BadNets: Identifying vulnerabilities in the machine learning model supply chain

October 13, 2017October 5, 2017 ~ adriancolyer ~ 5 Comments

BadNets: Identifying vulnerabilities in the machine learning model supply chain Gu et al., ArXiv 2017 Yesterday we looked at the traditional software packages supply chain. In BadNets, Gu et al., explore the machine learning model supply chain. They demonstrate two attack vectors: (i) if model training is outsourced, then it’s possible for a hard to … Continue reading BadNets: Identifying vulnerabilities in the machine learning model supply chain

CHAINIAC: Proactive software update transparency via collectively signed skipchains and verified builds

October 12, 2017October 5, 2017 ~ adriancolyer ~ 1 Comment

CHAINIAC: Proactive software-update transparency via collectively signed skipchains and verified builds Nikitin et al., USENIX Security ‘17 So hopefully you’ve put in place some kind of software supply chain management process that will pick up the availability of new package versions, particularly of course those with fixes for discovered vulnerabilities, and ensure those updates are … Continue reading CHAINIAC: Proactive software update transparency via collectively signed skipchains and verified builds

TrustBase: an architecture to repair and strengthen certificate-based authentication

October 11, 2017October 5, 2017 ~ adriancolyer ~ 1 Comment

TrustBase: an architecture to repair and strengthen certificate-based authentication O’Neill et al., USENIX Security 2017 We recently saw that the sorry state of DNSSEC makes it comparatively easy to be sent to the wrong address when looking up a hostname. If certificate-based authentication is messed up as well, then it’s double trouble as you can … Continue reading TrustBase: an architecture to repair and strengthen certificate-based authentication

Pretzel: email encryption and provider-supplied functions are compatible

October 10, 2017September 29, 2017 ~ adriancolyer

Pretzel: email encryption and provider-supplied functions are compatible Gupta et al., SIGCOMM’17 While emails today are often encrypted in transit, the vast majority of emails are exposed in plaintext to the mail servers that handle them. Given the sensitive information often contained in email correspondence, why is this? Publicly, email providers have stated that default … Continue reading Pretzel: email encryption and provider-supplied functions are compatible

Detecting credential spearphishing attacks in enterprise settings

October 9, 2017September 27, 2017 ~ adriancolyer ~ 2 Comments

Detecting credential spearphishing attacks in enterprise settings Ho et al., USENIX Security 2017 The Lawrence Berkeley National Laboratory (LBNL) have developed and deployed a new system for detecting credential spearphishing attacks (highly targeted attacks against individuals within the organisation). Like many anomaly detection systems there are challenges of keeping the false positive rate acceptable (not … Continue reading Detecting credential spearphishing attacks in enterprise settings

CLKSCREW: Exposing the perils of security-oblivious energy management

September 21, 2017September 16, 2017 ~ adriancolyer ~ 21 Comments

CLKSCREW: Exposing the perils of security-oblivious energy management Tang et al., USENIX Security '17 This is brilliant and terrifying in equal measure. CLKSCREW demonstrably takes the Trust out of ARM's TrustZone, and it wouldn't be at all surprising if it took the Secure out of SGX too (though the researchers didn't investigate that). It's the … Continue reading CLKSCREW: Exposing the perils of security-oblivious energy management

A longitudinal, end-to-end view of the DNSSEC ecosystem

September 20, 2017September 16, 2017 ~ adriancolyer ~ 5 Comments

A longitudinal, end-to-end view of the DNSSEC ecosystem Chung et al., USENIX Security 2017 DNS, the Domain Name System, provides a vital function on the Internet, mapping names to values. Unprotected, it's also an attractive target for hackers with attack vectors such DNS spoofing and cache poisoning. Thus about two decades ago a set of … Continue reading A longitudinal, end-to-end view of the DNSSEC ecosystem

Writing parsers like it is 2017

August 15, 2017August 8, 2017 ~ adriancolyer ~ 15 Comments

Writing parsers like it is 2017 Chifflier & Couprie, SPW'17 With thanks to Glyn Normington for pointing this paper out to me. Earlier this year we looked at 'System programming in Rust: beyond safety' which made the case for switching from C to Rust as the default language of choice for system-level programming. Today's paper … Continue reading Writing parsers like it is 2017

ACIDRain: concurrency-related attacks on database backed web applications

August 7, 2017August 5, 2017 ~ adriancolyer ~ 6 Comments

ACIDRain: Concurrency-related attacks on database-backed web applications Warszawski & Bailis, SIGMOD'17 Welcome back to a new term of The Morning Paper. To kick things off, we have 'ACID Rain' - a terrific paper from SIGMOD'17 that pulls together a number of threads we've studied previously: transaction processing, anomalies, and security. What ACIDRain demonstrates is that … Continue reading ACIDRain: concurrency-related attacks on database backed web applications

An experimental security analysis of an industrial robot controller

June 28, 2017June 21, 2017 ~ adriancolyer ~ 6 Comments

An experimental security analysis of an industrial robot controller Quarta et al., IEEE Security and Privacy 2017 This is an industrial robot: The International Federation of Robotics forecasts that, by 2018, approximately 1.3 million industrial robot units will be employed in factories globally, and the international market value for "robotized" systems is approximately 32 billion … Continue reading An experimental security analysis of an industrial robot controller