The efficacy of address space layout randomization has been formally demonstrated in a shared-memory model by Abadi et al., contingent on specific assumptions about victim programs. However, modern operating systems, implementing layout randomization in the kernel, diverge from these assumptions and operate on a separate memory model with communication through system calls. In this work, we relax Abadi et al.’s language assumptions while demonstrating that layout randomization offers a comparable safety guarantee in a system with memory separation. However, in practice, speculative execution and side-channels are recognized threats to layout randomization. We show that kernel safety cannot be restored for attackers capable of using side-channels and speculative execution, and introduce enforcement mechanisms that can guarantee speculative kernel safety for safe system calls in the Spectre era. We implement three suitable mechanisms and we evaluate their performance overhead on the Linux kernel.

This paper explores the software security potential of ARM’s Morello experimental hardware platform, an embodiment of the Capability Hardware Enhanced RISC Instructions (CHERI) model. We navigate the intricacies of Morello adoption, uncovering both the promise and the challenges it presents for bolstering software security assurance. Employing the Juliet Test Suite, we conduct a rigorous security assessment of Morello’s operational modes — Purecap and Hybrid — shedding light on the ramifications for the software development lifecycle and assurance processes. Our findings affirm the robust spatial safety Morello confers, especially in its Purecap mode, while also underscoring the persisting temporal vulnerabilities in the CheriBSD version used in our experiments. We discuss the novel challenges associated with Morello adoption, including the management of CHERI violation exceptions, the imperative of software-hardware co-validation, and the specialized training requisites for development and assurance teams. We draw attention to potential risks, like crashes from CHERI violations potentially metamorphosing into Denial of Service (DoS) attacks. Transitioning to the Morello model could necessitate substantial alterations in software design principles, development methodologies, and security assurance protocols.

Phishing sites exploit users’ limited understanding of website identity to mimic legitimate sites. While X.509 certificates can provide crucial cues regarding a website’s identity, current browsers fail to effectively communicate this information to users, even as phishing becomes an increasingly serious issue. To address this, we developed Site Inspector (SI), a UI tool that conveys website identity and connection encryption information, along with brief explanations of the relevant underlying security concepts. SI is implemented as a Mozilla Firefox browser extension, but the basic design could be integrated into any web browser. SI organizes content in a three-tiered abstraction hierarchy, drawing on Ecological Interface Design. The top level presents an indicator of the website owner, if known, and also whether the connection is encrypted. The second and third levels offer progressively detailed explanations of the verification process. SI adheres to design principles aimed at educating users about security through the UI while overcoming associated challenges. Its text is concise and direct, respecting limitations in users’ attentional resources and motivation to engage with security matters. As a proof of concept for SI’s principled design, we conducted a user study with 30 participants to evaluate its effectiveness in helping users differentiate real from fraudulent websites. Results suggested that SI improved users’ ability to identify fraudulent sites. Future work will involve further testing with a larger user base, integrated SI directly into browsers, and ultimately a more widespread and improved validation process for certificates, with stronger verification and transparency

Detecting unknown cyberattacks remains an open research problem and a significant challenge for the research community and the security industry. This paper tackles the detection of unknown cybersecurity attacks in the Internet of Things (IoT) and traditional networks by categorizing them into two types: entirely new classes of unknown attacks (type-A) and unknown attacks within already known classes (type-B). To address this, we propose a novel multi-stage, multi-layer zero trust architecture for an intrusion detection system (IDS), uniquely designed to handle these attack types. The architecture employs a hybrid methodology that combines two supervised and one unsupervised learning stages in a funnel-like design, significantly advancing current detection capabilities. A key innovation is the layered filtering mechanism, leveraging type-A and type-B attack concepts to systematically classify traffic as malicious unless proven otherwise. Using four benchmark datasets, the proposed system demonstrates significant improvements in accuracy, recall, and error classification rates for unknown attacks, achieving an average accuracy and recall ranging between 88% and 95%. This work offers a robust, scalable framework for enhancing cybersecurity in diverse network environments.

False Data Injection Attacks (FDIAs) that target the state estimation pose an immense threat to the security of power grids. Deep Neural Network (DNN) based methods have shown promising results in detecting such FDIAs. Among existing state-of-the-art DNN models, time series analysis DNNs have demonstrated superior FDIA detection capability. This paper discusses the challenges associated with applying time series analysis DNNs for detecting FDIAs and emphasizes the impact of the attack rate on the detection rate of attacks. We demonstrate that existing time series analysis DNNs are highly vulnerable to FDIAs executed at low attack rates. This paper presents various alternative implementations for time series classifiers and time series predictors to improve the FDIA detection rate. A novel method is proposed to train time series classification neural networks to detect FDIAs of any attack rate with high efficiency. Subsequently, an enhanced FDIA detection framework that includes a time series classifier and multiple predictors is presented. Furthermore, an analytical criterion is derived to estimate the FDIA detection rate of time series analysis DNNs under any attack rate. Experimental results obtained on IEEE bus systems using state-of-the-art DNN architectures support the effectiveness of the proposed training method and the proposed framework. The proposed training method significantly improved the detection rate of FDIAs at low attack rates. Up to a 48% improvement in the FDIA detection rate was observed in the proposed framework when compared to the state-of-the-art.

Tor users derive anonymity in part from the size of the Tor user base, but Tor struggles to attract and support more users due to performance limitations. Previous works have proposed modifications to Tor’s path selection algorithm to enhance both performance and security, but many proposals have unintended consequences due to incorporating information related to client location. We instead propose selecting paths using a global view of the network, independent of client location, and we propose doing so with a machine learning classifier to predict the performance of a given path before building a circuit. We show through a variety of simulated and live experimental settings, across different time periods, that this approach can significantly improve performance compared to Tor’s default path selection algorithm and two previously proposed approaches. In addition to evaluating the security of our approach with traditional metrics, we propose a novel anonymity metric that captures information leakage resulting from location-aware path selection, and we show that our path selection approach leaks no more information than the default path selection algorithm.

Phasor Measurement Units (PMUs) are critical devices in modern power grids, providing precise voltage and current phasor measurements (synchrophasors) for real-time monitoring, fault detection, and stability assessment. While previous research suggested that arbitrary time manipulation through GPS spoofing could disrupt grid operations, our study reveals that successful attacks require specific conditions, contrary to earlier assumptions. Through careful analysis of the synchrophasor data specification (IEEE Standard C37.118.x), we demonstrate that arbitrary time manipulation does not directly lead to phase manipulation. Instead, arbitrary manipulations can cause GPS holdover (loss of lock), alert operators with erroneous timing, and ultimately invalidate the received synchrophasors. An experiment with a commercial PMU confirms our specification analysis. We identify the time spoofing conditions to avoid GPS holdover and discover that nanosecond-scale signal alignment (approximately 375 ns error) and gradual time manipulation (around 50 ns/s error) are required. Experiments on a commercial Wide Area Monitoring System (WAMS) testbed demonstrate that GPS spoofing meeting the identified criteria results in a 500-microsecond time error (10.8-degree phase error) after 12 hours without triggering alarms. Given that a 60-degree phase variation is considered a fault, triggering protection mechanisms, this GPS spoofing technique could potentially induce false faults within 70 hours. To counter this threat, we propose a practical method to distinguish GPS spoofing-induced false faults from actual faults caused by events like lightning strikes or ground shorts. Analysis of 10 real-world incidents from the past six months demonstrates that genuine faults consistently exhibit instantaneous phase variations within three electrical cycles, providing a basis for differentiation.

This paper proposes a novel method for detecting shilling attacks in Matrix Factorization (MF)-based Recommender Systems (RS), in which attackers use false user-item feedback to promote a specific item. Unlike existing methods that use either use supervised learning to distinguish between attack and genuine profiles or analyse target item rating distributions to detect false ratings, our method uses an unsupervised technique to detect false ratings by examining shifts in item preference vectors that exploit rating deviations and user characteristics, making it a promising new direction. The experimental results demonstrate the effectiveness of our approach in various attack scenarios, including those involving obfuscation techniques.

In recent years, public security incidents caused by deepfake technology have occurred frequently around the world, which makes an efficient and accurate deepfake detection model crucial. The existing advanced methods use the manipulation features in the image to realize the binary classification of real and fake images by training complex neural network models. However, these models rely on a single manipulation feature, and the detection accuracy of these methods will be greatly reduced when the forgery technology or image quality of the training dataset and the validation dataset are different. Inspired by the existing work, we propose a two-stream collaborative learning framework that combines spatial texture differences and frequency information. The average difference convolution (ADC) is designed to extract the spatial texture difference information of the image, and the gray image frequency-aware decomposition (GFAD) is used to extract the artifact information of the image in the frequency domain. At the same time, the ViT idea is combined with cross-attention mechanism for feature fusion to comprehensively mine forged features in forged images. Experimental results show that the proposed model has good detection effects on three benchmark datasets. In terms of cross-dataset evaluation, the AUC on Celeb-DF dataset reaches 82.86%, which is better than the existing advanced methods.

The prediction module, powered by deep learning models, constitutes a fundamental component of high-level Autonomous Vehicles (AVs). Given the direct influence of the module’s prediction accuracy on AV driving behavior, ensuring its security is paramount. However, limited studies have explored the adversarial robustness of the prediction modules. Furthermore, existing methods still generate adversarial trajectories that deviate significantly from human driving behavior. These deviations can be easily identified as hazardous by AVs’ anomaly detection models and thus cannot effectively evaluate and reflect the robustness of the prediction modules. To bridge this gap, we propose a stealthy and more effective optimization-based attack method. Specifically, we reformulate the optimization problem using Lagrangian relaxation and design a Frenet-based objective function along with a distinct constraint space. We conduct extensive evaluations on 2 popular prediction models and 2 benchmark datasets. Our results show that our attack is highly effective, with over 87% attack success rates, outperforming all baseline attacks. Moreover, our attack method significantly improves the stealthiness of adversarial trajectories while guaranteeing adherence to physical constraints. Our attack is also found robust to noise from upstream modules, transferable across trajectory prediction models, and high realizability. Lastly, to verify its effectiveness in real-world applications, we conduct further simulation evaluations using a production-grade simulator. These simulations reveal that the adversarial trajectory we created could convincingly induce autonomous vehicles (AVs) to initiate hard braking.