Written on 01.10.24 by Xinyi Xu
Dear all,
for the new winter semester we will move to the new course which you can find here: https://cms.cispa.saarland/bms_ws2425/
Please switch to that one. The announcements will stop to be posted here and we expect that you will from now on submit the talk descriptions to the new… Read more
Dear all,
for the new winter semester we will move to the new course which you can find here: https://cms.cispa.saarland/bms_ws2425/
Please switch to that one. The announcements will stop to be posted here and we expect that you will from now on submit the talk descriptions to the new course.
Best wishes,
BAMA Seminar Team
|
Written on 18.09.24 (last change on 24.09.24) by Xinyi Xu
Dear All,
The next seminar(s) will take place on 2024-09-25 at 14:00 (Session A) and 14:00 (Session B).
Session A: (14:00 - 14:30, 14:30 - 15:00, 15:00 - 15:30)
Metodi Mitkov, Julian Jacques Maurer, Ady… Read more
Dear All,
The next seminar(s) will take place on 2024-09-25 at 14:00 (Session A) and 14:00 (Session B).
Session A: (14:00 - 14:30, 14:30 - 15:00, 15:00 - 15:30)
Metodi Mitkov, Julian Jacques Maurer, Ady Elouej
https://cispa-de.zoom.us/j/96786205841?pwd=M3FOQ3dSczRabDNLb3F1czVXVUpvdz09
Meeting-ID: 967 8620 5841
Password: BT!u5=
Session B: (14:00 - 14:30, 15:00 - 15:30)
Dimitri Harkovski, Sophie Wenning
https://cispa-de.zoom-x.de/j/66136901453?pwd=YVBSZU9peUpvUlk4bWp3MDR4cGlUUT09
Meeting-ID: 661 3690 1453
Password: sxHhzA004}
Session A
14:00 - 14:30
Speaker: Metodi Mitkov
Type of Talk: Master Intro
Advisor: Ben Stock
Title: Adapting to 3P Cookie De-Deprecation: A Longitudinal Study on the Developing Tracking Ecosystem
Research Area: RA5: Empirical and Behavioural Security
Abstract: Web sites extensively use cross-site cookies to enable cross-site functionality. Third-party cookies serve legitimate purposes, such as content personalization, fraud prevention, and authentication. However, they have also been extensively used for invasive advertisement and tracking. Browser vendors are taking measures against privacy risks caused by third-party cookies. Safari and Firefox have already implemented tracking protections. Google announced that Chrome would block third-party cookies but later reverted its decision. As a result, much of the responsibility for privacy protection now rests with users. Moreover, stricter privacy measures have pushed advertisers to explore new tracking avenues. We study the deprecation of third-party cookies to understand how tracking develops in response to it. In a longitudinal experiment, we measure the usage of third-party tracking cookies and the rise of alternative tracking methods. We want to understand the impact of browser intervention policies, what tracking patterns are emerging on the Web, and how they impact user privacy.
14:30 - 15:00
Speaker: Julian Jacques Maurer
Type of Talk: Bachelor Intro
Advisor: Robert Künnemann
Title: UC-like Guarantees for the WireGuard Payload Protocol in the Dolev-Yao Model
Research Area: RA2: Reliable Security Guarantees
Abstract: Proofs of universal composability (UC) for cryptographic protocols are hard and rare, but a recently discovered connection to robust hyper-property preserving compilation (RHP) allows mechanising UC proofs. In my thesis, I investigate UC-like properties of WireGuard's payload protocol within the Dolev-Yao model, a symbolic approach abstracting real-world cryptographic limitations into idealized operations. Using DEEPSEC, a tool for deciding equivalence properties in security protocols, I transfer an existing proof of computational RHP to perfect RHP and conclude with an evaluation of the process.
15:00 - 15:30
Speaker: Ady Elouej
Type of Talk: Bachelor Intro
Advisor: Thorsten Holz, Bhupendra Acharya
Title: Exploiting Follower Bases: A Comprehensive Analysis of Follow-Based Attacks and
Research Area: RA5: Empirical and Behavioural Security
Abstract: Malicious Tactics on Social Media Research Area: RA5 Abstract: This research aims to explore how cybercriminals exploit the followers of high-profile accounts on X (formerly Twitter), focusing on follow-based attacks across categories like cryptocurrency, sports, and music. Using a honeypot approach, we developed a ground-truth dataset to capture these malicious tactics. Preliminary findings highlight the extensive use of sophisticated bot networks, especially in the cryptocurrency sector. Our analysis identified over 700 suspicious accounts following our honeypots, with nearly 65\% containing links to external sites, often leading to Telegram or WhatsApp groups or scam pages. The profiles vary in characteristics depending on the target, illustrating the adaptive strategies of these actors. Additionally, we documented how attackers leverage bot networks to enhance the visibility and longevity of scam posts, highlighting the complex and evolving landscape of malicious activities. Future research will expand to additional categories and refine the analysis of attack vectors, deepening our understanding of spam and scam tactics on social media and the evolving methods of malicious actors.
Session B
14:00 - 14:30
Speaker: Dimitri Harkovski
Type of Talk: Bachelor Intro
Advisor: Cas Cremers
Title: AGE - a modern file encryption tool
Research Area: RA2: Reliable Security Guarantees
Abstract: In this bachelor thesis AGE will be analyzed, a modern file encryption tool. How does it work, what are the usecases and most important: is it really secure?
15:00 - 15:30
Speaker: Sophie Wenning
Type of Talk: Master Intro
Advisor: Christoph Lenzen
Title: Boosting performance: Gradient Clock Synchronisation with two-way measured links
Research Area: RA1: Trustworthy Information Processing
Abstract: Large distributed networks require all their computational units to be synchronised in time in order to guarantee smooth pipelining of executions and optimal performance. Large scale systems often use tree-based such as PTP to ensure synchrony. However, their centralised architecture and single point of failure makes them vulnerable to failures induced by faults attacks. To cope with these issues, the gradient synchronisation algorithm, offering an decentralised and self-stabilising framework running on general graphs, was introduced by Lynch and Fan in 2004. With the goal of facilitating implementations in hardware, this thesis aims to further refine the underlying theoretical computational model to account for more of the issues faced in real-world implementations, such as practical execution of measurements.
|
Written on 05.09.24 by Xinyi Xu
Dear All,
The next seminar(s) will take place on 2024-09-11 at 14:00 (Session A) and 14:00 (Session B).
Session A: (14:00 - 14:30, 14:30 - 15:00, 15:00 - 15:30)
Moritz Jung, Pit Jost, Robin… Read more
Dear All,
The next seminar(s) will take place on 2024-09-11 at 14:00 (Session A) and 14:00 (Session B).
Session A: (14:00 - 14:30, 14:30 - 15:00, 15:00 - 15:30)
Moritz Jung, Pit Jost, Robin Jacobi
https://cispa-de.zoom.us/j/96786205841?pwd=M3FOQ3dSczRabDNLb3F1czVXVUpvdz09
Meeting-ID: 967 8620 5841
Password: BT!u5=
Session B: (14:00 - 14:30, 14:30 - 15:00, 15:00 - 15:30)
Reza Zamiri, Sepehr Mirzaei, Parth Thakker
https://cispa-de.zoom-x.de/j/66136901453?pwd=YVBSZU9peUpvUlk4bWp3MDR4cGlUUT09
Meeting-ID: 661 3690 1453
Password: sxHhzA004}
Session A
14:00 - 14:30
Speaker: Moritz Jung
Type of Talk: Bachelor Intro
Advisor: Andreas Zeller
Title: Semantic Protocol Fuzzing
Research Area: RA3: Threat Detection and Defenses
Abstract: Discoveries of vulnerabilities such as the Heartbleed bug in the OpenSSL library in 2014, or the more recent discovery of the SMTP smuggling vulnerability which allows vulnerable server constellations to be exploited for email spoofing, show the importance of testing implementations of network protocols. One approach to testing for such vulnerabilities is fuzz testing, or fuzzing for short, a software testing technique where the system under test (SUT) is provided with automatically generated inputs. We show an approach to protocol fuzzing based on I/O grammars and ISLa constraints, and the ISLa solver and checker. An I/O grammar is a combination of context-free grammars for inputs and outputs, and allows for modeling of system states. The ISLa specification language allows for the specification of semantic constraints over a grammar's elements. Our fuzzer takes an I/O grammar and accompanying ISLa constraints as input, and employs the ISLa solver and checker to produce syntactically and semantically valid inputs, and to check input-output sequences for validity.
14:30 - 15:00
Speaker: Pit Jost
Type of Talk: Master Final
Advisor: Andreas Zeller, Tural Mammadov
Title: Protocol Fuzzing with Grammars and Constraints extracted from RFCs
Research Area: RA3: Threat Detection and Defenses
Abstract: Efficient automated testing of network protocols using conventional methods is a process that usually requires significant amounts of manual labor. To achieve high coverage that finds design and implementation flaws deeply embedded in such protocols, it is not suf- ficient to rely solely on a black-box fuzzing approach. Random inputs generated using a purely random approach tend to cause the protocol implementations to reject the inputs early during validation. More advanced approaches such as semantic fuzzing, which are aware of the protocol’s specification and the expected input formats, are much more ef- fective and can reach higher levels of coverage. Generating semantically correct input is not a trivial task. Knowledge about the targeted protocol is necessary in order to achieve this, and it needs to be available in a machine-interpretable format to be usable for automated testing. Input Specification Lan- guage (ISLa), a grammar-aware input specification language and string constraint solver, aims to solve this by allowing for the expression of protocol specifications using context- free grammars and semantic constraints, which can, in turn, be used to produce inputs for grammar-based fuzzing. While ISLa requires formal protocol specifications written in its proprietary specification language, most network protocols are specified in documents known as Requests for Comments (RFCs), which are written in English natural language. In this thesis, a method to automatically mine context-free grammars and semantic constraints from natural language specifications which are collected from RFC documents is developed. A pre-trained large language model is fine-tuned using a dataset that con- tains natural language specification fragments from RFCs and their grammar definitions together with semantic constraints. The model will be evaluated on automatically ex- tracting grammar constraints and related semantic constraints for a range of different network protocols.
15:00 - 15:30
Speaker: Robin Jacobi
Type of Talk: Master Intro
Advisor: Michael Schwarz, Fabian Thomas
Title: Reproducing Meltdown-type Attacks in gem5
Research Area: RA3: Threat Detection and Defenses
Abstract: Many details of the latest processors are kept under wraps by the manufacturers. Only gradually, through reverse engineering, the detailed design decisions are revealed. Simulators offer a relatively easy-to-use way to create complex simulation environments that can be used in computer-system architecture research. It is possible to adapt deeper changes in CPU operation and analyse them in more detail through log outputs. Possible attack vectors are increasingly focussed on small details rather than larger obvious vulnerabilities. We have set ourselves the goal of enabling further possibilities in the area of simulating transient execution attacks. This master's thesis continues the research on transient execution attacks in a simulated environment, using the gem5 simulator. It allows us to simulate an out-of-order CPU in a full-system environment, without external influences. The main focus will be on the Meltdown vulnerability, which was discovered in 2017 and affected all Intel processors available at the time, with a few exceptions. After an analysis and changes to the code base, the Meltdown vulnerability should be exploitable in gem5.
Session B
14:00 - 14:30
Speaker: Reza Zamiri
Type of Talk: Master Intro
Advisor: Nils Ole Tippenhauer
Title: Enhancing fuzz testing for Tricore-based automotive ECU firmware
Research Area: RA4: Secure Mobile and Autonomous Systems
Abstract: Nowadays, many of the new technologies and features in the automotive industry are driven by software development. In vehicles, software typically runs on ECUs (Electronic Control Units), which are embedded systems responsible for critical functions such as engine management or emissions control. The firmware which are running on these kinds of ECUs are playing a crucial role in the vehicle performance and safety. Consequently, validating ECU firmware binaries is essential to prevent potential failures that could lead to severe safety issues or cybersecurity vulnerabilities. One of the widely used microcontrollers in the automotive industry is Infineon’s TriCore family. However, despite the popularity of the TriCore architecture in the automotive industry, there is a gap of proper fuzz testing solutions which are specifically designed for TriCore-based ECU firmware. In this research, we will try to fill this gap by designing a methodology for fuzz testing and memory error detection mechanism to validate those firmware binaries.
14:30 - 15:00
Speaker: Sepehr Mirzaei
Type of Talk: Master Intro
Advisor: Giancarlo Pellegrino
Title: An Empirical Study of DOM Selector APIs Vulnerabilities on the Web
Research Area: RA5: Empirical and Behavioural Security
Abstract: As web applications become more feature-rich, their attack surface becomes more complex. Despite the introduction of numerous defense mechanisms in recent years, new variants of codeless injection attacks continue to emerge, circumventing many of these defenses. This thesis introduces and investigates a code-less injection attack that exploits vulnerabilities stemming from DOM Selector APIs and insecure coding practices, where developers mistakenly trust DOM content. This research systematically examines web browser APIs that accept DOM content and perform sensitive actions, conducting a large-scale analysis of the top 1K websites of Tranco list to identify the prevalence and impact of these vulnerabilities. Additionally, the study assesses the extent to which developers rely on DOM content without proper validation, highlighting the need for improved security practices and more robust defenses against DOM-based attacks.
15:00 - 15:30
Speaker: Parth Thakker
Type of Talk: Master Intro
Advisor: Thorsten Holz
Title: Optimizing Fuzzilli: Improving scheduling for a better fuzzing approach
Research Area: RA3: Threat Detection and Defenses
Abstract: Modern web development relies heavily on JavaScript, which allows for dynamic and interactive elements in a variety of web applications. The JavaScript engine inside the browser, responsible for executing JavaScript code is a highly crucial component. It is of high interest to adversaries, as they provide exploitation primitives making it possible to compromise the host process with a single vulnerability. Fuzzilli is a state of the art fuzzer designed to produce syntactically and semantically valid code to target JavaScript Engines. It is one of the few fuzzers that can target the JIT compilation. It however, is rather basic in some of its approaches, and there is room for enhancing its performance and coverage. In this thesis, we work on Fuzzilli to introduce corpus and mutator scheduling, using the state of the art methods defined in LibAFL. We then evaluate our fork, and present a detailed report of the work.
|
Written on 22.08.24 (last change on 22.08.24) by Xinyi Xu
Dear All,
The next seminar(s) will take place on 2024-08-28 at 14:30 (Session A) and 14:00 (Session B).
Session A: (14:30 - 15:00)
Demian Fink
https://cispa-de.zoom.us/j/96786205841?pwd=M3FOQ3dSczRabDNLb3F1czVXVUpvdz09
Meeting-ID: 967 8620 5841
Password: BT!u5=
Session… Read more
Dear All,
The next seminar(s) will take place on 2024-08-28 at 14:30 (Session A) and 14:00 (Session B).
Session A: (14:30 - 15:00)
Demian Fink
https://cispa-de.zoom.us/j/96786205841?pwd=M3FOQ3dSczRabDNLb3F1czVXVUpvdz09
Meeting-ID: 967 8620 5841
Password: BT!u5=
Session B: (14:00 - 14:30, 14:30 - 15:00, 15:00 - 15:30)
Yasin Esfandiari, Eduard Ebert, Christian Bryan Marcelino
https://cispa-de.zoom-x.de/j/66136901453?pwd=YVBSZU9peUpvUlk4bWp3MDR4cGlUUT09
Meeting-ID: 661 3690 1453
Password: sxHhzA004}
Session A
14:30 - 15:00
Speaker: Demian Fink
Type of Talk: Bachelor Intro
Advisor: Matthias Fassl
Title: Comparing Security and Privacy Advice on Social Media with established Expert Advice
Research Area: RA5: Empirical and Behavioural Security
Abstract: The landscape of security and privacy advice on social media is large. Individual sites like Twitter (now know as X) were previously analysed, but no full scale analysis over most or all major platforms has been conducted. Understanding the whos, the what and even the whys of security advice can help shape the future of security advice of tomorrow. The goal of this thesis is to understand these questions of who, what and why by collecting security and privacy advice from a multitude of social media platforms such as Twitter (X), Instagram, TikTok, Reddit, and Youtube. Other than just collecting the substance of the post, authors are collected to classify them into groups such as "News Agency", "Popular Influencer" etc. and a form to meassure popularity such as likes, retweets or views. The data is then compared to a established expert advice.
Session B
14:00 - 14:30
Speaker: Yasin Esfandiari
Type of Talk: Master Intro
Advisor: Sebastian Stich
Title: Image-Quality-Likelihood trade-off in Diffusion Models
Research Area: RA1: Trustworthy Information Processing
Abstract: Usually, Diffusion Models are trained to optimize the sample quality, which leads to a worse likelihood. On the other hand, some methods are designed to get a good likelihood, but the sample quality is low. Though the objective is the same, only the weighting term differs for training in those models. In this thesis, we are looking for a method that gets us both the good likelihood(in terms of BPD) and the sample quality (in terms of FID) using pre-trained Diffusion Models.
14:30 - 15:00
Speaker: Eduard Ebert
Type of Talk: Bachelor Intro
Advisor: Lorenz Hetterich, Michael Schwarz
Title: Reverse Engineering the Stride Prefetcher
Research Area: RA3: Threat Detection and Defenses
Abstract: Modern processors use various optimizations to minimize the memory access latency. One such optimization is the hardware prefetcher, which aims to reduce the cache miss penalty. However, the microarchitectural hash functions used to index the prefetchers' internal data structures remain undocumented. Previous works have reversed hash functions used to select cache slices, map physical addresses to DRAM channels, DIMMs, ranks, and banks, or map virtual addresses to TLB sets. These efforts also enabled new attacks such as DRAMA or TLBleed or improved existing attacks such as Rowhammer. In this thesis, we reverse engineer the stride prefetcher on multiple microarchitectures and present a case study on Zen/Zen+.
15:00 - 15:30
Speaker: Christian Bryan Marcelino
Type of Talk: Bachelor Final
Advisor: Stella Wohnig, Nico Döttling
Title: Comparative Analysis of Range Proofs with Application to the McFly Time Release Protocol
Research Area: RA1: Trustworthy Information Processing
Abstract: McFly is a Time-lock Puzzle primitive created with the help of blockchain (Proof of Stake) finality layer. This makes McFly not computationally wasteful and with the help of constant production rate of blockchain, we can decide exactly when the puzzle is solved. A little shortcoming resides in the construction of McFly protocol: The message lies on the exponentiation. Therefore, McFly needs a range proof to make sure that the message lies on a certain range. The proof size of McFly protocol exceeds the preferred value, thus we want to consider finding another range proof. In this thesis, we will explore the state of the art of range proof protocols to improve the situation of McFly. The aim of this thesis is not only to find another range proof that is smaller in size, along with incorporating them into the McFly protocol.
|
Written on 08.08.24 by Xinyi Xu
Dear All,
The next seminar(s) will take place on 2024-08-14 at 14:00 (Session A) and 14:00 (Session B).
Session A: (14:00 - 14:30, 14:30 - 15:00, 15:00 - 15:30)
Linda Müller, SUBRAT DUTTA, Tobias… Read more
Dear All,
The next seminar(s) will take place on 2024-08-14 at 14:00 (Session A) and 14:00 (Session B).
Session A: (14:00 - 14:30, 14:30 - 15:00, 15:00 - 15:30)
Linda Müller, SUBRAT DUTTA, Tobias Lorig
https://cispa-de.zoom.us/j/96786205841?pwd=M3FOQ3dSczRabDNLb3F1czVXVUpvdz09
Meeting-ID: 967 8620 5841
Password: BT!u5=
Session B: (14:00 - 14:30, 14:30 - 15:00, 15:00 - 15:30)
Devansh Srivastav, Girija Bangalore Mohan, Luca Nimsgern
https://cispa-de.zoom-x.de/j/66136901453?pwd=YVBSZU9peUpvUlk4bWp3MDR4cGlUUT09
Meeting-ID: 661 3690 1453
Password: sxHhzA004}
Session A
14:00 - 14:30
Speaker: Linda Müller
Type of Talk: Bachelor Intro
Advisor: Michael Schwarz, Ruiyi Zhang
Title: Implementing Page Coloring in the Linux Kernel for x86
Research Area: RA3: Threat Detection and Defenses
Abstract: Side-channels share information by unintended means, e.g., the speed of a memory access shares whether the accessed memory content was recently accessed or not. The Prime+Probe attack leaverages such a cache-based side-channel by continuously evicting a victim's memory from the cache and measuring the required time. To mitigate Prime+Probe attacks, each process' pages should map to different cache-sets, so called "colors". In this thesis, we will implement page coloring against Prime+Probe attacks that originate from user-space and target user-space in the Linux kernel.
14:30 - 15:00
Speaker: SUBRAT DUTTA
Type of Talk: Master Intro
Advisor: Mario Fritz, Xiao Zhang
Title: Stealthy Targeted Adversarial Patch Attacks through Perceptibility-Aware Optimization
Research Area: RA3: Threat Detection and Defenses
Abstract: Adversarial patch attacks, where the adversary is only allowed to modify a small localised area of the input image, have recently attracted lots of attention due to their potential to be transformed into physical-world attacks. Existing methods either are not successful in producing visually imperceptible patches or cannot achieve satisfactory performance under targeted attack scenarios. To bridge this gap, we hypothesise a novel adversarial patch attack based on perceptibility-aware optimization schemes, achieving a strong targeted attack performance while maintaining the invisibility of the attached patch. In particular, we propose a two step method where on the first step we search for a proper location for patch placement by leveraging class localization and sensitivity maps, thus balancing the susceptibility of the patch location to both victim model prediction and human perception. Secondly we have observed that the current update rules employed for patch update do not consider perceptibility which results in them being highly salient. We therefore believe that major improvements in the optimization process can be made which inclines towards patch imperceptibility while achieving the state-of-the-art attack efficacy. We believe that integrating imperceptibility as a part of the objective function and also the update rule can improve the current state of imperceptibility by significant magnitudes
15:00 - 15:30
Speaker: Tobias Lorig
Advisor: Mario Fritz, Hossein Hajipour
Research Area: RA3: Threat Detection and Defenses
Abstract: In recent years, the art of software engineering has been transformed by the accelerating development of Large Language Models. The emergence of ChatGPT, GitHub's Copilot, and now Devin, the first autonomous LLM driven software engineer, further increases the presence of AI generated code in software. The convenience and perceived intelligence of such tools can be alluring for programming novices and software engineers alike, possibly leading to a neglect of best practices like code reviews and eventual introduction of insecure code. We aim to analyze the current state of publicly accessible automated code generation frameworks, coupled with popular Large Language Models. By employing static analysis, we will evaluate the security of programming projects created by these frameworks, based on common weaknesses, listed in the CWE. Finally, we will investigate the effectiveness of prompt engineering and other approaches in improving the security of generated code by directly comparing the rate of common CWE's.
Session B
14:00 - 14:30
Speaker: Devansh Srivastav
Type of Talk: Master Intro
Advisor: Xiao Zhang
Title: Jailbreak Strategies for Base and Defended Large Language Models from a Red Team Perspective
Research Area: RA1: Trustworthy Information Processing
Abstract: The adoption of Large Language Models (LLMs) has significantly enhanced natural language processing across various domains, yet their susceptibility to jailbreak attacks remains a critical concern. Jailbreak attacks exploit weaknesses to bypass safety mechanisms, posing risks such as misinformation and privacy breaches. While existing studies often target vulnerabilities in base models, the proposed research focuses on evaluating both base and defended LLMs against sophisticated jailbreak techniques. Using techniques like Multilingual Prompting, Instruction Manipulation, Zero-shot Chain of Thought (CoT), Chaining and Agentic methods, and Retrieval-Augmented Generation (RAGs), the study aims to comprehensively assess current defense mechanisms. By adopting a red team perspective, this research seeks to identify potential weaknesses in defended models and provide insights for developing more robust defense strategies, ensuring safe and secure LLM applications.
14:30 - 15:00
Speaker: Girija Bangalore Mohan
Type of Talk: Master Intro
Advisor: Mridula Singh
Title: Physical World Sensor Attack on LiDAR-camera-based Perception in Autonomous Driving
Research Area: RA4: Secure Mobile and Autonomous Systems
Abstract: Autonomous Vehicles (AVs) rely on sensors like cameras and LiDAR, to perceive their surroundings and make informed decisions regarding path planning and vehicle control. Understanding the vulnerabilities in these perception systems is crucial for ensuring road safety and building robust AV systems. While cameras have been traditionally used for perception, they are susceptible to spoofing attacks. Hence, AVs are increasingly adopting LiDARs as they show an advantage over other sensors due to their ability to create detailed 3D maps, providing precise distance and depth information for all surrounding objects and free space, and are also a reasonable buy today. However, the researchers continue to study the vulnerability of LiDARs and explore new ways to attack them. The technical functionality of LiDAR makes the environment with mirrors challenging for LiDARs to work with. Existing research has not yet explored this as a potential attack vector. In this research, we will exploit the property of light reflection to design and model a physical-world attack on LiDAR and camera sensors. We will demonstrate the effectiveness of our attack against state-of-the-art AV obstacle detectors like PointPillars. Additionally, we will evaluate the impact of these attacks on driving decisions using industry-grade Autonomous Driving Simulators (LGSVL or CARLA) and propose defense strategies to mitigate such attacks. By shedding light on these vulnerabilities and proposing defense mechanisms, this research contributes to the development of more resilient AV perception systems, ultimately enhancing road safety in autonomous driving environments.
15:00 - 15:30
Speaker: Luca Nimsgern
Type of Talk: Bachelor Intro
Advisor: Lucjan Hanzlik
Title: Multi-party signatures on FIDO tokens
Research Area: RA1: Trustworthy Information Processing
Abstract: Consisting of the W3C Web Authentication (WebAuthn) and the FIDO Client to Authenticator Protocol (CTAP), FIDO2 introduces a standard for strong authentication in the web environment. In this thesis, we will implement a multi-party signature on FIDO keys. As the name suggests, in multi-party signatures the private key for signing a message is distributed by multiple parties. The idea is that each FIDO key holds his own share of the private key, so in the end a certain amount of FIDO keys (which we can specify before) is needed to produce a valid signature. After the implementation phase, we will evaluate this approach by its performance and security, in order to compare it with the common approach.
|
Written on 25.07.24 (last change on 26.09.24) by Xinyi Xu
Dear All,
The next seminar(s) will take place on 2024-07-31 at 14:00 (Session A) and 14:30 (Session B).
Session A: (14:00 - 14:30, 14:30 - 15:00, 15:00 - 15:30)
Stanimir Iglev, Florian B., Parthipan… Read more
Dear All,
The next seminar(s) will take place on 2024-07-31 at 14:00 (Session A) and 14:30 (Session B).
Session A: (14:00 - 14:30, 14:30 - 15:00, 15:00 - 15:30)
Stanimir Iglev, Florian B., Parthipan Ramesh
https://cispa-de.zoom.us/j/96786205841?pwd=M3FOQ3dSczRabDNLb3F1czVXVUpvdz09
Meeting-ID: 967 8620 5841
Password: BT!u5=
Session B: (14:30 - 15:00, 15:00 - 15:30)
Randolf Burgard, Anna Sophia Calmbach
https://cispa-de.zoom-x.de/j/66136901453?pwd=YVBSZU9peUpvUlk4bWp3MDR4cGlUUT09
Meeting-ID: 661 3690 1453
Password: sxHhzA004}
Session A
14:00 - 14:30
Speaker: Stanimir Iglev
Type of Talk: Master Intro
Advisor: Andreas Zeller, Alexi Turcotte
Title: AMADEUS: Automated Metamorphic and Differential Testing with User-defined Semantic Constraints
Research Area: RA5: Empirical and Behavioural Security
Abstract: Software testing is crucial for enhancing software quality, yet it poses challenges, particularly in establishing an automated procedure to verify system behavior. Differential and metamorphic testing have demonstrated a lot of potential in addressing this problem by providing partial oracles for programs. Despite their effectiveness in various domains, existing tools often lack reusability and broad applicability. To overcome these limitations, we propose AMADEUS, a general framework for automated metamorphic and differential testing. AMADEUS uses input specifications, user-defined semantic constraints, and metamorphic relations to generate test cases, execute the target system, and assess the results; thus, it fully automates the testing process. This talk presents our preliminary research, detailing the techniques used, a comprehensive literature review, and our evaluation plan. We believe AMADEUS can significantly advance software quality assurance as the first framework to support semantic differential and metamorphic testing with arbitrary input and output properties.
14:30 - 15:00
Speaker: Florian B.
Type of Talk: Master Intro
Advisor: Andreas Zeller
Research Area: RA5: Empirical and Behavioural Security
Abstract: Understanding the output grammar of software is helpful for various tasks such as debugging and testing but also for anomaly detection in log files. Relying on manual analyses is not only labor-intensive but also prone to inaccuracies due to the complexity and diversity of modern software. To overcome these challenges we present the first automated approach for mining output grammars using symbolic execution. Our approach uses KLEE, a well-established tool for symbolic execution, to examine possible execution paths of a given C code. While KLEE explores possible paths of execution we collect data from function calls and store operations to a defined target such as stdout or a global buffer. By using an SMT solver and the path constraints in KLEE, we can determine possible values for each store operation. We then translate the collected data into a context-free output grammar by treating function names as nonterminals and possible paths or stored values as expansion alternatives
15:00 - 15:30
Speaker: Parthipan Ramesh
Type of Talk: Bachelor Final
Advisor: Sven Bugiel
Title: Automated Identification of Protected Resources in Android System Services
Research Area: RA4: Secure Mobile and Autonomous Systems
Abstract: Android apps call system service APIs to access protected resources, e.g., the users’ location. System services check whether the caller holds the necessary permissions and enforce its security policy. In my thesis, I present an approach to identify system service API’s protected resources automatically. Such resources within a service, like the camera, location, and so forth, come from low-level resources, e.g., the driver interfaces, files, network resources, and inter-process communication (IPC) mechanisms. The goal is determining which concrete resources a service depends on to serve privileged callers.
Session B
14:30 - 15:00
Speaker: Randolf Burgard
Type of Talk: Bachelor Intro
Advisor: Dr Valentin Dallmeier
Title: Accessibility Testing of Native Android Apps using webmate
Research Area: RA6: Others
Abstract: 71% of the world population are using Android apps on a daily basis [1]. 16% of the population live with a disability that has an impact on their daily life [2]. They rely on app developers to design their apps in a way that they are accessible to persons with disabilities. While there is a lot of research on the topic of accessibility of web applications including comprehensive guidelines and catalogs of rules for assessing accessibility, e.g. presented by the WCAG 2.2 [3] by W3C, as well as tools that try to automatically test these guidelines, there is only little information about how these rules translate to native Android apps. This is especially true for techniques to extract the required data to test the accessibility of Android applications. Further, for persons with disabilities, the app must be accessible in every state, which is hard to automatically prove with current exploration techniques. End users with disabilities need to know if the app is accessible. Thus, they need to rely on third-party authorities that assess the accessibility of an app based on a catalog of criteria. However, a third party can not fully rely on the results of these testing tools, since they can not access the code base of the application and because there is no guarantee that the test covers every state of an Android app. In this thesis, I want to categorize the WCAG 2.2 catalog based on its relevance to native Android apps, decide which data is required to test these guidelines, and evaluate if it is possible to extract the required data from an Android app and if this guideline can be tested automatically or requires the decision of a human to confirm or deny the compliance of the app. In a second step, I want to provide an extension to the webmate [4] audit workbench that provides tools for a manual tester to either automatically evaluate accessibility guidelines or provide additional information that helps the tester evaluate the accessibility of the app based on the WCAG 2.2 catalog.
15:00 - 15:30
Speaker: Anna Sophia Calmbach
Type of Talk: Master Intro
Advisor: Katharina Krombholz, Carolyn Guthoff, Matthias Fassl
Title: Evaluating Instagram’s New Tools to Help Protect Against Sextortion and Image-Based Sexual Abuse
Research Area: RA6: Others
Abstract: Social media has become a significant part of many adolescents' lives, including seeking intimacy or experiencing their sexuality online. This holds advantages, such as allowing LGBTQ+ youth to live their sexuality more openly. However, how to adequately protect youth from harmful experiences, like image-based sexual abuse, is still a heavily researched topic. With this thesis, we are going to evaluate newly presented safety tools introduced by Meta to safeguard youth in Instagram Direct Messages (DM). These tools include nudity filters or guiding pop-ups in chat when receiving an explicit image. We plan to conduct a qualitative user study utilising scenarios presented from a friend's perspective to showcase the aforementioned safety tools. These scenarios depict potentially risky situations and are contained within a clickable prototype based on Instagram DMs. With our user study, we want to elicit feedback on the presented designs and gather design implications for future online safety mechanisms. Additionally, we aim to find identifiers through which youth decode sexual risks online. We are going to use thematic analysis to analyse our results.
|
Written on 11.07.24 (last change on 12.07.24) by Niklas Medinger
Dear All,
The next seminar(s) take place on 17.07.2024 at 14:00 (Session A) and 14:00 (Session B).
Session A: (14:00 - 15:30)
Lucas Layfield, Mihirraj Dixit, Ayushi Churiwala
https://cispa-de.zoom.us/j/96786205841?pwd=M3FOQ3dSczRabDNLb3F1czVXVUpvdz09
Meeting-ID: 967 8620 5841 … Read more
Dear All,
The next seminar(s) take place on 17.07.2024 at 14:00 (Session A) and 14:00 (Session B).
Session A: (14:00 - 15:30)
Lucas Layfield, Mihirraj Dixit, Ayushi Churiwala
https://cispa-de.zoom.us/j/96786205841?pwd=M3FOQ3dSczRabDNLb3F1czVXVUpvdz09
Meeting-ID: 967 8620 5841
Kenncode: BT!u5=
Session B: (14:00 - 15:30)
Tim Göttlicher, Felix Fierlings, Philipp Settegast
https://cispa-de.zoom-x.de/j/66136901453?pwd=YVBSZU9peUpvUlk4bWp3MDR4cGlUUT09
Session A:
14:00 - 14:30
Speaker: Lucas Layfield
Type of talk: Bachelor Final
Advisor: Prof. Dr. Michael Backes, Xaver Fabian
Title: Sharpening the Blade: Extending the Blade tool with functionality for Spectre-BTB
Research Area: RA1
Abstract:
The WebAssembly (Wasm) standard describes a low-level language that is executed inside a sandboxed execution environment.
Originally introduced to complement JavaScript in web browsers, it has now found numerous applications in different areas,
one of them being for edge cloud applications. Whenever multiple programs from untrusted sources share the same computational
hardware, it introduces the possibility of Spectre-type attacks. These leverage micro-architectural prediction mechanisms
to redirect control flow during speculative execution to leak secret data.
The Blade tool of Vassena et al. aims to eliminate information leakage through Spectre-PHT attacks in constant-time Wasm code.
It is based on a formal model of a Wasm-like language that is capable of modelling the speculative execution of conditional branches.
A type system tracks the information flow of transient values to expressions that might leak them.
To protect programs against Spectre attacks, Blade cuts those information flows by inserting protection mechanisms.
In this thesis, we extend the Blade tool to also protect against Spectre-BTB attacks on indirect function calls.
We add indirect function calls to the language of the formal model and extend the semantics to model their speculative execution.
New rules for the type system track the information flows introduced by the speculative execution of indirect calls.
Finally, we implement those changes in the Blade tool and evaluate it on a set of vulnerable example programs.
14:30 - 15:00
Speaker: Mihirraj Dixit
Type of talk: Master Final.
Advisor: Mridula Singh, Wouter Lueks
Research Area: RA4
No further information given.
15:00 - 15:30
Speaker: Ayushi Churiwala
Type of talk: Master Final.
Advisor: Prof. Andreas Zeller, Prof. Mario Fritz
Title: LLM-based Active Code Repair
Research Area: RA3: Threat Detection and Defenses
Abstract: Code generation through generative AI is an emerging and novel field that involves predicting code or program structures using incomplete data sources, natural language descriptions, alternate programming languages, or execution logs, offering the potential to rastically decrease the developer’s workload and invested time. Developers have long resorted to using code from various online platforms and modifying it for their purposes. However, with generative AI advancements especially in Large Language Models (LLMs) like ChatGPT, they can now instruct the machine(in natural language) to generate code making external code search redundant.
OpenAI’s language model, ChatGPT, has recently gained prominence for its ability to produce human-like responses across various natural language/ textual inputs, including those related to code generation. Nevertheless, the true effectiveness of ChatGPT in code generation remains uncertain, as it can produce logically questionable results and its performance could be significantly impacted by the selection of chosen prompts. This raises important questions about seamlessly integrating the code generated by ChatGPT into the development process, given its potential to expedite coding workflows and automate code generation. Especially, there is currently a lack of an automated testing and improvement framework specifically tailored for code generation systems. To address these issues, this research proposes to analyze the code generated by ChatGPT by exploring various prompt types and identifying and repairing inconsistent outputs. Our goal is to actively investigate the model’s ability to self-repair. We examine how adding additional I/ O pairs to the prompt, along with appropriate feedback, affects code generation and automatic self-repair capabilities of ChatGPT, all within an automated conversational approach.
Session B:
14:00 - 14:30
Speaker: Tim Göttlicher
Type: Master Intro
Advisor: Sebastian Brandt
Title: Locality in Graph Algorithms with Local and Global Memory
Research Area: RA1
Abstract:
The theory of distributed graph algorithms studies how large networks can agree on a global solution with communication limited to a local radius. In this work we want to compare the locality in a model with globally shared memory (Online-LOCAL) to a model with only local communication (S-LOCAL). In particular we will look at Sinkless Orientation, a simple but fundamental problem that other distributed problems can be reduced to. We show proof techniques to find bounds on the locality of this problem under the different models of communication.
14:30 - 15:00
Speaker: Felix Fierlings
Type of Talk: Bachelor Intro
Advisor: Valentin Dallmeier
Title: Using end-to-end tests to generate network-based load tests
Abstract:
Load testing is an important aspect of ensuring functionality
for web servers. Usually, there is a trade-off between generating
sufficient random load on the network layer or running realistic
but resource heavy end-to-end tests in parallel. We aim to
find a middle ground by using the request flows of predefined
end-to-end tests via Playwright to generate realistic
but resource efficient request flows. We will present and
compare different strategies for generating such request flows
and will evaluate whether they can achieve the desired effect
of generating sufficient load while having similar behavior
as the original end-to-end test.
15:00 - 15:30
Speaker: Philipp Settegast
Type of talk: Bachelor Intro
Advisor: Dr.-Ing. Ben Stock, Trung Tin Nguyen
Title: Did I really agree to it? - A large-scale study about sensitive information leakage in WebViews
Research Area: RA5
ABSTRACT:
On the mobile platform, various options exist to present internet content for the user. Traditionally, browsers are well-suited for this need. Namely, Google Chrome and Mozilla Firefox are fully-developed mobile browsers that follow the latest developed security and privacy standards.
However, the mobile environment is not limited to browser apps. Software components like WebView, Custom Tabs or Trusted Web Activity provide another option for integrating web content into the native app environment. This approach increases in popularity as these components offer developers a great level of flexibility. This trend has many reasons, which often depend on the particular situation. To name just one example: There is no longer a need to develop an application from scratch for each operating system. Instead, developers have to create the web content once and embed it on the respective system using one of the methods above. Consequently, this would simplify updating the functionality and keep the user within the app environment even longer. Still, this flexibility comes at a cost. In the case of the WebView class, developers have to configure and implement the WebView properly. Otherwise, they risk violating the privacy of the users. This violation stems from an incorrect implementation of the permission handling process, whereby scripts of any website can access sensitive information without the user's consent.
In our thesis, we investigate permission-handling classes related to the android.webkit.WebView class and evaluate whether their implementation influences the users' privacy. For this purpose, we have created a pipeline that first identifies all apps with an actively used WebView. Based on the results, we will then automatically check these WebView apps for potentially dangerous configurations and implementations. Based on the analysis of 1 million apps and supported by the results gained from the analysis, we will provide insights into the impact of the vulnerability described in our work.
|
Written on 27.06.24 (last change on 28.06.24) by Niklas Medinger
Dear All,
The next seminar(s) take place on 03.07.2024 at 14:00 (Session A) and 14:00 (Session B).
Session A: (14:00-15:30)
Dañiel Gerhardt, Syeda Mahnur Asif, Christina Subedi
https://cispa-de.zoom.us/j/96786205841?pwd=M3FOQ3dSczRabDNLb3F1czVXVUpvdz09
Meeting-ID: 967 8620 5841 … Read more
Dear All,
The next seminar(s) take place on 03.07.2024 at 14:00 (Session A) and 14:00 (Session B).
Session A: (14:00-15:30)
Dañiel Gerhardt, Syeda Mahnur Asif, Christina Subedi
https://cispa-de.zoom.us/j/96786205841?pwd=M3FOQ3dSczRabDNLb3F1czVXVUpvdz09
Meeting-ID: 967 8620 5841
Kenncode: BT!u5=
Session B: (14:00-14:30, 15:00-15:30)
Yavor Ivanov, Moritz Mander
https://cispa-de.zoom-x.de/j/66136901453?pwd=YVBSZU9peUpvUlk4bWp3MDR4cGlUUT09
Session A:
14:00 - 14:30
Speaker: Dañiel Gerhardt
Type of talk: Master Intro
Advisor: Dr. Katharina Krombholz
Title: Evaluating Anti-Stalking Features of Apple AirTags
Research Area: RA6: Empirical and Behavioural Security
Abstract: Since their release, AirTags have been misused for stalking and other malicious purposes. Their small size, affordability, availability, and precise tracking functionality facilitate the invasion of peoples' privacy.
To combat misuse, Apple implemented multiple anti-stalking features that inform potential victims and help them find and disable the location tracker.
The primary anti-stalking features are unwanted tracking alerts and features helping locate a hidden AirTag.
It is crucial to inform potential stalking victims quickly and in an easy-to-understand manner.
Only then can they avoid further harm from a stalker who gains knowledge about their whereabouts and movement patterns.
Previous work has analyzed the AirTag's hardware and the Find My network for a solid technical understanding of the technology. However, verifying that currently available anti-stalking features effectively curb misuse is also necessary. Especially since the proposed best practices and protocols imply that Google and Apple will use these anti-stalking features for their respective Find My networks going forward.
In this Master's thesis, I will evaluate the reliability of unwanted tracking alerts across platforms and investigate users' understanding of the available locating features for hidden AirTags using a mixed-methods approach.
14:30 - 15:00
Speaker: Syeda Mahnur Asif
Type of talk: Master Intro
Advisor: Prof. Dr. Thorsten Holz
Title: eBPF Helper Function Fuzzing
Research Area: RA2: Reliable Security Guarantees
Abstract: eBPF is used in the Linux kernel to dynamically update and extend the capabilities of the kernel at runtime without requiring to change kernel source code or load kernel modules. eBPF programs allow user-defined code to interact with the runtime context.
eBPF helper functions are white-listed functions in the kernel that can be called to retrive / or modify runtime context information.
We will systematically call and test the helper functions in an automated way via Fuzzing. We will build a prototype Fuzzer that generates valid eBPF programs containing helper function calls, that enables us to call the helper functions with different arguments and in a variety of contexts, and test whether some combination of helper function calls can lead the kernel to crash.
15:00 - 15:30
Speaker: Christina Subedi
Android is currently the most popular mobile operating system, with more than 70% of the market share. Despite this dominance, past research has highlighted that many Android applications suffer from significant security issues. Developers often fall into bad practices, such as using unencrypted text for transmitting data, copying potentially insecure code snippets from Stack Overflow, and bypassing critical security checks like certificate validation. While Google encourages developers to follow secure coding practices, it does not enforce these practices strictly. Moreover, Google's support for essential security measures, such as certificate transparency and checking for revoked certificates, is often inadequate.
In this thesis, we look into the security practices of Android developers by performing both static and dynamic analysis of URLs used in applications. Our goal is to understand whether these security lapses are a result of developer negligence or if developers are forced to compromise on security due to limitations in the libraries they use or the servers they connect to. Through this comprehensive analysis, we hope to shed light on the challenges developers face and suggest improvements to help create a more secure Android ecosystem.
Session B:
14:00 - 14:30
Speaker: Yavor Ivanov
Type of talk: Master Intro
Advisor: Dr. Robert Künnemann, Kevin Morio
Title: A Provably Correct Translation of Multiset Rewrite Rules into ProVerif
Research Area: RA2
Abstract:
Insecure protocol design can have severe and costly consequences. Therefore, we employ
protocol verification tools to identify potential insecurities. These verifiers allow us to
model a security protocol and automatically check if it fulfills the specified security
guarantees. Various automatic tools, such as Tamarin and ProVerif, have proven their
value in this regard. These tools operate in distinct formal frameworks. Therefore, each
tool offers different strengths and weaknesses. In Tamarin, we model protocols through
multiset rewrite (MSR) rules. The tool’s verification method, although complex, is sound
and complete. It also offers the users ways to guide the proof. Meanwhile, in ProVerif, we
model protocols in a variant of the applied π calculus. In contrast to Tamarin, ProVerif
tends to be faster but gives no completeness guarantees. Biehl’s proposed translation
from Tamarin’s MSR framework to ProVerif’s process calculus allows us to reap the
benefits of both tools by carrying over results while creating only one protocol model.
This work builds upon the existing translation. First, we will prove its correctness. In
this way, we will place confidence in the transfer of proven security properties, affirming
that security properties verified in the output ProVerif model also hold for the original
Tamarin model. Additionally, we aim to improve the translation in several aspects. We
propose optimizations that produce compacter output models, reduce the translation’s
overapproximation, and enhance the termination rate and precision of ProVerif on the
resulting models. We expect these optimizations to also bring a decrease in the verification
runtime. Furthermore, we intend to improve the success rate of the translation by
identifying and addressing some of the reasons behind unsuccessful translations. We
intend to conduct extensive evaluations in various settings to assess the translation’s
effectiveness and practicality. In addition, we want to analyze how our optimizations
impact the verification of the translated models.
15:00 - 15:30
Speaker: Moritz Mander
Type of Talk: Bachelor Intro
Advisor: Dr. Katharina Krombholz
Title: Do people still pick up USB devices they find? - A study
Research Area: RA5: Empirical and Behavioral Security
Abstract:
It is widely acknowledged that humans often represent the weakest link in an attack chain. There is a widely held belief that individuals will readily pick up any USB device they come across, despite repeated warnings. Despite this persistent anecdote, the phenomenon has not been extensively studied. The existing research dates back eight years and was limited to university campuses, prompting the question of whether USB drives still pose a viable attack surface for malicious actors.
This thesis aims to address this question by strategically placing USB devices in parking lots and office buildings to observe the frequency and circumstances of their retrieval. Upon opening a file on the drive, users will be prompted to complete a brief questionnaire and invited to participate in an interview. The objective is to analyze the demographics, characteristics, behaviors, and attitudes of individuals who pick up unfamiliar USB devices.
|
Written on 18.06.24 (last change on 18.06.24) by Niklas Medinger
Dear All,
The next seminar(s) take place on 19.06.2024 at 14:00 (Session A) and 14:00 (Session B).
Session A: (14:00-14:30, 15:00-15:30)
Björn Karthein, Heyang Li
https://cispa-de.zoom.us/j/96786205841?pwd=M3FOQ3dSczRabDNLb3F1czVXVUpvdz09
Meeting-ID: 967 8620 5841
Kenncode:… Read more
Dear All,
The next seminar(s) take place on 19.06.2024 at 14:00 (Session A) and 14:00 (Session B).
Session A: (14:00-14:30, 15:00-15:30)
Björn Karthein, Heyang Li
https://cispa-de.zoom.us/j/96786205841?pwd=M3FOQ3dSczRabDNLb3F1czVXVUpvdz09
Meeting-ID: 967 8620 5841
Kenncode: BT!u5=
Session B: (14:00-15:30)
Ben Rosenzweig, Justus Sparenberg, Milan Conrad
https://cispa-de.zoom-x.de/j/66136901453?pwd=YVBSZU9peUpvUlk4bWp3MDR4cGlUUT09
Session A:
14:00 - 14:30
Speaker: Björn Karthein
Type of talk: Master Final
Advisors: Prof. Dr. Andreas Zeller, Dr. Cristian Staicu
Title: Exploring the Suitability of Input Invariants for Automated Testing of Web Forms
Research Area: RA5
Abstract:
Web-based applications are omnipresent in today’s world. Web applications often rely
on user input to interact with, or get information from the end-user. Most modern
websites employ client-side validation to verify user inputs directly inside the browser to
improve responsiveness and accessibility of the website. Due to their popularity, web
applications are also employed in fields that require them to be secure and accessible to
the biggest possible group of users, such as banking or healthcare. Testing these sorts
of applications thoroughly is important to guarantee that the expected standards are
met. In this thesis we present a novel approach to automatically extract constraints
on web form values from the client-side source code. The extracted constraints are
merged together into a specification that defines an input invariant over the expected web
form input values, by encoding their syntactic and semantic properties. The obtained
specification uses well known language standards which makes it easy to understand
and reason about. Furthermore, the specification is freely editable, which allows to
manually encode additional input properties. A further contribution of this thesis is
a solution to automatically test the web form with values that are generated on the
basis of the specification. The approach allows for the generation of valid values that
conform with the extracted specification, as well as invalid values that purposely violate
it. We evaluate the reliability and correctness of our approach on web forms of real-world
applications. We succeed in extracting a specification for all tested web forms and
manage to successfully identify and extract JavaScript validation constraints for two of
the applications. In a subsequent experiment we generate multiple valid and invalid test
cases for the subject applications on the basis of the previously extracted specification.
For every set of generated test inputs, we attempt to submit the form and check whether
the values pass client-side validation or not. Across all subjects we report an overall
Accuracy of 83%, with a Precision of 69% and Recall of 96% for valid value generation
and a Precision of 97% and Recall of 76% for invalid value generation.
15:00 - 15:30
Speaker: Heyang Li
Type of Talk: Master Final
Advisors: Prof. Dr. Andreas Zeller, Fengmin (Paul) Zhu
Title: Monitoring Data Flow with Context-Free Grammars
Research Area: RA3
No further information provided.
Monitoring is a light weight and efficient formal method to provide correctness guarantees by observing an
execution of the software system. Observing the behaviours of software systems is challenging. Users have to
intrude the monitored system, or analyze a big amount of logs or interaction messages. However, existing non-intrusive monitoring methods has strict restrictions on formats
of logs and message, so online monitoring is pretty inflexible for arbitrary software systems.
In this thesis, we present a grammar-based monitoring method. In contrast to prior online monitoring methods
for specific system with restrictive logs formats requirement, our method is able to monitor any kinds of logs and messages,
as long as the formats of logs and messages can be encoded by Context-Free Grammars. We propose a declarative
specification language. The language can declare operations on a single log, and data dependencies and temporal relations between logs and messages.
We also propose a monitoring algorithm to evaluate a series of logs or messages against specifications.
Our method is able to evaluate complex dependencies between logs and messages without looking up predecessors and successors.
We discuss the expressiveness and evaluate our implementation using three cases studies from different areas,
demonstrating that our specification language is able to express real-world properties, and our monitoring algorithm
is able to detect validations and violations against the specification efficiently.
Session B:
14:00 - 14:30
Speaker: Ben Rosenzweig
Type of talk: Bachelor Final
Advisor: Dr.-Ing. Aurore Fass
Title: Machine Learning-Based Approach for Detecting Malicious Browser Extensions
Research Area: RA5: Empirical and Behavioural Security
Abstract:
Millions of people use browser extensions to enhance the functionality of their web browsers. Some browser extensions require elevated privileges, which web pages typically do not have. Attackers can abuse these privileges, for example, to steal user data, inject unwanted additional advertisements into websites, or manipulate search results. To protect users from these threats, we create a system based on static analysis and machine learning to detect malicious browser extensions. Surprisingly, we show that relying merely on metadata (e.g., the number of JavaScript files included in an extension or the number of active users) is sufficient to identify malicious extensions.
We train and test our system on 70,738 Chrome extensions, achieving an accuracy of up to 98.37%, a false-positive rate of 1.29%, and a false-negative rate of 4.61%. Additionally, we evaluate our system on an extra set of 35,462 (unlabeled) extensions that are not utilized for testing and training purposes and identify 1,345 potentially malicious extensions. Given the high accuracy and low overhead of our approach, we envision that it could be added to the vetting process of the Chrome Web Store.
14:30 - 15:00
Speaker: Justus Sparenberg
Type of talk: Bachelor Final
Advisor: Sven Bugiel
Title: Detecting, Categorizing & Evaluating App Permission Rationales
Research Area: RA5: Empirical and Behavioural Security
Abstract: Access to user data and necessary smartphone functionalities granted by user permissions are vital in ensuring the functionality of services provided by apps. Access to the camera, the microphone, the contacts, or any other private data may be relevant. No matter if it is Google or an independent developer, local laws and, thereby, the restrictions set by the app stores make it mandatory for developers to consider user consent when the app requires access to private data. Whether developers ask when the app is used for the first time or use runtime permissions to ask only when the data is needed for the next task, they want to ensure that the user consents to the required permission requests. It is beneficial for developers to provide the user with a rationale to justify the app's need for private data. Rationales have shown to be a vital tool for developers that influences the willingness of users to give permissions. Therefore, they should be studied further so that they can help developers improve how they convey their legitimate need for a user's private data.
This thesis aims to build a pipeline to extract and categorize developer Rationales directly from Android APKs, with the goal of analyzing not only individual apps but also collecting data for large-scale studying of user permission Rationales. This is achieved with the help of Machine Learning Transformers to identify and categorize the Rationales from the String data extracted from the APKs. In the process, this thesis also looks at the limitations and problems that can occur with this method and explores ways to deal with some of these, like a lack of labeled data. There is still potential for improvement, but the data collection method used in this thesis showcases promising results.
15:00 - 15:30
Speaker: Milan Conrad
Type of talk: Master Final
Advisor: Tural Mammadov
Supervisor: Andreas Zeller
Title: Learning UI Models from Web Apps
Research Area: RA3: Thread Detection & Defense
Abstract:
In the dynamic interplay between web developers and users, misalignments in intent
and expectations can significantly impact the user experience. Addressing this challenge,
our research introduces a predictive model utilizing transformer-based architectures
to accurately anticipate changes in the Document Object Model (DOM) as a direct
consequence of user actions, such as clicks and hovers.
This approach aims to bridge the gap between developer intentions and user interactions by enabling
web applications to adapt dynamically in real-time, without requiring direct user input.
In order to identify difficulties in training a model with the objective of accurately
predicting DOM transformations, we trained and evaluated three different transformer-
based models on various datasets of different sizes and complexities.
Afterwards, we conducted a detailed analysis of the models’ performance aswell as a failure analysis,
allowing us to identify the challenges and limitations of the current state-of-the-art
models in predicting DOM transformations.
A critical revelation of our exploration is the enhanced efficiency and predictive accuracy
achieved through fine-tuning large language models (LLMs), such as Mistral7B and
Llama3-8B. This method significantly outperforms the traditional approach of training
transformer models based on the GPT-2 architecture from scratch on equal datasets as
used for the fine-tunings, demonstrating the advantages of applying pre-trained models
to the specific domain of predicting user-induced DOM transformations.
While training GPT-2 from scratch failed predicting diffs induced by user interaction completely, reaching exact matches in 0% of the test cases, fine-tuning Mistral7B and Llama3-8B achieved a significant increase in the exact matches, reaching exact match proportions of up to 68%.
Our research examines how various factors—such as the detail level in DOM represen-
tation, the complexity of the changes to be predicted, an advanced prompting strategy
and the influence of the content’s language—affect model performance. These investiga-
tions demonstrate the complex nature of web page dynamics, revealing the underlying
challenges involved in accurately predicting the effects of user actions on the DOM.
|
Written on 31.05.24 by Niklas Medinger
Dear All,
The next seminar(s) take place on 05.06.2024 at 14:00 (Session A) and 14:00 (Session B).
Session A: (14:00-15:30)
Rizgar Ahmed, Robin Wiesen, Dana Siberski
https://cispa-de.zoom.us/j/96786205841?pwd=M3FOQ3dSczRabDNLb3F1czVXVUpvdz09
Meeting-ID: 967 8620 5841
Kenncode:… Read more
Dear All,
The next seminar(s) take place on 05.06.2024 at 14:00 (Session A) and 14:00 (Session B).
Session A: (14:00-15:30)
Rizgar Ahmed, Robin Wiesen, Dana Siberski
https://cispa-de.zoom.us/j/96786205841?pwd=M3FOQ3dSczRabDNLb3F1czVXVUpvdz09
Meeting-ID: 967 8620 5841
Kenncode: BT!u5=
Session B: (14:00-15:30)
Thomas Helbrecht, Philipp Baus, Ujjval Desai
https://cispa-de.zoom-x.de/j/66136901453?pwd=YVBSZU9peUpvUlk4bWp3MDR4cGlUUT09
Session A:
14:00 - 14:30
Speaker: Rizgar Ahmed
Type of talk: Bachelor Intro
Advisor: Robert Künnemann, Kevin Morio
Title: Automatically Extracting Protocol Message Formats Using the Grammar-Based Fuzzer ISLa
Research Area:
RA2: Reliable Security Guarantees
Abstract:
The secure implementation of cryptographic protocols is essential for maintaining the confidentiality and integrity of communications in today's interconnected world. Despite advances in formal verification tools such as Tamarin, a significant gap remains between verified protocol designs and their real-world implementations. One critical challenge is that the structure and formats of transmitted messages are often not explicitly defined or are obfuscated within the implementation, making the verification process even harder.
In this thesis, we aim to develop an approach that closes this gap by automatically extracting message formats. Our approach is based on the ISLa constraint solver, a tool that allows us to define detailed constraints on inputs that are difficult or even impossible to express with grammar alone. We start by writing a grammar for the format strings, then use the ISLa fuzzer to generate these format strings, using the ISLa constraint language and iterative refining these constraints until we identify the correct formats.
14:30 - 15:00
Speaker: Robin Wiesen
Type of talk: Bachelor Intro
Advisor: Dr. Sven Bugiel
Title: Selective Permissions for Android's SDK Runtime
Research Area: RA4: Secure Mobile and Autonomous Systems
Abstract: In the original Android sandboxing model, third-party libraries are executed within the sandbox of the host app and inherit all its privileges (permissions, file system access, etc.). This lack of privilege separation exposes users to a higher risk in the presence of vulnerable or privacy-invasive libraries.
With the introduction of the SDK Runtime in Android 13, it is officially supported for the first time to run compatible SDKs in a dedicated environment with separate permissions. However, the current design is primarily tailored to the requirements of advertising libraries and therefore only offers a fixed set of permissions.
The goal of this thesis is to demonstrate that the SDK Runtime could serve as a flexible solution to compartmentalize app components by lifting the restriction of fixed permissions. To this end, we develop a library that can be integrated at the application layer and allows runtime-enabled SDKs (RE-SDKs) to trigger a permission request in the host app. Since RE-SDKs cannot request additional permissions on their own, the host app acts as a proxy and relays requests between the SDK and the Android framework.
Extending the scope of the SDK Runtime beyond ad libraries would allow developers to realize the principle of least privilege, contributing to the security and privacy of users.
15:00 - 15:30
Speaker: Dana Siberski
Type of talk: Bachelor Intro
Advisor: Dr. Dominic Steinhöfel
Title: Structure-Aware String Insertion for ISLa
Research Area: RA5
Abstract:
Automatic input generation (fuzzing) is a well-known method for software testing. It works by generating various random inputs on which to test a target program. To ensure that the deeper logic of a program is reached, some fuzzing tools use grammars and specification languages to restrict the generated inputs. Different ways to describe program inputs for fuzzing have been developed, including the input specification language ISLa. One advantage of fuzz testing is the ability to test a program on a huge number of diverse inputs. This requires the efficient generation of semantically varied inputs. We propose structure-aware string insertion to improve the efficiency of the generator based on ISLa.
ISLa extends context-free grammars with quantors and structural predicates. During the generation process, one challenge is solving properties described by existential quantors (e.g.: ”a table header must exist”). In the ISLa generator, inputs are first generated without fulfilling all properties. We solve existential properties by generating an input snippet based on the generated input and the property. We insert this snippet into the original input to create a valid input. To preserve grammatical correctness, we use derivation trees during the insertion process.
Structural predicates further restrict valid insertions (e.g. ”a table header must exist before the table”). We consider these predicates during the insertion process to avoid invalid insertions and improve the generator’s efficiency. Structure-aware string insertion limits resulting derivation trees and inputs in size while producing various semantically different, valid results.
Session B:
14:00 - 14:30
Speaker: Thomas Helbrecht
Type of talk: Master Intro
Advisor: Dr.-Ing. Ben Stock
Title: Warning: Overload. Comparing console messages across time and browsers.
Research Area: 5
Abstract:
Console messages are a commonly used mechanism by developers for debugging websites from within the browser. Similarly, browser vendors use them to express issues they might observe when rendering a website, for instance, failing requests or invalid javascript. While developers can utilize the standardized Console API in JavaScript, browser developers emit console messages from within the browser implementation, raising questions about vendor differences when producing console output.
Despite its high usefulness, prior work insufficiently covered this mechanism, often considering it only as a subordinate part of a specific domain, for instance, when implementing browser APIs or for deprecation signaling. Additionally, larger-scale empirical measurements comparing browser vendors' console output remain unperformed, and questions about differences in console messaging across browser versions are left unanswered.
In this thesis, we will investigate console messaging on public websites from the perspective of different browser engines. In order to accomplish this, we will develop an automated crawling pipeline capable of harvesting console output at scale. Afterwards, we will compare the console messaging behavior across browser versions in a controlled test environment (a test web application causing console messages), which will also be a product of our work. By applying this approach, we aim to gather insights about differences in the produced console messages across time.
14:30 - 15:00
Speaker: Philipp Baus
Type of talk: Master Intro
Advisor: Ben Stock, Jannis Rautenstrauch
Title: Escaping the Cookie Prison: An in-depth analysis of Storage Access API Usage on the Web
Research Area: RA5
Abstract:
The increasing importance of online privacy has led to the adoption of storage partitioning techniques designed to mitigate cross-site tracking by isolating browser storage. While these measures are crucial for enhancing user privacy, they introduce significant compatibility challenges for websites that rely on third-party cookies for essential functionalities, such as authentication, analytics, and third-party services. To address these challenges, the Storage Access API was introduced, allowing websites to request unpartitioned cookie access. However, granting access to the wrong websites poses significant security risks, as it could re-enable cross-site tracking and undermine user privacy protections. Through a comprehensive analysis of various websites from different popularity ranges, this work aims to uncover the intentions behind the Storage Access API usage on the web, as well as how the API could be improved to prevent malicious use cases in the future. Our work can help to contribute to a privacy-preserving web by uncovering the diverse intentions behind the use of the Storage Access API and proposing enhancements to the API that safeguard user privacy.
15:00 - 15:30
Speaker: Ujjval Desai
Type of talk: Master Final
Advisor: Prof. Dr. Lucjan Hanzlik
Title: Practical and Distributed Attestation Infrastructure for Fast IDentity Online (FIDO) with Attributes
Research Area: RA1: Trustworthy Information Processing
Abstract:
In the current digital landscape, the importance of web authentication is underscored, and the Fast IDentity Online (FIDO2) protocol plays a crucial role. FIDO2 enables seamless user authentication across various online services on both mobile and desktop platforms. It adopts a passwordless authentication approach grounded in cryptography and biometric verification, utilizing common devices for secure access. Despite its advantages, FIDO2 cannot aggregate user attributes during authentication, a gap addressed by Fast IDentity Online with Anonymous Credentials (FIDO-AC). However, this method also has its downsides, because of the requirement to have a mediator present locally as depending entirely on trusted third-party execution was seen as unreliable, and external mediators lacked enough motivation as incentives.
To overcome these challenges, we propose relocating the mediator service to a remote server and accessing it whenever attestation is required. However, even with this improvement, the single mediator remains a potential single point of failure. To mitigate this risk, we intend to introduce multiple mediators that will work collaboratively to provide the necessary attestation. Additionally, to motivate trusted third parties, we plan to provide appropriate incentives to the mediators for their remuneration. Furthermore, to safeguard sensitive operations against unauthorized access or manipulation, we establish a Trusted Execution Environment (TEE) for the mediator service utilizing a secure SGX Enclave.
|
Written on 16.05.24 by Niklas Medinger
Dear All,
The next seminar(s) take place on 22.05.2024 at 14:00 (Session A) and 14:30 (Session B).
Session A: (14:00-15:30)
Ujjval Desai, Marco Schichtel, Prathvish Mithare
https://cispa-de.zoom.us/j/96786205841?pwd=M3FOQ3dSczRabDNLb3F1czVXVUpvdz09
Meeting-ID: 967 8620 5841 … Read more
Dear All,
The next seminar(s) take place on 22.05.2024 at 14:00 (Session A) and 14:30 (Session B).
Session A: (14:00-15:30)
Ujjval Desai, Marco Schichtel, Prathvish Mithare
https://cispa-de.zoom.us/j/96786205841?pwd=M3FOQ3dSczRabDNLb3F1czVXVUpvdz09
Meeting-ID: 967 8620 5841
Kenncode: BT!u5=
Session B: (14:30-15:30)
Tobias Risch, Vasili Nikolaev
https://cispa-de.zoom-x.de/j/66136901453?pwd=YVBSZU9peUpvUlk4bWp3MDR4cGlUUT09
Session A:
14:00 - 14:30
Speaker: Ujjval Desai
No information provided.
14:30 - 15:00
Speaker: Marco Schichtel
Type of talk: Master Intro
Advisor: Dr. Nils Ole Tippenhauer
Title: Fingerprinting Peripherals in Blackbox Firmware
Research Area: RA4: Secure Mobile and Autonomous Systems
Abstract:
With an increasing amount of smart embedded devices in use, it becomes more and more relevant to analyze their functionality for potential
security flaws. However the firmware for these kind of devices is generally either proprietary or not well documented, making it difficult
to analyze security relevant functions.
Our highlevel goal is to enable analysis of such proprietary firmware for example through rehosting. Yet one big roadblock for this is
the handling of peripherals which need to be simulated in order to ensure smooth execution of the firmware. It is not trivial to
determine which types of peripherals are used by firmware without supplementary documentation or sources.
In this thesis, we develop a framework to analyze peripherals in blackbox firmware. Our strategy consists of clustering peripheral accesses
for each peripheral configuration and then using symbolic execution to determine potential semantic connections between different
peripheral configuration fields. This should yield a better understanding of how the peripheral works and could for example lead to more
efficient peripheral models.
15:00 - 15:30
Speaker: Prathvish Mithare
Type of talk: Master Intro
Advisor: Dr. Lea Schönherr
Title: Fooling Review Summarizers Using Adversarial Attacks
Research Area: RA1
Abstract: With the rise of more powerful large language models (LLMs), such as GPT-3.5 and GPT-4, these models can perform a wide range of tasks, including sentiment analysis and text summarization. Often trained on vast amounts of data, these models showcase an impressive ability to understand and generate human-like text. However, as their applications become more widespread, so does the recognition of their vulnerability to manipulation and adversarial attacks.
Previous studies have delved into adversarial attacks on LLMs across different contexts such as sentiment analysis, with relatively limited exploration into adversarial attacks for text generation. The primary objective is to investigate the potential impact of adversarial attacks on existing Large Language Models (LLMs) specifically within the domain of text summarization.
In a scenario where these models are utilized to automatically generate summaries for product reviews, intended to aid potential buyers in their decision-making process, a seller with malicious intent strategically inserts adversarial reviews into the pool of authentic reviews. These malicious reviews are crafted to deceive the LLM, leading it to unintentionally highlight the misleading content while generating the summary. Consequently, the biased summary may present a skewed perspective that supports the harmful intentions of the seller, potentially misleading the prospective buyer who relies on these summaries to make informed decisions, thus making them the victim in this situation.
In this study, we aim to execute this attack by focusing on identifying a suffix that, when added to a diverse set of reviews presented to a language model, prompts the model to generate a biased summary. Our primary objective is to maximize the likelihood of the model producing a biased response rather than an unbiased summary. This approach allows product sellers to insert adversarial reviews, thereby influencing the output of review summarization models. Consequently, it has the potential to manipulate the summarization process to favor the seller's desired outcome, such as promoting specific sentiments or biases.
Session B:
14:30 - 15:00
Speaker: Tobias Risch
Type of talk: Master Intro
Advisor: Prof. Dr. Andreas Zeller
Title: Fuzzing X509 Certificates - A Tale of Chains and Circles
Research Area: RA1 Trustworthy Information Processing
Abstract:
With the usage of x509 certificates for identification growing more and more popular, there also was an
increasing necessity for validating these certificates. This necessity led to the creation of multiple
implementations for certificate checking. To ensure that these implementations work correctly, they need testing.
As x509 certificates are highly complex structures, their generation for testing is quite a costly task.
Over the past two years, there were multiple bachelor theses about possibilities to automate the generation of certificates.
However, they mostly covered the generation of single certificates, directly signed by a root authority.
In this work, I will extend an existing approach for certificate generation by the features that are required for
generating certificate chains. Furthermore, I will use the certificate chains, generated with this extended technique,
to perform differential testing on different clients (command-line, as well as web browser).
15:00 - 15:30
Speaker: Vasili Nikolaev
No information provided.
|
Written on 06.05.24 by Mang Zhao
Dear All,
The next seminar(s) take place on 08.05.2024 at 14:00 (Session A). Please note that there will be only ONE session.
Session A: (14:00-15:00)
Mario Beluri, Somrita Ghosh
https://cispa-de.zoom.us/j/96786205841?pwd=M3FOQ3dSczRabDNLb3F1czVXVUpvdz09
Meeting-ID: 967 8620 5841 … Read more
Dear All,
The next seminar(s) take place on 08.05.2024 at 14:00 (Session A). Please note that there will be only ONE session.
Session A: (14:00-15:00)
Mario Beluri, Somrita Ghosh
https://cispa-de.zoom.us/j/96786205841?pwd=M3FOQ3dSczRabDNLb3F1czVXVUpvdz09
Meeting-ID: 967 8620 5841
Kenncode: BT!u5=
Session A:
14:00 - 14:30
Speaker: Mario Beluri
Type of talk: Master Intro
Advisor: Prof. Dr. Thorsten Holz, Dr. Bhupendra Acharya
Title: Exploration of the Dynamics of Buying and Selling of Social Media Accounts
Research Area: RA3: Threat Detection and Defenses / RA5: Empirical and Behavioural
Abstract: In recent years, there has been a rise in social media users with projections indicating approximately 4.95 billion active users as of 2024. These platforms have become an integral part of the daily lives of internet users, serving as one of the primary ways for socializing, communication, and information sharing. Unfortunately, social media has become a double-edged sword that while allowing its utilizers to take advantage of the connectivity and communication paths created, on the other hand, provides an environment that can be easily exploited.
Lately, social media platforms have been targeted for a variety of malicious activities including propaganda, hijacking, phishing, and scams. This has led to the growth of social media marketplaces that offer social media accounts for sale, where fraudulent accounts, among others, are openly being sold and used as harmful playgrounds rather than a means of communication.
In this work, we plan to conduct in-depth research on the buying and selling dynamics of social media profiles across a variety of frameworks. We aim to acquire complete metadata and user engagement facts from multiple social media networks. Our central objective is to find any patterns in these data and carry out a thorough analysis to identify any attack targets associated with these entries. Additionally, we intend to categorize such accounts based on the web category of the targeted brand.
We plan to unveil the scammer’s modus operandi of buying and selling social media profiles by segmenting target attacks into distinct categories. Thus, through our study, we aim to provide an end-to-end scam life cycle of scammers buying these social media profiles and launching attacks against the targeted market segments.
14:30 - 15:00
Speaker: Somrita Ghosh
Type of talk: Master Intro
Advisor: Dr. Xiao Zhang
Title: Enhancing Robust Training through Selective Unlabeled Data
Research Area: RA1
Abstract: Training for robustness is recognized to require a significantly larger dataset compared to standard training, as evidenced by extensive research in the field. The existing literature emphasises a substantial gap in the number of samples needed for achieving robust learning as opposed to standard learning. Previously, addressing this gap involved implementing semi-supervised learning techniques with a considerable amount of unlabeled data. However, even with semi-supervised learning, achieving high robust accuracy demands an extensive pool of unlabeled data and imposes substantial computational overhead. In our work, we propose alternative approaches to mitigate the mentioned complexity gap. Instead of relying on a large pool of unlabeled data, we aim to employ selection algorithms to choose a subset of this data, aiming to ensure that robust accuracy is not compromised. Our strategy involves selecting data closer to decision boundaries, with the intention of focusing more on data that genuinely contributes to improving robust accuracy by smoothing the decision boundary. By opting for a subset of data, we aim to reduce the memory and time complexity associated with general robust self-training algorithms.
|
Written on 21.04.24 by Mang Zhao
Dear All,
The next seminar(s) take place on 24.04.2024 at 14:00 (Session A) and 14:00 (Session B).
Session A: (14:00-15:30)
Jonas Büchner, Margarita Keteva, Oliver Schedler
https://cispa-de.zoom.us/j/96786205841?pwd=M3FOQ3dSczRabDNLb3F1czVXVUpvdz09
Meeting-ID: 967 8620 5841
Kenncode:… Read more
Dear All,
The next seminar(s) take place on 24.04.2024 at 14:00 (Session A) and 14:00 (Session B).
Session A: (14:00-15:30)
Jonas Büchner, Margarita Keteva, Oliver Schedler
https://cispa-de.zoom.us/j/96786205841?pwd=M3FOQ3dSczRabDNLb3F1czVXVUpvdz09
Meeting-ID: 967 8620 5841
Kenncode: BT!u5=
Session B: (14:00-15:30)
Sven Kuppe, Andreas Knobel, Tristan Hornetz
https://cispa-de.zoom-x.de/j/66136901453?pwd=YVBSZU9peUpvUlk4bWp3MDR4cGlUUT09
Session A:
14:00 - 14:30
Speaker: Jonas Büchner
Type of talk: Master Final
Advisor: Dr. Michael Schwarz
Title: Reverse Engineering UEFI Firmware to Discover Hidden CPU Features
Research Area: RA4
Abstract:
With every new generation of x86 processors, their complexity of features increases. Luckily, CPU vendors allow the configuration of many of these CPU features. This is commonly done by using model-specific registers (MSRs). Besides configuration, these also allow performance monitoring and debugging. Naturally, a greater knowledge of the available MSRs improves control over the processor for researchers and users. While a lot of the MSRs are documented by Intel and AMD, there still remains a plethora of undocumented MSRs.
MSRs can only be accessed with the privileged RDMSR and WRMSR instructions. Therefore, the usage of MSRs is largely limited to low-level code, firmware in particular. The Unified Extensible Firmware Interface (UEFI) is a specification for firmware, which is implemented in many modern x86 systems. Because of its function, it is expected to make heavy use of MSRs and is therefore a primary target for research.
In this thesis, we explore methods to automatically discover the MSRs used in UEFI firmware. We use static analysis, which analyzes the firmware based on the machine code itself. We also use dynamic analysis to observe the execution of firmware binaries, working with both concrete and symbolic domains. We find a total of 233 different MSRs across 8 analyzed firmware images. 51 of these MSRs are not documented in the Intel SDM or AMD manual. We evaluate our methods and analyze the found MSRs, coming to the conclusion that reverse-engineering can find many, also undocumented, MSRs in firmware. Furthermore, it can help in finding the functionality of undocumented MSRs.
14:30 - 15:00
Speaker: Margarita Keteva
Type of talk: Bachelor Intro
Advisor: Lucjan Hanzlik
Title: Evaluating FIDO2 Attestations in Real-World and Security Keys Counter Behaviour
Research Area: RA1
Abstract:
FIDO2 introduces standards for secure passwordless authentication over the Internet. It consists of two protocols, namely CTAP2 (Client to Authenticator Protocol) and WebAuthn (W3C Web Authentication). Attestation and assertion are two terms that refer to the security key's registration and authentication.
In this study, we will analyse and evaluate the usage of FIDO2 in the real world by targeting the most visited websites and the attestations returned by security keys during the registration phase. The collected payloads from different authenticators will provide a broader scope of data.
Each аttestation and аssertion contains a counter that indicates the number of operations performed and signed by the authenticator. It is a measurement against cloning attacks. By evaluating the values of multiple responses and examining the change of the counter, we can calculate the probability of detecting the attack after its execution.
15:00 - 15:30
Speaker: Oliver Schedler
No information is provided.
Session B:
14:00 - 14:30
Speaker: Sven Kuppe
Type of talk: Bachelor Final
Advisor: Lucjan Hanzlik
Title: Blockchain-Based Verification of Android Keystore-Generated Key Attestations using Smart Contracts
Research Area: RA1
Abstract:
When using cryptocurrencies, it is important to ensure the security of our transactions. Therefore, we must ask ourselves how we can be certain that our recipient has reliable key management and securely stores their private key. This project aims to address these safety concerns by utilizing Android's hardware-backed keystore feature, available in modern smartphones. We create a smart contract that serves as a trust mechanism. It verifies the presence of a hardware-backed key in a device and stores the outcome on the blockchain. The goal of this work is to develop an Android application and a specialised smart contract. The application creates a key within its secure memory and provides a proof that the key is inside its secure memory. This proof consists of a certificate chain. The smart contract reads the certificates in the chain and verifies each one. If the certificate chain is valid, the successful outcome is stored on the blockchain. This establishes trust in the receiver's devices without requiring additional verification methods and provides an answer to the security questions mentioned above.
14:30 - 15:00
Speaker: Andreas Knobel
No information is provided.
15:00 - 15:30
Speaker: Tristan Hornetz
Type of talk: Master Final
Advisor: Dr. Michael Schwarz, Lukas Gerlach
Title: Execute-Only Memory as a Security Hardening Feature on x86-64
Research Area: RA3
Abstract:
Execute-Only Memory (XOM) is a rarely used, but versatile memory protection scheme, in which instruction fetches are permitted, but data reads and writes are not. In the context of x86_64, it is mainly used in defensive schemes against code-reuse attacks. Besides this however, there is very little research on applications that could benefit from its unique memory protection capabilities. In my master’s thesis, I therefore investigate the characteristics of XOM, with the primary goal of identifying novel application scenarios. To this end, I present a set of software libraries that make XOM available to user-mode programs and use them to conduct studies on XOM’s performance aspects and potential attack vectors.
The results of this effort are two key observations: Firstly, XOM proves to be highly resistant against transient execution attacks like Spectre and Meltdown. XOM can thus serve as a component of low-cost mitigation schemes against them. Secondly, it is possible to use XOM to hide cryptographic secrets from privileged local attackers. This may provide an alternative to Trusted Execution Environments on platforms where such facilities do not exist, with potential applications in Digital Rights Management.
|
Written on 06.04.24 by Mang Zhao
Dear All,
The next seminar(s) take place on 10.04.2024 at 14:00 (Session A) and 14:00 (Session B).
Session A: (14:00-15:30)
Julian Maurer, Marvin Schank, Matthias Michels
https://cispa-de.zoom.us/j/96786205841?pwd=M3FOQ3dSczRabDNLb3F1czVXVUpvdz09
Meeting-ID: 967 8620 5841
Kenncode:… Read more
Dear All,
The next seminar(s) take place on 10.04.2024 at 14:00 (Session A) and 14:00 (Session B).
Session A: (14:00-15:30)
Julian Maurer, Marvin Schank, Matthias Michels
https://cispa-de.zoom.us/j/96786205841?pwd=M3FOQ3dSczRabDNLb3F1czVXVUpvdz09
Meeting-ID: 967 8620 5841
Kenncode: BT!u5=
Session B: (14:00-15:30)
Faiq Iftikhar Awan, Christian Bryan Marcelino, Tobias Berdin
https://cispa-de.zoom-x.de/j/66136901453?pwd=YVBSZU9peUpvUlk4bWp3MDR4cGlUUT09
Session A:
14:00 - 14:30
Speaker: Julian Maurer
No information is provided.
14:30 - 15:00
Speaker: Marvin Schank
Type of talk: Master Final
Advisor: Prof. Dr. Cas Cremers
Title: Formal Analysis of Matrix's End-to-End Encryption
Research Area: RA2: Reliable Security Guarantees
Abstract: Matrix is a federated, decentralised communication architecture that allows messenger applications like Element to provide end-to-end encrypted communication to its users. Researchers recently discovered practically exploitable vulnerabilities in Matrix, questioning its security. To tackle the uncertainty of whether Matrix is secure, one must look closely at Matrix's End-To-End-Encryption protocol. I want to show with a formal analysis of the protocol that Matrix can provide a frame for secure message transmission. In this thesis, I investigate Matrix's underlying encryption techniques, especially Short Authentication String, Olm, and Megolm, the main cryptographic subroutines. I rewrite those concepts into a symbolic model. Based on that model, Tamarin, a state-of-the-art model checker and security verification tool, conducts an analysis. I proved some of Matrix's central security guarantees, like message confidentiality and user authentication.
15:00 - 15:30
Speaker: Matthias Michels
Type of talk: Master Final Talk
Advisor: Christine Utz, Ben Stock
Title: Privacy, Anyone? Investigating the Adoption of Privacy-Friendly Services and Configurations
Research Area: RA5: Empirical and Behavioural Security
Abstract:
Many website embed third-party services, for example, to gain insights into their audience or for embedding additional content. They offer a quick way to integrate these functionalities, often at no extra cost for the website owner. Website owners can influence the amount of personal data processed by third-party services in two ways: Through their selection and if possible, through their configuration.
These choices must be made according to data protection law requirements. The GDPR, for example, requires website operators to limit the data collection to the minimum amount necessary and imposes requirements for data transfer to non-EU countries. To account for this, courts already have placed boundaries for configurations that must or must not be made. Such court decisions have already led to waves of cease-and-desist letters in Germany and Austria.
We conduct a web measurement on 100,000 websites to compare their usage of these configuration options, as well as two privacy-friendly services. For a sample of websites using a privacy-friendly configuration, we use the Internet Archive to un- derstand the temporal context of the adoption of the privacy-friendly configuration. We show that the usage of privacy-friendly services and configurations differs heavily between countries, even among those with similar data protection laws. We also show that websites typically adopt the privacy-friendly option of a third-party service upon its initial integration, or not at all.
Session B:
14:00 - 14:30
Speaker: Faiq Iftikhar Awan
Type of talk: Master Intro
Advisor: Prof. Dr. Andreas Zeller & Marius Smytzek
Title: More Tests, Better Repair?
Research Area: RA3
Abstract: An automated program repair is a tool that can automatically look for bugs in a program and fixes it using techniques like fault-localization, maximum branch coverage etc. Furthermore, test generation uses fuzzers to randomly generate test cases that increase branch coverage of a test subject. Fuzzers are software tools that can generate a large volume of random or semi- random data that can be directly fed into a test subject or program. With this definition in mind, we ask a question.
Does more tests translate to better repair?
We present a comprehensive analysis based on statistical data and results that tries to answer this question. Our approach utilizes recently published tools such as Avicenna, ISLa and Tests4Py to answer this simple question analytically. These tools serve as building blocks for a solution that can use minimal amount of tests to create a specification about a program. Then generate new test cases according to that specification and repair a program using test cases that provide most amount of coverage. Such repairs are then compared against a baseline. What level of enhancement, if any, does an increase in test cases contribute to the effectiveness of a program repair solution?
14:30 - 15:00
Speaker: Christian Bryan Marcelino
Type of talk: Bachelor Intro
Advisor: Stella Wohnig, Prof. Nico Döttling
Title: Evaluating Range Proof to Improve McFly
Research Area: RA1: Trustworthy Information Processing
Abstract: McFly is a Time-lock Puzzle(TLP) primitive created with the help of a blockchain (Proof of Stake) finality layer. Usually, a TLP needs much computational power to solve. With the help of blockchain technology, McFly is not computationally wasteful, and we can decide exactly when the puzzle will be solved.
A slight shortcoming resides in constructing the McFly protocol: The message lies in the exponentiation. Therefore, McFly needs a range proof to ensure that the message lies within a specific range. The proof size of the McFly protocol exceeds the preferred value, so we want to consider finding another range proof.
In this thesis, we will explore the state-of-the-art range proof protocols to improve McFly's situation. This thesis aims to find another range proof that is smaller not only in size but also more efficient in proving and verifying time and incorporating it into the McFly protocol.
15:00 - 15:30
Speaker: Tobias Berdin
Type of talk: Master Intro
Advisor: Dr. Nico Döttling
Title: Laconic Private Set Intersection with Preprocessing
Research Area: 2
Abstract:
Private set intersection (PSI) is a cryptographic primitive that allows two or more parties, each holding a private set of elements, to compute the intersection of their sets in such a way that no information is revealed other than the elements of the intersection. In particular, we consider the setting where one party, called the server, holds a very large set and wants to compute the intersection with a client's smaller set. Recently a lot of research has been devoted to developing PSI protocols with low communication and computation costs. However, even the most efficient constructions only achieve computation complexities that are at least linear in the size of the larger set.
This thesis aims to develop a new construction for PSI protocols that operates in the laconic setting, i.e. it divides computations into a two-round scheme, where all communication is independent or sublinear in the size of the server's set. This setting is highly practical, as clients, unlike servers, usually should not perform resource-intensive computations. A preprocessing approach helps to perform heavy server computations in advance, so that results are available quickly when requested by the client. Our new PSI construction is based on oblivious key-value stores and Bloom filters, achieving sublinear communication and computation costs on both the client and the server side.
|
Written on 26.03.24 by Mang Zhao
Dear All,
The next seminar(s) take place on 27.03.2024 at 14:00 (Session A) and 14:00 (Session B).
Session A: (14:00-15:30)
Leon Barth, Raik Schweigert, Luca Nimsgern
https://cispa-de.zoom.us/j/96786205841?pwd=M3FOQ3dSczRabDNLb3F1czVXVUpvdz09
Meeting-ID: 967 8620 5841
Kenncode:… Read more
Dear All,
The next seminar(s) take place on 27.03.2024 at 14:00 (Session A) and 14:00 (Session B).
Session A: (14:00-15:30)
Leon Barth, Raik Schweigert, Luca Nimsgern
https://cispa-de.zoom.us/j/96786205841?pwd=M3FOQ3dSczRabDNLb3F1czVXVUpvdz09
Meeting-ID: 967 8620 5841
Kenncode: BT!u5=
Session B: (14:00-15:30)
Yannick Chording, Devi Faustine, Mitul Bipin
https://cispa-de.zoom-x.de/j/66136901453?pwd=YVBSZU9peUpvUlk4bWp3MDR4cGlUUT09
Session A:
14:00 - 14:30
Speaker: Leon Barth
Type of talk: Master Outro
Advisor: Dr. Nils Ole Tippenhauer
Title: Feasibility of IDS in Automotive Systems using the NXP S23G Platform
Research area: RA3: Threat Detection and Defenses
Abstract:
The Controller Area Network (CAN) was introduced in the 1980s and became the de facto standard communication protocol in the automotive industry. At that time, however, cars were much less digitized, which meant that potential security risks with CAN were less prevalent. Today, with connected cars and numerous digital control systems such as brake-by-wire, drive-by-wire, or autopilot, the risk is much higher. As a quasi-standard, the protocol cannot be easily replaced. Therefore, security measures are required. Intrusion Detection Systems (IDS), successfully used for other types of networks, are one way to detect attacks.
However, since CAN does not send or verify information about the sender or recipient of individual messages, this is a major challenge. Possible approaches attempt to infer anomalies and possible attacks from information about signal levels, temporal context, or message content. Methods ranging from simple statistics to deep learning are presented and evaluated. Unfortunately, most of the evaluation scenarios are not very close to practice due to the use of powerful computers, oscilloscopes, or synthetic evaluation data.
In this thesis, I investigate the feasibility of implementing such systems on next-generation automotive hardware using the NXP S32G platform as an example and realistic data. Therefore, I collect existing approaches for CAN IDS and CAN traffic datasets. The IDS is then analyzed with data as close to reality as possible, both on conventional high-performance x86-based hardware with a dedicated GPU and on the much more limited ARM-based NXP S32G platform. The results will be used to evaluate the feasibility of each concept in future vehicles.
14:30 - 15:00
Speaker: Raik Schweigert
Type of talk: Bachelor Intro
Advisor: Wouter Lueks, Sylvain Chatel
Title: Privacy Analysis of Digital Contact Tracing Systems
Research Area: RA1
Abstract:
In a pandemic like COVID-19, contact tracing is a key strategy that mitigates the spread of the virus by notifying people that have recently been in close proximity to a positively diagnosed individual.
However, the scale of manual contact tracing is limited. As an addition, digital contact tracing systems were proposed, which increase the scalability of contact tracing by letting mobile devices broadcast and capture tokens that can be matched later in case of a positive test to notify at-risk individuals.
While these systems automate contact tracing, requiring less work, they also handle sensitive data. Thus, digital contact tracing systems should respect the users’ privacy. This thesis analyzes contact tracing systems with respect to their privacy.
15:00 - 15:30
Speaker: Luca Nimsgern
Type of talk: Bachelor Intro
Advisor: Lucjan Hanzlik
Title: Multi-party signatures on FIDO tokens
Research Area: RA1
Abstract: Consisting of the W3C Web Authentication (WebAuthn) and the FIDO Client to Authenticator Protocol (CTAP), FIDO2 introduces a standard for strong authentication in the web environment.
In this thesis, we will implement a multi-party signature on FIDO keys. As the name suggests, in multi-party signatures the private key for signing a message is distributed by multiple parties.
The idea is that each FIDO key holds his own share of the private key, so in the end a certain amount of FIDO keys (which we can specify before) is needed to produce a valid signature.
After the implementation phase, we will evaluate this approach by its performance and security, in order to compare it with the common approach.
Session B:
14:00 - 14:30
Speaker: Yannick Schording
Type of talk: Master Intro
Advisor: Dr. Dominic Steinhöfel
Title: Specification based testing with JSON-schema
Research Area: 3
Abstract:
The JavaScript Object Notation (JSON) is one of the most widely used formats to interchange data. Due to its popularity, we need ways to test systems that use JSON files as their input. But how can we do so? One approach would be to feed it randomly generated JSON files. However, most of these files would not reach deep into the code since they do not conform to its expected input structure. By using the JSON-schema vocabulary as a basis for specification-based testing we can get around this issue. While tools that generate JSON files from schemas already exist they follow a monolithic approach as they combine the specification
handling and input generation into a single piece of software. In this thesis, we develop a tool that decouples these two parts. To do so we first translate JSON schema into an equivalent pair of a context-free grammar and a set of semantic constraints. We then use this specification to generate valid JSON files with the ISLa fuzzer. The benefits of this approach are that changes in the fuzzer do not necessitate rewriting the specification handling and vice versa. Another advantage is that based on this specification the ISLa fuzzer can also mutate, validate, or repair existing inputs.
To evaluate our tool we plan to compare it to existing generators regarding the diversity of the generated inputs, generation speed and the ability to find bugs in software.
14:30 - 15:00
Speaker: Devi Faustine
Type of talk: Bachelor Final
Advisor: Dr. Lucjan Hanzlik
Title: Efficiency of Post-Quantum Blind Signature built from secure Multi-Party Computation
Research Area: RA1
Abstract:
Nowadays Post-Quantum Cryptography (PQC) has been gaining more and more attention, as the development of quantum computers further progress. Taking this into consideration, we would like to make cryptographic primitives and protocols also quantum resistant. Blind signatures have also gained popularity as blockchain and electronic cash is also booming.
The idea of this thesis is to combine secure Multi-Party Computation (MPC) with a post-quantum digital signature in order to create fua post-quantum blind signature. Since MPC also keeps privacy of the parties' input, meaning this also fulfills the purpose of blind signatures. The digital signature used in this scheme would be SPHINCS+, which is a quantum-resistant, stateless hash-based signature scheme, specifically aimed at reducing signature size. We implement SPHINCS+ inside an MPC library and bench the performance of this construction.
15:00 - 15:30
Speaker: Mitul Bipin
Type of talk: Master Intro
Advisor: Cristian Alexandru Staicu, Masud Bhuiyan.
Title: Regular Expression Denial of Service (ReDoS) Defense Analysis. Research Area: RA3: Threat Detection and Defenses.
Abstract:
A Regular Expression Denial of Service (ReDoS) attack is a type of algorithmic complexity vulnerability in which an attacker sends a specially crafted input to exploit a vulnerable regex pattern to trigger excessive backtracking within a regular expression engine, leading to prolonged processing times and potentially crashing the system. Unlike traditional Denial of Service (DoS) attacks, which flood a system with high volumes of traffic, ReDoS attacks exploit inefficiencies in regular expression matching algorithms, making them harder to detect and mitigate. Developers typically rely on regular expressions to perform input validations, e.g., Email ID, phone number. Sometimes, developers may unintentionally write or copy vulnerable regex patterns, making their application vulnerable to a ReDoS attack. Furthermore, developers may import libraries, e.g., npm, that may contain a vulnerable regex pattern, thereby making the application susceptible to a ReDoS attack. In order to prevent a ReDoS attack, developers often choose one of the many mitigation approaches such as:
1. Timeout Mechanisms
2. Limit Backtracking
3. Use Traditional Regex Engines (that do not support extended features such as backtracking)
4. Repair the Vulnerable Regex Pattern.
5. Use an Alternate Logic. e.g., custom parser
6. Limit Input Length.
We refer to these approaches as "Standard Approaches," which involve modifying the underlying code and the vulnerable regex pattern. Additionally, researchers have developed solutions that mitigate a ReDoS attack on an application in real-time, i.e., block HTTP requests that potentially contain a specially crafted input to cause a ReDoS attack. We refer to these approaches as "Reactive Approaches". A Reactive Approach is typically deployed alongside the application, and all input validations will still be performed using a vulnerable regex pattern. It will be interesting to analyze whether the reactive approaches can block HTTP requests that can potentially cause a ReDoS attack.
The primary objective of the thesis is to determine the most effective method for mitigating a ReDoS attack. To achieve that, we will deploy an application that contains a vulnerable regex pattern prone to a ReDoS attack. We will then fix the underlying vulnerability with each of the techniques mentioned above. Lastly, we will simulate benign requests for a specific period and send malicious HTTP requests in frequent intervals to assess the effectiveness of each approach discussed above. During the experiment, we will record the latency and throughput experienced by benign users, recognizing these metrics as crucial parameters in identifying the most effective method for mitigating a ReDoS attack.
The "Master Intro" seminar gives a sneak peek into the results obtained by performing the above experiment on the PHP platform. It also highlights the motivation, along with the research contribution and the research questions answered in the thesis. Lastly, the seminar will shed light on the future scope and open the ground for discussions!
|
Written on 11.03.24 by Mang Zhao
Dear All,
The next seminar(s) take place on 13.03.2024 at 14:00 (Session A) and 14:00 (Session B).
Session A: (14:00-15:30)
Lenny Händler, Lennard, Niklas Britz
https://cispa-de.zoom.us/j/96786205841?pwd=M3FOQ3dSczRabDNLb3F1czVXVUpvdz09
Meeting-ID: 967 8620 5841
Kenncode:… Read more
Dear All,
The next seminar(s) take place on 13.03.2024 at 14:00 (Session A) and 14:00 (Session B).
Session A: (14:00-15:30)
Lenny Händler, Lennard, Niklas Britz
https://cispa-de.zoom.us/j/96786205841?pwd=M3FOQ3dSczRabDNLb3F1czVXVUpvdz09
Meeting-ID: 967 8620 5841
Kenncode: BT!u5=
Session B: (14:00-15:30)
Dominik Sautter, Jannis, Houcai Li
https://cispa-de.zoom-x.de/j/66136901453?pwd=YVBSZU9peUpvUlk4bWp3MDR4cGlUUT09
Session A:
14:00 - 14:30
Speaker: Lenny Händler
No Information is provided.
14:30 - 15:00
Speaker: Lennard Tworeck
Type of talk: Bachelor Outro
Advisor: Robert Künnemann, Kevin Morio
Title: A parser for the spthy protocol modeling language
Research Area: RA2
Abstract:
Security protocols ensure the confidentiality, integrity and authentication of transmitted data between two or more parties and are the basis of secure communication. Proving the accuracy of these protocols is an error-prone and arduous task, which is why protocol verifiers have been developed to automate this task. Tamarin is such a protocol verifier and allows for symbolic modeling and analysis of security protocols. To use Tamarin, the user defines the protocol, environment and security properties in a security protocol model, which is specified in the so-called security protocol theory (spthy) file format developed especially for Tamarin.
In this thesis, an independent parser was created that allows parsing such files for third party tools or Tamarin extensions. A parser is a software component that converts
textual input into a machine-readable format based on a formal grammar. The spthy parser was developed with the objective of flexibility, minimal dependencies, and support for various programming languages such as Python, Go, Rust and Haskell. The tree-sitter parser generator was employed to create the parser. The process involved
to first define a grammar, accepting the syntax of spthy files and utilizing this grammar as an input to the parser generator. While the syntax of the file format was already
partially documented in the Tamarin manual, a complete description was missing. The parser generator approach did not just build a parser for spthy files, but also documented
its syntax.
The primary aim was to create a versatile tool that facilitates the development of Tamarin extensions. The result is a reusable parser that not only enhances the ease of creating extensions for Tamarin, but also offers comprehensive syntax documentation for the spthy file format.
15:00 - 15:30
Speaker: Niklas Britz
Type of talk: Bachelor Intro
Advisor: Dr. Nico Döttling
Title: Gaussian Linear Secret Sharing
Research Area: 2
Abstract:
Secret sharing is a cryptographic technique to distribute a secret among different parties. Only a specified amount of the parties can reconstruct the secret together, while smaller party sizes learn nothing or little about the original secret when combining their respective information.
In this work, we present two threshold secret sharing schemes. The first is a continuous linear secret sharing scheme over the group R. We prove the correctness and security of this scheme.
The second is an approximate linear scheme over Z, for which we prove correctness. Here, approximate linear means that the scheme is linear up to some minor error.
Using Gaussian distributions for secret sharing over R and Z, we present a new approach to linear secret sharing.
Session B:
14:00 - 14:30
Speaker: Dominik Sautter
No Information is provided.
14:30 - 15:00
Speaker: Jannis Cavelius
Type of talk: Bachelor Intro
Advisor: Prof. Sebastian Stich
Title: Hyperparameter Optimization in Federated Learning using Covariance matrix adaptation
RA2: Reliable Security Guarantees
Abstract:
Federated Learning(FL) has risen in popularity over the last few years. It can be split into two main components. First, a central server, with the global model, that controls the training, and second, multiple clients (i.e. mobile devices or companies), that perform local updates to the global model using their respective data. At the end, only the updates to the model weights are shared with the server and used to update the global model.
The decentralized training of the model, which results in high data privacy, can lead to bottlenecks either in the form of communication or computation, i.e., a bad internet connection or old hardware, and slow down the training.
Hyperparameter Optimization, which needs lots of evaluations to find a good configuration, is difficult, as these might not be possible either through privacy restrictions or the bottlenecks mentioned above.
Federated Learning models therefore often use the hyperparameters, which are predefined by the optimizers, to save time and resources.
This thesis tries to use the evolutionary strategies Covariance Matrix Adaptation to efficiently find the models Hyperparameters. The approach is then compared to baselines, such as Grid- and Random search, on various datasets and problem types.
Another goal of my work is to bring back gradient free optimizers into the spotlight and make space for new work and research.
15:00 - 15:30
Speaker: Houcai Li
Type of talk: Master Intro
Advisor: Dr. Dominic Steinhoefel
Title: XML-Schema Refinement: A Human-in-the-Loop Approach
Research Area: RA3
Abstract:
XML, the Extensible Markup Language, provides detailed information on both content and the structure of data. The structure and the set of vocabularies of XML documents can be declared in an XML schema, which can be used to validate XML documents.
Therefore, XML schemas can play an important role in the field of software security as it filters out unwanted input when properly defined. It also has the potential to be used as specifications for automated software testing campaigns.
Since many XML schemas are only laxly defined and can therefore present security risks, we present a GUI to refine a schema based on available XML documents conforming to it. Built on EditiX, a public open-source XML editor, the presented GUI is able to analyze XML documents using the (W3C) XML schema currently displayed, and mark the positions where suggestions are available for refining the schema.
|
Written on 26.02.24 (last change on 28.02.24) by Niklas Medinger
Dear All,
The next seminar(s) take place on 28.02.2024 at 14:00 (Session A) and 14:00 (Session B).
Session A: (14:00-15:30)
Laura Thineta Mulia, Nils Olze, Sahil Sihag
https://cispa-de.zoom.us/j/96786205841?pwd=M3FOQ3dSczRabDNLb3F1czVXVUpvdz09
Meeting-ID: 967 8620 5841
Kenncode:… Read more
Dear All,
The next seminar(s) take place on 28.02.2024 at 14:00 (Session A) and 14:00 (Session B).
Session A: (14:00-15:30)
Laura Thineta Mulia, Nils Olze, Sahil Sihag
https://cispa-de.zoom.us/j/96786205841?pwd=M3FOQ3dSczRabDNLb3F1czVXVUpvdz09
Meeting-ID: 967 8620 5841
Kenncode: BT!u5=
Session B: (14:00-15:30)
Girija B Mohan., Adarsh Jamadandi, Dominik Kempter
https://cispa-de.zoom-x.de/j/66136901453?pwd=YVBSZU9peUpvUlk4bWp3MDR4cGlUUT09
Session A:
14:00 - 14:30
Speaker: Laura Thineta Mulia
Type of talk: Bachelor Final
Advisor: Prof. Thorsten Holz, Bhupendra Acharya
Title: "Ghost Coins: Analyzing the Prevalence of Fake Cryptocurrency Wallet"
Research Area: RA5: Empirical and Behavioural Security
Abstract:
Cryptocurrency is a digital currency that operates in decentralized networks, unlike traditional currencies issued by the government. These digital cryptocurrencies are managed by digital tools or software referred to as wallets which allow users to store, manage, and transact among other users. With the adoption of cryptocurrency as digitized payments, malicious attackers become more vigilant. Consequently, each year cryptocurrency wallet users are susceptible to emergent attacks including traditional attacks such as phishing, impersonation, and fake technical support.
In this work, we analyze the prevalence of fake cryptocurrency wallets in the form of Android apps, a popular choice among users. These apps are sourced from both vetted and non-vetted marketplaces. Specifically, we gather cryptocurrency wallets from the Google Play Store as the vetted marketplace, and APKPure, Aptoide, ApkCombo, and PlayMods as non-vetted alternatives. Our dataset comprises 6800 cryptocurrency wallet apps, among which 181 were identified as fake using the methods of typosquatting, combosquatting, and permission pattern matching.
Furthermore, we conduct a comparison of the occurrence of counterfeit apps between vetted and non-vetted marketplaces. Our results indicate that only 1.37% of apps acquired from vetted marketplaces turned out to be counterfeit, whereas 3.01% of those obtained from non-vetted sources were found to be fake. Our study revealed that non-vetted marketplaces have more than twice the prevalence of counterfeit apps compared to their vetted counterparts. Additionally, our analysis underscores that many of these counterfeit apps attract users by offering free cryptocurrency, revealing how scammers exploit such incentives to entice unsuspecting victims into downloading their malicious applications.
14:30 - 15:00
Speaker: Nils Olze
Type of Talk: Master Final
Advisor: Sven Bugiel
Title: Finding the Needle in the Haystack: Password Recovery in a Forensic Setting
Research Area: RA5
Abstract: Passwords are still the most common way of user authentication. Especially in the context of authentication on local devices, they are unlikely to ever (fully) disappear. In a forensic setting associated with a criminal investigation, passwords are a common hindrance when the investigator wants to lawfully access a confiscated device or encrypted file. If the suspect does not cooperate, the investigator needs to guess the correct password of an encrypted device or file. This scenario of an offline Password Guessing attack is different from the typical scenario since the target is usually only a single password. Previous research has found that the majority of passwords are likely guessed by generic password guessing attacks, but the remaining 20 % of passwords are hard to guess. This implies the need for more sophisticated attacks, which leverage the available information in a forensic setting.
In this work, we perform a field study on 46 devices from real-world criminal investigations to determine the options of an investigator to obtain a password if access to a desktop device of a suspect is possible. We examine three different research questions. First, we determine how credentials are stored on hard drives and how accessible they are. Our findings suggest, that an investigator might instantly access credentials in two-thirds of all cases. Second, we investigate whether or not it is possible to detect plain text passwords stored on a hard drive. We use an approach based on Probabilistic ContextFree Grammar proposed by previous research. Based on our results, this approach is not fit to directly identify passwords but might be further improved with weighting functions to reach this goal. Third, we attempt to measure the impact of data from the hard drive on a Password Guessing attack. To achieve this, we compare the performance of the password candidate lists extracted with the aforementioned PCFG approach with the performance of generic dictionary attacks. When attacking the NTLM hashes of local user accounts, our best attack significantly outperforms a generic attack with an equally sized keyspace. Taking Password Reuse into account, we estimate a solid chance for an investigator to crack the target password.
15:00 - 15:30
Speaker: Sahil Sihag
Type of talk: Master Final
Advisor: Dr. Nils Ole Tippenhauer
Title: In-situ Fuzzing of Remote Firmware with Coverage Feedback
Research Area: RA4: Secure Mobile and Autonomous Systems
Abstract:
In this thesis, we develop a framework for coverage guided fuzzing of an embedded firmware. This is done by taking advantage of free storage and memory of the target embedded system. With the help of this free space, we enable instrumentation of the firmware and store coverage information of firmware during execution. This fine-grained information is later utilized by the fuzzer for generating better inputs.
The final talk of this thesis discusses performance evaluation of our framework. First, we cover effectiveness of coverage feedback and input specifications for our test firmware. Then, we explore feasibility of minimizing impact of previous fuzzing inputs with the help of firmware restarts. Finally, we discuss the bugs discovered with the help of our framework and hurdles in reaching greater code coverage during fuzzing campaigns.
Session B:
14:00 - 14:30
Speaker: Girija B Mohan.
Type of talk: Master Intro.
Advisor: Dr. Mridula Singh.
Title: Physical World Sensor Attack on LiDAR-camera-based Perception in Autonomous Driving.
Research Area: RA4 (Secure Mobile and Autonomous Systems)
Abstract:
Autonomous Vehicles (AVs) rely on sensors like cameras and LiDAR, to perceive their surroundings and make informed decisions regarding path planning and vehicle control. Understanding the vulnerabilities in these perception systems is crucial for ensuring road safety and building robust AV systems.
While cameras have been traditionally used for perception, they are susceptible to spoofing attacks. Hence, AVs are increasingly adopting LiDARs as they show an advantage over other sensors due to their ability to create detailed 3D maps, providing precise distance and depth information for all surrounding objects and free space, and are also a reasonable buy today. However, the researchers continue to study the vulnerability of LiDARs and explore new ways to attack them. The technical functionality of LiDAR makes the environment with mirrors challenging for LiDARs to work with. Existing research has not yet explored this as a potential attack vector.
In this research, we will exploit the property of light reflection to design and model a physical-world attack on LiDAR and camera sensors. We will demonstrate the effectiveness of our attack against state-of-the-art AV obstacle detectors like PointPillars. Additionally, we will evaluate the impact of these attacks on driving decisions using industry-grade Autonomous Driving Simulators (LGSVL or CARLA) and propose defense strategies to mitigate such attacks.
By shedding light on these vulnerabilities and proposing defense mechanisms, this research contributes to the development of more resilient AV perception systems, ultimately enhancing road safety in autonomous driving environments.
14:30 - 15:00
Speaker : Adarsh Jamadandi
Type of Talk : Master Thesis Intro
Advisor : Dr. Rebekka Burkholz.
Title : Investigating the Label/Feature Alignment with the Community Structure for Graph Neural Networks.
Research Area : RA1 Trustworthy Information Processing.
Abstract : Graph Neural Networks that leverage the message passing paradigm are shown to inhibit pathological behaviours such as over-squashing and over-smoothing. The former results from bottlenecks that hamper information flow, while over-smoothing leads to node features tending to non-informative limit due to repeated rounds of aggregation. A common strategy to resolve both of these issues is spectral based graph rewiring. That is, modifying the edge structure of the graph with the intent to maximize the spectral gap either by adding or deleting edges. This strategy has been shown to improve the generalization performance of GNNs in tasks like node classification.
In this project we argue that, most of the success that is attributed to the spectral rewiring based approaches, in fact, stem from an alignment of the underlying community structure with the feature/labels of the input graph. Our preliminary results on synthetic datasets show, methods that delete edges to maximize the spectral gap end up deleting intra-class edges weakening the inherent community structure which in-turn derails the feature/label alignment with the community structure. We show this can be deterimental to the downstream task. In fact, minimizing the spectral gap helps retain this alignment.
To summarize, this project aims to investigate vital the role of community structure and its alignment with the features/labels of the graph is to the downstream task and how spectral gap based rewiring methods affect this harmony and how it shapes the generalization performance of GNNs.
15:00 - 15:30
Speaker : Dominik Kempter
No information provided.
|
Written on 12.02.24 by Niklas Medinger
Dear All,
The next seminar(s) take place on 14.02.2024 at 14:00 (Session A) and 14:00 (Session B).
Session A: (14:00-15:00)
Moritz von Zülow, Mika Meyer
https://cispa-de.zoom.us/j/96786205841?pwd=M3FOQ3dSczRabDNLb3F1czVXVUpvdz09
Meeting-ID: 967 8620 5841
Kenncode:… Read more
Dear All,
The next seminar(s) take place on 14.02.2024 at 14:00 (Session A) and 14:00 (Session B).
Session A: (14:00-15:00)
Moritz von Zülow, Mika Meyer
https://cispa-de.zoom.us/j/96786205841?pwd=M3FOQ3dSczRabDNLb3F1czVXVUpvdz09
Meeting-ID: 967 8620 5841
Kenncode: BT!u5=
Session B: (14:00-14:30)
Lucas Layfield
https://cispa-de.zoom-x.de/j/62229284468?pwd=SThvSGpZKzB2Q1VmM1gxSGRwV3Mzdz09
Session A:
14:00 - 14:30
Speaker: Moritz von Zülow
Type of talk: Bachelor Intro
Advisor: Thorsten Holz
Title: Boosting Code Coverage of Curl Fuzzing using Fuzz-Generated Harnesses
Research Area: RA3
Abstract:
Fuzzing is an automated software testing technique that enables developers to discover security and correctness flaws in their program by subjecting them to random malformed input. Despite the effectiveness of modern fuzzers that leverage compilers to instrument code and enhance coverage, certain programs, such as curl - a widely deployed open-source project for data transfer with URLs - exhibit poor code coverage during runtime. Existing fuzzers typically achieve a mere 1% coverage of curl's executed code, leaving a significant portion untouched and potentially harboring undiscovered vulnerabilities.
During a security audit of curl, the Trail of Bits team successfully identified new security vulnerabilities by employing a novel approach - fuzzing curl's command-line interface. This method, previously deemed ineffective, proved fruitful in revealing previously unnoticed flaws.
In this thesis, we aim to address this gap in the curl fuzzing process. By incorporating command line arguments into the fuzzing process, we test different options of curl, which allow us to utilize different features and reach previously untested areas of source code. Ultimately, by increasing the code coverage during fuzzing, we aspire to enhance to the overall security of curl.
14:30 - 15:00
Speaker: Mika Meyer
Type of talk: Master Intro
Advisor: Giancarlo Pellegrino, Giada Stivala
Title: An Analysis of Malicious File Distribution on Free Hosting Providers
Research Area: RA6 (Empirical and Behavioral Security)
Abstract:
Today, prefabricated phishing kits and other malicious web content are widely available and easy to deploy, lowering the effort required by cybercriminals to perform these attacks. However, hosting such sites while maintaining the anonymity in the setup and payment process is challenging. Furthermore, serving malicious files publicly at multiple providers to achieve availability in case of takedowns and repercussions requires significant financial investments at scale.
In this project, we identify hosting providers offering services for free, as they are a popular target for hosting phishing sites and distributing malicious files. We focus our analysis on providers offering hosting options for files, because files are the basic building block for web content and are sufficient for performing various kinds of attacks. Attackers can abuse these services while maintaining their anonymity, if the implemented countermeasures do not comply with best practices. Next to web hosting providers, we also analyze object storage providers and website builders, as they often also offer free tiers which can be abused for distributing files.
We create a list of hosting providers, identify those which offer free services and evaluate their countermeasures against malicious actors. We show that abusing providers at scale is possible by using simple automation techniques to deploy malicious files at multiple providers at once. After deploying test files of common attacks, we monitor their availability and analyze the detection and takedown mechanisms in place. Finally, we create abuse notifications to our deployed files and check the responses from the providers.
Session B:
14:00 - 14:30
Speaker: Lucas Layfield
Type of talk: Bachelor Intro
Advisor: Xaver Fabian
Title: Extending the Blade tool to account for Spectre-BTB attacks in indirect calls
Research Area: RA1
Abstract: Blade is a tool which aims to eliminate speculative leakage of secrets in cryptographic code through a type system for
expressions that can identify paths from source expressions that introduce secrets to the execution to sink expressions which leak
those secrets and fix programs by cutting those paths with a speculation stopping abstract directive.
In this paper, we will extend the formal model of the language on which the type system is based on to model indirect function calls as
well as the speculative behaviour that can occur during their execution. We will also make additions to the type system so that leakage
arising from speculative execution of indirect function calls can be detected and mitigated.
|
Written on 29.01.24 (last change on 29.01.24) by Niklas Medinger
Dear All,
The next seminar(s) take place on 31.01.2024 at 14:00 (Session A) and 14:00 (Session B).
Session A: (14:00-15:00)
Gleb Rostanin, Matteo Leonelli
https://cispa-de.zoom.us/j/96786205841?pwd=M3FOQ3dSczRabDNLb3F1czVXVUpvdz09
Meeting-ID: 967 8620 5841
Kenncode:… Read more
Dear All,
The next seminar(s) take place on 31.01.2024 at 14:00 (Session A) and 14:00 (Session B).
Session A: (14:00-15:00)
Gleb Rostanin, Matteo Leonelli
https://cispa-de.zoom.us/j/96786205841?pwd=M3FOQ3dSczRabDNLb3F1czVXVUpvdz09
Meeting-ID: 967 8620 5841
Kenncode: BT!u5=
Session B: (14:00-15:30)
Tristan Hermanns, Ben Rosenzweig, Mihirraj Dixit
https://cispa-de.zoom-x.de/j/62229284468?pwd=SThvSGpZKzB2Q1VmM1gxSGRwV3Mzdz09
Session A:
14:00 - 14:30
Speaker: Gleb Rostanin
Type of talk: Bachelor Final
Advisor: Nils Ole Tippenhauer
Title: Embedded Intrusion Detection for Automotive Ethernet
Research Area: RA3
Abstract:
In the current stage of development for Connected Cars, Automotive Ethernet (AE)
has become the preferred In-Vehicle Network (IVN) protocol, replacing the outdated
Controller Area Network (CAN) protocol. The internet connection of Connected Cars and the development of new automotive protocols not only extends the feature development possibilities, but also makes cars a potential target for cyberattacks. In addition to standard security applications, such as authentication via SecOC, Intrusion detection systems (IDS) grant the possibility for car manufacturers to detect and react to attempted or ongoing attacks on the vehicle, without adding significant latency to the IVN. In this bachelor’s thesis, we discuss the deployment possibilities of IDSs for the automotive field and examine this topic by integrating a simple open-source based IDS, on a stateof-the-art embedded central communication gateway. Contrary to the estimation of previous research papers, we show a simple way of using Snort –an open-source IDS– in the automotive domain and give an intuition how to detect the unique attacks of the automotive domain. For this work, our focus lies on the Scalable service-Oriented MiddlewarE over IP (SOME/IP) protocol, which is commonly used in AE-IVNs to provide services to multiple car components efficiently. Finally, we evaluate the efficiency and usability of the developed IDS on the embedded gateway used for integration. Due to
the lack of IVN network data, we implement a proof-of-concept Man-in-the-middle attack on the SOME/IP Service Discovery protocol and cover SOME/IP standard violation attacks by using generated attack data.
14:30 - 15:00
Speaker: Matteo Leonelli
Type of talk: Master Intro
Advisor: Thorsten Holz, Ali Abbasi
Title: Coverage Guidance by Proxy for Differential Fuzzing of Video Accelerators
Research Area: RA3
Abstract:
Today, video encoders and decoders implemented in hardware are integral to our daily lives through the internet, media, and social networks.
The interaction between software and hardware in decoding videos involves hardware accelerators that interface with drivers, facilitating the use of privileged software and hardware components. This interplay introduces the potential for functional disparities and security vulnerabilities due to the black box, obscure, and complex nature of hardware that makes testing difficult. In contrast, the software decoding process is white box, testable, and only presents intuitive scenarios, though implemented entirely differently.
Like other testing fields, hardware security research struggles with defining efficient test oracles. In the context of our research, we aim to design a methodology to assess the behavior of hardware components, specifically video hardware accelerators. This tool leverages coverage of the software implementation as a proxy for the state of the decoding process, allowing for the inference of hardware coverage and the ability to uncover potential non-deterministic or incorrect behavior in the hardware components. Our approach employs a fuzz testing strategy to identify hardware and software bugs, effectively tracing hardware behaviors through software metrics. We demonstrate the applicability of this approach through a case study involving video hardware accelerators, testing the complete hardware acceleration stack against the software implementation. Importantly, this methodology holds promise for various scenarios where hardware implementations exhibit determinism and have analogous software implementations for testing functional correctness and performing lower-level security assessments.
Session B:
14:00 - 14:30
Speaker: Tristan Hermanns
Type of talk: Master Intro
Advisor: Ben Stock
Title: Manipulating Browser Extension Functionality - Analyzing Web-Based Attack Vectors
Research Area: RA5 - Empirical and Behavioural Security
Abstract:
With over 180,000 extensions in the Chrome Web Store and widespread usage among desktop users, browser extensions are a critical component of online browsing, enhancing user experience with added features. However, this popularity brings inherent security concerns. Despite modern browsers implementing measures like separate namespaces for extension JavaScript code, vulnerabilities persist in the interaction between websites and browser extensions.
These vulnerabilities primarily arise from two aspects of browser-extension interactions. Firstly, when extensions inject scripts into websites, the once separate namespace becomes shared, allowing potential website influence over the extension. Secondly, even with separated namespaces, extensions can interact with data or elements controlled by websites, like the DOM or cookies, which can be exploited by attackers.
This study aims to develop a framework to assess these vulnerabilities and their impact on browser extension functionality. We focus on identifying methods through which websites can influence extension behavior and evaluating the vulnerability of real-world extensions to these methods.
14:30 - 15:00
Speaker: Ben Rosenzweig
Type of talk: Bachelor Intro
Advisor: Dr.-Ing. Aurore Fass
Title: Machine Learning Based Approach for Detecting Malicious Browser Extensions
Research Area: 5
Abstract:
Browser extensions are widely used to enhance the functionality of modern web browsers. Browser extensions can, e.g., remove advertisements, change the appearance of a new tab, or provide coupon codes for users who are shopping online. To achieve some of these functionalities browser extensions require access to elevated privileges, which web pages do not have. Chrome extensions have access to the Chrome Extension APIs. The privileges gained through these APIs can be abused by attackers, which can potentially lead to the theft of user data, the injection of unwanted additional advertisements into websites, or the unwanted change of the default search engine of a user's browser.
To protect users from these threats we will create a system to identify potentially malicious extensions. We will use metadata, such as the used permissions, the number of files included, user ratings, etc. This will be combined with static analysis of the source code and machine learning to classify an extension as benign or malicious.
15:00 - 15:30
Speaker: Mihirraj Dixit
Type of talk: Master Intro
Advisor: Dr. Mridula Singh
Title: Targeted Desynchronization of User Equipments in Cellular Networks
Research Area: RA4
Abstract:
LTE(Long Term Evolution) is the most commonly used wireless technology used for cellular communication. With the increase in the usage of smartphones, people are constantly connected. This need for staying constantly connected brings security and privacy concerns for users. In the existing work, the multiple attack vectors like privacy leakage and disruption attacks performed on LTE protocol, requires usage of fake base stations which increases the cost of the attacker.
In this work, we have identified a vulnerability in the LTE protocol that by using temporary identifiers we can track a particular user equipment(UE) for an indefinite time period. Therefore, we can launch targeted attacks for the specific UE for desynchronizing from the network. Moreover, the research utilises existing timing parameters like timing advance for desynchronizing the user covertly. Since our work passively targets specific users through linkability and desynchronizes the user semi-actively without relying on deploying fake base stations, we can claim that our launched attack is more stealthier and cost-effective in nature.
We demonstrate the feasibility of this attack by performing an experimental setup using srsRAN setup. Through this experiment, we try to assess the impact of the privacy leakage and network disruption paving the way to enhance the cellular network’s robustness.
|
Written on 12.01.24 by Niklas Medinger
Dear All,
The next seminar(s) take place on 17.01.2024 at 14:00 (Session A). There is only one session.
Session A: (14:00-14:30)
Margarita Keteva
https://cispa-de.zoom.us/j/96786205841?pwd=M3FOQ3dSczRabDNLb3F1czVXVUpvdz09
Meeting-ID: 967 8620 5841
Kenncode: BT!u5=
Session… Read more
Dear All,
The next seminar(s) take place on 17.01.2024 at 14:00 (Session A). There is only one session.
Session A: (14:00-14:30)
Margarita Keteva
https://cispa-de.zoom.us/j/96786205841?pwd=M3FOQ3dSczRabDNLb3F1czVXVUpvdz09
Meeting-ID: 967 8620 5841
Kenncode: BT!u5=
Session A:
14:00 - 14:30
Speaker: Margarita Keteva
Type of talk: Bachelor Intro
Advisor: Lucjan Hanzlik
Title: Evaluating FIDO2 Attestations in Real-World and Security Keys Counter Behaviour
Research Area: RA1
Abstract:
FIDO2 introduces standards for secure passwordless authentication over the Internet. It consists of two protocols, namely CTAP2 (Client to Authenticator Protocol) and WebAuthn (W3C Web Authentication). Attestation and assertion are two terms that refer to the security key's registration and authentication.
In this study, we will analyse and evaluate the usage of FIDO2 in the real world by targeting the most visited websites and the attestations returned by security keys during the registration phase. The collected payloads from different authenticators will provide a broader scope of data.
Each аttestation and аssertion contains a counter that indicates the number of operations performed and signed by the authenticator. It is a measurement against cloning attacks. By evaluating the values of multiple responses and examining the change of the counter, we can calculate the probability of detecting the attack after its execution.
|
Written on 28.12.23 by Mang Zhao
Dear All,
The next seminar(s) take place on 03.01.2024 at 14:00 (Session A). Please note that there will be only one session.
Session A: (14:00-15:00)
Parthipan Ramesh, Niklas Britz
https://cispa-de.zoom.us/j/96786205841?pwd=M3FOQ3dSczRabDNLb3F1czVXVUpvdz09
Meeting-ID: 967 8620 5841 … Read more
Dear All,
The next seminar(s) take place on 03.01.2024 at 14:00 (Session A). Please note that there will be only one session.
Session A: (14:00-15:00)
Parthipan Ramesh, Niklas Britz
https://cispa-de.zoom.us/j/96786205841?pwd=M3FOQ3dSczRabDNLb3F1czVXVUpvdz09
Meeting-ID: 967 8620 5841
Kenncode: BT!u5=
Session A:
14:00 - 14:30
Speaker: Parthipan Ramesh
No Information is provided.
14:30 - 15:00
Speaker: Niklas Britz
Type of talk: Bachelor Intro
Advisor: Dr. Nico Döttling
Title: Simplicity and Efficiency: Integer Secret Sharing using Gaussian DistributionsReimagined
Research Area: 2
Abstract:
Secret sharing is a cryptographic technique to distribute a secret among different parties. Only a specified amount of the parties can reconstruct the secret together, while smaller party sizes learn nothing or little about the original secret when combining their respective information.
In this work we present Gaussian Linear Integer Secret Sharing (GLISS), a secret sharing scheme that uses discrete Gaussian distributions to hide integer secrets effectively.
While many established secret sharing schemes operate on modular arithmetic and finite sets where the secrets lie, sharing integer secrets offers advantages that will be discussed in this thesis. While integer secret sharing is not a novel discovery, existing schemes tend to have "unnatural" constructions and require big parameters.
In this thesis, we want to show that the use of Gaussian distributions allows smoother constructions due to rotational invariance. Furthermore, we proof that GLISS is a secure scheme that requires smaller parameters than former work and discuss applications of our scheme.
|
Written on 15.12.23 (last change on 17.12.23) by Mang Zhao
Dear All,
The next seminar(s) take place on 20.12.2023 at 14:00 (Session A) and 14:00 (Session B).
Session A: (14:00-15:30)
Yousuf Tanvir Kazi, Justus Sparenberg, Tim Nagel
https://cispa-de.zoom.us/j/96786205841?pwd=M3FOQ3dSczRabDNLb3F1czVXVUpvdz09
Meeting-ID: 967 8620 5841
Kenncode:… Read more
Dear All,
The next seminar(s) take place on 20.12.2023 at 14:00 (Session A) and 14:00 (Session B).
Session A: (14:00-15:30)
Yousuf Tanvir Kazi, Justus Sparenberg, Tim Nagel
https://cispa-de.zoom.us/j/96786205841?pwd=M3FOQ3dSczRabDNLb3F1czVXVUpvdz09
Meeting-ID: 967 8620 5841
Kenncode: BT!u5=
Session B: (14:00-15:30)
Oliver Schedler, Niklas Lohmann, Louise Malvin Tanaka
https://cispa-de.zoom-x.de/j/67589187585?pwd=R0NTMWx5M1lNa0JWdk1GY3BWR21wUT09
Session A:
14:00 - 14:30
Speaker: Yousuf Tanvir Kazi
Type of Talk: Master Intro
Advisor: Dr. Cristian-Alexandru Staicu
Title: Plug-and-Play in the Web: An Examination of Web Components' Usage and Security Implications
Research Area: RA5: Empirical and Behavioural Security
Abstract:
Web components, in most basic form, can be defined as a pre-built set of reusable custom elements primarily built with HTML and JavaScript. Each framework has its own definition for the word Web Component. We define it as a plug- and-play snippet of code that can primarily be acquired from a package manager such as Node Package Manager (NPM).
The surge in popularity of web components, driven by frameworks, raises security concerns. In our study, we aim to explore the realm of web components, investigating their popularity, dissemination, utilization, and security challenges in the modern web.
Additionally, we will explore Server-Side Rendering (SSR) in relation to these web components. The primary motivation for this exploration is that if the web components are vulnerable or malicious, they could cause more damage to the application and compromise data privacy during Server-Side Rendering. This is because, on the server, access rights are typically elevated, access to data is usually easier, and so forth.
14:30 - 15:00
Speaker: Justus Sparenberg
Type of talk: Bachelor Intro
Advisor: Sven Bugiel
Title: Detecting, Categorizing & Evaluating App Permission Rationales
Research Area: RA5: Empirical and Behavioural Security
Abstract: Mobile applications have been an integral part in the everyday lives of people for a while now. To function properly, these apps need access to private data.
Users are understandably reluctant to give apps permission to use this data. For example, users should be hesitant to tell an unknown entity where they currently are. But for apps that are used for navigation this information is necessary to function. To increase the chance, that users give permission to use this data, developers can provide rationales to give users insight on what the data is used for.
This work aims to use NLP to provide a system to detect rationales from the strings of apps, classify them according to the type of permission requested and evaluate the sentiment of these rationales.
15:00 - 15:30
Speaker: Tim Nagel
Type of talk: Bachelor Intro
Advisor: Dr. Mridula Singh
Title: Quantifying Location Leakage from a Mobile Device
Research Area: RA4
Abstract:
Mobile devices have become an integral part of our daily lives, offering connectivity and convenience. However, this permanent connectivity often comes at the cost of privacy, particularly concerning continuous tracking of users through location leakage. Thus, to prevent tracking of devices, researchers have proposed the use of temporary randomized identifiers. Earlier works exist on analyzing the randomness and implementation of these temporarily randomized identifiers concerning protocols such as WiFi, Bluetooth and LTE.
Our research delves into a more profound vulnerability: even with securely randomized and timely updated identifiers, the asynchronous updates across different protocols enable prolonged tracking through cross-linking of these identifiers. Therefore, if we can establish correlation between the protocols based on the features of the transmitted messages, cross-linking will be possible.
In this work, we will address two important research questions to assess the privacy leakage of devices: Can we establish correlation between different protocols from the messages transmitted by a single device, and is it possible to establish a cross-linking between the protocols? We plan to evaluate the privacy assessment of the devices in a real setting which will enable us to measure the privacy of different types of devices.
Session B:
14:00 - 14:30
Speaker: Oliver Schedler
Advisor: Carolyn Guthoff, Matthias Fassl
Title: Evaluating Design Methods for Age-Appropriate CSE Protection
Research Area: RA 5 Empirical and Behavioural Security
Abstract: Messenger Apps can pose a risk to young adults' well-being by letting them see inappropriate content or confronting them with unwanted behavior from other users, ranging from sexual content over cyberbullying to cyber grooming. The goal of my study is twofold. One aim is to find feasible implementations for content warnings on WhatsApp. However, this is embedded into the broader proposition of finding viable approaches to involve youth in the (co-)design process in general. I choose a participatory design approach using interviews and focus groups to improve our knowledge of user needs, achieve high user value, and for immediate validation of ideas.
14:30 - 15:00
Speaker: Niklas Lohmann
Type of talk: Bachelor Intro
Advisor: Dr. Mridula Singh
Title: Time Advancement Attacks on OFDM Signals using Machine Learning
Research area: RA4: Secure Mobile and Autonomous Systems
Abstract:
Orthogonal Frequency-Division Multiplexing (OFDM) forms the backbone of modern wireless communication, underscoring the necessity of robust security measures. This study delves into the potential of Machine Learning algorithms to not only understand but also replicate the precision of Time Advancement Attacks on OFDM signals. Focusing specifically on the Early Detect; Late Commit (EDLC) attack, we assess whether ML can offer a comparable approach to existing methodologies.
15:00 - 15:30
Speaker: Louise Malvin Tanaka
Type of Talk: Bachelor Final
Advisor: Dr. Lucjan Hanzlik
Title: Virtual ICAO ePassport and Application to Attribute-based Online Authentication
Research Area: RA1: Trustworthy Information Processing
Abstract:
Personal identification is a critical aspect of internet security in today's digital era. Ensuring that users comply with specific rules while preserving anonymity poses significant challenges. Identity verification is often necessary to access sensitive online services, but mishandling this process can pose significant vulnerabilities and privacy concerns. Users may also have to reveal unnecessary personal information to the relying parties in the process, putting their privacy at risk. In this thesis, we propose a novel identity verification method that prioritizes user privacy while ensuring secure authentication.
|
Written on 01.12.23 (last change on 07.12.23) by Mang Zhao
Dear All,
The next seminar(s) take place on 06.12.2023 at 14:00 (Session A) and 14:00 (Session B).
Session A: (14:00-15:30)
Leon Barth, Dominic Troppmann, David Groß
https://cispa-de.zoom.us/j/96786205841?pwd=M3FOQ3dSczRabDNLb3F1czVXVUpvdz09
Meeting-ID: 967 8620 5841
Kenncode:… Read more
Dear All,
The next seminar(s) take place on 06.12.2023 at 14:00 (Session A) and 14:00 (Session B).
Session A: (14:00-15:30)
Leon Barth, Dominic Troppmann, David Groß
https://cispa-de.zoom.us/j/96786205841?pwd=M3FOQ3dSczRabDNLb3F1czVXVUpvdz09
Meeting-ID: 967 8620 5841
Kenncode: BT!u5=
Session B: (14:00-15:30)
Mikka Rainer, Gowtham Krishna Addluri, Rahul Nittala
https://cispa-de.zoom-x.de/j/67589187585?pwd=R0NTMWx5M1lNa0JWdk1GY3BWR21wUT09
Session A:
14:00 - 14:30
Speaker: Leon Barth
Type of talk: Master Intro
Advisor: Dr. Nils Ole Tippenhauer
Title: Feasibility of IDS in Automotive Systems using the NXP S23G Platform
Research area: RA3: Threat Detection and Defenses
Abstract:
The Controller Area Network (CAN) was introduced in the 1980s and has become the de facto standard communication protocol in the automotive industry. However, cars were much less digitized back then, which meant that potential security risks with CAN were less present. Today, with connected cars and numerous digital control systems such as brake-by-wire, drive-by-wire or autopilot the risk is much greater.
As a quasi-standard, the protocol cannot simply be replaced. Therefore, security measures are necessary. Intrusion Detection Systems (IDS), which are successfully used for other types of networks, are one way to detect attacks.
But since CAN does not send or verify information about the sender or recipient of individual messages, this is a major challenge. Possible approaches attempt to infer anomalies and possible attacks from information about signal levels, the temporal context, or the content of the messages. Methods ranging from simple statistics to deep learning are presented and evaluated. Unfortunately, most of the evaluation scenarios are not very close to the practice because of using powerful computers, oscilloscopes or synthetic evaluation data.
In this thesis, I investigate the feasibility of implementing such systems on next-generation automotive hardware using the NXP S32G platform as an example and realistic data. Therefore, I collect existing approaches for CAN IDS and CAN traffic datasets. The IDS is then analyzed with data as close to reality as possible, both on conventional high-performance x86-based hardware with a dedicated GPU and on the much more limited ARM-based NXP S32G platform. The results are used to evaluate the feasibility of each concept in future vehicles.
14:30 - 15:00
Speaker: Dominic Troppmann
Type of talk: Master Final
Advisor: Dr. Cristian-Alexandru Staicu
Title: Trust is good, control is better: Shedding light on typing practices in gradually typed scripting languages.
Research Area: RA5
Abstract: In recent years, scripting languages, most notably JavaScript/TypeScript and Python, have gained lots of traction due to their ease of learning, ease of use, and the large ecosystems of third-party packages and libraries. Another key feature of these languages is that, contrary to languages like C or Java, they do not use a static type system, which saves developers the significant effort of adding type annotations and affords faster prototyping and development. However, this usually comes at the cost of more typing-related bugs at runtime that would otherwise be caught by a static typing system. To give developers the best of both worlds, TypeScript and Python feature a gradual type system allowing developers to add optional type annotations/hints. These type annotations are checked at compile time but not enforced at runtime, meaning that developers must implement type checks to enforce datatypes during runtime.
But does this happen in practice, or might developers even be fooled into thinking their scripts become type-safe by simply annotating them? This thesis aims to shed light on gradual typing and type-checking practices in real-world projects. More specifically, we study how frequently developers use type annotations, how type annotations affect the frequency and role of type checks, and the possible security implications of lackluster type-checking in the presence of type annotations. To this end, we present an approach that consists of statically analyzing close to \numprint{30000} GitHub repositories written in JavaScript, TypeScript, and Python to extract code metrics that reflect gradual typing and type-checking practices in these projects. We then proceed to select 20 real-world projects based on these metrics, which we then analyze manually to confirm the presence of type-related issues in gradually typed code. With this approach, we identify 44 functions that are likely susceptible to type-related issues.
15:00 - 15:30
Speaker: David Groß
No information is provided.
Session B:
14:00 - 14:30
Speaker: Mikka Rainer
Type of talk: Bachelor Final
Advisor: Dr. Michael Schwarz
Title: Reversing the Microarchitecture with Unikernels
Research Area: RA3
Abstract:
The microarchitecture of modern CPUs is largely undocumented. However, knowledge of inner CPU mechanisms allows for finding novel attack vectors, creating new defenses, and building high-performance applications. While there is an ongoing effort to reverse engineer the inner mechanisms of modern processors, researchers are largely unable to observe individual microarchitectural events.
In this thesis, we investigate how we can create a noise-free measurement environment for microarchitectural reverse engineering by leveraging the power of unikernels. In a case study, we show that we can significantly improve the accuracy of address-to-slice mappings in comparison to previous techniques, taking the example of the addressing function of last-level cache slices. Contrary to previous work, we can measure microarchitectural events up to a single instruction granularity. This enables us to speed up reverse engineering of last-level cache slices by a factor of 260. We further reverse engineer one known and one previously unknown slice-addressing function. In this work, we make the first step towards a unified framework for microarchitectural reverse engineering by proposing a specialized research kernel.
14:30 - 15:00
Speaker: Gowtham Krishna Addluri
Type of talk: Master Intro
Advisor: Prof. Dr. Rebekka Burkholz, Advait Gadhikar
Title: Understanding the Effects of Batch Norm parameters on Iterative Magnitude Pruning
Research Area: RA1: Trustworthy Information Processing
Abstract :
The Lottery Ticket Hypothesis suggests that sparse trainable networks with random initialization exist and can be found by the Iterative Magnitude Pruning algorithm.
This thesis aims to investigate the influence of the Batch Normalization operation on the pruning criteria and parameter optimization of the sparse network found by IMP.
In our approach we isolate and include the effects of the affine Batch Normalization parameters in the pruning and training steps of IMP. This is achieved in two distinct manners: modification of the scoring function and scaling of the model weights. Our primary objectives include evaluating potential changes in accuracy, examining alterations in the mask structure concerning the baseline, and investigating the stability of weights within the same basin.
Experiments are presented on VGG19 and ResNet, on the CIFAR-10 and CIFAR-100 datasets.
15:00 - 15:30
Speaker: Rahul Nittala
Type of talk: Master Intro
Advisor: Dr. Rebekka Burkholz
Title: Effectiveness of scale-free random pruning for sparse training
Research Area: RA1
Abstract:
The Lottery Ticket Hypothesis confirms the existence of sparse networks with random initializations that can achieve performance comparable to a dense network. But finding such tickets involves iterative pruning- retraining steps, thereby, increasing computational requirements. Random masks serve as a good pruning at initialization strategy for sufficiently overparameterized models, circumventing the additional overhead. This pruning at initialization could be considered as a sparse-to-sparse training rather than the traditional dense-to-sparse training.
Existing work provides theoretical bounds of the required overparameterization with one additional layer than the target network. Empirical analysis further shows confirms the success of sparse-to-sparse training as opposed to the traditional dense-to-sparse training. However, it imposes a restriction that the resulting lottery ticket network has an Erdos-Renyi degree distribution. Whereas, sparse networks or naturally occurring networks, in general, adopt a variant of scale-free distribution. The thesis aims to study the advantages conferred by adopting a generalized degree distribution for the source network. Preliminary analysis of representing a target network's edge structure shows that while requiring a higher overparameterization, a source network with scale-free degree distribution contains a sparser lottery ticket within it, when compared to ER degree distribution. This could potentially be beneficial for starting sparse and further increasing the sparsity during training.
|
Written on 16.11.23 (last change on 27.11.23) by Mang Zhao
Dear All,
The next seminar(s) take place on 22.11.2023 at 14:00 (Session A) and 14:00 (Session B).
Session A: (14:00-15:00)
Matteo Leonelli
https://cispa-de.zoom.us/j/96786205841?pwd=M3FOQ3dSczRabDNLb3F1czVXVUpvdz09
Meeting-ID: 967 8620 5841
Kenncode: BT!u5=
Session B:… Read more
Dear All,
The next seminar(s) take place on 22.11.2023 at 14:00 (Session A) and 14:00 (Session B).
Session A: (14:00-15:00)
Matteo Leonelli
https://cispa-de.zoom.us/j/96786205841?pwd=M3FOQ3dSczRabDNLb3F1czVXVUpvdz09
Meeting-ID: 967 8620 5841
Kenncode: BT!u5=
Session B: (14:00-15:30)
Moritz Wilhelm, Justin Steuer, Vinay Tilwani
https://cispa-de.zoom-x.de/j/67589187585?pwd=R0NTMWx5M1lNa0JWdk1GY3BWR21wUT09
Session A:
14:00 - 14:30
Speaker: Matteo Leonelli
Type of talk: Master Intro
Advisor: Thorsten Holz, Ali Abbasi
Title: Coverage Guidance by Proxy for Differential Fuzzing of Video Accelerators
Research Area: RA3
Abstract:
Today, video encoders and decoders implemented in hardware are integral to our daily lives through the internet, media, and social networks.
The interaction between software and hardware in decoding videos involves hardware accelerators that interface with drivers, facilitating the use of privileged software and hardware components. This interplay introduces the potential for functional disparities and security vulnerabilities due to the black box, obscure, and complex nature of hardware that makes testing difficult. In contrast, the software decoding process is white box, testable, and only presents intuitive scenarios, though implemented entirely differently.
Like other testing fields, hardware security research struggles with defining efficient test oracles. In the context of our research, we aim to design a methodology to assess the behavior of hardware components, specifically video hardware accelerators. This tool leverages coverage of the software implementation as a proxy for the state of the decoding process, allowing for the inference of hardware coverage and the ability to uncover potential non-deterministic or incorrect behavior in the hardware components. Our approach employs a fuzz testing strategy to identify hardware and software bugs, effectively tracing hardware behaviors through software metrics. We demonstrate the applicability of this approach through a case study involving video hardware accelerators, testing the complete hardware acceleration stack against the software implementation. Importantly, this methodology holds promise for various scenarios where hardware implementations exhibit determinism and have analogous software implementations for testing functional correctness and performing lower-level security assessments.
Session B:
14:00 - 14:30
Speaker: Moritz Wilhelm
Type of talk: Master Final
Advisor: Ben Stock, Giancarlo Pellegrino
Title: A Song of Trust and Archives: Assessing the Dependability of Web Archives for Reproducible Web Security Measurements
Research Area: RA5: Empirical and Behavioural Security
Abstract:
In recent years, the research community has recognized the growing significance of artifact evaluation. Nonetheless, the ever-changing and unpredictable nature of the Web continues to present an unresolved challenge for achieving reproducible web measurements. This thesis explores the potential of public web archives, with a particular focus on the Internet Archive, in addressing this persistent issue.
Our analysis involves a comprehensive evaluation of the reliability of data sourced from the Internet Archive. We first conduct a longitudinal analysis spanning 7.5 years, ranging from 2016 to the present, to assess the extent of historical data coverage within the Internet Archive. While previous research has heavily relied on the Internet Archive to conduct historical web measurements, this reliance has largely been rooted in trust. To assess the validity of this trust, we evaluate the consistency of data stored in the Internet Archive via two case studies. Specifically, we analyze the prevalence of both syntactic and semantic differences in security header configurations, as well as variations in third-party JavaScript dependencies among Internet Archive snapshots that are in close temporal proximity. Finally, we explore the feasibility of leveraging the Internet Archive to simulate live web security measurements, thereby addressing the challenge of replicability in such studies.
Our findings affirm that the Internet Archive offers an extensive and densely populated repository of archival snapshots, highlighting its dependability for web measurements. However, we detect subtle pitfalls when conducting archive-based measurements and offer effective strategies for mitigation, including the concept of snapshot neighborhoods. Furthermore, we present a series of best practices tailored for future archive-based web measurements. In conclusion, we determine that the Internet Archive provides a reliable foundation for conducting reproducible web measurements.
14:30 - 15:00
Speaker: Justin Steuer
Type of talk: Bachelor Final
Advisor: Dominic Steinhöfel
Title: Constraint-Aware Parsing
Research Area: RA5: Empirical and Behavioural Security
Abstract:
Parsing is an integral tool of software development for disassembling input and checking it for correctness.
However, parsers that solely rely on context-free grammars, while versatile, can only check input for syntactic validity and can not verify context-sensitive properties.
ISLa, a declarative specification language for context-sensitive properties, enables users to specify context-sensitive constraints
on top of a context-free grammar that each valid string must satisfy.
ISLa cannot only produce valid inputs but can also check for a specified string whether it fulfills all given constraints.
While this feature is functional, it is not optimal in the way that it is implemented, since it first parses the string through a parser for context-free grammars
(thus verifying its syntactic correctness) and only then verifies its semantic correctness afterward.
This can be quite inefficient when a lot of inputs have to be verified since each input needs to be fully parsed regardless of whether it fulfills the semantic requirements or not.
This talk introduces the concept of Constraint-Aware Parsing, which aims to build upon Parsimonious, a Python-based parser for Parsing Expression Grammars,
and give it additional functionality to verify context-sensitive constraints alongside the traditional parsing process and extend it into a so-called 'Constraint Parser'.
Furthermore, an implementation of a Constraint Parser based on an Earley Parser will be discussed together with the challenges that come with implementing
such a parser and how this theoretical parser could come with the advantage of being able to use constraints to resolve ambiguity while parsing,
which can make parsing with ambiguous grammars much more efficient compared to the standard Earley Parser, which creates a parse forest to handle ambiguity.
15:00 - 15:30
Speaker: Vinay Tilwani
Type of talk: Master Final
Advisor: Prof. Dr. Andreas Zeller, Jan Reineke
Title: Fuzzing LLVM bitcode using FormatFuzzer
Research Area: RA3
Abstract: The LLVM project and its tools are used to power the compilers of many popular programming languages - C, Rust, Swift, etc. A bug in one of the LLVM tools might create a hard-to-debug bug or vulnerability in programs compiled using these compilers. This entails that LLVM tools are critical pieces of software infrastructure and should be thoroughly tested. Due to the complexity of the input space of these tools, traditional software testing techniques are inadequate, and a automated, random, exploratory approach of Software Fuzzing is much more suitable. We use an in-house binary-based fuzzer FormatFuzzer to fuzz inputs to the most critical LLVM tools and show our results here. In a unique endeavour, we present the results of directly fuzzing a complex format like bitcode to uncover bugs, while also illustrating the applicability of FormatFuzzer in a new domain.
|
Written on 06.11.23 by Mang Zhao
Dear All,
Please note that the next seminar will take place on 08.11.2023 at 14:00.
We apologize for the typos in the previous message.
Best wishes,
Mang
|
Written on 03.11.23 (last change on 06.11.23) by Mang Zhao
Dear All,
The next seminar(s) take place on 08.11.2023 at 14:00 (Session A). Please note that there is only one session.
Session A: (14:00-15:30)
Heyang Li, Sohom Mukherjee, Nils Hagen
https://cispa-de.zoom.us/j/96786205841?pwd=M3FOQ3dSczRabDNLb3F1czVXVUpvdz09
Meeting-ID: 967 8620… Read more
Dear All,
The next seminar(s) take place on 08.11.2023 at 14:00 (Session A). Please note that there is only one session.
Session A: (14:00-15:30)
Heyang Li, Sohom Mukherjee, Nils Hagen
https://cispa-de.zoom.us/j/96786205841?pwd=M3FOQ3dSczRabDNLb3F1czVXVUpvdz09
Meeting-ID: 967 8620 5841
Kenncode: BT!u5=
Session A:
14:00 - 14:30
Speaker: Heyang Li
Type of talk: Master Intro
Advisor: Prof. Dr. Andreas Zeller, Fengming Zhu
Title: Monitoring System Invariants
Research Area: Threat Detection and Defenses
Abstract:
How can we detect complex anomalies in log-based systems? Monitoring can detect abnormal behaviors using formal specifications, but
we lack an expressive specification language to describe the behaviors of log-based systems. The behaviors of log-based systems can
be abstracted as temporal context-sensitive properties, involving the interplay of syntax, semantics and high-level temporal properties.
System invariants is a novel model for characterizing context-sensitive structures over context-free grammars. It is based on ISLa, the
state-of-the-art specification language for context-sensitive properties. Linear temporal logic and its first-order variants are widely
used for high-level temporal properties. However, the expressiveness of system invariants and temporal logic are disjoint.
This thesis aims to propose a new approach to monitor temporal context-sensitive properties based on system invariants. Firstly, I am
going to extend the formal model of system invariants to express temporal properties. And then I am going to design and implement monitoring
algorithms for system invariants. Furthermore, I will attempt to have the monitor mine the characterization of errors if the monitor
detects anomalies.
14:30 - 15:00
Speaker: Sohom Mukherjee
Type of talk: Master Intro
Advisor: Sebastian Stich
Title: Adaptive Optimization for Federated Visual Classification
Research Area: RA1
Abstract: In this project we shall consider the problem of distributed optimization with intermittent communication (federated learning) where multiple devices jointly train a visual classification model without sharing their local data. While FedAvg (aka Local SGD) has become ubiquitous for such distributed optimization tasks, it does not converge in theory using fixed stepsizes. Various alternatives are adopted in practice such as stepsize schedules or grid search, but they do not come with theoretical guarantees or are computationally expensive. In this work we start by studying the decreasing stepsize for FedAvg and prove convergence under heterogeneity. Then we go on to experimentally study AdaGrad-type adaptive stepsizes for the federated setting. There are various design choices involved in this, and we try to provide some intuition and suggestions on the design of adaptive federated methods. Since the analysis of AdaGrad-type methods involve many complications and open problems in the centralized setting itself, we study them for the special case of a single worker and provide some clear theoretical statements and proofs. Finally, we will also evaluate our methods on small scale (LeNet on MNIST dataset) as well as large scale (VGG and ResNet on CIFAR10) distributed image classification tasks with homogeneous as well as heterogeneous data settings.
15:00 - 15:30
Speaker: Nils Hagen
Type of talk: Bachelor Final
Advisor: Prof. Andreas Zeller, Leon Bettscheider
Title: Semantic Fuzzing with I/O Contracts
Research Area: RA5: Empirical and Behavioural Security
Abstract:
Grammar-based fuzzing with context-free grammars is a common technique to make fuzzers
more program-specific and to increase coverage. This has proven to be an especially
successful test generation method in black-box settings with target programs that require
highly-structured inputs. However, context-free grammars are limited to the expression
of syntactic constraints which makes them unsuitable for input/output affiliations (like
in a client/server architecture or other reactive systems) where input and output are
semantically linked. Most fuzzers therefore rely solely on generic test oracles for bug
detection that either detect program crashes or output on standard error ports.
To express more powerful oracles we additionally want to consider the aforementioned input-
output relations. In this work we present a method to describe these semantically linked
interactions through I/O contracts where syntactic and semantic properties are expressed
through intertwined context-free grammars (termed I/O grammars) and semantic ISLa
constraints. Furthermore, we show how to apply these methods in practice on a real-world
server implementation of the IRC protocol.
|
Written on 22.10.23 by Mang Zhao
Dear all,
welcome to the new course for the Bachelor and Master seminar in this winter term.
Please switch to this course.
Best wishes,
BAMA Seminar Team
|