Publications

Refine Results

(Filters Applied) Clear All

Exploiting temporal vulnerabilities for unauthorized access in intent-based networking

Published in:
ACM Conf. on Computer and Communications Security, CCS '24, 14-18 October 2024.

Summary

Intent-based networking (IBN) enables network administrators to express high-level goals and network policies without needing to specify low-level forwarding configurations, topologies, or protocols. Administrators can define intents that capture the overall behavior they want from the network, and an IBN controller compiles such intents into low-level configurations that get installed in the network and implement the desired behavior. We discovered that current IBN specifications and implementations do not specify that flow rule installation orderings should be enforced, which leads to temporal vulnerabilities where, for a limited time, attackers can exploit indeterminate connectivity behavior to gain unauthorized network access. In this paper, we analyze the causes of such temporal vulnerabilities and their security impacts with a representative case study via the ONOS IBN implementation.We devise the Phantom Link attack and demonstrate a working exploit to highlight the security impacts. To defend against such attacks, we propose Spotlight, a detection method that can alert a system administrator of risky intent updates prone to exploitable temporal vulnerabilities. Spotlight is effective in identifying risky updates using realistic network topologies and policies. We show that Spotlight can detect risky updates in a mean time of 0.65 seconds for topologies of over 1,300 nodes.
READ LESS

Summary

Intent-based networking (IBN) enables network administrators to express high-level goals and network policies without needing to specify low-level forwarding configurations, topologies, or protocols. Administrators can define intents that capture the overall behavior they want from the network, and an IBN controller compiles such intents into low-level configurations that get installed...

READ MORE

Security challenges of intent-based networking

Published in:
Communications of the ACM, Vol. 67, No. 7, July 2024, pp. 56-65.

Summary

Intent-based networking (IBN) offers advantages and opportunities compared with SDN, but IBN also poses new and unique security challenges that must be overcome.
READ LESS

Summary

Intent-based networking (IBN) offers advantages and opportunities compared with SDN, but IBN also poses new and unique security challenges that must be overcome.

READ MORE

Securing the satellite software stack

Published in:
Workshop on Security of Space and Satellite Systems, SpaceSec, 1 March 2024.

Summary

Satellites and the services enabled by them, like GPS, real-time world-wide imaging, weather tracking, and worldwide communication, play an increasingly important role in modern life. To support these services satellite software is becoming increasingly complex and connected. As a result, concerns about its security are becoming prevalent. While the focus of security for satellites has historically been on encrypting the communications link, we argue that a fuller consideration of the security of satellites is necessary and presents unique challenges. Satellites are becoming increasingly accessible to attackers–thanks to supply chain attacks and Internet connected ground stations–and present a unique set of challenges for security practitioners. These challenges include the lack of any real ability for a human to be physically present to repair or recover these systems, a focus on safety and availability over confidentiality and integrity, and the need to deal with radiation-induced faults. This work characterizes the cyber threats to satellite systems, surveys the unique challenges for satellite software, and presents a future vision for research in this area.
READ LESS

Summary

Satellites and the services enabled by them, like GPS, real-time world-wide imaging, weather tracking, and worldwide communication, play an increasingly important role in modern life. To support these services satellite software is becoming increasingly complex and connected. As a result, concerns about its security are becoming prevalent. While the focus...

READ MORE

A deep learning-based velocity dealiasing algorithm derived from the WSR-88D open radar product generator

Summary

Radial velocity estimates provided by Doppler weather radar are critical measurements used by operational forecasters for the detection and monitoring of life-impacting storms. The sampling methods used to produce these measurements are inherently susceptible to aliasing, which produces ambiguous velocity values in regions with high winds and needs to be corrected using a velocity dealiasing algorithm (VDA). In the United States, the Weather Surveillance Radar-1988 Doppler (WSR-88D) Open Radar Product Generator (ORPG) is a processing environment that provides a world-class VDA; however, this algorithm is complex and can be difficult to port to other radar systems outside the WSR-88D network. In this work, a deep neural network (DNN) is used to emulate the two-dimensional WSR-88D ORPG dealiasing algorithm. It is shown that a DNN, specifically a customized U-Net, is highly effective for building VDAs that are accurate, fast, and portable to multiple radar types. To train the DNN model, a large dataset is generated containing aligned samples of folded and dealiased velocity pairs. This dataset contains samples collected from WSR-88D Level-II and Level-III archives and uses the ORPG dealiasing algorithm output as a source of truth. Using this dataset, a U-Net is trained to produce the number of folds at each point of a velocity image. Several performance metrics are presented using WSR-88D data. The algorithm is also applied to other non-WSR-88D radar systems to demonstrate portability to other hardware/software interfaces. A discussion of the broad applicability of this method is presented, including how other Level-III algorithms may benefit from this approach.
READ LESS

Summary

Radial velocity estimates provided by Doppler weather radar are critical measurements used by operational forecasters for the detection and monitoring of life-impacting storms. The sampling methods used to produce these measurements are inherently susceptible to aliasing, which produces ambiguous velocity values in regions with high winds and needs to be...

READ MORE

Poisoning network flow classifiers [e-print]

Summary

As machine learning (ML) classifiers increasingly oversee the automated monitoring of network traffic, studying their resilience against adversarial attacks becomes critical. This paper focuses on poisoning attacks, specifically backdoor attacks, against network traffic flow classifiers. We investigate the challenging scenario of clean-label poisoning where the adversary's capabilities are constrained to tampering only with the training data - without the ability to arbitrarily modify the training labels or any other component of the training process. We describe a trigger crafting strategy that leverages model interpretability techniques to generate trigger patterns that are effective even at very low poisoning rates. Finally, we design novel strategies to generate stealthy triggers, including an approach based on generative Bayesian network models, with the goal of minimizing the conspicuousness of the trigger, and thus making detection of an ongoing poisoning campaign more challenging. Our findings provide significant insights into the feasibility of poisoning attacks on network traffic classifiers used in multiple scenarios, including detecting malicious communication and application classification.
READ LESS

Summary

As machine learning (ML) classifiers increasingly oversee the automated monitoring of network traffic, studying their resilience against adversarial attacks becomes critical. This paper focuses on poisoning attacks, specifically backdoor attacks, against network traffic flow classifiers. We investigate the challenging scenario of clean-label poisoning where the adversary's capabilities are constrained to...

READ MORE

Improving long-text authorship verification via model selection and data tuning

Published in:
Proc. 7th Joint SIGHUM Workshop on Computational Linguistics for Cultural Heritage, Social Sciences, Humanities and Literature, LaTeCH-CLfL2023, 5 May 2023, pp. 28-37.

Summary

Authorship verification is used to link texts written by the same author without needing a model per author, making it useful for deanonymizing users spreading text with malicious intent. Recent advances in Transformer-based language models hold great promise for author verification, though short context lengths and non-diverse training regimes present challenges for their practical application. In this work, we investigate the effect of these challenges in the application of a Cross-Encoder Transformer-based author verification system under multiple conditions. We perform experiments with four Transformer backbones using differently tuned variants of fanfiction data and found that our BigBird pipeline outperformed Longformer, RoBERTa, and ELECTRA and performed competitively against the official top ranked system from the PAN evaluation. We also examined the effect of authors and fandoms not seen in training on model performance. Through this, we found fandom has the greatest influence on true trials, pairs of text written by the same author, and that a balanced training dataset in terms of class and fandom performed the most consistently.
READ LESS

Summary

Authorship verification is used to link texts written by the same author without needing a model per author, making it useful for deanonymizing users spreading text with malicious intent. Recent advances in Transformer-based language models hold great promise for author verification, though short context lengths and non-diverse training regimes present...

READ MORE

Holding the high ground: Defending satellites from cyber attack

Published in:
The Cyber Edge by Signal, 31 March 2023.

Summary

MIT Lincoln Laboratory and the Space Cyber-Resiliency group at Air Force Research Laboratory-Space Vehicles Directorate have prototyped a practical, operationally capable and secure-by-design spaceflight software platform called Cyber-Hardened Satellite Software (CHSS) for building space mission applications with security, recoverability and performance as first-class system design priorities. Following a successful evaluation of CHSS against an existing U.S. Space Force (USSF) mission, the CHSS platform is currently being extended to support hybrid space vehicle architectures that incorporate both CHSS-aware and legacy subsystems. CHSS has the potential to revolutionize the cyber-resiliency of space systems and substantially ease the burden of defensive cyber operations (DCO).
READ LESS

Summary

MIT Lincoln Laboratory and the Space Cyber-Resiliency group at Air Force Research Laboratory-Space Vehicles Directorate have prototyped a practical, operationally capable and secure-by-design spaceflight software platform called Cyber-Hardened Satellite Software (CHSS) for building space mission applications with security, recoverability and performance as first-class system design priorities. Following a successful evaluation...

READ MORE

Automated exposure notification for COVID-19

Summary

Private Automated Contact Tracing (PACT) was a collaborative team and effort formed during the beginning of the Coronavirus Disease 2019 (COVID-19) pandemic. PACT's mission was to enhance contact tracing in pandemic response by designing exposure-detection functions in personal digital communication devices that have maximal public health utility while preserving privacy. This report explains and discusses the use of automated exposure notification during the COVID-19 pandemic and to provide some recommendations for those who may try to design and deploy similar technologies in future pandemics.
READ LESS

Summary

Private Automated Contact Tracing (PACT) was a collaborative team and effort formed during the beginning of the Coronavirus Disease 2019 (COVID-19) pandemic. PACT's mission was to enhance contact tracing in pandemic response by designing exposure-detection functions in personal digital communication devices that have maximal public health utility while preserving privacy...

READ MORE

A generative approach to condition-aware score calibration for speaker verification

Published in:
IEEE/ACM Trans. Audio, Speech, Language Process., Vol. 31, 2023, pp. 891-901.

Summary

In speaker verification, score calibration is employed to transform verification scores to log-likelihood ratios (LLRs) which are statistically interpretable. Conventional calibration techniques apply a global score transform. However, in condition-aware (CA) calibration, information conveying signal conditions is provided as input, allowing calibration to be adaptive. This paper explores a generative approach to condition-aware score calibration. It proposes a novel generative model for speaker verification trials, each which includes a trial score, a trial label, and the associated pair of speaker embeddings. Trials are assumed to be drawn from a discrete set of underlying signal conditions which are modeled as latent Categorical random variables, so that trial scores and speaker embeddings are drawn from condition-dependent distributions. An Expectation-Maximization (EM) Algorithm for parameter estimation of the proposed model is presented, which does not require condition labels and instead discovers relevant conditions in an unsupervised manner. The generative condition-aware (GCA) calibration transform is then derived as the log-likelihood ratio of a verification score given the observed pair of embeddings. Experimental results show the proposed approach to provide performance improvements on a variety of speaker verification tasks, outperforming static and condition-aware baseline calibration methods. GCA calibration is observed to improve the discriminative ability of the speaker verification system, as well as provide good calibration performance across a range of operating points. The benefits of the proposed method are observed for task-dependent models where signal conditions are known, for universal models which are robust across a range of conditions, and when facing unseen signal conditions.
READ LESS

Summary

In speaker verification, score calibration is employed to transform verification scores to log-likelihood ratios (LLRs) which are statistically interpretable. Conventional calibration techniques apply a global score transform. However, in condition-aware (CA) calibration, information conveying signal conditions is provided as input, allowing calibration to be adaptive. This paper explores a generative...

READ MORE

Backdoor poisoning of encrypted traffic classifiers

Summary

Significant recent research has focused on applying deep neural network models to the problem of network traffic classification. At the same time, much has been written about the vulnerability of deep neural networks to adversarial inputs, both during training and inference. In this work, we consider launching backdoor poisoning attacks against an encrypted network traffic classifier. We consider attacks based on padding network packets, which has the benefit of preserving the functionality of the network traffic. In particular, we consider a handcrafted attack, as well as an optimized attack leveraging universal adversarial perturbations. We find that poisoning attacks can be extremely successful if the adversary has the ability to modify both the labels and the data (dirty label attacks) and somewhat successful, depending on the attack strength and the target class, if the adversary perturbs only the data (clean label attacks).
READ LESS

Summary

Significant recent research has focused on applying deep neural network models to the problem of network traffic classification. At the same time, much has been written about the vulnerability of deep neural networks to adversarial inputs, both during training and inference. In this work, we consider launching backdoor poisoning attacks...

READ MORE