CBG in the News

The launching of the Smart Mobility Analysis and Research Test Range (SMART Range) was announced jointly by BGU, CYMOTIVE Technologies​, HARMAN – a wholly-owned subsidiary of Samsung Electronics Co., Ltd – Deutsche Telekom Innovation Laboratories and JVP at the Cyber Security Workshop for Futu​re Smart Mobility held today (Monday) in cooperation with Israel’s National Cyber Bureau at Ben-Gurion University of the Negev. The SMART Range is a unique project that will serve as an international center for smart mobility in the capital city of Israel’s Negev – Beer-Sheva.

The SMART Range will fulfill the vision of an automotive development ‘playground’ in a smart-city environment, hosting academic research, an innovation hub, an institute for testing and certification in the cyber arena, and a standards development body for smart mobility.

The SMART Range will function as a living lab within a smart-city environment encompassing all aspects of future mobility systems, including public transportation, private vehicles, and personal mobility devices. The environment will simulate a complex reality and enable effective testing of advanced technologies, assessment of human-machine-environment interfaces, evaluation of transport solutions in a future networked reality, and operability and robustness testing of software and hardware systems against cyber threats.

The range will feature the unique ability to combine the highest-level practical knowledge possessed by leading commercial firms together with advanced academic research. This cooperation between commercial and academic stakeholders will enable the center to further its main objectives:

? Promotion of innovation in the smart mobility arena
? Advancement of global regulation in the field of cybersecurity for smart mobility systems
? Cybersecurity certification for smart mobility software and hardware systems
? Global leadership in the definition, assessment, and verification of the resilience of smart mobility systems to cyber threats
?​ Consolidation of Israel’s position as a world leader in smart mobility

Prof. Rivka Carmi, President, BGU: “The SMART Range represents a natural stride forward in light of the University’s broad and diverse research activities in the fields of technology, autonomous robotics, information technology, and cybersecurity, while fulfilling the University’s role as a leader in developing innovation and excellence in Beer-Sheva.”

Roni Zehavi, CEO, CyberSpark: “The range will address the ever-growing global need for a testing and evaluation infrastructure of smart mobility solutions’ resiliency to continually-escalating cyber threats, as well as the need for a recognized international body for certification as a pre-condition for the integration of solutions into the smart city environment.”

Netta Cohen, CEO, BGN Technologies (the technology company of BGU): “The range is attracting great interest within the global industry. We are working in full coordination with the relevant government and local industry parties, and are moving quickly to create a powerful and comprehensive research center with strong ties to business, government, and the city of Beer-Sheva. We expect the formal association of the founding partners to be completed by the end of the year, with the range already starting to operate at the beginning of next year.”

Saar Dickman, Vice President, Automotive Cyber Security Business Unit at HARMAN: “This joint venture to establish an international center in the Negev for the research and evaluation of automotive cyber threats expresses Samsung-HARMAN’s commitment to global innovation, while recognizing the advantages and knowledge resources of the human capital in Israel in general, and in the Negev in particular.”

Yuval Diskin, Executive Chairman, CYMOTIVE Technologies: “CYMOTIVE Technologies, a company partially owned by Volkswagen Group, sees the establishment of the SMART Range in Beer-Sheva as a significant opportunity to advance smart mobility technologies and make them better and safer to use. To this end, the range will incorporate the vast existing knowledge within these industries in Israel, together with advanced academic research.”

Yoav Tzruya, JVP Partner: “In a rapidly changing world where the automotive industry is at the forefront of global technology, the need to focus on cyber security solutions, as well as seizing opportunities by leveraging AI and deep learning is the new frontier. Israeli innovation has proven its global leadership in these two categories. The partnership between the leading players in the cyber industry and data sciences as part of the new research and testing center in Beer-Sheva adds significant value for the rapidly developing automotive industry.”

Yigal Unna, Director of New Cyber Technologies Unit, National Cyber Bureau, praised the announcement: “Protecting the smart transportation domain, with all its inherent opportunities, is essential to fulfill its vast potential. Since the Government of Israel declared Beer-Sheva the “National Cyber City” a long time ago, I consider SMART Range yet another promising initiative generated by its highly vibrant and innovative cyber ecosystem. I am confident of its contribution to the growth of the Smart Mobility arena in general and Israeli global cyber leadership in particular.”

The method, according to researchers, will work on professional security cameras as well as home security cameras and even LED doorbells, which can see infrared light (IR), not visible to the human eye.

In the new paper, the technique the researchers have dubbed, “aIR-Jumper,” also enables the creation of bidirectional covert optical communication between air-gapped internal networks that are isolated and disconnected from the internet, without remote access to the organization. The attacker can use this channel to send commands and receive response messages.

The cyber team led by Dr. Mordechai Guri, head of research and development at BGU’s BGU Cyber Security Research Center (CSRC) shows how infrared light can be used to create a covert communication channel between malware installed on an internal computer network and an attacker located outside hundreds of yards or even miles away with direct line of sight.

To transmit sensitive information, the attacker uses the camera’s infrared (IR) light emitting LEDs, which are typically used for night vision. The researchers showed how a malware can control the intensity of the IR light to communicate with a remote attacker that can receive signals with a simple camera without detection. Then the attacker can record and decode these signals to leak sensitive information.

The researchers shot two videos to highlight their technique. The first video shows an attacker hundreds of yards away sending infrared signals to a camera. The second video shows the camera infected with malware respond to covert signals by exfiltration data including passwords and an entire copy of The Adventures of Tom Sawyer in just a few seconds.

According to Dr. Guri, “Security cameras are unique in that they have ‘one leg’ inside the organization, connected to the internal networks for security purposes, and ‘the other leg’ outside the organization, aimed specifically at nearby public space, providing very convenient optical access from various directions and angles.”

Attackers can also use this novel covert channel to communicate with a malware inside the organization.  An attacker can infiltrate data, transmitting hidden signals via the camera’s IR LEDs. Binary data such as command and control (C&C) messages can be hidden in the video stream, recorded by the surveillance cameras, and intercepted and decoded by the malware residing in the network.

“Theoretically, you can send an infrared command to tell a high security system to simply unlock the gate or front door to your house,” Guri says.

The research team also includes Dr. Dima Biekowski, Shamoon College of Engineering  and Prof. Yuval Elovici, director of the BGU Cyber Security Research Center a member of BGU’s Department of Information Systems Engineering and director of the Deutsche Telekom Innovation Labs @ BGU​

​​

​​

Researchers at BGU’s Cyber Security Research Center (CSRC) have demonstrated for the first time that it is possible to covertly siphon sensitive files, passwords or other critical data from any common router.

In the new p​aper, the researchers demonstrated how LEDs functionality can be silently overridden by malware they developed (code named “xLED”), which infects firmware in the device. Once the xLED malware infects the network device, it gains full control of the LEDs that flash to indicate status.

Network devices such as routers and local area network switches typically include activity and status LEDs used to monitor traffic activity, alerts and provide status.

According to Dr. Mordechai Guri, head of research and development at the BGU CSRC, who led this study, “Sensitive data can be encoded and sent via the LED light pulses in various ways. An attacker with access to a remote or local camera, or with a light sensor hidden in the room, can record the LED’s activity and decode the signals.”

“Unlike network traffic that is heavily monitored and controlled by firewalls, this covert channel is currently not monitored. As a result, it enables attackers to leak data while evading firewalls, air-gaps (computers not hooked up to the internet) and other data-leakage prevention methods,” Dr. Guri says.

The xLED malware can program the LEDs to flash at very fast speeds – more than 1,000 flickers per second for each LED. Since a typical router or network switch includes six or more status LEDs, the transmission rate can be multiplied significantly to as much as thousands of bits per second. As a result, a significant amount of highly sensitive information can be encoded and leaked over the fast LED signals, which can be received and recorded by a remote camera or light sensor.

The CSRC has a dedicated research program to uncover and demonstrate vulnerabilities of electronic devices. Over the past two years, they have successfully demonstrated how malware can siphon data from computer speakers, headphone jacks, hard drives, and computer fans, as well as 3D printers, smartphones, LED bulbs, and other IoT devices.

In addition to Dr. Guri, the other BGU researchers include Boris Zadov, who received his M.Sc. degree from the BGU Department of Ele​ctrical and Computer Engineering; Andrey Daidakulov, CSRC security researcher, and Prof. Yuval Elovici, director of the BGU Cyber Security Research Center. Prof. Elovici is also a member of BGU’s Dep​artment of Software and Information Systems Engineering​ and director of Deut​sche Telekom Innovation Laboratories at BGU.

​​

​

A typical office scanner can be infiltrated and a company’s network compromised using different light sources, according to a new paper by researchers from BGU and the Weizmann Institute of Science.

“In this research, we demonstrated how to use a laser or smart bulb to establish a covert channel between an outside attacker and malware installed on a networked computer,” says Ben Nassi, a graduate student in BGU’s Department of Software and Information Systems Engineering as well as a researcher at BGU’s Cyber Security Research Center (CSRC).  “A scanner with the lid left open is sensitive to changes in the surrounding light and might be used as a back door into a company’s network.”

The researchers conducted several demonstrations to transmit a message into computers connected to a flatbed scanner. Using direct laser light sources up to a half-mile (900 meters) away, as well as on a drone outside their office building, the researchers successfully sent a message to trigger malware through the scanner.

In another demonstration, the researchers used a Galaxy 4 Smartphone to hijack a smart lightbulb (using radio signals) in the same room as the scanner. Using a program they wrote, they manipulated the smart bulb to emit pulsating light that delivered the triggering message in only seconds.

To mitigate this vulnerability, the researchers recommend organizations connect a scanner to the network through a proxy server — a computer that acts as an intermediary — which would prevent establishing a covert channel. This might be considered an extreme solution, however, since it also limits printing and faxing remotely on all-in-one devices.

“We believe this study will increase the awareness to this threat and result in secured protocols for scanning that will prevent an attacker from establishing such a covert channel through an external light source, smart bulb, TV, or other IoT (Internet of Things) device,” Nassi says.

Prof. Adi Shamir of the Department of Applied Mathematics at the Weizmann Institute conceived of the project to identify new network vulnerabilities by establishing a clandestine channel in a computer network.

Ben Nassi’s Ph.D. research advisor is Prof. Yuval Elovici​, a member of the BGU Department of Software and Information Systems Engineering and director of the Deutsche Telekom Innovation ​Laboratories at BGU. Elovici is also director of the CSRC.​​

​Researchers at BGU’s Cyber Security Research Center have demonstrated that data can be stolen from an isolated “air-gapped” computer’s hard drive reading the pulses of light on the LED drive using various types of cameras and light sensors.

In the new paper, the researchers demonstrated how data can be received by a Quadcopter drone flight, even outside a window with line-of-sight of the transmitting computer.

​

Air-gapped computers are isolated — separated both logically and physically from public networks — ostensibly so that they cannot be hacked over the Internet or within company networks. These computers typically contain an organization’s most sensitive and confidential information.

Led by Dr. Mordechai Guri (pictured above), Head of R&D at the Cyber Security Research Center, the research team utilized the hard-drive (HDD) activity LED lights that are found on most desktop PCs and laptops. The researchers found that once malware is on a computer, it can indirectly control the HDD LED, turning it on and off rapidly (thousands of flickers per second) — a rate that exceeds the human visual perception capabilities. As a result, highly sensitive information can be encoded and leaked over the fast LED signals, which are received and recorded by remote cameras or light sensors.

“Our method compared to other LED exfiltration is unique, because it is also covert,” Dr. Guri says. “The hard drive LED flickers frequently, and therefore the user won’t be suspicious about changes in its activity.”

Dr. Guri and the Cyber Security Research Center have conducted a number of studies to demonstrate how malware can infiltrate air-gapped computers and transmit data. Previously, they determined that computer speakers and fans, FM waves and heat are all methods that can be used to obtain data.

In addition to Dr. Guri, the other BGU researchers include Boris Zadov, who received his M.Sc. degree from the Department of Electrical and Computer Engineering and Prof. Yuval Elovici, director of the Cyber Security Research Center. Prof. Elovici is also a member of the University’s Department of Software and Information Systems Engineering and Director of Deutsche Telekom Laboratories at BGU.

Nanyang Technological University (NTU Singapore) and Ben-Gurion University of the Negev (BGU) are collaborating to find innovative ways to counter cyber threats.

The aim of the joint research project, called the Bio-Inspired Agile Cyber Security Assurance Framework (BICSAF), is to develop innovative technologies for tackling Advanced Persistent Threats. These are stealthy and continuous computer hacking processes run by individuals who target specific entities, such as private organisations and state agencies. Their long periods of covertness make it difficult to detect such threats with current technology.

NTU Chief of Staff and Vice-President of Research Prof Lam Khin Yong and BGU Vice-President and Dean of Research & Development Prof Dan Blumberg signed the joint research agreement at the CyberTech Conference in Tel Aviv yesterday (pictured above – photo Credit: Gilad Kavalerchik). Israeli Prime Minister Benjamin Netanyahu was the conference’s guest-of-honor earlier in the day.  

The project will have S$3 million in joint funding from NTU, BGU and the National Research Foundation (NRF), Prime Minister’s Office, Singapore. The collaboration is supported by NRF through its National Cybersecurity R&D Programme.  In collaboration with the Cyber Security Research Centre at NTU, the new initiative will be led on the BGU side by Cyber Security Research Center director Prof. Yuval Elovici, and Dr. Rami Puzis of the Department of Software and Information Systems Engineering. In developing new technologies to counter cyber threats, the two partners are inspired by the ability of the human body’s immune system to adapt to and fight ever-evolving bacteria and viruses.  

Prof Lam Khin Yong said, “Through this partnership, NTU and BGU will be able to develop innovative methods for combating one of the most complicated problems in cyber security – Advanced Persistent Threats (APTs). This project will leverage NTU’s strong hardware-based research expertise and BGU’s software-based core competencies to combat this intractable problem.”  

NTU has invested heavily in its cyber security expertise in recent years, including a S$2.5 million partnership last year with BAE Systems to jointly develop next-generation cybersecurity solutions.  

BGU has deep expertise in cyber security research and is at the heart of efforts to turn Beer-Sheva into a national and international cyber hub. Prof Dan Blumberg said, “BGU and NTU recognise the grave necessity of stopping Advanced Persistent Threats (APTs), which are some of the hardest cyber-attacks to detect, and have allocated significant funding over two years to develop early detection methods.  Cyber security is a global threat which has become a research topic of increasing interest at BGU and we are pleased to be collaborating with our partners in Singapore to stem the tide.”

Mr George Loh, Director (Programmes) of NRF and Co-Chair of the National Cybersecurity R&D Programme Committee , said, “Singapore has established a holistic national cybersecurity strategy that will support our Smart Nation vision and enhance Singapore’s standing as a trusted digital hub. It is critical for Singapore to develop strong cybersecurity capabilities to protect our critical infrastructures such as our public transport systems, public safety systems, and energy systems, which are interconnected elements contributing to the quality of life for Singaporeans.  

“The collaboration between NTU and BGU will explore novel ideas to develop cyber-immune technologies to fight external adversaries that launch cyber-attacks on our critical systems, much like how our biological immune system works.”    

The Department of Software and Information Systems Engineering at BGU is the largest in Israel, with significant resources devoted to cyber security research.  BGU also set up the Cyber Security Research Center with the Israel National Cyber Bureau to identify risks while protecting critical national infrastructure.

A research-intensive public university, Nanyang Technological University, Singapore (NTU Singapore) has 33,500 undergraduate and postgraduate students in the colleges of Engineering, Business, Science, Humanities, Arts, & Social Sciences, and its Interdisciplinary Graduate School. It also has a medical school, the Lee Kong Chian School of Medicine, set up jointly with Imperial College London.

NTU is also home to world-class autonomous institutes – the National Institute of Education, S Rajaratnam School of International Studies, Earth Observatory of Singapore, and Singapore Centre for Environmental Life Sciences Engineering – and various leading research centres such as the Nanyang Environment & Water Research Institute (NEWRI), Energy Research Institute @ NTU (ERI@N) and the Institute on Asian Consumer Insight (ACI).  

Ranked 13th in the world, NTU has also been ranked the world’s top young university for the last three years running. The University’s main campus has been named one of the Top 15 Most Beautiful in the World. NTU also has a campus in Novena, Singapore’s medical district.

Singapore’s National Research Foundation (NRF) is a department within the Prime Minister’s Office. The NRF sets the national direction for research, innovation and enterprise (RIE) in Singapore. It seeks to invest in science, technology and engineering, build up the technological capacity of our companies, encourage innovation by industry to exploit new opportunities that drive economic growth, and facilitate public-private partnerships to address national challenges.

Under RIE2020, the NRF is committed to create greater value in Singapore from our investment in research, innovation and enterprise through 1) closer integration of research thrusts, 2) stronger dynamic towards the best teams and ideas, 3) sharper focus on value creation, and 4) better optimised RIE manpower.

BGU researchers are challenging the findings about a new class of materials that could potentially be used for super-fast computing and secure communications.  

One of the focal points of the new Quantum Information Era has been the engineering of a new type of material – topological materials, which have the useful property that some of their physical characteristics are “protected”. This protection, the discovery of which garnered the researcher this year’s Nobel Prize in Physics, means that their characteristics are insensitive to large physical and chemical deformations, making them ideal for efficient, robust and secure methods of computing, information storage and communications. One class of such materials, known as “topological insulators”, has been singled out for possible application: when a superconductor is brought close to such materials, a new type of “elementary particle” emerges in the system, coined “Majorana Fermions”. Due to the topological protection, these particles can maintain quantum coherence for relatively long times, making them particularly useful for fault tolerant quantum computing, the holy grail of the Quantum Revolution. 

All these observations, however, rely on a crucial point – that there is no magnetic field surrounding the topological materials. In a recent article, published in the prestigious journal Physical Review Letters, Prof. Yigal Meir from Ben-Gurion University of the Negev and his postdoc Jianhui Wang, in collaboration with Prof. Yuval Gefen from the Weizmann Institute of Science, have demonstrated that under the standard conditions where these materials are utilized, a magnetic field is spontaneously generated at the edge of topological insulators, destroying the topological protection of these materials and raising doubts about the previously proposed applications of these systems.  

The researchers’ new article, however, suggests how to grow these materials such that the much sought-after topological protection may still be achieved. In particular, if the edges of the system are sharply cleaved, no such spontaneous magnetic field will be generated and topological protection would be restored. 

Prof. Yigal Meir is a member of the Department of Physics at BGU. 

An innovative, new system that uses smartwatch devices and software to verify handwritten signatures and detect even the most skilled forgeries has been developed by BGU and TAU researchers. 

While most online signature verification technologies rely on dedicated digital devices — such as tablets or smart pens — to capture, analyze and verify signatures, this new method utilizes motion sensors found in readily available hand-worn devices.  Recent market research shows that one out of six people already wear a smartwatch and the market is expected to reach 373 million devices by 2020. 

Signature verification technology addresses both random and skilled forgeries. A random forger does not have any information about the other person and uses his or her own signature style. Skilled forgers often practice copying a person’s name as accurately as possible, which makes their forgeries harder to detect. 

The research team developed software that uses motion data gathered from the movements of a person’s wrist to identify the writer during the signing process. This information, compiled from accelerometer and gyroscope sensors, senses changes in rotational motion and orientation, and trains a machine learning algorithm to distinguish between genuine or forged signatures.  

“We based our hypothesis on the assumption that people adopt a specific signing pattern that is unique and very difficult for others to imitate, and that this uniqueness can be captured adequately using the motion sensors of a hand-worn device,” says Ben Nassi, who is a graduate student in the Department of Software and Information Systems Engineering. 

The research team also included: Prof. Yuval Elovici, director of BGU’s Cyber Security Research Center, Dr. Erez Shmueli of TAU’s Department of Industrial Engineering, and Alona Levy, a graduate student in the same department.

In the research study, 66 TAU students used a digital pen to record 15 samples of their genuine signature on a tablet while wearing a smartwatch on their writing hand. Then, each student studied trace recordings of other people’s genuine signatures and was asked to forge five of them.  

“The results for both random and skilled forgery tests were encouraging, and confirmed our system is able to successfully distinguish between genuine and forged signatures with a high degree of accuracy,” says Nassi.  

While several recent studies have examined the use of motion data to identify people within various scenarios, the approach in this research is the first of its kind. “Using a wrist-worn device or fitness tracker provides more comprehensive data than other wearable devices, since it measures the gestures of a user’s arm, hand and all fingers rather than just a single finger or the forearm,” Nassi says. 

“We’ve combined the benefits of both offline and online verification methods,” says Dr. Shmueli. “Like offline methods, our approach doesn’t require a designated ad-hoc device to capture a signature. You can use virtually any hand-worn device to write and collect the signature itself on a paper document, such as a contract, receipt or other non-digitized document. Then, our system operates like an online verification system to comprehensively capture the dynamics of the signing process and confirm authenticity.”  

The researchers have filed for a patent for the initial system, which enables a generic smartwatch to become a signature verifier.  

They plan to expand their research to include larger-scale experimentation and will investigate the benefits of collecting data from both a smartwatch device and a writing digitizer, such as a tablet, to see if combining information from both sources improves accuracy. They will also study the impact of data extracted from additional sensors, such as the ones used in lie detector machines to measure heart-rate variability.

Handwritten Signature Verification Using Hand-Worn Devices.pdf

​A new “virtual breathalyzer” developed by a BGU researcher uses sensors in smartphones, smartwatches, fitness bands and virtual glasses to measure changes in gait that indicate intoxication levels with identical accuracy as police breathalyzer tests.  

According to the U.S. Center for Disease Control, in 2013, one person died every 51 minutes in a motor vehicle accident caused by an alcohol-impaired driver.  

“Alcohol distinctly affects movement, gait and balance in ways that can be detected by the built-in motion sensors on devices people carry around with them all the time,” says Ben Nassi, a Master of Science student  at BGU’s Department of Software and Information Systems Engineering,  who developed the device. “Our system simply takes a baseline reading while walking from the car to the bar and another one on the way back to compare and identify movements that indicate drunkenness.” 

Applications based on Nassi’s trained machine learning model for measuring intoxication could be used to alert people, or even a connected car, and prevent users from driving under the influence. 

In the study, Nassi and his team collected test data from patrons at different bars on five nights. They asked 30 participants (60 percent men, 40 percent women) to measure their gait before drinking and then 15 minutes after their last drink, which is the same standard used for police breathalyzers. Most of the study participants were in their early twenties, which is the group considered by the U.S. National Highway Traffic Safety Administration to have the highest risk of causing fatal accidents due to alcohol consumption.   

Participants wore Google Glass augmented reality glasses, an LG G-watch on their left hand, a Microsoft Band on their right hand, and carried a Samsung Galaxy S4 cell phone in their right rear pocket. Each person walked for 16 seconds until they heard a beep through their headphones. Test results validated with a police breathalyzer detected intoxication levels with 100 percent accuracy. 

“While the experiment used all four devices to measure movements in different parts of the body, a combination of watch and smartphone readings taken from at least two parts of the body yields similar results,” Nassi says.  

Smart wearable devices are a burgeoning market, with 275 million sold in 2016, and another 322 million units forecast in 2017. The researchers are optimistic that within a few years, the application will be useful for people who routinely use a smartwatch along with their smartphone.  

“A system based on our approach could prevent a person from driving under the influence after an alert unobtrusively detects intoxication while they are walking to their car,” says Nassi. “As the Internet of Things (IoT) progresses, the system could even trigger a connected car not to start when a driver tests above the legal limit.”  

Nassi worked with his advisors, Professors Yuval Elovici and Lior Rokach of BGU’s Department of Software and Information Systems Engineering on his Virtual Breathalyzer project, which has been uploaded to Arxiv.