “As a country, we cannot be in a situation in which we cannot be ready for these revolutions.”

In addition, because of slow internet speeds, Israel’s startup industry has not been able to jump onto the internet streaming bandwagon — as Sweden’s Spotify Technology, US media services provider Netflix and video-sharing website YouTube have done.

“We are Startup Nation but we have very few startups of services based on internet speed,” he said.

What’s the holdup?

The low speeds, and the lack of rapid progress, can be attributed to an absence of competition in the market and to the failure of the companies that rule the market to spend the money needed to deploy the infrastructure necessary for an upgrade.

The 2017 Knesset 2017 study mentioned above showed that in 2002-2015, investment in communications infrastructure in Israel declined by 36%, whereas investments in transportation, energy and water infrastructure grew 81%, 57% and 165%, respectively.

Israel’s internet industry is controlled by two companies — telecom giant Bezeq and Hot Telecommunication Systems Ltd., a cable television and telecommunications provider. These two firms control some 95 percent of the internet market, according to the Israel Internet Association. They have also been granted licenses to roll out fiber-optic networks.

Fiber-optic networks use light signals beamed along hollow cables rather than electricity along copper wires, as the current systems use. Fiber optics can offer download speeds of several gigabits per second, compared to current speeds, which are measured in tens of megabits per second.

 

Bezeq workers installing fiber optic cables. (Courtesy)

In 2009, Bezeq launched its Next Generation Network project (NGN), which laid fiber-optic cables as close as it could to homes and offices, but the so-called “last mile” — the portion of the network that reaches into consumers’ premises — still consists of copper cables. These copper cables slow down the network, and the further the fiber-optic cables are from the premises, the slower the speeds.

Today, all of Bezeq’s customers have been connected to the NGN network, which provides speeds of 40 to 100 Mbps, according to company data. In addition, the company has deployed fiber optic cables to the home networks of 60% of its customers, but has not activated the network, nor has it performed the intensive manual work to connect it to homes and offices.

Bezeq has claimed that it is expensive to activate the system and is still debating what technology it should use to bring it online. It also says it is waiting for the regulator to set out the service terms for the network’s operation.

Meanwhile, Hot boasts it can provide customers with the fastest internet in Israel with speeds of 200 Mbps, but, according to a Channel 10 TV report, these are not fiber optic cables, and so the speeds enjoyed by its 700,000 customers are way below what they could actually be.

A spokeswoman for Hot did not respond to phone calls and text messages seeking comment.

No incentive to invest

There are a number of reasons Israel doesn’t have fast internet, explained a former Communications Ministry official.

First, rolling out the networks and activating them is far more expensive and less cost-effective than originally thought, due in part to Israel’s relatively small population. For cities like London and New York, which could have thousands of customers per building, the effort and expense are more worthwhile.

In addition, the official said, the duopoly controlling the fixed line telecommunications market has no competition and no real incentive to spend large sums to deploy the new systems.

Furthermore, the controlling shareholders of the two firms have been mired in debt, said the official, making it less attractive for them to invest in infrastructure when they could be milking their companies for dividends instead.

The controlling shareholder of Bezeq and its former chairman, business tycoon Shaul Elovitch, who is also reportedly a friend of Prime Minister Benjamin Netanyahu, is embroiled in a fraud probe by the securities watchdog and the police for alleged dodgy dealings with the Communications Ministry and favorable treatment by its managing director, appointed by Netanyahu, who also headed the ministry at the time. Other Bezeq officials, including its chief executive officer, have also been involved in the probe and have since resigned, including Elovitch himself, who reportedly owes nearly NIS 1 billion to banks.

All of those involved in the probe, including Netanyahu, have denied any wrongdoing or impropriety.

Meanwhile, the French and Israeli billionaire founder of Hot Telecommunication, Patrick Drahi, who has also made a series of debt-fueled acquisitions around the world, is seeing his global telecom provider Altice NV struggle with debt.

In an emailed statement to The Times of Israel, Bezeq said: “Bezeq is the only entity that can speed up surfing speeds via the optic fibers for each and every home in Israel, from Kiryat Gat to Eilat, as opposed to other telecom firms that connect just the wealthiest towers and homes in Tel Aviv and high-tech areas in the center of the country.”

Bezeq has laid out its initial infrastructure of fiber optic cables throughout the country “with an investment of hundreds of millions of shekels,” the statement said. “We will continue to invest, and will activate it as soon as possible” and as soon as the regulator determines the terms for the service.

“Bezeq will connect both the periphery and the center of the nation to the fiber optic network, as soon as it can,” the statement said.

Efforts by the regulator to inject competition into the market have failed, even as the government poured some NIS 150 million ($41 million) into a fiber-optics venture that aims to bring the fast internet speed revolution to Startup Nation.

An illustrative image of a router with a serial console (GrashAlex; iStock by Getty Images)

On Sunday cabinet ministers approved a measure to revitalize the Israel Broadband Company (IBC), also known by its brand name Unlimited — a faltering fiber-optics company that had initially been hailed as “revolutionary.”

In their decision, the ministers agreed to ease the terms of the license granted to the consortium, which had been set up IN 2013 by the Israel Electric Corporation and Sweden’s Via Europa, to allow it to deploy its network to just 40 percent of households in Israel, located in the major cities, rather than across the entire country, as originally mandated.

This reduction was a key demand from communications company Cellcom, which agreed to purchase a 70% stake in IBC in order to keep the financially struggling enterprise afloat.

The original plan envisioned IBC installing fiber optics along the electric company’s existing electric cables, saving the enormous cost of creating a separate infrastructure, and connecting every user in Israel. However, because layout costs have far exceeded expectations, IBC has only succeeded in connecting around 150,000 households to the upgraded system.

In a text message, IBC said that the government’s Sunday decision “ensures the future of the company” and its task of bringing fiber-optic cables to Israel.

“The process approved by the government will enable high-speed surfing for the country’s citizens…. and will position the country at the forefront of countries benefiting from a fiber-optic layout,” Communications Minister Ayoub Kara said in a statement, following the decision on IBC.

The cabinet decision paved the way for Cellcom on Wednesday to enter as a partner into the venture. Cellcom and Israel Electric said that the cellular communications provider will inject NIS 100 million ($27 million)  into IBC for a 70 percent stake, a move that the new partners hope will breathe new life into the project.

“This is good news for Israel as the partnership will help IBC get out of the rut it has been stuck in,” Israel Internet Association’s Shiffman told The Times of Israel. “It is a pity though that for the deal to happen the government had to forfeit 60% of households,” which will not have access to the IBC network.

The ministry is also planning to compel Bezeq to share its internet infrastructure with Israeli cellular providers Cellcom Israel Ltd. and Partner Communications Co. to increase competition, Globes reported on Wednesday, as part of a wholesale market reform that was passed in 2014 but never enforced.

Other paths to speed

Besides upgrading the current infrastructure, internet speeds could be boosted through the use of other technologies, such as the deployment of fifth-generation wireless networks, which promise to greatly increase the speed, degree of coverage and responsiveness of wireless networks, said Ben-Gurion University’s Brodt.

“But even in this we are lagging behind,” he said. South Korea is already planning to launch 5G service in March, while in the US and in European countries it is expected to take off sometime in 2020.

“In Israel we are only now talking about 5G,” he said.

More competition in the internet market will lead to better services, said Brodt.

“If it doesn’t happen, it will be very unfortunate,” he said. “We will find ourselves more and more falling behind.”

 

Source: THE TIMES OF ISRAEL

Researchers at a university in Israel have found ways to turn smart irrigation systems into a botnet that could theoretically drain some of a city’s water reserves. But don’t panic.

Hackers could mess with a city’s water supplies without attacking its critical infrastructure directly, but instead targeting its weakest link: internet-connected sprinklers, researchers warn in a new academic study.

The researchers studied three different Internet of Things devices that help control irrigation and found flaws that would allow malicious hackers to turn them on remotely in an attempt to drain water. The attacks don’t rely on fancy hacking techniques or hard to find vulnerabilities, but to make a real, negative impact on a city’s water reserves, the hackers would need to take control of a lot of sprinklers. According to the researcher’s math, to empty an average water tower, hackers would need a botnet of 1,355 sprinklers; to empty a flood water reservoir, hackers would need a botnet of 23,866 sprinklers.

The researchers say their attacks are innovative not because of the techniques, but because they don’t rely on targeting a city’s critical infrastructure itself, which is (or should be) hardened against hackers. Instead, it attacks weak Internet of Things devices connected to that infrastructure.

It’s an “indirect attack,” Ben Nassi, a Ph.D student at Ben Gurion University and the main author of the study, told me in an email, “using IoT devices that are much easier to hack and attack.”

Nassi and his colleagues focused on the GreenIQRainmachine, and BlueSpray, which are all internet-connected irrigation controllers. They theorized that hackers could attack them by first taking control of a botnet of computers, and then scanning it to find whether there’s any of those smart irrigation systems connected.

The researchers found that GreenIQ and BlueSpray devices connect to their servers using unencrypted HTTP connections. So an attacker who has compromised a computer in the same network as the GreenIQ device can just intercept the commands and replace them in a classic Man In The Middle attack.

In the case of the RainMachine, the researchers found that they could spoof the weather forecast that the server sends to the RainMachine, tricking it into believing the weather is hot and arid and thus triggering it to irrigate. This attack also relies on the lack of HTTPS encryption between the server and the RainMachine weather API, according to the researchers.

GreenIQ, Rainmachine, and BlueSpray did not respond to a request for comment. The researchers said that GreenIQ added encryption after they reported the issue.

It’s unclear how dangerous these attacks can really be outside of an academic scenario, but they do demonstrate that the proliferation of internet of things devices—many of which are insecure—can have unintended security implications.

Cesar Cerrudo, the chief technology officer at IOActive, and a security researcher who has studied smart cities, said that the attacks laid out by the Ben Gurion researchers are “not a cool hack,” because they rely on tried and tested techniques.

“These are just weak systems that are not externally exposed nor using wireless communications, then you need internal network access, non encrypted communications and other vulnerabilities to hack them,” Cerrudo told me in an email.

Robert Lee, the CEO of infrastructure security startup Dragos, told me that the impact of this attack is likely “hyped” because in the real world “a water company would see an increase flow and cut it off until they determined what was wrong—wouldn’t just let it drain all the water.”

In other words, yes, we need to think about internet of things security, and cool proof-of-concept hacks like this are instrumental in showing these weaknesses. But we aren’t likely to see a hacker draining a town’s water supply doing this anytime soon..

 

Source: Motherboard

New research from Ben-Gurion University of the Negev in Israel, that previously showed how easy it is to hack 3D printed drones, is proposing the use of “audio fingerprints” to help 3D printing avoid cyber-attacks.

The team’s research is valuable to concerns surrounding the security of 3D printing– a discussion that has tremendous value in industrial additive manufacturing sectors such as aerospace, automotive and defense.

A sabotaged quadcopter’s 3D printed propeller breaks during flight from the Ben-Gurion University of the Negev dr0wned study. Image via Yuval Elovici/Ben-Gurion University of the Negev

How does that sound?

To start the Ben-Gurion University study, researchers explain “that in FDM technology, the geometry of a printed object is defined by the movements of four stepper motors,” – three for X/Y/Z axes and one for filament extrusion. When 3D printing, these stepper motors generate a unique sound which is directly related to the specifics of the 3D modeled object, i.e. small features/layers yield short, high pitched noises, longer layers create a more prolonged sound.

Example audio fingerprints of two “benign” (unmodified) 3D printed cubes. Image via Ben-Gurion University of the Negev

As such, a perfect version of an object as it is 3D printing will emit a very specific sound. An imperfect version with, for example, internally embedded gaps or voids will sound different.

The Ben-Gurion University team’s idea is to record the sound of a perfect, 3D printed object, and use this as a “master audio fingerprint.” Each time the same object is 3D printed, the sounds of the stepper motors are recorded, and this is compared real-time to the master file to ensure it matches up.

Great variation between the wave pattern of the audio files therefore signifies a potential flaw in its structure. Once detected, prints are stopped in progress saving time and material waste.

Comparison of a master audio fingerprint (blue) and the audio recorded from a part that has been sabotaged. Image via Ben-Gurion University of the Negev

“Highly efficient in detecting cyber-physical attacks”

By using this method, the team have successfully detected 6 potential sabotage attacks of 3D printed parts, including voids, different layer thickness, scale of the 3D printed object, X, Y or Z orientation changes, and fill pattern modification.

The amount of extruded filament however, and a temperature difference, are not detectable by audio fingerprint – though these prints are likely to fail from the offset anyway.

Process of verification of 3D printer audio fingerprints. Image via Ben-Gurion University of the Negev

Conclusions state that “the proposed detection method is highly efficient in detecting cyber-physical attacks that aim to modify the object’s geometry or the printing process timing.”

The full results of this study, titled “Digital Audio Signature for 3D Printing Integrity“, are published, open access, in IEEE Transactions on Information Forensics and Security journal. The paper is co-authored by Sofia Belikovetsky, Yosef Solewicz, Mark Yampolskiy, Jinghui Toh and Yuval Elovici.

 

Source:  3D Printing Industry

Of course researchers added machine learning to the mix too

Smartphone hackers can glean secrets by analysing touchscreen user interactions, according to new research.

Boffins from Ben-Gurion University in Israel have shown it’s possible to impersonate a user by tracking touch movements on smartphones with compromised third-party touchscreens, whether they’re sending emails, conducting financial transactions or even playing games.

The research provides a new spin on what was already a recognised threat. Broken smartphone touchscreens are often switched with aftermarket third-party components that have been found to have malicious code embedded.

“Our research objective was to use machine learning to determine the amount of high-level context information the attacker can derive by observing and predicting the user’s touchscreen interactions,” said Dr Yossi Oren, a researcher in the BGU Department of Software and Information Systems Engineering. “If an attacker can understand the context of certain events, he can use the information to create a more effective customized attack.”

The researchers recorded 160 touch interaction sessions from users running many different applications. Using a series of questions and games, the researchers employed machine learning to determine stroke velocity, duration and stroke intervals on specially modified LG Nexus Android phones.

The team said the machine learning results demonstrated an accuracy rate of 92 per cent.

“Now that we have validated the ability to obtain high-level context information based on touch events alone, we recognize that touch injection attacks are a more significant potential threat,” Dr Oren added. “Using this analysis defensively, we can also stop attacks by identifying anomalies in a user’s typical phone use and deter unauthorized or malicious phone use.”

David Rogers, a mobile IoT specialist and lecturer in software engineering at the University of Oxford, told El Reg: “I think it is a legitimate avenue for attack if somewhat convoluted. We did some work on secure UI and extraction of screen memory at OMTP [Open Mobile Terminal Platform].”

Dr Oren’s findings were presented at the Second International Symposium on Cybersecurity, Cryptography and Machine Learning (CSCML) on June 21-22 in Beer-Sheva, Israel. The researchers include BGU undergraduate students Moran Azaran, Niv Ben-Shabat, and Tal Shkonik. ®

Source: The Register

The collaboration aims to develop protection methods to strengthen AI and machine learning techniques, while limiting their vulnerability to threats.

The Royal Bank of Canada (RBC) is investing $2 million in research at Ben-Gurion University’s (BGU) Cybersecurity Research Center, RBC and BGU’s technology transfer company BGN Technologies have announced. The funding will support the development of adversarial artificial intelligence (AI), including machine learning-based cyber mitigation techniques.The collaboration aims to develop protection methods to strengthen and evaluate the resilience of current AI and machine learning techniques, while limiting their vulnerability to threats and tampering. The research areas will be developed in collaboration with Prof. Yuval Elovici and Dr. Asaf Shabtai, both from the Department of Software and Information Systems Engineering, at the Ben-Gurion University Cybersecurity Research Center.RBC EVP technology & operations Martin Wildberger said, “In today’s incredibly complex world, we need advanced technology like AI and machine learning to continue developing leading-edge cyber security. This partnership will help support our cyber defense by working with prominent experts in the field, such as the researchers at Ben-Gurion University.”

“We are looking forward to collaborating with RBC, Canada’s largest bank,” said Danny Shtaier, High-Tech Business Development, at BGN Technologies. “This partnership provides our researchers with the opportunity to further apply their leadership in cyber security research to the banking industry, where security is crucial for daily operations and the safety of customers.”

Source: Globes

Mikael Häggström / Wikimedia

Beware of smartphones and cameras around wallets storing your digital coin.

Researchers have defeated a key protection against cryptocurrency theft with a series of attacks that transmit private keys out of digital wallets that are physically separated from the Internet and other networks.

Like most of the other attacks developed by Ben-Gurion University professor Mordechai Guri and his colleagues, the currency wallet exploits start with the already significant assumption that a device has already been thoroughly compromised by malware. Still, the research is significant because it shows that even when devices are airgapped—meaning they aren’t connected to any other devices to prevent the leaking of highly sensitive data—attackers may still successfully exfiltrate the information. Past papers have defeated airgaps using a wide array of techniques, including electromagnetic emissions from USB devicesradio signals from a computer’s video cardinfrared capabilities in surveillance cameras, and sounds produced by hard drives.

On Monday, Guri published a new paper that applies the same exfiltration techniques to “cold wallets,” which are not stored on devices connected to the Internet. The most effective techniques take only seconds to siphon a 256-bit Bitcoin key from a wallet running on an infected computer, even though the computer isn’t connected to any network. Guri said the possibility of stealing keys that protect millions or billions of dollars is likely to take the covert exfiltration techniques out of the nation-state hacking realm they currently inhabit and possibly bring them into the mainstream.

“I think that the interesting issue is that the airgap attacks that were thought to be exotic issues for high-end attacks may become more widespread,” he wrote in an email. “While airgap covert channels might be considered somewhat slow for other types of information, they are very relevant for such brief amounts of information. I want to show the security of ‘cold wallet’ is not hermetic given the existing airgap covert channels.”

One technique can siphon private keys stored in a cold wallet running on a Raspberry Pi, which many security professionals say is one of the best ways to store private cryptocurrency keys. Even if the device became infected, the thinking goes, there’s no way for attackers to obtain the private keys because it remains physically isolated from the Internet or other devices. In such cases, users authorize a digital payment in the cold wallet and then use a USB stick or other external media to transfer a file to an online wallet. As the following video demonstrates, it takes only a few seconds for a nearby smartphone under the attacker’s control to covertly receive the secret key.

The technique works by using the Raspberry Pi’s general-purpose input/output pins to generate radio signals that transmit the key information. The headphones on the receiving smartphone act as an antenna to improve the radio-frequency signal quality, but in many cases they’re not necessary.

second video defeats a cold wallet running on a computer. It transmits the key by using inaudible, ultrasonic signals. Such inaudible sounds are already being used to covertly track smartphone users as they move about cities. It wouldn’t be a stretch to see similar capabilities built into malware that’s designed to steal digital coins.

As already mentioned, the exfiltration techniques described in this post assume the device running the cold wallet is already infected by malware. Still, the widely repeated advice to use cold wallets is designed to protect people against this very scenario.

“We show that, despite the high degree of isolation of cold wallets, motivated attackers can steal the private keys out of the air-gapped wallets,” Guri wrote in the new paper. “With the private keys in hand, an attacker virtually owns all of the currency in the wallet.”

To protect keys, people should continue to store them in cold wallets whenever possible, but they should consider additional safeguards, including keeping cold wallets away from smartphones, cameras, and other receivers. They should also shield cold-wallet devices with metallic materials that prevent electromagnetic radiation from leaking. Of course, people should also prevent devices from becoming infected in the first place.

 

Source: Ars Technica

Illustration by NiroWorld/Shutterstock.com

Israeli and American researchers develop generic method to detect fake accounts on most types of social networks, including Facebook and Twitter.

Fraudulent user profiles – bots – are a serious and growing concern on social media. By some estimates, as many as 48 million Twitter accounts and 270 million Facebook accounts are phony, designed for nefarious purposes from ruining reputations to influencing shoppers and voters.

Now, researchers from Israel’s Ben-Gurion University (BGU) of the Negev and from the University of Washington in Seattle say they have developed a generic method to detect fake accounts on most types of social networks, including Facebook and Twitter.

According to their study published in the journal Social Network Analysis and Mining, the new method is based on the assumption that fake accounts tend to establish improbable links to other users in the networks.

“With recent disturbing news about failures to safeguard user privacy, and targeted use of social media by Russia to influence elections, rooting out fake users has never been of greater importance,” said Dima Kagan, lead researcher and a PhD student in BGU’s department of software and information systems engineering.

The algorithm consists of two main iterations based on machine-learning algorithms. The first constructs a link prediction classifier that can estimate, with high accuracy, the probability of a link existing between two users. The second iteration generates a new set of meta-features based on the features created by the link prediction classifier.

These meta-features are used to construct a generic classifier that can detect fake profiles in a variety of online social networks.

“We tested our algorithm on simulated and real-world data sets on 10 different social networks and it performed well on both,” Kagan reported.

“Overall, the results demonstrated that in a real-life friendship scenario we can detect people who have the strongest friendship ties as well as malicious users, even on Twitter. Our method outperforms other anomaly detection methods and we believe that it has considerable potential for a wide range of applications particularly in the cybersecurity arena,” the study authors said.

The algorithm can also be used to reveal the influential people in social networks.

The Israeli researchers involved in this project previously developed the Social Privacy Protector (SPP) to help users evaluate their friends list in seconds to identify which have few or no mutual links and might therefore be phony profiles.

Other researchers who contributed to the present study are former BGU doctoral student) Michael Fire of the University of Washington and Prof. Yuval Elovici, director of the Telekom Innovation Labs@BGU, director of  Cyber@BGU and a faculty member of BGU’s department of software and information systems engineering.

The study was supported by the Washington Research Foundation Fund for Innovation in Data-Intensive Discovery and the Moore/Sloan Data Science Environment Project at the University of Washington.

 

Source: ISRAEL21c

About Us

Cyber@BGU is an umbrella organization at Ben Gurion University, being home to various cyber security, big data analytics and AI applied research activities.Residing in newly established R&D center at the new Hi-Tech park of Beer Sheva (Israel’s Cyber Capital), Cyber@BGU serves as a platform for the most innovative and technologically challenging projects with various industrial and governmental partners.

Latest Publications

Incentivized Delivery Network of IoT Software Updates Based on Trustless Proof-of-Distribution

Oded Leiba, Yechiav Yitzchak, Ron Bitton, Asaf Nadler, Asaf Shabtai

IEEE SECURITY & PRIVACY ON THE BLOCKCHAIN (IEEE S&B) AN IEEE EUROPEAN SYMPOSIUM ON SECURITY & PRIVACY AFFILIATED WORKSHOP 23 April 2018, University College London (UCL), London, UK

Incentivized Delivery Network of IoT Software Updates Based on Trustless Proof-of-Distribution

Oded Leiba, Yechiav Yitzchak, Ron Bitton, Asaf Nadler, Asaf Shabtai

IEEE SECURITY & PRIVACY ON THE BLOCKCHAIN (IEEE S&B) AN IEEE EUROPEAN SYMPOSIUM ON SECURITY & PRIVACY AFFILIATED WORKSHOP 23 April 2018, University College London (UCL), London, UK

The Internet of Things (IoT) network of connected devices currently contains more than 11 billion devices and is estimated to double in size within the next four years. The prevalence of these devices makes them an ideal target for attackers. To reduce the risk of attacks vendors routinely deliver security updates (patches) for their devices. The delivery of security updates becomes challenging due to the issue of scalability as the number of devices may grow much quicker than vendors’ distribution systems. Previous studies have suggested a permissionless and decentralized blockchainbased network in which nodes can host and deliver security updates, thus the addition of new nodes scales out the network. However, these studies do not provide an incentive for nodes to join the network, making it unlikely for nodes to freely contribute their hosting space, bandwidth, and computation resources.
In this paper, we propose a novel decentralized IoT software update delivery network in which participating nodes (referred to as distributors) are compensated by vendors with digital currency for delivering updates to devices. Upon the release of a new security update, a vendor will make a commitment to provide digital currency to distributors that deliver the update; the commitment will be made with the use of smart contracts, and hence will be public, binding, and irreversible. The smart contract promises compensation to any distributor that provides proof-of-distribution, which is unforgeable proof that a single update was delivered to a single device. A distributor acquires the proof-of-distribution by exchanging a security update for a device signature using the Zero-Knowledge Contingent Payment (ZKCP) trustless data exchange protocol. Eliminating the need for trust between the security update distributor and the security consumer (IoT device) by providing fair compensation, can significantly increase the number of distributors, thus facilitating rapid scale out.

Link

EEG-triggered dynamic difficulty adjustment for multiplayer games

Adi Stein, Yair Yotam, Rami Puzis, Guy Shani, Meirav Taieb-Maimon

Entertainment Computing Volume 25, March 2018, Pages 14-25

EEG-triggered dynamic difficulty adjustment for multiplayer games

Adi Stein, Yair Yotam, Rami Puzis, Guy Shani, Meirav Taieb-Maimon

Entertainment Computing Volume 25, March 2018, Pages 14-25

In online games, gamers may become frustrated when playing against stronger players or get bored when playing against weaker players, thus losing interest in the game. Dynamic Difficulty Adjustment (DDA) has been suggested as an intelligent handicapping mechanism, by reducing the difficulty for the weaker player, or increasing the difficulty for the stronger player. A key question when using DDA, is when to activate the difficulty adjustment.

In this paper we suggest using the Emotiv EPOC EEG headset to monitor the personal excitement level of a player and use this information to trigger DDA when the player’s excitement decreases in order to ensure that the player is engaged and enjoying the game. We experiment with an open-source third-person shooter game, in a multiplayer adversarial setting. We conduct experiments, showing that the detected excitement patterns correlate to game events. Experiments designed to evaluate the DDA triggering mechanism confirm that DDA triggered based on EEG increases the players excitement and improves the gaming experience compared to the heuristic triggered DDA and the experience of playing a game without DDA.

Link

Taxonomy of mobile users’ security awareness‏

R Bitton, A Finkelshtein, L Sidi, R Puzis, L Rokach, A Shabtai

Computers & Security Volume 73, March 2018, Pages 266-293

Taxonomy of mobile users’ security awareness‏

R Bitton, A Finkelshtein, L Sidi, R Puzis, L Rokach, A Shabtai

Computers & Security Volume 73, March 2018, Pages 266-293

The popularity of smartphones, coupled with the amount of valuable and private information they hold, make them attractive to attackers interested in exploiting the devices to harvest sensitive information. Exploiting human vulnerabilities (i.e., social engineering) is an approach widely used to achieve this goal. Improving the security awareness of users is an effective method for mitigating social engineering attacks. However, while in the domain of personal computers (PCs) the security awareness of users is relatively high, previous studies have shown that for the mobile platform, the security awareness level is significantly lower. The skills required from a mobile user to interact safely with his/her smartphone are different from those that are required for safe and responsible PC use. Therefore, the awareness of mobile users to security risks is an important aspect of information security. An essential and challenging requirement of assessing security awareness is the definition of measureable criteria for a security aware user. In this paper, we present a hierarchical taxonomy for security awareness, specifically designed for mobile device users. The taxonomy defines a set of measurable criteria that are categorized according to different technological focus areas (e.g., applications and browsing) and within the context of psychological dimensions (e.g., knowledge, attitude, and behavior). We demonstrate the applicability of the proposed taxonomy by introducing an expert-based procedure for deriving mobile security awareness models for different attack classes (each class is an aggregation of social engineering attacks that exploit a similar set of human vulnerabilities). Each model reflects the contribution (weight) of each criterion to the mitigation of the corresponding attack class. Application of the proposed procedure, based on the input of 17 security experts, to derive mobile security awareness models of four different attack classes, confirms that the skills required from a smartphone user to mitigate an attack are different for different attack classes.

Link

Foundations of Homomorphic Secret Sharing

E. Boyle, N. Gilboa, Y. Ishai, R. Lin and S. Tessaro

9th Innovations in Theoretical Computer Science Conference (ITCS 2018)

Foundations of Homomorphic Secret Sharing

E. Boyle, N. Gilboa, Y. Ishai, R. Lin and S. Tessaro

9th Innovations in Theoretical Computer Science Conference (ITCS 2018)

Homomorphic secret sharing (HSS) is the secret sharing analogue of homomorphic encryption. An HSS scheme supports a local evaluation of functions on shares of one or more secret inputs, such that the resulting shares of the output are short. Some applications require the stronger notion of additive HSS, where the shares of the output add up to the output over some finite Abelian group. While some strong positive results for HSS are known under specific cryptographic assumptions, many natural questions remain open. We initiate a systematic study of HSS, making the following contributions. – A definitional framework. We present a general framework for defining HSS schemes that unifies and extends several previous notions from the literature, and cast known results within this framework. – Limitations. We establish limitations on information-theoretic multi-input HSS with short output shares via a relation with communication complexity. We also show that additive HSS for non-trivial functions, even the AND of two input bits, implies non-interactive key exchange, and is therefore unlikely to be implied by public-key encryption or even oblivious transfer. – Applications. We present two types of applications of HSS. First, we construct 2-round protocols for secure multiparty computation from a simple constant-size instance of HSS. As a corollary, we obtain 2-round protocols with attractive asymptotic efficiency features under the Decision Diffie Hellman (DDH) assumption. Second, we use HSS to obtain nearly optimal worst-case to average-case reductions in P. This in turn has applications to fine-grained average-case hardness and verifiable computation.

Link
Back to top