Publications

A deepfake is content generated by artificial intelligence which seems authentic in the eyes of a human being. The word deepfake is a combination of the words ‘deep learning’ and ‘fake’ and primarily relates to content generated by an artificial neural network, a branch of machine learning.

The most common form of deepfakes involves the generation and manipulation of human imagery. This technology has creative and productive applications. For example, realistic video dubbing of foreign films, education through the reanimation of historical figures, and virtually trying on clothes while shopping. There are also numerous online communities devoted to creating deepfake memes for entertainment, such as music videos portraying the face of actor Nicolas Cage.

However, despite the positive applications of deepfakes, the technology is infamous for its unethical and malicious capabilities. At the end of 2017, a Reddit user by the name of ‘deepfakes’ used deep learning to swap faces of celebrities into pornographic videos and posted them online.

The Internet of things (IoT) has become an integral part of our life
at both work and home. However, these IoT devices are prone to vulnerability exploits due to their low cost, low resources, the diversity
of vendors, and proprietary firmware. Moreover, short range communication protocols (e.g., Bluetooth or ZigBee) open additional
opportunities for the lateral movement of an attacker within an organization. Thus, the type and location of IoT devices may significantly
change the level of network security of the organizational network.
In this paper, we quantify the level of network security based on
an augmented attack graph analysis that accounts for the physical
location of IoT devices and their communication capabilities. We
use the depth-first branch and bound (DFBnB) heuristic search algorithm to solve two optimization problems: Full Deployment with
Minimal Risk (FDMR) and Maximal Utility without Risk Deterioration (MURD). An admissible heuristic is proposed to accelerate the
search. The proposed method is evaluated using a real network with
simulated deployment of IoT devices. The results demonstrate (1)
the contribution of the augmented attack graphs to quantifying the
impact of IoT devices deployed within the organization on security,
and (2) the effectiveness of the optimized IoT deployment.

In 2018, clinics and hospitals were hit with numerous attacks
leading to significant data breaches and interruptions in
medical services. An attacker with access to medical records
can do much more than hold the data for ransom or sell it on
the black market.
In this paper, we show how an attacker can use deeplearning to add or remove evidence of medical conditions
from volumetric (3D) medical scans. An attacker may perform
this act in order to stop a political candidate, sabotage research,
commit insurance fraud, perform an act of terrorism, or
even commit murder. We implement the attack using a 3D
conditional GAN and show how the framework (CT-GAN)
can be automated. Although the body is complex and 3D
medical scans are very large, CT-GAN achieves realistic
results which can be executed in milliseconds.
To evaluate the attack, we focused on injecting and
removing lung cancer from CT scans. We show how three
expert radiologists and a state-of-the-art deep learning AI are
highly susceptible to the attack. We also explore the attack
surface of a modern radiology network and demonstrate one
attack vector: we intercepted and manipulated CT scans in an
active hospital network with a covert penetration test.

In recent years we have witnessed a shift towards personalized, context-based applications and services for mobile device users. A key component of many of these services is the ability to infer the current location and predict the future location of users based on location sensors embedded in the devices. Such knowledge enables service providers to present relevant and timely offers to their users and better manage traffic congestion control, thus increasing customer satisfaction and engagement. However, such services suffer from location data leakage which has become one of today’s most concerning privacy issues for smartphone users.

BGU researchers focused specifically on location data that is exposed by Android applications via Internet network traffic in plaintext (i.e., without encryption) without the user’s awareness. An empirical evaluation, involving the network traffic of real mobile device users, aimed at: (1) measuring the extent of location data leakage in the Internet traffic of Android-based smartphone devices; and (2) understanding the value of this data by inferring users’ points of interests (POIs).

The key findings of this research center on the extent of this phenomenon in terms of both ubiquity and severity.

The Internet of Things (IoT) network of connected devices currently contains more than 11 billion devices and is estimated to double in size within the next four years. The prevalence of these devices makes them an ideal target for attackers. To reduce the risk of attacks vendors routinely deliver security updates (patches) for their devices. The delivery of security updates becomes challenging due to the issue of scalability as the number of devices may grow much quicker than vendors’ distribution systems. Previous studies have suggested a permissionless and decentralized blockchainbased network in which nodes can host and deliver security updates, thus the addition of new nodes scales out the network. However, these studies do not provide an incentive for nodes to join the network, making it unlikely for nodes to freely contribute their hosting space, bandwidth, and computation resources.
In this paper, we propose a novel decentralized IoT software update delivery network in which participating nodes (referred to as distributors) are compensated by vendors with digital currency for delivering updates to devices. Upon the release of a new security update, a vendor will make a commitment to provide digital currency to distributors that deliver the update; the commitment will be made with the use of smart contracts, and hence will be public, binding, and irreversible. The smart contract promises compensation to any distributor that provides proof-of-distribution, which is unforgeable proof that a single update was delivered to a single device. A distributor acquires the proof-of-distribution by exchanging a security update for a device signature using the Zero-Knowledge Contingent Payment (ZKCP) trustless data exchange protocol. Eliminating the need for trust between the security update distributor and the security consumer (IoT device) by providing fair compensation, can significantly increase the number of distributors, thus facilitating rapid scale out.

Homomorphic secret sharing (HSS) is the secret sharing analogue of homomorphic encryption. An HSS scheme supports a local evaluation of functions on shares of one or more secret inputs, such that the resulting shares of the output are short. Some applications require the stronger notion of additive HSS, where the shares of the output add up to the output over some finite Abelian group. While some strong positive results for HSS are known under specific cryptographic assumptions, many natural questions remain open. We initiate a systematic study of HSS, making the following contributions. – A definitional framework. We present a general framework for defining HSS schemes that unifies and extends several previous notions from the literature, and cast known results within this framework. – Limitations. We establish limitations on information-theoretic multi-input HSS with short output shares via a relation with communication complexity. We also show that additive HSS for non-trivial functions, even the AND of two input bits, implies non-interactive key exchange, and is therefore unlikely to be implied by public-key encryption or even oblivious transfer. – Applications. We present two types of applications of HSS. First, we construct 2-round protocols for secure multiparty computation from a simple constant-size instance of HSS. As a corollary, we obtain 2-round protocols with attractive asymptotic efficiency features under the Decision Diffie Hellman (DDH) assumption. Second, we use HSS to obtain nearly optimal worst-case to average-case reductions in P. This in turn has applications to fine-grained average-case hardness and verifiable computation.

Consider the problem of a Multiple-Input Multiple-Output (MIMO) Multiple-Access Channel (MAC) at the limit of large number of users. Clearly, in practical scenarios, only a small subset of the users can be scheduled to utilize the channel simultaneously. Thus, a problem of user selection arises. However, since solutions which collect Channel State Information (CSI) from all users and decide on the best subset to transmit in each slot do not scale when the number of users is large, distributed algorithms for user selection are advantageous. In this paper, we analyse a distributed user selection algorithm, which selects a group of users to transmit without coordinating between users and without all users sending CSI to the base station. This threshold-based algorithm is analysed for both Zero-Forcing (ZF) and Minimum Mean Square Error (MMSE) receivers, and its expected sum-rate in the limit of large number of users is investigated. It is shown that for large number of users it achieves the same scaling laws as the optimal centralized scheme.

The use of machine learning algorithms for cyber security purposes gives rise to questions of adversarial resilience, namely: Can we quantify the effort required of an adversary to manipulate a system that is based on machine learning techniques? Can the adversarial resilience of such systems be formally modeled and evaluated? Can we quantify this resilience such that different systems can be compared using empiric metrics?

Past works have demonstrated how an adversary can manipulate a system based on machine learning techniques by changing some of its inputs. However, comparatively little work has emphasized the creation of a formal method for measuring and comparing the adversarial resilience of different machine learning models to these changes.

In this work we study the adversarial resilience of detection systems based on supervised machine learning models. We provide a formal definition for adversarial resilience while focusing on multisensory fusion systems. We define the model robustness (MRB) score, a metric for evaluating the relative resilience of different models, and suggest two novel feature selection algorithms for constructing adversary aware classifiers. The first algorithm selects only features that cannot realistically be modified by the adversary, while the second algorithm allows control over the resilience versus accuracy tradeoff. Finally, we evaluate our approach with a real-life use case of dynamic malware classification using an extensive, up-to-date corpus of benign and malware executables. We demonstrate the potential of using adversary aware feature selection for building more resilient classifiers and provide empirical evidence supporting the inherent resilience of ensemble algorithms compared to single model algorithms.

Neural networks have become an increasingly popular solution for network intrusion detection systems (NIDS). Their capability of learning complex patterns and behaviors make them a suitable solution for differentiating between normal traffic and network attacks. However, a drawback of neural networks is the amount of resources needed to train them. Many network gateways and routers devices, which could potentially host an NIDS, simply do not have the memory or processing power to train and sometimes even execute such models. More importantly, the existing neural network solutions are trained in a supervised manner. Meaning that an expert must label the network traffic and update the model manually from time to time.

In this paper, we present Kitsune: a plug and play NIDS which can learn to detect attacks on the local network, without supervision, and in an efficient online manner. Kitsune’s core algorithm (KitNET) uses an ensemble of neural networks called autoencoders to collectively differentiate between normal and abnormal traffic patterns. KitNET is supported by a feature extraction framework which efficiently tracks the patterns of every network channel. Our evaluations show that  Kitsune can detect various attacks with a performance comparable to offline anomaly detectors, even on a Raspberry PI. This demonstrates that Kitsune can be a practical and economic NIDS.

Software diagnosis algorithms aim to identify the faulty
software components that caused a failure. A key challenges
of existing software diagnosis algorithms is how to prioritize
the outputted diagnoses. To do so, previous work proposed
a method for estimating the likelihood that each diagnosis
is correct. Computing these diagnosis likelihoods is nontrivial.
We propose to do this by learning a behavior model
of the software components and use it to identify abnormally
behaving components. In this work we show the potential
of such an approach by performing an empirical evaluation
on a synthetic behavior model of the components. The results
show that even an imperfect behavior model is useful
in improving diagnosis accuracy and minimizing wasted
troubleshooting efforts.

A recent work of Boyle et al. (Crypto 2016) suggests that
“group-based” cryptographic protocols, namely ones that only rely on a cryptographically hard (Abelian) group, can be surprisingly powerful. In particular, they present succinct two-party protocols for securely computing
branching programs and NC1 circuits under the DDH assumption,
providing the first alternative to fully homomorphic encryption.
In this work we further explore the power of group-based secure computation
protocols, improving both their asymptotic and concrete effi-
ciency. We obtain the following results.
– Black-box use of group. We modify the succinct protocols of Boyle
et al. so that they only make a black-box use of the underlying group,
eliminating an expensive non-black-box setup phase.
– Round complexity. For any constant number of parties, we obtain
2-round MPC protocols based on a PKI setup under the DDH assumption.
Prior to our work, such protocols were only known using fully
homomorphic encryption or indistinguishability obfuscation.
– Communication complexity. Under DDH, we present a secure 2-
party protocol for any NC1 or log-space computation with n input bits
and m output bits using n + (1 + o(1))m + poly(λ) bits of communication,
where λ is a security parameter. In particular, our protocol
can generate n instances of bit-oblivious-transfer using (4 + o(1)) · n
bits of communication. This gives the first constant-rate OT protocol
under DDH.
– Computation complexity. We present several techniques for
improving the computational cost of the share conversion procedure of
Boyle et al., improving the concrete efficiency of group-based protocols
by several orders of magnitude.

We study the notion of ad hoc secure computation, recently introduced by Beimel et al. (ITCS 2016), in the context of the Private Simultaneous Messages (PSM) model of Feige et al. (STOC 2004). In ad hoc secure computation we have n parties that may potentially participate in a protocol but, at the actual time of execution, only k of them, whose identity is not known in advance, actually participate. This situation is particularly challenging in the PSM setting, where protocols are non-interactive (a single message from each participating party to a special output party) and where the parties rely on pre-distributed, correlated randomness (that in the ad-hoc setting will have to take into account all possible sets of participants).

We present several different constructions of ad hoc PSM protocols from standard PSM protocols. These constructions imply, in particular, that efficient information-theoretic ad hoc PSM protocols exist for NC 11 and different classes of log-space computation, and efficient computationally-secure ad hoc PSM protocols for polynomial-time computable functions can be based on a one-way function. As an application, we obtain an information-theoretic implementation of order-revealing encryption whose security holds for two messages.

We also consider the case where the actual number of participating parties t may be larger than the minimal k for which the protocol is designed to work. In this case, it is unavoidable that the output party learns the output corresponding to each subset of k out of the t participants. Therefore, a “best possible security” notion, requiring that this will be the only information that the output party learns, is needed. We present connections between this notion and the previously studied notion of t-robust PSM (also known as “non-interactive MPC”). We show that constructions in this setting for even simple functions (like AND or threshold) can be translated into non-trivial instances of program obfuscation (such as point function obfuscation and fuzzy point function obfuscation, respectively). We view these results as a negative indication that protocols with “best possible security” are impossible to realize efficiently in the information-theoretic setting or require strong assumptions in the computational setting.

Traditional antivirus software relies on signatures to uniquely identify malicious files. Malware writers, on the other hand, have responded by developing obfuscation techniques with the goal of evading content-based detection. A consequence of this arms race is that numerous new malware instances are generated every day, thus limiting the effectiveness of static detection approaches. For effective and timely malware detection, signature-based mechanisms must be augmented with detection approaches that are harder to evade.

We introduce a novel detector that uses the information gathered by IBM’s QRadar SIEM (Security Information and Event Management) system and leverages anti-virus reports for automatically generating a labelled training set for identifying malware. Using this training set, our detector is able to automatically detect complex and dynamic patterns of suspicious machine behavior and issue high-quality security alerts. We believe that our approach can be used for providing a detection scheme that complements signature-based detection and is harder to circumvent.

Security systems for databases produce numerous alerts about
anomalous activities and policy rule violations. Prioritizing these
alerts will help security personnel focus their efforts on the most
urgent alerts. Currently, this is done manually by security experts
that rank the alerts or define static risk scoring rules. Existing
solutions are expensive, consume valuable expert time, and do not
dynamically adapt to changes in policy.
Adopting a learning approach for ranking alerts is complex due to
the efforts required by security experts to initially train such a
model. The more features used, the more accurate the model is
likely to be, but this will require the collection of a greater amount
of user feedback and prolong the calibration process. In this paper,
we propose CyberRank, a novel algorithm for automatic preference
elicitation that is effective for situations with limited experts’ time
and outperforms other algorithms for initial training of the system.
We generate synthetic examples and annotate them using a model
produced by Analytic Hierarchical Processing (AHP) to bootstrap
a preference learning algorithm. We evaluate different approaches
with a new dataset of expert ranked pairs of database transactions,
in terms of their risk to the organization. We evaluated using
manual risk assessments of transaction pairs, CyberRank outperforms all other methods for cold start scenario with error reduction of 20%.

Smartphones centralize a great deal of users’ private information and are thus a primary target for cyber-attack. The main goal of the attacker is to try to access and exfiltrate the private information stored in the smartphone without detection. In situations where explicit information is lacking, these attackers can still be detected in an automated way by analyzing data streams (continuously sampled information such as an application’s CPU consumption, accelerometer readings, etc.). When clustered, anomaly detection techniques may be applied to the data stream in order to detect attacks in progress. In this paper we utilize an algorithm called pcStream that is well suited for detecting clusters in real world data streams and propose extensions to the pcStream algorithm designed to detect point, contextual, and collective anomalies. We provide a comprehensive evaluation that addresses mobile security issues on a unique dataset collected from 30 volunteers over eight months. Our evaluations show that the pcStream extensions can be used to effectively detect data leakage (point anomalies) and malicious activities (contextual anomalies) associated with malicious applications. Moreover, the algorithm can be used to detect when a device is being used by an unauthorized user (collective anomaly) within approximately 30 s with 1 false positive every two days.

Security-conscious users are very careful with software
they allow their phone to run. They are much less
careful with the choices they make regarding accessories such
as headphones or chargers and only few, if any, care about
cyber security threats coming from the phone’s protective
case. We show how a malicious smartphone protective case
can be used to detect and monitor the victim’s interaction
with the phone’s touchscreen, opening the door to keyloggerlike
attacks, threatening the user’s security and privacy. This
feat is achieved by implementing a hidden capacitive sensing
mechanism inside the case. Our attack is both sensitive enough
to track the user’s finger location across the screen, and
simple and cheap enough to be mass-produced and deployed en
masse. We discuss the theoretical principles behind this attack,
present a preliminary proof-of-concept, and discuss potential
countermeasures and mitigations.

Reconnaissance is the initial and essential phase
of a successful advanced persistent threat (APT). In many
cases, attackers collect information from social media, such as
professional social networks. This information is used to select
members that can be exploited to penetrate the organization.
Detecting such reconnaissance activity is extremely hard because
it is performed outside the organization premises. In this paper,
we propose a framework for management of social network
honeypots to aid in detection of APTs at the reconnaissance
phase. We discuss the challenges that such a framework faces,
describe its main components, and present a case study based
on the results of a field trial conducted with the cooperation of
a large European organization. In the case study, we analyze the
deployment process of the social network honeypots and their
maintenance in real social networks. The honeypot profiles were
successfully assimilated into the organizational social network
and received suspicious friend requests and mail messages that
revealed basic indications of a potential forthcoming attack.
In addition, we explore the behavior of employees in professional
social networks, and their resilience and vulnerability toward
social network infiltration.

Software vulnerabilities can be leveraged by attackers to gain control of a host. Attackers can then use the controlled hosts as stepping stones for compromising other hosts until they create a path to the critical assets. Consequently, network administrators must examine the protected network as a whole rather than each vulnerable host independently. To this end, various methods were suggested in order to analyze the multitude of attack paths in a given organizational network, for example, to identify the optimal attack paths. The down side of many of those methods is that they do not scale well to medium-large networks with hundreds or thousands of hosts. We suggest using graph reduction techniques in order to simplify the task of searching and eliminating optimal attacker paths. Results on an attack graph extracted from a network of a real organization with more than 300 hosts and 2400 vulnerabilities show that using the proposed graph reductions can improve the search time by a factor of 4 while maintaining the quality of the results.

In exploratory domains, agents’ behaviors include switching between activities, extraneous actions, and mistakes.
Such settings are prevalent in real world applications such as interaction with open-ended software,
collaborative office assistants, and integrated development environments. Despite the prevalence of such
settings in the real world, there is scarce work in formalizing the connection between high-level goals and
low-level behavior and inferring the former from the latter in these settings. We present a formal grammar
for describing users’ activities in such domains. We describe a new top-down plan recognition algorithm
called CRADLE (Cumulative Recognition of Activities and Decreasing Load of Explanations) that uses this
grammar to recognize agents’ interactions in exploratory domains. We compare the performance of CRADLE
with state-of-the-art plan recognition algorithms in several experimental settings consisting of real and
simulated data. Our results show that CRADLE was able to output plans exponentially more quickly than
the state-of-the-art without compromising its correctness, as determined by domain experts. Our approach
can form the basis of future systems that use plan recognition to provide real-time support to users in a
growing class of interesting and challenging domains

The k-goal problem is a generalization of the Shortest
Path Problem (SPP) in which the task is to solve k SPP problems,
such that all the problems share the same start vertex.
kGP was introduced to the heuristic search community for
building an Incremental Roadmap Spanner technique (Dobson
and Bekris 2014), which is a useful construct in motion
plannin for robotics. But kGP has many other applications,
e.g., when path planning for multiple drones flying from a
central dispatcher location to k target locations.

This paper presents preliminary results of our work
with a major financial company, where we try to use
methods of plan recognition in order to investigate the
interactions of a costumer with the company’s online
interface. In this paper, we present the first steps of
integrating a plan recognition algorithm in a real-world
application for detecting and analyzing the interactions
of a costumer. It uses a novel approach for plan recognition
from bare-bone UI data, which reasons about
the plan library at the lowest recognition level in order
to define the relevancy of actions in our domain, and
then uses it to perform plan recognition.
We present preliminary results of inference on three different
use-cases modeled by domain experts from the
company, and show that this approach manages to decrease
the overload of information required from an analyst
to evaluate a costumer’s session — whether this
is a malicious or benign session, whether the intended
tasks were completed, and if not — what actions are
expected next.

The Domain Name System (DNS) is an essential component of the Internet infrastructure that translates domain names into IP addresses. Recent incidents verify the enormous damage of malicious activities utilizing DNS such as bots that use DNS to locate their command & control servers. We believe that a domain that is related to malicious domains is more likely to be malicious as well and therefore detecting malicious domains using the DNS network topology is a key challenge.
In this work we improve the flow model presented by Mishsky etal. [12] for computing the reputation of domains. This flow model is applied on a graph of domains and IPs and propagates their reputation scores through the edges that connect them to express the impact of
malicious domains on related domains. We propose the use of clustering to guide the flow of reputation in the graph and examine two different clustering methods to identify groups of domains and IPs that are
strongly related. The flow algorithms use these groups to emphasize the influence of nodes within the same cluster on each other. We evaluate the algorithms using a large database received from a commercial company.
The experimental evaluation of our work have shown the expected improvement over previous work [12] in detecting malicious domains

12. Mishsky, I., Gal-Oz, N., Gudes, E.: A topology based flow model for computing
domain reputation. In: Samarati, P. (ed.) DBSec 2015. LNCS, vol. 9149, pp. 277–
292. Springer, Cham (2015). doi:10.1007/978-3-319-20810-7 20

The support for Role-Based Access Control (RBAC) using cryptography for NOSQL distributed databases is investigated. Cassandra is a NoSQL DBMS that efficiently supports very large databases, but provides rather simple security measures (an agent having physical access to a Cassandra cluster is usually assumed to have access to all data therein). Support for RBAC had been added almost as an afterthought, with the Node Coordinator having to mediate all requests to read and write data, in order to ensure that only the requests allowed by the Access Control Policy (ACP) are allowed through. In this paper, we propose a model and protocols for cryptographic enforcement of an ACP in a cassandra like system, which would ease the load on the Node Coordinator, thereby taking the bottleneck out of the existing security implementation. We allow any client to read the data from any storage node(s) – provided that only the clients whom the ACP grants access to a datum, would hold the encryption keys that enable these clients to decrypt the data.

We like to discuss the usability of new architecture of partitioned third party, offered in [1] for conducting a new protocols for data mining algorithms over shared data base between multiple data holders. Current solution for data mining over partitioned data base are: Data anonimization [4], homomorphic encryption [5], trusted third party [2] or secure multiparty computation algorithms [3]. Current solutions suffer from different problems such as expensive algorithms in terms of computation overhead and required communication rounds, revealing private information to third party. The new architecture offered by Sherman et al. allow the data holders to use simple masking techniques that are not expensive in computation nor assume trust in the third party, yet allow to perform simple and complex data mining algorithms between multiple data owners while private data is not revealed. That come with the assumption of no collude between the two parts of the PTTP.

1: Q sends the query to DBi, 1 ≤ i ≤ M, and the query type (either intersection or
union) to R.
2: Q sends R which private column participate in the query (e.g. the age column).
3: R generates a random permutation σ on the set of integers {1,…, 2|Ω|} and sends
it to DBi, 1 ≤ i ≤ M.
4: for all 1 ≤ i ≤ M do
5: DBi sets a Boolean vector Vi={vi,1,. . . ,vi,|Ω|} where
vi,j =
1 ifDBi hold private value j
0 otherwise

Abstract—Thanks to their high availability, scalability, and
usability, cloud databases have become one of the dominant
cloud services. However, since cloud users do not physically
possess their data, data integrity may be at risk. In this
paper, we present a novel protocol that utilizes crowdsourcing
paradigm to provide practical data integrity assurance in keyvalue
cloud databases. The main advantage of our protocol
over previous work is its high applicability – as opposed to
existing approaches, our scheme does not require any system
changes on the cloud side and thus can be applied directly
to any existing system. We demonstrate the feasibility of our
scheme by a prototype implementation and its evaluation.

In this preliminary study we present the
first practical attack on a modern smartphone which
is mounted through a malicious aftermarket replacement
part (specifically, a replacement touchscreen).
Our attack exploits the lax security checks on the
packets traveling between the touchscreen’s embedded
controller and the phone’s main CPU, and is
able to achieve kernel-level code execution privileges
on modern Android phones protected by SELinux.
This attack is memory independent and survives data
wipes and factory resets. We evaluate two phones
from major vendors and present a proof-of-concept
attack in actual hardware on one phone and an emulation
level attack on the other. Through a semiautomated
source code review of 26 recent Android
phones from 8 different vendors, we believe that our
attack vector can be applied to many other phones,
and that it is very difficult to protect against. Similar
attacks should also be possible on other smart devices
such as printers, cameras and cars, which similarly
contain user-replaceable sub-units.

Considering the exponential increase of Internet of Things
(IoT) devices there is also unforeseen vulnerabilities associated
with these IoT devices. One of the major problems
in the IoT is the security testing and analysis due to the
heterogeneous nature of deployments. Currently, there is no
mechanism that performs security testing for IoT devices in
different contexts. In addition, there is a missing framework
to be able to adapt and tune accordingly with various security
testing perspectives. In this paper, we propose an
innovative security testbed targeted at IoT devices and also
briefly introduce Adaptable and Tunable Framework (ATF)
for testing IoT devices.

The exponential increase of Internet of Things (IoT) devices have
resulted in a range of new and unanticipated vulnerabilities
associated with their use. IoT devices from smart homes to smart enterprises can easily be compromised. One of the major problems associated with the IoT is maintaining security; the
vulnerable nature of IoT devices poses a challenge to many
aspects of security, including security testing and analysis. It is
trivial to perform the security analysis for IoT devices to
understand the loop holes and very nature of the devices itself.
Given these issues, there has been less emphasis on security
testing and analysis of the IoT. In this paper, we show our
preliminary efforts in the area of security analysis for IoT devices
and introduce a security IoT testbed for performing security
analysis. We also discuss the necessary design, requirements and the architecture to support our security analysis conducted via the proposed testbed.

Analyzing the security of Wearable Internet-of-Things (WIoT) devices is considered a complex task due to
their heterogeneous nature. In addition, there is currently no mechanism that performs security testing
for WIoT devices in different contexts. In this article, we propose an innovative security testbed framework
targeted at wearable devices, where a set of security tests are conducted, and a dynamic analysis is performed
by realistically simulating environmental conditions in which WIoT devices operate. The architectural design
of the proposed testbed and a proof-of-concept, demonstrating a preliminary analysis and the detection of
context-based attacks executed by smartwatch devices, are presented.

During the past years logical attack graphs were
used to find the most critical vulnerabilities and
devise efficient hardening strategies for organizational
networks. Most techniques for ranking vulnerabilities
either do not scale well, e.g. brute-force
attack plan enumeration, or are not well suited for
the analysis of logical attack graphs, e.g. centrality
measures.
In this paper we suggest an analysis of the planning
graph (from classical planning) derived from
the logical attack graph to improve the accuracy
of centrality-based vulnerability ranking metrics.
The planning graph also allows efficient enumeration
of the set of possible attack plans that use a
given vulnerability on a specific machine. We suggest
a set of centrality based heuristics for reducing
the number of attack plans and compare with
previously suggested vulnerability ranking metrics.
Results show that metrics computed over the planning
graph are superior to metrics computed over
the logical attack graph or the network connectivity
graph.

Penetration Testing (pentesting), where network administrators
automatically attack their own network to identify
and fix vulnerabilities, has recently received attention
from the AI community. Smart algorithms that can
identify robust and efficient attack plans may imitate
human hackers better than simple protocols. Classical
planning methods for pentesting model poorly the real
world, where the attacker has only partial information
concerning the network. On the other hand POMDPbased
approaches provide a strong model, but fail to
scale up to reasonable model sizes. In this paper we offer
a middle ground, allowing for partial observability
and non-deterministic action effects, by modeling pentesting
as a partially observable contingent problem. We
experiment with a real network of a large organization,
showing our solver to scale to realistic problem sizes.
We also experiment with sub-sampled networks, comparing
the expected reward of a contingent plan graph
to that of a POMDP policy.

The use of robots in our daily lives is increasing. As we rely more on robots, thus it becomes more important for us that the robots will continue on with their mission successfully. Unfortunately, these sophisticated, and sometimes very expensive, machines are susceptible to different kinds of faults. It becomes important to apply a Fault Detection (FD) mechanism which is suitable for the domain of robots. Two important requirements of such a mechanism are: high accuracy and low computational-load during operation (online). Supervised learning can potentially produce very accurate FD models, and if the learning takes place offline then the online computational-load can be reduced. Yet, the domain of robots is characterized with the absence of labeled data (e.g., “faulty”, “normal”) required by supervised approaches, and consequently, unsupervised approaches are being used. In this paper we propose a hybrid approach – an unsupervised approach can label a data set, with a low degree of inaccuracy, and then the labeled data set is used offline by a supervised approach to produce an online FD model. Now, we are faced with a choice – should we use the unsupervised or the hybrid fault detector? Seemingly, there is no way to validate the choice due to the absence of (a priori) labeled data. In this paper we give an insight to why, and a tool to predict when, the hybrid approach is more accurate. In particular, the main impacts of our work are (1) we theoretically analyze the conditions under which the hybrid approach is expected to be more accurate. (2) Our theoretical findings are backed with empirical analysis. We use data sets of three different robotic domains: a high fidelity flight simulator, a laboratory robot, and a commercial Unmanned Arial Vehicle (UAV). (3) We analyze how different unsupervised FD approaches are improved by the hybrid technique and (4) how well this improvement fits our prediction tool. The significance of the hybrid approach and the prediction tool is the potential benefit to expert and intelligent systems in which labeled data is absent or expensive to create.

In the past, it has been shown that malware can exfiltrate data from air-gapped (isolated) networks by transmitting ultrasonic signals via the computer’s speakers. However, such a communication relies on the availability of speakers on a computer. In this paper, we present ‘DiskFiltration’, a method to leak data from speakerless computers via covert acoustic signals emitted from its hard disk drive (HDD) (Video: https://www.youtube.com/watch?v=H7lQXmSLiP8 or http://cyber.bgu.ac.il/advanced-cyber/airgap). Although it is known that HDDs generate acoustical noise, it has never been studied in the context of a malicious covert-channel. Notably, the magnetic HDDs dominate the storage wars, and most PCs, servers, and laptops todays are installed with HDD drive(s). A malware installed on a compromised machine can generate acoustic emissions at specific audio frequencies by controlling the movements of the HDD’s actuator arm. Binary Information can be modulated over the acoustic signals and then be picked up by a nearby receiver (e.g., microphone, smartphone, laptop, etc.). We examine the HDD anatomy and analyze its acoustical characteristics. We also present signal generation and detection, and data modulation and demodulation algorithms. Based on our proposed method, we developed a transmitter and a receiver for PCs and smartphones, and provide the design and implementation details. We examine the channel capacity and evaluate it on various types of internal and external HDDs in different computer chassis and at various distances. With DiskFiltration we were able to covertly transmit data (e.g., passwords, encryption keys, and keylogging data) between air-gapped computers to a nearby receiver at an effective bit rate of 180 bits/min (10,800 bits/h).

Desktops and laptops can be maliciously exploited to violate privacy. There are two main types of attack scenarios: active and passive. In this paper, we consider the passive scenario where the adversary does not interact actively with the device, but he is able to eavesdrop on the network traffic of the device from the network side. Most of the Internet traffic is encrypted and thus passive attacks are challenging. Previous research has shown that information can be extracted from encrypted multimedia streams. This includes video title classification of non HTTP adaptive streams (non-HAS). This paper presents an algorithm for encrypted HTTP adaptive video streaming title classification. We show that an external attacker can identify the video title from video HTTP adaptive streams (HAS) sites such as YouTube. To the best of our knowledge, this is the first work that shows this. We provide a large data set of 10000 YouTube video streams of 100 popular video titles (each title downloaded 100 times) as examples for this task. The dataset was collected under real-world network conditions. We present several machine algorithms for the task and run a through set of experiments, which shows that our classification accuracy is more than 95%. We also show that our algorithms are able to classify video titles that are not in the training set as unknown and some of the algorithms are also able to eliminate false prediction of video titles and instead report unknown. Finally, we evaluate our algorithms robustness to delays and packet losses at test time and show that a solution that uses SVM is the most robust against these changes given enough training data. We provide the dataset and the crawler for future research.

We are living in a unique period of history, and the current technology revolution will
be among the most dramatic societal transformations remembered by humanity. The
important changes associated with the invention of the engine, electricity, and the
printing press gradually transformed society in the western world over a period of over
a hundred years. The changes accompanying the current revolution have significantly
altered the lives of average citizens across the globe in less than a generation. This is
unprecedented.
In the past, revolutions spanned decades, enabling the establishment of processes
and systems. For example, a language that supports the new revolution evolves, and
leaders emerge, with the fresh perspective required by the revolutionary changes. New
disciplines are created and new occupations are developed to support the changes. The
present revolution is taking place at such a high speed that such enabling processes
and systems have not yet been established, let alone developed or matured, and they
will continue to be created well into the future.
Over the past three decades, an important new vector of the technology revolution
has emerged: the cyber domain. In particular, the technological aspects of cyber—
such as computer technologies, access to information and systems, greater connectivity
among subsystems, and the combined effect of all these aspects on a growing list of diverse
spheres—expose the world to unprecedented risks. Academia and the intellectual infrastructure associated with the cyber domain are struggling to keep up with the domain’s
rapid pace.
Cryptography is a mature discipline, with strong connections to mathematics and
computer science, which have helped the discipline evolve and develop over the years.
Traditionally, it has been the cyber area most rooted in the academic world. However,
many other technological subjects should also be part of the cyber academic discussion.
Each month, as the cyber effect expands, new aspects of this arena become part of the
cyber theoretical discipline. For example, the autonomous car came on the scene in
recent years [Coppola and Morisio 2016], and it did not take long before a cyber threat
associated with the autonomous car was identified. The immaturity of the discipline
is reflected by the fact that cyber is currently being discussed on many stages and
studied by researchers from diverse disciplines and perspectives. The issue of whether
cyber is a pure discipline or a topic that relates to several disciplines will continue
to be discussed in the coming years. The following special issue includes a collection
of selected papers that cover the diverse cyber domain and how it interfaces with
intelligent systems. The topics were presented at the Tel Aviv Academic Conference
over two successive years. The scope of this special issue is relatively broad, yet there
are many cyber issues that have not been addressed in this edition.

In this paper, we propose an approach for estimating the authenticity of online discussions based on the similarity of online social media (OSM) accounts participating in the online discussion to known abusers and legitimate accounts. Our method uses similarity functions for the analysis and classification of OSM accounts. The proposed methods are demonstrated using Twitter data collected for this study and a previously published Arabic Honeypot dataset. The data collected during this study includes manually labeled accounts and a ground truth collection of abusers from crowdturfing platforms. Demonstration of the discussion topic’s authenticity, derived from account similarity functions, shows that the suggested approach is effective for discriminating between topics that were strongly promoted by abusers and topics that attracted authentic public interest.

Measurement of Online Discussion Authenticity within Online Social Media | Request PDF. Available from: https://www.researchgate.net/publication/321064925_Measurement_of_Online_Discussion_Authenticity_within_Online_Social_Media [accessed Mar 05 2018].

We present a novel approach for the construction of ensemble classifiers based on dimensionality reduction. The ensemble members are trained based on dimension-reduced versions of the training set. In order to classify a test sample, it is first embedded into the dimension reduced space of each individual classifier by using an out-of-sample extension algorithm. Each classifier is then applied to the embedded sample and the classification is obtained via a voting scheme. We demonstrate the proposed approach using the Random Projections, the Diffusion Maps and the Random Subspaces dimensionality reduction algorithms. We also present a multi-strategy ensemble which combines AdaBoost and Diffusion Maps. A comparison is made with the Bagging, AdaBoost, Rotation Forest ensemble classifiers and also with the base classifier. Our experiments used seventeen benchmark datasets from the UCI repository. The results obtained by the proposed algorithms were superior in many cases to other algorithms.

We study the trade-off between secret message (SM) and secret key (SK) rates, simultaneously achievable over a state-dependent (SD) wiretap channel (WTC) with non-causal channel state information (CSI) at the encoder. This model subsumes other instances of CSI availability as special cases, and calls for efficient utilization of the state sequence for both reliability and security purposes. An inner bound on the semantic-security (SS) SM-SK capacity region is derived based on a superposition coding scheme inspired by a past work of the authors. The region is shown to attain capacity for a certain class of SD-WTCs. SS is established by virtue of two versions of the strong soft-covering lemma. The derived region yields an improvement upon the previously best known SM-SK trade-off result reported by Prabhakaran et al., and, to the best of our knowledge, upon all other existing lower bounds for either SM or SK for this setup, even if the semantic security requirement is relaxed to weak secrecy. It is demonstrated that our region can be strictly larger than those reported in the preceding works.

To be considered for the 2017 IEEE Jack Keil
Wolf ISIT Student Paper Award. We study the state-dependent
(SD) wiretap channel (WTC) with non-causal channel state
information (CSI) at the encoder. This model subsumes all other
instances of CSI availability as special cases, and calls for an
efficient utilization of the state sequence both for reliability and
security purposes. A lower bound on the secrecy-capacity, that
improves upon the previously best known result by Chen and
Han Vinck, is derived based on a novel superposition coding
scheme. The improvement over the Chen and Han Vinck result
is strict for some SD-WTCs. Specializing the lower bound to the
case where CSI is also available to the decoder reveals that it
is at least as good as the achievable formula by Chia and ElGamal,
which is already known to outperform the adaptation
of the Chen and Han Vinck code to the encoder and decoder
CSI scenario. The results are derived under the strict semanticsecurity
metric that requires negligible information leakage for
all message distributions. The proof of achievability relies on
a stronger version of the soft-covering lemma for superposition
codes.

The problem of detecting a few anomalous processes among a large number of M processes is considered. At each
time, aggregated observations can be taken from a chosen subset of processes, where the chosen subset conforms to a
given binary tree structure. The random observations are i.i.d. over time with a general distribution that may depend
on the size of the chosen subset and the number of anomalous processes in the subset. The objective is a sequential
search strategy that minimizes the sample complexity (i.e., the expected number of observations which represents
detection delay) subject to a reliability constraint. A sequential test that results in a biased random walk on the tree
is developed and is shown to be asymptotically optimal in terms of detection accuracy. Furthermore, it achieves the
optimal logarithmic-order sample complexity in M provided that the Kullback-Liebler divergence between aggregated
observations in the presence and the absence of anomalous processes are bounded away from zero at all levels of the
tree structure as M approaches infinity. Sufficient conditions on the decaying rate of the aggregated observations to
pure noise under which a sublinear scaling in M is preserved are also identified for the Bernoulli case.

We study the trade-off between secret message (SM) and secret key (SK) rates, simultaneously achievable over
a state-dependent (SD) wiretap channel (WTC) with non-causal channel state information (CSI) at the encoder. This
model subsumes other instances of CSI availability as special cases, and calls for efficient utilization of the state
sequence for both reliability and security purposes. An inner bound on the semantic-security (SS) SM-SK capacity
region is derived based on a superposition coding scheme inspired by a past work of the authors. The region is
shown to attain capacity for a certain class of SD-WTCs. SS is established by virtue of two versions of the strong
soft-covering lemma. The derived region yields an improvement upon the previously best known SM-SK trade-off
result reported by Prabhakaran et al., and, to the best of our knowledge, upon all other existing lower bounds for
either SM or SK for this setup, even if the semantic security requirement is relaxed to weak secrecy. It is demonstrated
that our region can be strictly larger than those reported in the preceding works.

In this work we apply machine learning algorithms on network
traffic data for accurate identification of IoT devices
connected to a network. To train and evaluate the classi-
fier, we collected and labeled network traffic data from nine
distinct IoT devices, and PCs and smartphones. Using supervised
learning, we trained a multi-stage meta classifier; in
the first stage, the classifier can distinguish between traffic
generated by IoT and non-IoT devices. In the second stage,
each IoT device is associated a specific IoT device class. The
overall IoT classification accuracy of our model is 99.281%.

A broadcast channel (BC) where the decoders cooperate via a one-sided link is considered. One common and two private messages are transmitted and the private message to the cooperative user should be kept secret from the cooperationaided user. The secrecy level is measured in terms of strong secrecy, i.e., a vanishing information leakage. An inner bound on the capacity region is derived by using a channel-resolvabilitybased code that double-bins the codebook of the secret message, and by using a likelihood encoder to choose the transmitted codeword. The inner bound is shown to be tight for semideterministic
and physically degraded BCs, and the results are compared with those of the corresponding BCs without a secrecy constraint. Blackwell and Gaussian BC examples illustrate the impact of secrecy on the rate regions. Unlike the case without secrecy, where sharing information about both private messages via the cooperative link is optimal, our protocol conveys parts of the common and non-confidential messages only. This restriction reduces the transmission rates more than the usual rate loss due to secrecy requirements. An example that illustrates this loss is provided.

—The arbitrarily varying wiretap channel (AVWTC) is an open problem largely because of two main challenges. Not only does it capture the difficulty of the compound wiretap channel (another open problem) as a special case, it also requires that secrecy is ensured with respect to exponentially many possible channel state sequences. This work overcomes the second aforementioned difficulty. To that end, we consider an AVWTC with a type constraint on the allowed state sequences, and derive a single-letter characterization of its correlated-random (CR) assisted semantic-security (SS) capacity. The allowed state sequences are the ones in a typical set around a single constraining type. SS is established by showing that the mutual information between the message and the eavesdropper’s observations is negligible even when maximized over all message distributions, choices of state sequences and realizations of the CR-code. Both the achievability and the converse proofs of the type constrained coding theorem rely on stronger claims than actually required. The direct part establishes a novel single-letter lower bound on the CR-assisted SS-capacity of an AVWTC with state sequences constrained by any convex and closed set of state probability mass functions. This bound achieves the best known single-letter secrecy rates for a corresponding compound wiretap channel over the same constraint set. In contrast to other singleletter results in the AVWTC literature, the derivation does not assume the existence of a best channel to the eavesdropper. Optimality is a consequence of an max-inf upper bound on the CR-assisted SS-capacity of an AVWTC with state sequences constrained to any collection of type-classes. When adjusted to the aforementioned compound WTC, the upper bound simplifies to a max-min structure, thus strengthening the previously best known single-letter upper bound by Liang et al. that has a minmax form.

In recent years, various out-of-band covert channels have been proposed that demonstrate the feasibility of
leaking data out of computers without the need for network connectivity. The methods proposed have been based on different
type of electromagnetic, acoustic, and thermal emissions. However, optical channels have largely been considered less
covert: because they are visible to the human eye and hence can be detected, they have received less attention from researchers.

In this paper, we introduce VisiSploit, a new type of optical covert channel which, unlike other optical methods, is also
stealthy. Our method exploits the limitations of human visual perception in order to unobtrusively leak data through a standard
computer LCD display. Our experiments show that very low contrast or fast flickering images which are invisible to human
subjects, can be recovered from photos taken by a camera. Consequentially, we show that malicious code on a compromised
computer can obtain sensitive data (e.g., images, encryption keys, passwords), and project it onto a computer LCD screen, invisible
and unbeknownst to users, allowing an attacker to reconstruct the data using a photo taken by a nearby (possibly hidden) camera.
Our research yielding novel attack paradigms that exploit the subtle mechanisms of human visual perception.

We study the state-dependent (SD) wiretap channel (WTC) with non-causal channel state information (CSI) at the encoder. This model subsumes all other instances of CSI availability as special cases, and calls for an efficient utilization of the state sequence both for reliability and security purposes. A lower bound on the secrecy-capacity, that improves upon the previously best known result by Chen and Han Vinck, is derived based on a novel superposition coding scheme. The improvement over the Chen and Han Vinck result is strict for some SD-WTCs. Specializing the lower bound to the case where CSI is also available to the decoder reveals that it is at least as good as the achievable formula by Chia and El-Gamal, which is already known to outperform the adaptation of the Chen and Han Vinck code to the encoder and decoder CSI scenario. The results are derived under the strict semantic-security metric that requires negligible information leakage for all message distributions.

Software fault prediction algorithms predict which software
components is likely to contain faults using machine learning
techniques. Software diagnosis algorithm identify the faulty
software components that caused a failure using model-based
or spectrum based approaches. We show how software fault
prediction algorithms can be used to improve software diagnosis.
The resulting data-augmented diagnosis algorithm
overcomes key problems in software diagnosis algorithms:
ranking diagnoses and distinguishing between diagnoses with
high probability and low probability. We demonstrate the ef-
ficiency of the proposed approach empirically on three open
sources domains, showing significant increase in accuracy of
diagnosis and efficiency of troubleshooting. These encouraging
results suggests broader use of data-driven methods to
complement and improve existing model-based methods.

Function Secret Sharing (FSS), introduced by Boyle et al.
(Eurocrypt 2015), provides a way for additively secret-sharing
a function from a given function family F. More concretely,
an m-party FSS scheme splits a function f : {0, 1}
n → G, for some abelian group G, into functions f1, . . . , fm, described by keys k1, . . . , km, such that f = f1 + . . . + fm and every
strict subset of the keys hides f. A Distributed Point Function
(DPF) is a special case where F is the family of point
functions, namely functions fα,β that evaluate to β on the
input α and to 0 on all other inputs. FSS schemes are useful for applications that involve privately reading from or writing to distributed databases while
minimizing the amount of communication. These include
different flavors of private information retrieval (PIR), as
well as a recent application of DPF for large-scale anonymous
messaging. We improve and extend previous results in several ways:
• Simplified FSS constructions. We introduce a tensoring
operation for FSS which is used to obtain a conceptually
simpler derivation of previous constructions
and present our new constructions.
• Improved 2-party DPF. We reduce the key size of
the PRG-based DPF scheme of Boyle et al. roughly
by a factor of 4 and optimize its computational cost.
The optimized DPF significantly improves the concrete
costs of 2-server PIR and related primitives.
• FSS for new function families. We present an ef-
ficient PRG-based 2-party FSS scheme for the family
of decision trees, leaking only the topology of the tree
and the internal node labels. We apply this towards
FSS for multi-dimensional intervals. We also present
a general technique for extending FSS schemes by increasing
the number of parties.
• Verifiable FSS. We present efficient protocols for verifying
that keys (k ∗ 1 , . . . , k∗ m), obtained from a potentially
malicious user, are consistent with some f ∈ F.
Permission to make digital or hard copies of all or part of this work for personal or
classroom use is granted without fee provided that copies are not made or distributed
for profit or commercial advantage and that copies bear this notice and the full citation
on the first page. Copyrights for components of this work owned by others than the
author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or
republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from permissions@acm.org.
CCS’16, October 24 – 28, 2016, Vienna, Austria

c 2016 Copyright held by the owner/author(s). Publication rights licensed to ACM.
ISBN 978-1-4503-4139-4/16/10. . . $15.00
DOI: http://dx.doi.org/10.1145/2976749.2978429
Such a verification may be critical for applications that
involve private writing or voting by many users.
Keywords: Function secret sharing, private information
retrieval, secure multiparty computation, homomorphic encryption

Under the Decisional Diffie-Hellman (DDH) assumption, we present a 2-out-of-2 secret sharing scheme that supports a compact evaluation of branching programs on the shares. More concretely, there is an evaluation algorithm Eval with a single bit of output, such that if an input w ∈ {0, 1}n is shared into (w0, w1), then for any deterministic branching program P of size S we have that Eval(P, w0) ⊕ Eval(P, w1) = P(w) except with at most δ failure probability. The running time of the sharing algorithm is polynomial in n and the security parameter λ, and that of Eval is polynomial in S, λ, and 1/δ. This applies as a special case to boolean formulas of size S or boolean circuits of depth log S. We also present a public-key variant that enables homomorphic computation on inputs contributed by multiple clients. The above result implies the following DDH-based applications: – A secure 2-party computation protocol for evaluating any branching program or formula of size S, where the communication complexity is linear in the input size and only the running time grows with S. – A secure 2-party computation protocol for evaluating layered boolean circuits of size S with communication complexity O(S/ log S). – A 2-party function secret sharing scheme, as defined by Boyle et al. (Eurocrypt 2015), for general branching programs (with inverse polynomial error probability). – A 1-round 2-server private information retrieval scheme supporting general searches expressed by branching programs. Prior to our work, similar results could only be achieved using fully homomorphic encryption. We hope that our approach will lead to more practical alternatives to known fully homomorphic encryption schemes in the context of low-communication secure computation.

We present NECTAR, a community detection algorithm that generalizes Louvain method’s local search heuristic for overlapping community structures. NECTAR chooses dynamically which objective function to optimize based on the network on which it is invoked. Our experimental evaluation on both synthetic benchmark graphs and real-world networks, based on ground-truth communities, shows that NECTAR provides excellent results as compared with state of the art community detection algorithms.

Honey pots are computer resources that are used to detect and deflect network attacks on a protected system. The data collected from honey pots can be utilized to better understand cyber-attacks and provide insights for improving security measures, such as intrusion detection systems. In recent years, attackers’ sophistication has increased significantly, thus additional and more advanced analytical models are required. In this paper we suggest several unique methods for detecting attack propagation patterns using Markov Chains modeling and complex networks analysis. These methods can be applied on attack datasets collected from honey pots. The results of these models shed light on different attack profiles and interaction patterns between the deployed sensors in the honey pot system. We evaluate the suggested methods on a massive data set which includes over 167 million observed attacks on a globally distributed honey pot system. Analyzing the results reveals interesting patterns regarding attack correlations between the honey pots. We identify central honey pots which enable the propagation of attacks, and present how attack profiles may vary according to the attacking country. These patterns can be used to better understand existing or evolving attacks, and may aid security experts to better deploy honey pots in their system.

In this paper we describe and share with the research community,
a significant smartphone dataset obtained from an
ongoing long-term data collection experiment. The dataset
currently contains 10 billion data records from 30 users collected
over a period of 1.6 years and an additional 20 users for
6 months (totaling 50 active users currently participating in
the experiment).
The experiment involves two smartphone agents: SherLock
and Moriarty. SherLock collects a wide variety of software and
sensor data at a high sample rate. Moriarty perpetrates various
attacks on the user and logs its activities, thus providing
labels for the SherLock dataset.
The primary purpose of the dataset is to help security professionals
and academic researchers in developing innovative
methods of implicitly detecting malicious behavior in smartphones.
Specifically, from data obtainable without superuser
(root) privileges. To demonstrate possible uses of the dataset,
we perform a basic malware analysis and evaluate a method
of continuous user authentication.

Attack propagation models within honeypot systems aim at providing insights about attack strategies that target multiple honeypots, rather than analyzing attacks on each honeypot separately. Traditional attack propagation models focus on building a single probabilistic model. This modeling approach may be misleading, since it does not take into consideration contextual information such as the country from which the attack is initiated. In addition, with the massive increase in the magnitude of attacks on honeypots, a scalable modeling approach is required. In this work we present a novel attack propagation model that can utilize contextual information about the attacks by training multiple Markov Chain models. Moreover, we add additional layers of analysis: first, we present a likelihood estimation procedure that can identify new and evolving attack patterns; and second, we introduce a method for generating simulated attack sequences that can be used for training or sensitivity analysis. Lastly, we present, in details, a MapReduce design for all suggested algorithms in order to address scalability issues. We evaluate our methods on a massive dataset which includes approximately 170 million attacks on an operational honeypot system. Results indicate that contextual modeling is important for explaining attack propagation that may vary by country. In addition, we show the effectiveness of the suggested method for generating simulated sequences by comparing the attack propagation patterns we learned in the generated dataset and the original one. Finally, we demonstrate the scalability of all of the proposed algorithms on real and synthetic datasets that include over a billion records.

The meteoric progress of Internet technologies and PDA (personal digital assistant) devices has made public Wi-Fi hotspots very popular. Nowadays, hotspots can be found almost anywhere: organizations, home networks, public transport systems, restaurants, etc. The Internet usage patterns (e.g. browsing) differ with the hotspot venue. This insight introduces new traffic profiling opportunities. Using machine learning techniques we show that it is possible to infer types of venues that provide Wi-Fi access (e.g., organizations and hangout places) by analyzing the Internet traffic of connected mobile phones. We show that it is possible to infer the user’s current venue type disclosing his/her current context. This information can be used for improving personalized and context aware services such as web search engines or online shops, without the presence on user’s device. In this paper we evaluate venue type inference based on mobile phone traffic collected from 115 college students and analyze their Internet behavior across the different venues types.

The two-user multiple-input multiple-output
(MIMO) Gaussian broadcast channel (BC) with common,
private and confidential messages is considered. The transmitter
sends a common message to both users, a confidential message
to User 1 and a private (non-confidential) message to User
2. The secrecy-capacity region is characterized by showing
that certain inner and outer bounds coincide and that the
boundary points are achieved by Gaussian inputs. The proof
relies on factorization of upper concave envelopes and a variant
of dirty-paper coding (DPC). The entire region is exhausted
by using DPC to cancel out the signal of the non-confidential
message at Receiver 1, making DPC against the signal of the
confidential message unnecessary. The secrecy-capacity results
are visualized using a numerical example.

The broadcast channel (BC) with one common and two private messages with leakage constraints is studied, where leakage refers to the normalized mutual information between a message and a channel symbol string. Each private message is destined for a different user and the leakage to the other receiver must satisfy a constraint. This model captures several scenarios concerning secrecy, i.e., when both, either or neither of the private messages are secret. Inner and outer bounds on the leakage-capacity region are derived. Without leakage constraints the inner bound recovers Marton’s region and the outer bound reduces to the UVW-outer bound. The bounds match for semi-deterministic (SD) and physically degraded (PD) BCs, as well as for BCs with a degraded message set. The leakage-capacity regions of the SD-BC and the BC with a degraded message set recover past results for different secrecy scenarios. A Blackwell BC example illustrates the results and shows how its leakage-capacity region changes from the capacity region without secrecy to the secrecy-capacity regions for different secrecy scenarios.

The secrecy capacity of the type II wiretap channel (WTC II) with a noisy main channel is currently an open problem. Herein its secrecy-capacity is derived and shown to be equal to its semantic-security (SS) capacity. In this setting, the legitimate users communicate via a discrete-memoryless (DM) channel in the presence of an eavesdropper that has perfect access to a subset of its choosing of the transmitted symbols, constrained to a fixed fraction of the blocklength. The secrecy criterion is achieved simultaneously for all possible eavesdropper subset choices. The SS criterion demands negligible mutual information between the message and the eavesdropper’s observations even when maximized over all message distributions. A key tool for the achievability proof is a novel and stronger version of Wyner’s soft covering lemma. Specifically, a random codebook is shown to achieve the soft-covering phenomenon with high probability. The probability of failure is doubly exponentially small in the blocklength. Since the combined number of messages and subsets grows only exponentially with the blocklength, SS for the WTC II is established by using the union bound and invoking the stronger soft-covering lemma. The direct proof shows that rates up to the weak-secrecy capacity of the classic WTC with a DM erasure channel (EC) to the eavesdropper are achievable. The converse follows by establishing the capacity of this DM wiretap EC as an upper bound for the WTC II. From a broader perspective, the stronger soft-covering lemma constitutes a tool for showing the existence of codebooks that satisfy exponentially many constraints, a beneficial ability for many other applications in information theoretic security.

Physical layer security can ensure secure communication over noisy channels in the presence of an eavesdropper with unlimited computational power. We adopt an information theoretic variant of semantic-security (SS) (a cryptographic gold standard), as our secrecy metric and study the open problem of the type II wiretap channel (WTC II) with a noisy main channel is, whose secrecy-capacity is unknown even under looser metrics than SS. Herein the secrecy-capacity is derived and shown to be equal to its SS capacity. In this setting, the legitimate users communicate via a discrete-memoryless (DM) channel in the presence of an eavesdropper that has perfect access to a subset of its choosing of the transmitted symbols, constrained to a fixed fraction of the blocklength. The secrecy criterion is achieved simultaneously for all possible eavesdropper subset choices. On top of that, SS requires negligible mutual information between the message and the eavesdropper’s observations even when maximized over all message distributions. A key tool for the achievability proof is a novel and stronger version of Wyner’s soft covering lemma. Specifically, the lemma shows that a random codebook achieves the soft-covering phenomenon with high probability. The probability of failure is doubly-exponentially small in the blocklength. Since the combined number of messages and subsets grows only exponentially with the blocklength, SS for the WTC II is established by using the union bound and invoking the stronger soft-covering lemma. The direct proof shows that rates up to the weak-secrecy capacity of the classic WTC with a DM erasure channel (EC) to the eavesdropper are achievable. The converse follows by establishing the capacity of this DM wiretap EC as an upper bound for the WTC II. From a broader perspective, the stronger soft-covering lemma constitutes a tool for showing the existence of codebooks that satisfy exponentially many constraints, a beneficial ability for many other applications in information theoretic security. Index Terms—Erasure wiretap channel, information theoretic security, physical-layer security, semantic-security, soft-covering lemma, wiretap channel of type II, wiretap codes.

Most work in heuristic search focused on path finding problems
in which the cost of a path in the state space is the sum
of its edges’ weights. This paper addresses a different class
of path finding problems in which the cost of a path is the
product of its weights. We present reductions from different
classes of multiplicative path finding problems to suitable
classes of additive path finding problems. As a case study,
we consider the problem of finding least and most probable
paths in a Markov Chain, where path cost corresponds to the
probability of traversing it. The importance of this problem
is demonstrated in an anomaly detection application for cyberspace
security. Three novel anomaly detection metrics for
Markov Chains are presented, where computing these metrics
require finding least and most probable paths. The underlying
Markov Chain is dynamically changing, and so fast methods
for computing least and most probable paths are needed. We
propose such methods based on the proposed reductions and
using heuristic search algorithms.

The clustering of unbounded data-streams is a difficult problem since the observed instances cannot be stored for future clustering decisions. Moreover, the probability distribution of streams tends to change over time, making it challenging to differentiate between a concept-drift and an anomaly. Although many excellent data-stream clustering algorithms have been proposed in the past, they are not suitable for capturing the temporal contexts of an entity.

In this paper, we propose pcStream; a novel data-stream clustering algorithm for dynamically detecting and managing sequential temporal contexts. pcStream takes into account the properties of sensor-fused data-streams in order to accurately infer the present concept, and dynamically detect new contexts as they occur. Moreover, the algorithm is capable of detecting point anomalies and can operate with high velocity data-streams. Lastly, we show in our evaluation that pcStream outperforms state-of-the-art stream clustering algorithms in detecting real world contexts from sensor-fused datasets. We also show how pcStream can be used as an analysis tool for contextual sensor streams.

Smartphones and tablets have become prime
targets for malware, due to the valuable private and corporate
information they hold. While Anti-Virus (AV) program may
successfully detect malicious applications (apps), they remain
ineffective against low-level rootkits that evade detection
mechanisms by masking their own presence. Furthermore, any
detection mechanism run on the same physical device as the
monitored OS can be compromised via application, kernel or
boot-loader vulnerabilities. Consequentially, trusted detection of
kernel rootkits in mobile devices is a challenging task in practice.
In this paper we present ‘JoKER’ – a system which aims at
detecting rootkits in the Android kernel by utilizing the
hardware’s Joint Test Action Group (JTAG) interface for
trusted memory forensics. Our framework consists of
components that extract areas of a kernel’s memory and
reconstruct it for further analysis. We present the overall
architecture along with its implementation, and demonstrate that
the system can successfully detect the presence of stealthy
rootkits in the kernel. The results show that although JTAG’s
main purpose is system testing, it can also be used for malware
detection where traditional methods fail.

We present an end-to-end supervised based system
for detecting malware by analyzing network traffic. The
proposed method extracts 972 behavioral features across
different protocols and network layers, and refers to different
observation resolutions (transaction, session, flow and
conversation windows). A feature selection method is then used
to identify the most meaningful features and to reduce the data
dimensionality to a tractable size. Finally, various supervised
methods are evaluated to indicate whether traffic in the network
is malicious, to attribute it to known malware “families” and to
discover new threats. A comparative experimental study using
real network traffic from various environments indicates that the
proposed system outperforms existing state-of-the-art rule-based
systems, such as Snort and Suricata. In particular, our
chronological evaluation shows that many unknown malware
incidents could have been detected at least a month before their
static rules were introduced to either the Snort or Suricata
systems.

The broadcast channel (BC) with one confidential message and where the decoders cooperate via a one-sided link is considered. A pair of messages is transmitted, one message for
each user. The message to the cooperative user is confidential and is kept secret from the cooperation-aided user. The secrecy level is measured by the equivocation rate. An inner bound on the secrecy-capacity region of the BC is derived. The inner bound is achieved by double-binning the codebook of the secret message. The inner bound is tight for the semi-deterministic (SD) and physically degraded (PD) cases. The secrecy results are compared to those of the corresponding BCs without a secrecy constraint. A cooperative Blackwell channel example illustrates the impact of secrecy on the rate regions.

Understanding condition severity, as extracted from Electronic Health Records (EHRs), is important for many public health purposes. Methods requiring physicians to annotate condition severity are time-consuming and costly. Previously, a passive learning algorithm called CAESAR was developed to capture severity in EHRs. This approach required physicians to label conditions manually, an exhaustive process. We developed a framework that uses two Active Learning (AL) methods (Exploitation and Combination_XA) to decrease manual labeling efforts by selecting only the most informative conditions for training. We call our approach CAESAR-Active Learning Enhancement (CAESAR-ALE). As compared to passive methods,CAESAR-ALE’s first AL method, Exploitation, reduced labeling efforts by 64% and achieved an equivalent true positive rate, while CAESAR-ALE’s second AL method, Combination_XA, reduced labeling efforts by 48% and achieved equivalent accuracy. In addition, both these AL methods outperformed the traditional AL method (SVM-Margin). These results demonstrate the potential of AL methods for decreasing the labeling efforts of medical experts, while achieving greater accuracy and lower costs.

In this paper we present a new behavior-based anomaly detection system for detecting meaningful deviations in a mobile application’s network behavior. The main goal of the proposed system is to protect mobile device users and cellular infrastructure companies from malicious applications by: (1) identification of malicious attacks or masquerading applications installed on a mobile device, and (2) identification of republished popular applications injected with a malicious code (i.e., repackaging). More specifically, we attempt to detect a new type of mobile malware with self-updating capabilities that were recently found on the official Google Android marketplace. Malware of this type cannot be detected using the standard signatures approach or by applying regular static or dynamic analysis methods. The detection is performed based on the application’s network traffic patterns only. For each application, a model representing its specific traffic pattern is learned locally (i.e., on the device). Semi-supervised machine-learning methods are used for learning the normal behavioral patterns and for detecting deviations from the application’s expected behavior. These methods were implemented and evaluated on Android devices. The evaluation experiments demonstrate that: (1) various applications have specific network traffic patterns and certain application categories can be distinguished by their network patterns; (2) different levels of deviation from normal behavior can be detected accurately; (3) in the case of self-updating malware, original (benign) and infected versions of an application have different and distinguishable network traffic patterns that in most cases, can be detected within a few minutes after the malware is executed while presenting very low false alarms rate; and (4) local learning is feasible and has a low performance overhead on mobile devices.

Today, organizations have limited resources available to allocate to the detection of complex cyber-attacks. In order to optimize their resource allocation, organizations must conduct a thorough risk analysis process so as to focus their efforts and resources on the protection of the organization’s important assets. In this study we propose a framework that automatically and dynamically derives a misuseability score for every IT component (e.g., PC, laptop, server, router, smartphone, and user). The misuseability score encapsulates the potential damage that can be caused to the organization when its assets are compromised and misused.
Misuseablity analysis for IT infrastructure | Request PDF. Available from: https://www.researchgate.net/publication/293099407_Misuseablity_analysis_for_IT_infrastructure [accessed Feb 13 2018].

Open Shortest Path First (OSPF) is one of the most widely deployed interior gateway routing protocols on the Internet. The most common attack vector against OSPF is spoofing of routing advertisements on behalf of a remote router. OSPF employs a self-defense “fight-back” mechanism that quickly reverts the effects of such attacks. Nonetheless, some attacks that evade the fight-back mechanism have been discovered, making it possible to persistently falsify routing advertisements. This type of attacks are the most serious threat to a routing protocol since they allow an attacker to gain persistent control over how traffic is routed throughout the network. This shows that despite its maturity, the OSPF specification is not without security flaws and may have still-unknown vulnerabilities. In this work we systematically analyze — manually and by formal verification — the OSPF specification for additional vulnerabilities in the fight-back mechanism. Our analysis uncovered a fundamental security flaw in OSPF that allows a simple means for an attacker to evade the fight-back mechanism. Most major router vendors acknowledged the existence of this vulnerability in their products. Fortunately, our analysis strongly indicates that no other vulnerabilities in the fight-back mechanism are likely to exist.

The iterated Even-Mansour (EM) scheme is a generalization of the original 1-round construction proposed in 1991, and can use one key, two keys, or completely independent keys. In this paper, we methodically analyze the security of all the possible iterated Even-Mansour schemes with two n-bit keys and up to four rounds, and show that none of them provides more than n-bit security. Our attacks are based on a new cryptanalytic technique called multibridgewhich splits the cipher to different parts in a novel way, such that they can be analyzed independently, exploiting its self-similarity properties. After the analysis of the parts, the key suggestions are efficiently joined using a meet-in-the-middle procedure.

As a demonstration of the multibridge technique, we devise a new attack on 4 steps of the LED-128 block cipher, reducing the time complexity of the best known attack on this scheme from 2⁹⁶ to 2⁶⁴. Furthermore, we show that our technique can be used as a generic key-recovery tool, when combined with some statistical distinguishers (like those recently constructed in reflection cryptanalysis of GOST and PRINCE).

The problem of sequential detection of anomalous processes among K independent processes is considered. At each time, only a subset of the processes can be observed, and the observations from each chosen process follow two different distributions, depending on whether the process is normal or abnormal. Each anomalous process incurs a cost per unit time until its anomaly is identified and fixed. Different anomalous processes may incur different costs depending on their criticality to the system. Switching between processes and state declarations are allowed at all times, while decisions are based on all past observations and actions. The objective is a sequential search strategy that minimizes the total expected cost, incurred by all the processes during the detection process, under reliability constraints. We develop a simple closed-loop policy (i.e., decisions depend on past observations and actions) for the anomaly detection problem. Asymptotic optimality of the proposed policy is shown when a single process is observed at a time and strong performance are demonstrated by simulation examples under multi-processes probing.

Organizations are repeatedly embarrassed when their sensitive digital documents go public or fall into the hands of adversaries, often as a result of unintentional or inadvertent leakage. Such leakage has been traditionally handled either by preventive means, which are evidently not hermetic, or by punitive measures taken after the main damage has already been done. Yet, the challenge of preventing a leaked file from spreading further among computers and over the Internet is not resolved by existing approaches. This paper presents a novel method, which aims at reducing and limiting the potential damage of a leakage that has already occurred. The main idea is to tag sensitive documents within the organization’s boundaries by attaching a benign detectable malware signature (DMS). While the DMS is masked inside the organization, if a tagged document is somehow leaked out of the organization’s boundaries, common security services such as Anti-Virus (AV) programs, firewalls or email gateways will detect the file as a real threat and will consequently delete or quarantine it, preventing it from spreading further. This paper discusses various aspects of the DMS, such as signature type and attachment techniques, along with proper design considerations and implementation issues. The proposed method was implemented and successfully tested on various file types including documents, spreadsheets, presentations, images, executable binaries and textual source code. The evaluation results have demonstrated its effectiveness in limiting the spread of leaked documents.

A new context-based model (CoBAn) for accidental and intentional data leakage prevention (DLP) is proposed. Existing methods attempt to prevent data leakage by either looking for specific keywords and phrases or by using various statistical methods. Keyword-based methods are not sufficiently accurate since they ignore the context of the keyword, while statistical methods ignore the content of the analyzed text. The context-based approach we propose leverages the advantages of both these approaches. The new model consists of two phases: training and detection. During the training phase, clusters of documents are generated and a graph representation of the confidential content of each cluster is created. This representation consists of key terms and the context in which they need to appear in order to be considered confidential. During the detection phase, each tested document is assigned to several clusters and its contents are then matched to each cluster’s respective graph in an attempt to determine the confidentiality of the document. Extensive experiments have shown that the model is superior to other methods in detecting leakage attempts, where the confidential information is rephrased or is different from the original examples provided in the learning set.