Hidayet Aksu

A Survey on Homomorphic Encryption Schemes: Theory and Implementation

Legacy encryption systems depend on sharing a key (public or private) among the peers involved in exchanging an encrypted message. However, this approach poses privacy concerns. The users or service providers with the key have exclusive rights on the data. Especially with popular cloud services, control over the privacy of the sensitive data is lost. Even when the keys are not shared, the encrypted material is shared with a third party that does not necessarily need to access the content. Moreover, untrusted servers, providers, and cloud operators can keep identifying elements of users long after users end the relationship with the services. Indeed, Homomorphic Encryption (HE), a special kind of encryption scheme, can address these concerns as it allows any third party to operate on the encrypted data without decrypting it in advance. Although this extremely useful feature of the HE scheme has been known for over 30 years, the first plausible and achievable Fully Homomorphic Encryption (FHE) scheme, which allows any computable function to perform on the encrypted data, was introduced by Craig Gentry in 2009. Even though this was a major achievement, different implementations so far demonstrated that FHE still needs to be improved significantly to be practical on every platform. Therefore, this survey focuses on HE and FHE schemes. First, we present the basics of HE and the details of the well-known Partially Homomorphic Encryption (PHE) and Somewhat Homomorphic Encryption (SWHE), which are important pillars for achieving FHE. Then, the main FHE families, which have become the base for the other follow-up FHE schemes, are presented. Furthermore, the implementations and recent improvements in Gentry-type FHE schemes are also surveyed. Finally, further research directions are discussed. This survey is intended to give a clear knowledge and foundation to researchers and practitioners interested in knowing, applying, and extending the state-of-the-art HE, PHE, SWHE, and FHE systems.

An Android-Based Covert Channel Framework on Wearables Using Status Bar Notifications

Covert channels circumvent security measures to steal sensitive data undetectable to an onlooker. Traditionally, covert channels utilize global system resources or settings to send hidden messages. This chapter introduces covert channels and focuses on a novel covert channel on Android-based Internet of Things (IoT) devices. Particularly, we were able to make a covert channel using notifications a user gets from everyday applications. The chapter will also present this covert channel by discussing the framework, evaluating the performance, and demonstrating the functionality and flexibility of the proposed model.

Cybergrenade: Automated Exploitation of Local Network Machines via Single Board Computers

In this paper, we introduce a defensive cybersecurity framework called Cybergrenade automating various penetration testing tools to sequentially exploit machines connected to a single local network, all underneath a single application running on a Single-Board Computer (SBC). This takes advantage of the SBCs unique capabilities in a way that manual exploitation simply cannot match. Currently, while many SBCs are being used in research as exploitation tool-kits, the current state of automation of the processes associated with exploitation leaves much to be desired. While this paper describes the Cybergrenade Framework, it can be used as a guideline for future research automating the exploitation process. Cybergrenade allows tools such as Nmap, OpenVAS, and Metasploit tools to be automatically utilized under one framework. Our experimental evolution revealed that Cybergrenade can perform the automation of various pentesting tools under a single application with ease.

A Survey on Function and System Call Hooking Approaches

Functions and system calls are effective indicators of the behavior of a process. These subroutines are useful for identifying unauthorized behavior caused by malware or for developing a better understanding of the lower-level operations of an application. Code obfuscation, however, often prevents user monitoring and modification of subroutine calls. Subroutine hooking offers a solution to this limitation. Function and system call hooking approaches allow for subroutine instrumentation, making hooking a valuable and versatile skill across industry and academia. In this survey, we present several criteria for the classification and selection of hooking tools and techniques as well as an examination of the major hooking approaches used on Windows, Linux, macOS, iOS, and Android operating systems. We also evaluate and compare the performance of different subroutine hooking tools and techniques based on computing resource utilization such as CPU time, memory, and wall-clock time. To the best of our knowledge, this is the first paper that encompasses both system call and function hooking techniques and tools across the major desktop and mobile operating systems.

A framework for counterfeit smart grid device detection

The core vision of the smart grid concept is the realization of reliable two-way communications between smart devices (e.g., IEDs, PLCs, PMUs). The benefits of the smart grid also come with tremendous security risks and new challenges in protecting the smart grid systems from cyber threats. Particularly, the use of untrusted counterfeit smart grid devices represents a real problem. Consequences of propagating false or malicious data, as well as stealing valuable user or smart grid state information from counterfeit devices are costly. Hence, early detection of counterfeit devices is critical for protecting smart grids components and users. To address these concerns, in this poster, we introduce our initial design of a configurable framework that utilize system call tracing, library interposition, and statistical techniques for monitoring and detection of counterfeit smart grid devices. In our framework, we consider realistic counterfeit device scenarios with different smart grid devices and adversarial settings. Our initial results on a realistic testbed utilizing actual smart-grid GOOSE messages with IEC-61850 communication protocol are very promising. Our framework is showing excellent rates on detection of smart grid counterfeit devices from impostors.