Neng Gao

Towards Analyzing the Input Validation Vulnerabilities associated with Android System Services

Although the input validation vulnerabilities play a critical role in web application security, such vulnerabilities are so far largely neglected in the Android security research community. We found that due to the unique Framework Code layer, Android devices do need specific input validation vulnerability analysis in system services. In this work, we take the first steps to analyze Android specific input validation vulnerabilities. In particular, a) we take the first steps towards measuring the corresponding attack surface and reporting the current input validation status of Android system services. b) We developed a new input validation vulnerability scanner for Android devices. This tool fuzzes all the Android system services by sending requests with malformed arguments to them. Through comprehensive evaluation of Android system with over 90 system services and over 1,900 system service methods, we identified 16 vulnerabilities in Android system services. We have reported all the issues to Google and Google has confirmed them.

Remotely wiping sensitive data on stolen smartphones

Smartphones are playing an increasingly important role in personal life and carrying massive private data. Unfortunately, once the smartphones are stolen, all the sensitive information, such as contacts, messages, photos, credit card information and passwords, may fall into the hands of malicious people. In order to protect the private data, remote deletion mechanism is required to allow owners to wipe the sensitive data on the stolen phone remotely. Existing remote deletion techniques rely on the availability of either WiFi for Internet connection or SIM card for cellular network connection; however, these requirements may not be satisfied when the phones are stolen by some sophisticated adversaries. In this paper, we propose a new remote deletion mechanism that allows the phone owner to delete the private data remotely even if the WiFi is disabled and the SIM card is unplugged. The basic idea is to use emergency call mechanisms to establish a communication connection with a service provider to verify the state of the phone and perform remote deletion. We present a case study of our mechanism with the Universal Mobile Telecommunications System (UMTS) network.

High Radix Montgomery Modular Multiplier on Modern FPGA

Montgomery algorithm is the most common mechanism for implementing modular multiplication. This work proposes a new systolic architecture to perform high radix Montgomery algorithm on modern FPGA, which is rich in dedicated hardcore multiplier resources, and the new architecture is suitable to be used in public key coprocessors. In the modern FPGA application design, using dedicated hardcore in FPGA is the recommended designing ideas. In this work, by following this new design concept, the new multiplier architecture can reach to a high throughput. Compared with the same architecture work, the improved architecture saves nearly half of the dedicated multiplier in FPGA.

RIKE: using revocable identities to support key escrow in PKIs

Public key infrastructures (PKIs) are proposed to provide various security services. Some security services such as confidentiality, require key escrow in certain scenarios; while some others such as non-repudiation, prohibit key escrow. Moreover, these two conflicting requirements can coexist for one user. The common solution in which each user has two certificates and an escrow authority backups all escrowed private keys for users, faces the problems of efficiency and scalability. In this paper, a novel key management infrastructure called RIKE is proposed to integrate the inherent key escrow of identity-based encryption (IBE) into PKIs. In RIKE, a users PKI certificate also serves as a revocable identity to derive the users IBE public key, and the revocation of its IBE key pair is achieved by the certificate revocation of PKIs. Therefore, the certificate binds the user with two key pairs, one of which is escrowed and the other is not. RIKE is an effective certificate-based solution and highly compatible with traditional PKIs.

System Service Call-oriented Symbolic Execution of Android Framework with Applications to Vulnerability Discovery and Exploit Generation

Android Application Framework is an integral and foundational part of the Android system. Each of the 1.4 billion Android devices relies on the system services of Android Framework to manage applications and system resources. Given its critical role, a vulnerability in the framework can be exploited to launch large-scale cyber attacks and cause severe harms to user security and privacy. Recently, many vulnerabilities in Android Framework were exposed, showing that it is vulnerable and exploitable. However, most of the existing research has been limited to analyzing Android applications, while there are very few techniques and tools developed for analyzing Android Framework. In particular, to our knowledge, there is no previous work that analyzes the framework through symbolic execution, an approach that has proven to be very powerful for vulnerability discovery and exploit generation. We design and build the first system, Centaur, that enables symbolic execution of Android Framework. Due to some unique characteristics of the framework, such as its middleware nature and extraordinary complexity, many new challenges arise and are tackled in Centaur. In addition, we demonstrate how the system can be applied to discovering new vulnerability instances, which can be exploited by several recently uncovered attacks against the framework, and to generating PoC exploits.

Novel MITM Attacks on Security Protocols in SDN: A Feasibility Study

Software-Defined Networking (SDN) is a new paradigm that offers services and applications great power to manage network. Based on the consideration that the entire network visibility is the foundation of SDN, many attacks emerge in poisoning the network visibility, which lead to severe damage. Meanwhile, many defense approaches are proposed to patch the controller. It is noticed that powerful adversaries can bypass existing approaches to poison topology information and attack security protocols. In this paper, we present a method that the adversary can attack security protocols under existing approaches (e.g. TopoGuard, SPHINX). We also investigate a number of security protocols that may be compromised by our MITM attacks and propose an approach to detect the existence of the adversary. Our evaluation shows that the defense solution can effectively detect the fake link in normal environment. We hope our research can attract more attention on SDN security.

RIKE+ : using revocable identities to support key escrow in public key infrastructures with flexibility

Public key infrastructures (PKIs) are proposed to provide various security services. Some security services such as confidentiality require key escrow in certain scenarios, whereas some others such as non-repudiation and authentication usually prohibit key escrow. Moreover, these two conflicting requirements can coexist for one PKI user. The popular solution in which each user has two different certificates and an escrow authority backs up all escrowed private keys faces the problems of efficiency and scalability. In this study, a novel key management infrastructure called RIKE+ is proposed to integrate the ‘inherent key escrow’ of identity-based encryption (IBE) into PKIs. In RIKE+ , (the hash value of) a users PKI certificate also serves as a ‘revocable identity’ to derive the users IBE public key, and the revocation of this IBE key pair is achieved by the certificate revocation of PKIs. Therefore the certificate binds the user with two key pairs, one of which is escrowed inherently and the other is not. Furthermore, RIKE+ employs chameleon hash to flexibly control the relationship between the certificate and the IBE key pair. In the case of certificate renewal and revocation, chameleon hash enables RIKE+ to manipulate the hash value of the new certificate, so the users IBE key pair is not unconditionally changed unless it is necessary. RIKE+ is an effective certificate-based solution compatible with traditional PKIs and can be built on existing X.509 PKIs.

MJBlocker: A Lightweight and Run-Time Malicious JavaScript Extensions Blocker

We propose MJBlocker, a lightweight and run-time malicious JavaScript Extensions (JSEs) blocker for preventing them from hurting user security. MJBlocker can identify and block malicious JSEs whenever they are executed. It is motivated by the observation that most attack goals of malicious JSEs are accomplished via invoking Cross-Platform Component Object Model (XPCOM) calls, and the XPCOM call sequences acquired from malicious JSEs have distinct traits that are different from regular ones. We use simple regular expressions to capture these distinct traits. MJBlocker is interposed into Firefox between JSEs and XPCOMs, and intercepts all XPCOM calls made by JSEs. Whenever a JSE invokes an XPCOM call, the call is appended to its call sequence, and the sequence is checked against several regular-expression-based signatures to identify the suspicious call sequence patterns. If some suspicious patterns are found, an alarm is triggered and the XPCOM call which triggers the alarm is blocked from executing. However, some innocent JSEs may have suspicious call sequence patterns. To avoid false positives, a verifier utilizes several heuristics to filter off suspicious patterns generated by innocent JSEs. We have implemented MJBlocker atop Firefox. According to our experiments on 10 different malicious JSEs and 260 legitimate ones, MJBlocker causes negligible overhead (no more than 5%) and has zero false negative and very few false positives.

CryptMe: Data Leakage Prevention for Unmodified Programs on ARM Devices.

Sensitive data (e.g., passwords, health data and private videos) can be leaked due to many reasons, including (1) the misuse of legitimate operating system (OS) functions such as core dump, swap and hibernation, and (2) physical attacks to the DRAM chip such as cold-boot attacks and DMA attacks. While existing software-based memory encryption is effective in defeating physical attacks, none of them can prevent a legitimate OS function from accidentally leaking sensitive data in the memory. This paper introduces CryptMe that integrates memory encryption and ARM TrustZone-based memory access controls to protect sensitive data against both attacks. CryptMe essentially extends the Linux kernel with the ability to accommodate the execution of unmodified programs in an isolated execution domain (to defeat OS function misuse), and at the same time transparently encrypt sensitive data appeared in the DRAM chip (to defeat physical attacks). We have conducted extensive experiments on our prototype implementation. The evaluation results show the efficiency and added security of our design.

A MIML-LSTM neural network for integrated fine-grained event forecasting

Societal event forecasting plays a significant role in crisis warning and emergency management. Most traditional prediction methods focus on predicting whether specific events would happen or not. However, the results of these methods are not always informative for the policy makers due to excessive frequency, lack of details and supportive evidence about the predictive events. In this paper, we focus on the problem of integrated fine-grained event forecasting which is to predict the attributes of events and find out related precursors. Given a collection of news sequences, we transform the problem into a Multi-Instance Multi-Label learning (MIML) framework. Considering the sequential influence of events and hybridity of news, we implement the MIML framework based on the Long Short-Term Memory (LSTM) neural network, and propose the model called MIML-LSTM to extract three levels of deep features which represent news article, daily status and news sequence respectively. Based on this hierarchical representation, we design a compositional objective function for joint training of each part. Taking multiple types of protest event prediction as a demonstration, we evaluate the proposed model on news streams from three countries in Latin America, and the experimental results show the effectiveness of our model on integrated fine-grained event forecasting.