News
Next Seminar on 28.02.2024
Written on 26.02.2024 12:25 by Niklas Medinger
Dear All,
The next seminar(s) take place on 28.02.2024 at 14:00 (Session A) and 14:00 (Session B).
Session A: (14:00-15:30)
Laura Thineta Mulia, Nils Olze, Sahil Sihag
https://cispa-de.zoom.us/j/96786205841?pwd=M3FOQ3dSczRabDNLb3F1czVXVUpvdz09
Meeting-ID: 967 8620 5841
Kenncode: BT!u5=
Session B: (14:00-15:30)
Girija B Mohan., Adarsh Jamadandi, Dominik Kempter
https://cispa-de.zoom-x.de/j/66136901453?pwd=YVBSZU9peUpvUlk4bWp3MDR4cGlUUT09
Session A:
14:00 - 14:30
Speaker: Laura Thineta Mulia
Type of talk: Bachelor Final
Advisor: Prof. Thorsten Holz, Bhupendra Acharya
Title: "Ghost Coins: Analyzing the Prevalence of Fake Cryptocurrency Wallet"
Research Area: RA5: Empirical and Behavioural Security
Abstract:
Cryptocurrency is a digital currency that operates in decentralized networks, unlike traditional currencies issued by the government. These digital cryptocurrencies are managed by digital tools or software referred to as wallets which allow users to store, manage, and transact among other users. With the adoption of cryptocurrency as digitized payments, malicious attackers become more vigilant. Consequently, each year cryptocurrency wallet users are susceptible to emergent attacks including traditional attacks such as phishing, impersonation, and fake technical support.
In this work, we analyze the prevalence of fake cryptocurrency wallets in the form of Android apps, a popular choice among users. These apps are sourced from both vetted and non-vetted marketplaces. Specifically, we gather cryptocurrency wallets from the Google Play Store as the vetted marketplace, and APKPure, Aptoide, ApkCombo, and PlayMods as non-vetted alternatives. Our dataset comprises 6800 cryptocurrency wallet apps, among which 181 were identified as fake using the methods of typosquatting, combosquatting, and permission pattern matching.
Furthermore, we conduct a comparison of the occurrence of counterfeit apps between vetted and non-vetted marketplaces. Our results indicate that only 1.37% of apps acquired from vetted marketplaces turned out to be counterfeit, whereas 3.01% of those obtained from non-vetted sources were found to be fake. Our study revealed that non-vetted marketplaces have more than twice the prevalence of counterfeit apps compared to their vetted counterparts. Additionally, our analysis underscores that many of these counterfeit apps attract users by offering free cryptocurrency, revealing how scammers exploit such incentives to entice unsuspecting victims into downloading their malicious applications.
14:30 - 15:00
Speaker: Nils Olze
Type of Talk: Master Final
Advisor: Sven Bugiel
Title: Finding the Needle in the Haystack: Password Recovery in a Forensic Setting
Research Area: RA5
Abstract: Passwords are still the most common way of user authentication. Especially in the context of authentication on local devices, they are unlikely to ever (fully) disappear. In a forensic setting associated with a criminal investigation, passwords are a common hindrance when the investigator wants to lawfully access a confiscated device or encrypted file. If the suspect does not cooperate, the investigator needs to guess the correct password of an encrypted device or file. This scenario of an offline Password Guessing attack is different from the typical scenario since the target is usually only a single password. Previous research has found that the majority of passwords are likely guessed by generic password guessing attacks, but the remaining 20 % of passwords are hard to guess. This implies the need for more sophisticated attacks, which leverage the available information in a forensic setting.
In this work, we perform a field study on 46 devices from real-world criminal investigations to determine the options of an investigator to obtain a password if access to a desktop device of a suspect is possible. We examine three different research questions. First, we determine how credentials are stored on hard drives and how accessible they are. Our findings suggest, that an investigator might instantly access credentials in two-thirds of all cases. Second, we investigate whether or not it is possible to detect plain text passwords stored on a hard drive. We use an approach based on Probabilistic ContextFree Grammar proposed by previous research. Based on our results, this approach is not fit to directly identify passwords but might be further improved with weighting functions to reach this goal. Third, we attempt to measure the impact of data from the hard drive on a Password Guessing attack. To achieve this, we compare the performance of the password candidate lists extracted with the aforementioned PCFG approach with the performance of generic dictionary attacks. When attacking the NTLM hashes of local user accounts, our best attack significantly outperforms a generic attack with an equally sized keyspace. Taking Password Reuse into account, we estimate a solid chance for an investigator to crack the target password.
15:00 - 15:30
Speaker: Sahil Sihag
Type of talk: Master Final
Advisor: Dr. Nils Ole Tippenhauer
Title: In-situ Fuzzing of Remote Firmware with Coverage Feedback
Research Area: RA4: Secure Mobile and Autonomous Systems
Abstract:
In this thesis, we develop a framework for coverage guided fuzzing of an embedded firmware. This is done by taking advantage of free storage and memory of the target embedded system. With the help of this free space, we enable instrumentation of the firmware and store coverage information of firmware during execution. This fine-grained information is later utilized by the fuzzer for generating better inputs.
The final talk of this thesis discusses performance evaluation of our framework. First, we cover effectiveness of coverage feedback and input specifications for our test firmware. Then, we explore feasibility of minimizing impact of previous fuzzing inputs with the help of firmware restarts. Finally, we discuss the bugs discovered with the help of our framework and hurdles in reaching greater code coverage during fuzzing campaigns.
Session B:
14:00 - 14:30
Speaker: Girija B Mohan.
Type of talk: Master Intro.
Advisor: Dr. Mridula Singh.
Title: Physical World Sensor Attack on LiDAR-camera-based Perception in Autonomous Driving.
Research Area: RA4 (Secure Mobile and Autonomous Systems)
Abstract:
Autonomous Vehicles (AVs) rely on sensors like cameras and LiDAR, to perceive their surroundings and make informed decisions regarding path planning and vehicle control. Understanding the vulnerabilities in these perception systems is crucial for ensuring road safety and building robust AV systems.
While cameras have been traditionally used for perception, they are susceptible to spoofing attacks. Hence, AVs are increasingly adopting LiDARs as they show an advantage over other sensors due to their ability to create detailed 3D maps, providing precise distance and depth information for all surrounding objects and free space, and are also a reasonable buy today. However, the researchers continue to study the vulnerability of LiDARs and explore new ways to attack them. The technical functionality of LiDAR makes the environment with mirrors challenging for LiDARs to work with. Existing research has not yet explored this as a potential attack vector.
In this research, we will exploit the property of light reflection to design and model a physical-world attack on LiDAR and camera sensors. We will demonstrate the effectiveness of our attack against state-of-the-art AV obstacle detectors like PointPillars. Additionally, we will evaluate the impact of these attacks on driving decisions using industry-grade Autonomous Driving Simulators (LGSVL or CARLA) and propose defense strategies to mitigate such attacks.
By shedding light on these vulnerabilities and proposing defense mechanisms, this research contributes to the development of more resilient AV perception systems, ultimately enhancing road safety in autonomous driving environments.
14:30 - 15:00
Speaker : Adarsh Jamadandi
Type of Talk : Master Thesis Intro
Advisor : Dr. Rebekka Burkholz.
Title : Investigating the Label/Feature Alignment with the Community Structure for Graph Neural Networks.
Research Area : RA1 Trustworthy Information Processing.
Abstract : Graph Neural Networks that leverage the message passing paradigm are shown to inhibit pathological behaviours such as over-squashing and over-smoothing. The former results from bottlenecks that hamper information flow, while over-smoothing leads to node features tending to non-informative limit due to repeated rounds of aggregation. A common strategy to resolve both of these issues is spectral based graph rewiring. That is, modifying the edge structure of the graph with the intent to maximize the spectral gap either by adding or deleting edges. This strategy has been shown to improve the generalization performance of GNNs in tasks like node classification.
In this project we argue that, most of the success that is attributed to the spectral rewiring based approaches, in fact, stem from an alignment of the underlying community structure with the feature/labels of the input graph. Our preliminary results on synthetic datasets show, methods that delete edges to maximize the spectral gap end up deleting intra-class edges weakening the inherent community structure which in-turn derails the feature/label alignment with the community structure. We show this can be deterimental to the downstream task. In fact, minimizing the spectral gap helps retain this alignment.
To summarize, this project aims to investigate vital the role of community structure and its alignment with the features/labels of the graph is to the downstream task and how spectral gap based rewiring methods affect this harmony and how it shapes the generalization performance of GNNs.
15:00 - 15:30
Speaker : Dominik Kempter
No information provided.