ABSTRACT. Android non-SDK interfaces are APIs that are not part of the official SDK and are restricted. Multiple studies have indicated flaws and limitations of the usage of these non-SDK interfaces, prompting Google to introduce restrictions on non-SDK interfaces to regulate access to these interfaces. This study systematically evaluates the alignment between the official Android guidelines for non-SDK interface usage and the findings from Veridex, a Google tool that assesses the existence of these non-SDK interfaces in Android applications. Our analysis considers the three latest Android versions and reveals inconsistencies, including mismatches in non-SDK interfaces and associated restrictions, as well as contradictions in the enforcement of these restrictions. These inconsistencies highlight significant challenges in the regulatory framework, potentially undermining the effectiveness of measures intended to secure the Android platform.

ABSTRACT. Attribute-Based Access Control (ABAC) enables highly expressive and flexible access decisions by considering a wide range of contextual attributes. ABAC policies use logical expressions that combine these attributes, allowing for precise and context-aware control. Algorithms that mine ABAC policies from legacy access control systems can significantly reduce the costs associated with migrating to ABAC. However, a major challenge in this process is handling incomplete entity information, where some attribute values are missing.

This paper introduces an approach that enhances the policy mining process by predicting or inferring missing attribute values. This is accomplished by employing a contextual clustering technique that groups entities according to their known attributes, which are then used to analyze and refine authorization decisions. By effectively managing incomplete data, our approach provides security administrators with a valuable tool to improve their attribute data and ensure a smoother, more efficient transition to ABAC.

ABSTRACT. The proliferation of fake news poses significant challenges to both individuals and society. While numerous studies have developed detection models and datasets, these models often remain vulnerable to biases introduced by contaminated data sources or biased training methodologies. When trained on such data, machine learning models can unintentionally learn and propagate these biases, negatively impacting their generalization performance. Existing research on fake news detection has predominantly focused on political bias. This study addresses gender bias in fake news detection. While gender bias is well-documented in media, it remains largely unexamined in the context of fake news. Our investigation reveals that gender bias exists within fake news detection models, with models trained on female data outperforming those trained on male data. In response, we propose mitigating gender bias using an adversarial debaising approach. Our results demonstrate improved fairness and performance metrics compared to baseline models.

ABSTRACT. Given the vast amount of information available today, the spread of fake news significantly undermines societal trust and decision-making processes. Moreover, this news appears across multiple domains, such as health, politics, or social media, with different intrinsic characteristics, making fake news detection (FND) an even harder problem. This paper investigates the efficiency of transfer learning (TL) and prompt tuning in improving FND across multiple domains. We utilized and fine-tuned the Llama 2 7B model, incorporating prompt tuning to enhance detection accuracy. First, we classify the domain of news articles using a DistillBERT model, which has been demonstrated to be a highly accurate domain classifier. Then, we employ domain-specific prompts tailored to guide the fine-tuned Llama 2 7B model in assessing news credibility. The second layer of our approach involves fine-tuning Llama 2 for FND and subsequently applying prompt tuning. This combination allows us to compare three scenarios: blind testing with the original Llama 2, the performance of the fine-tuned Llama 2 model, and the enhanced accuracy achieved through prompt tuning in the second stage. Our results demonstrate substantial improvements in precision, recall, accuracy, and F1 scores across all tested domains. This study highlights the potential of integrating domain-specific prompt tuning with fine-tuning-based TL to advance the accuracy and reliability of automated FND systems.

ABSTRACT. This paper introduces parametric automata, a novel extension of symbolic automata, designed for specifying dynamic access control policies. We integrated it as an extension to the external access control modules of the Apache web server. We demonstrate that by incorporating parametric variables, we can easily formulate access rules that are challenging to model using symbolic automata or other approaches in the literature.

ABSTRACT. Wi-Fi stands out as one of the most prominent and widespread wireless technologies in use today. Smartphones and various other Wi-Fi-enabled devices employ management frames called probe-requests to discover nearby networks. In this study, we reveal that it is possible to fingerprint based on the probe-requests they emit while connected to a network. Leveraging distinctive features of probe-request bursts we use a Random Forest-based approach to successfully fingerprint devices. This shows that devices that randomize their MAC addresses across sessions in a network can still be tracked. Through an assessment conducted on a real-world measurement comprising Wi-Fi devices with diverse operating systems, and spanning a month duration, we demonstrate that our model fingerprints individual devices with ~40% accuracy with 1 burst and perfect re-identification if two or more bursts are available.

ABSTRACT. As society becomes more reliant on IoT devices, it's crucial for users to navigate the varying privacy and security risks. However, these risks differ significantly between devices, making it difficult for users to fully understand them. To address this challenge, we developed the first Canadian Privacy and Security Label for IoT devices, similar to nutrition labels, to communicate privacy and security risks in a user-friendly way. The label’s design ensures comprehensibility by incorporating best practices. We also created an Android app that provides easy access to the label and allows users to customize their privacy and security preferences. We surveyed 122 Canadians to evaluate the label's effectiveness, preferences, and appeal. The findings suggest that the label is more readable, digestible, and visually more appealing compared to previous designs. The app also enhances user engagement and raises awareness about IoT privacy and security concerns.

ABSTRACT. The deployment of sensors and electronic devices has become instrumental in realising the functionality of a smart grid. Secure operational data collection via communication protocols from field devices by the supervisory control and data acquisition (SCADA) at the utility control center is fundamental for the secure and reliable operation of smart grids. In this work, we propose two efficient transport-layer protocols for authenticated acquisition of data from smart grid devices. Our first protocol is based on a pre-shared key, and the second protocol is certificate-based. The constructions of our protocols are based on computationally-cheap cryptographic primitives such as lightweight authenticated encryption, digital signatures, and elliptic curve Diffie- Hellman (ECDH) computations. We prove the security of our protocols against both active and passive adversaries. Finally, to showcase their practicality, we implement our protocols and perform comparative anal- ysis with other contemporary protocols.

ABSTRACT. Detecting intrusions, ensuring effective operation, autonomous response, and continuous monitoring present significant challenges for the widespread adoption of the Internet of Things (IoT). Recent research has delved into incorporating machine learning techniques, such as Hidden Hierarchical Markov Models (HHMM), to imbue IoT networks with context-aware self-healing capabilities, aiming to tackle these obstacles. These investigations underscore the pivotal role of context-aware and automated intrusion detection systems (IDS) in identifying and mitigating security vulnerabilities within IoT environments. In addition, recent studies have concentrated on creating self-healing methodologies capable of dynamically adjusting response plans, thus diminishing human intervention and ameliorating real-time security concerns. Such autonomous response capabilities are indispensable for enhancing the security, resilience, and autonomy of IoT systems. To address these imperatives, this article introduces context-aware self-healing mechanisms leveraging HHMM, machine learning algorithms, cybersecurity methodologies, and standardized self-healing protocols. The proposed approach involves the development of a monitoring application that autonomously gathers system information, applies our detection strategy, and adapts to evolving network conditions over time. The experimental validation conducted on our platform shows promising results, affirming the efficacy and viability of the proposed solution. This comprehensive approach promises to fortify IoT systems against emerging threats, enhancing their adaptability and robustness in dynamic environments.

ABSTRACT. As critical infrastructures continuously put efforts to enhance cyber security and safeguarding their critical assets, cyber threats evolve in complexity, seeking new vulnerabilities to exploit. Electric vehicles (EV) charging stations are important components of the smart grid, making them targets for cyber attacks that could disrupt service availability. Therefore, it is crucial to implement efficient detection and continuous monitoring systems. This study investigates the detection of heartbeat flood attacks aimed at overwhelming the central asset of a EV charging stations using the Montimage Monitoring Tool (MMT). We define attack scenarios using event-based properties, which are then integrated into MMT to analyze both real and simulated traffic for effective detection and mitigation of these attacks. Findings show that the proposed approach successfully identifies Heartbeat flood attacks, distinguishing between normal and malicious traffic patterns demonstrating the potential of integrating formal methods into monitoring tools to enhance resilience in EV charging station systems.

ABSTRACT. Voting has been one of the most widely used cryptographic protocol. The use of ballot boxes allows us to ensure voter privacy and to ensure the accuracy of the voting process. This method effectively hides individual votes, but inherently reveals vote counts during the tallying process. In this study, we present an advanced cryptographic protocol that employs the use of a physical balance scale to compare votes, while ensuring the confidentiality of individual vote counts. The proposed protocol not only addresses this challenge but also allows the voting of multiple candidates. We discuss the efficiency of our proposed protocol in comparison to other voting protocols that use physical objects and show that our protocol is efficient despite achieving the secrecy of the number of votes.

ABSTRACT. We propose a new framework for the analysis of program execution, devoted to identifying cryptographic functions and retrieving cryptographic secrets. The need for a new tool arises from our experimental observation that the generic analysis tools are clearly too intrusive / resource-consuming for the inspected process, leading to failures such as timeouts. Thus our aim is to build dynamic monitoring tools as lightweight as possible to inspect the execution of sensitive code without impacting the execution.

ABSTRACT. An adversary can learn a lot only by studying data storage access patterns, even if the actual data being accessed remains encrypted. Oblivious RAM (ORAM) is a cryptographic primitive that hides access patterns. However, to achieve this privacy, the client has to perform a significant amount of additional work per access, which not only causes very high access latency but is also often impractical for resource-constrained clients. As a result, ORAMs are still not usable in most of the scenarios. This paper proposes RouterORAM. The central idea of it is to harness the server’s otherwise unutilized computation power to steer the deliberately misplaced blocks to their destined locations. To the best of our knowledge, RouterORAM is the first ORAM to drag both the access latency and the client’s burden together down to the asymptotic minimum level, O(1). It exploits the properties of homomorphic encryption to achieve the desired level of server obliviousness, and its privacy is proven with rigorous theoretical analysis. The long-term behavior of RouterORAM is captured with simulation, which vouches for its suitability for practical usage scenarios.