Luca Invernizzi
Research Areas
Authored Publications
Sort By
Generalized Power Attacks against Crypto Hardware using Long-Range Deep Learning
Karel Král
Marina Zhang
Transactions on Cryptographic Hardware and Embedded Systems (TCHES), IACR (2024)
Preview abstract
To make cryptographic processors more resilient against side-channel attacks, engineers have developed various countermeasures. However, the effectiveness of these countermeasures is often uncertain, as it depends on the complex interplay between software and hardware. Assessing a countermeasure’s effectiveness using profiling techniques or machine learning so far requires significant expertise and effort to be adapted to new targets which makes those assessments expensive. We argue that including cost-effective automated attacks will help chip design teams to quickly evaluate their countermeasures during the development phase, paving the way to more secure chips.In this paper, we lay the foundations toward such automated system by proposing GPAM, the first deep-learning system for power side-channel analysis that generalizes across multiple cryptographic algorithms, implementations, and side-channel countermeasures without the need for manual tuning or trace preprocessing. We demonstrate GPAM’s capability by successfully attacking four hardened hardware-accelerated elliptic-curve digital-signature implementations. We showcase GPAM’s ability to generalize across multiple algorithms by attacking a protected AES implementation and achieving comparable performance to state-of-the-art attacks, but without manual trace curation and within a limited budget. We release our data and models as an open-source contribution to allow the community to independently replicate our results and build on them.
View details
Hybrid Post-Quantum Signatures in Hardware Security Keys
Diana Ghinea
Jennifer Pullman
Julien Cretin
Rafael Misoczki
Stefan Kölbl
Applied Cryptography and Network Security Workshop (2023)
Preview abstract
Recent advances in quantum computing are increasingly jeopardizing the security of cryptosystems currently in widespread use, such as RSA or elliptic-curve signatures. To address this threat, researchers and standardization institutes have accelerated the transition to quantum-resistant cryptosystems, collectively known as Post-Quantum Cryptography (PQC). These PQC schemes present new challenges due to their larger memory and computational footprints and their higher chance of latent vulnerabilities.
In this work, we address these challenges by introducing a scheme to upgrade the digital signatures used by security keys to PQC. We introduce a hybrid digital signature scheme based on two building blocks: a classically-secure scheme, ECDSA, and a post-quantum secure one, Dilithium.
Our hybrid scheme maintains the guarantees of each underlying building block even if the other one is broken, thus being resistant to classical and quantum attacks.
We experimentally show that our hybrid signature scheme can successfully execute on current security keys, even though secure PQC schemes are known to require substantial resources.
We publish an open-source implementation of our scheme at https://github.com/google/OpenSK/releases/tag/hybrid-pqc so that other researchers can reproduce our results on a nRF52840 development kit.
View details
Preview abstract
Traffic monetization is a crucial component of
running most for-profit online businesses. One of its latest
incarnations is cryptocurrency mining, where a website instructs
the visitor’s browser to participate in building a cryptocurrency
ledger (e.g., Bitcoin, Monero) in exchange for a small reward in
the same currency.
In its essence, this practice trades the user’s electric bill
(or battery level) for cryptocurrency. With user consent, this
exchange can be a legitimate funding source – for example,
UNICEF has collected over 27k charity donations on a website
dedicated to this purpose, thehopepage.org. Regrettably, this
practice also easily lends itself to abuse: in this form, called
cryptojacking, attacks surreptitiously mine in the users browser,
and profits are collected either by website owners or by hackers
that planted the mining script into a vulnerable page.
Understandably, users frown upon this practice and have
sought to mitigate it by installing blacklist-based browser extensions (the top 3 for Chrome total over one million installs),
whereas researchers have devised more robust methods to detect
it [1]–[6]. In turn, cryptojackers have been bettering their evasion
techniques, incorporating in their toolkits domain fluxing, content
obfuscation, the use of WebAssembly, and throttling. The latter,
for example, grew from being a niche feature, adopted by only
one in ten sites in 2018 [2], to become commonplace in 2019,
reaching an adoption ratio of 58%. Whereas most state-of-the-art defenses address multiple of these evasion techniques, none
is resistant against all.
In this paper, we offer a novel detection method, CoinPolice, that is robust against all of the aforementioned evasion
techniques. CoinPolice flips throttling against cryptojackers,
artificially varying the browser’s CPU power to observe the
presence of throttling. Based on a deep neural network classifier,
CoinPolice can detect 97.87% of hidden miners with a low false
positive rate (0.74%). We compare CoinPolice performance with
the current state of the art and show our approach outperforms
it when detecting aggressively throttled miners.
Finally, we deploy Coinpolice to perform the largest-scale
cryptoming investigation to date, identifying 6700 sites that
monetize traffic in this fashion.
View details
Spotlight: Malware Lead Generation at Scale
Bernhard Grill
Jennifer Pullman
Cecilia M. Procopiuc
David Tao
Borbala Benko
Proceedings of Annual Computer Security Applications Conference (ACSAC) (2020)
Preview abstract
Malware is one of the key threats to online security today, with applications ranging from phishing mailers to ransomware andtrojans. Due to the sheer size and variety of the malware threat, it is impractical to combat it as a whole. Instead, governments and companies have instituted teams dedicated to identifying, prioritizing, and removing specific malware families that directly affect their population or business model. The identification and prioritization of the most disconcerting malware families (known as malware hunting) is a time-consuming activity, accounting for more than 20% of the work hours of a typical threat intelligence researcher, according to our survey. To save this precious resource and amplify the team’s impact on users’ online safety we present Spotlight, a large-scale malware lead-generation framework. Spotlight first sifts through a large malware data set to remove known malware families, based on first and third-party threat intelligence. It then clusters the remaining malware into potentially-undiscovered families, and prioritizes them for further investigation using a score based on their potential business impact.
We evaluate Spotlight on 67M malware samples, to show that it can produce top-priority clusters with over 99% purity (i.e., homogeneity), which is higher than simpler approaches and prior work. To showcase Spotlight’s effectiveness, we apply it to ad-fraud malware hunting on real-world data. Using Spotlight’s output, threat intelligence researchers were able to quickly identify three large botnets that perform ad fraud.
View details
Protecting accounts from credential stuffing with password breach alerting
Jennifer Pullman
Kevin Yeo
Ananth Raghunathan
Patrick Gage Kelley
Borbala Benko
Sarvar Patel
Dan Boneh
Proceedings of the USENIX Security Symposium, Usenix (2019)
Preview abstract
Protecting accounts from credential stuffing attacks remains
burdensome due to an asymmetry of knowledge: attackers
have wide-scale access to billions of stolen usernames and
passwords, while users and identity providers remain in the
dark as to which accounts require remediation. In this paper,
we propose a privacy-preserving protocol whereby a client can
query a centralized breach repository to determine whether
a specific username and password combination is publicly
exposed, but without revealing the information queried. Here,
a client can be an end user, a password manager, or an identity
provider. To demonstrate the feasibility of our protocol, we
implement a cloud service that mediates access to over 4
billion credentials found in breaches and a Chrome extension
serving as an initial client. Based on anonymous telemetry
from nearly 670,000 users and 21 million logins, we find that
1.5% of logins on the web involve breached credentials. By
alerting users to this breach status, 26% of our warnings result
in users migrating to a new password, at least as strong as
the original. Our study illustrates how secure, democratized
access to password breach alerting can help mitigate one
dimension of account hijacking.
View details
Five Years of the Right to be Forgotten
Theo Bertram
Stephanie Caro
Hubert Chao
Rutledge Chin Feman
Peter Fleischer
Albin Gustafsson
Jess Hemerly
Chris Hibbert
Lanah Kammourieh Donnelly
Jason Ketover
Jay Laefer
Paul Nicholas
Yuan Niu
Harjinder Obhi
David Price
Andrew Strait
Al Verney
Proceedings of the Conference on Computer and Communications Security (2019)
Preview abstract
The “Right to be Forgotten” is a privacy ruling that enables Europeans to delist certain URLs appearing in search results related to their name. In order to illuminate the effect this ruling has on information access, we conducted a retrospective measurement study of 3.2 million URLs that were requested for delisting from Google Search over five years. Our analysis reveals the countries and anonymized parties generating the largest volume of requests (just 1,000 requesters generated 16% of requests); the news, government, social media, and directory sites most frequently targeted for delisting (17% of removals relate to a requester’s legal history including crimes and wrongdoing); and the prevalence of extraterritorial requests. Our results dramatically increase transparency around the Right to be Forgotten and reveal the complexity of weighing personal privacy against public interest when resolving multi-party privacy conflicts that occur across the Internet. The results of our investigation have since been added to Google’s transparency report.
View details
Tracking Ransomware End-to-end
Danny Y. Huang
Maxwell Matthaios Aliapoulios
Vector Guo Li
Kylie McRoberts
Jonathan Levin
Kirill Levchenko
Alex C. Snoeren
Damon McCoy
Security & Privacy 2018 (2018)
Preview abstract
Ransomware is a type of malware that encrypts the
files of infected hosts and demands payment, often in a cryptocurrency
such as bitcoin. In this paper, we create a measurement
framework that we use to perform a large-scale, two-year,
end-to-end measurement of ransomware payments, victims, and
operators. By combining an array of data sources, including
ransomware binaries, seed ransom payments, victim telemetry
from infections, and a large database of bitcoin addresses
annotated with their owners, we sketch the outlines of this
burgeoning ecosystem and associated third-party infrastructure.
In particular, we trace the financial transactions, from the
moment victims acquire bitcoins, to when ransomware operators
cash them out. We find that many ransomware operators cashed
out using BTC-e, a now-defunct bitcoin exchange. In total we
are able to track over $16 million in likely ransom payments
made by 19,750 potential victims during a two-year period. While
our study focuses on ransomware, our methods are potentially
applicable to other cybercriminal operations that have similarly
adopted bitcoin as their payment channel.
View details
Data breaches, phishing, or malware? Understanding the risks of stolen credentials
Frank Li
Juri Ranieri
Yarik Markov
Oxana Comanescu
Vijay Eranti
Daniel Margolis
Vern Paxson
(2017)
Preview abstract
In this paper, we present the first longitudinal measurement study of the underground ecosystem fueling credential theft and assess the risk it poses to millions of users. Over the course of March, 2016--March, 2017, we identify 788,000 potential victims of off-the-shelf keyloggers; 12.4 million potential victims of phishing kits; and 1.9 billion usernames and passwords exposed via data breaches and traded on blackmarket forums. Using this dataset, we explore to what degree the stolen passwords---which originate from thousands of online services---enable an attacker to obtain a victim's valid email credentials---and thus complete control of their online identity due to transitive trust. Drawing upon Google as a case study, we find 7--25\% of exposed passwords match a victim's Google account. For these accounts, we show how hardening authentication mechanisms to include additional risk signals such as a user's historical geolocations and device profiles helps to mitigate the risk of hijacking. Beyond these risk metrics, we delve into the global reach of the miscreants involved in credential theft and the blackhat tools they rely on. We observe a remarkable lack of external pressure on bad actors, with phishing kit playbooks and keylogger capabilities remaining largely unchanged since the mid-2000s.
View details
Understanding the Mirai Botnet
Manos Antonakakis
Tim April
Michael Bailey
Matt Bernhard
Jaime Cochran
Zakir Durumeric
J. Alex Halderman
Michalis Kallitsis
Deepak Kumar
Chaz Lever
Zane Ma
Joshua Mason
Damian Menscher
Chad Seaman
Nick Sullivan
Yi Zhou
Proceedings of the 26th USENIX Security Symposium (2017)
Preview abstract
The Mirai botnet, composed primarily of embedded
and IoT devices, took the Internet by storm in late 2016
when it overwhelmed several high-profile targets with
massive distributed denial-of-service (DDoS) attacks. In
this paper, we provide a seven-month retrospective analysis
of Mirai’s growth to a peak of 600k infections and
a history of its DDoS victims. By combining a variety
of measurement perspectives, we analyze how the botnet
emerged, what classes of devices were affected, and
how Mirai variants evolved and competed for vulnerable
hosts. Our measurements serve as a lens into the fragile
ecosystem of IoT devices. We argue that Mirai may represent
a sea change in the evolutionary development of
botnets—the simplicity through which devices were infected
and its precipitous growth, demonstrate that novice
malicious techniques can compromise enough low-end
devices to threaten even some of the best-defended targets.
To address this risk, we recommend technical and nontechnical
interventions, as well as propose future research
directions.
View details
Cloak of Visibility: Detecting When Machines Browse a Different Web
Alexandros Kapravelos
Oxana Comanescu
Proceedings of the 37th IEEE Symposium on Security and Privacy (2016)
Preview abstract
The contentious battle between web services and miscreants involved in blackhat search engine optimization and malicious advertisements has driven the underground to develop increasingly sophisticated techniques that hide the true nature of malicious sites. These web cloaking techniques hinder the effectiveness of security crawlers and potentially expose Internet users to harmful content. In this work, we study the spectrum of blackhat cloaking techniques that target browser, network, or contextual cues to detect organic visitors. As a starting point, we investigate the capabilities of ten prominent cloaking services marketed within the underground. This includes a first look at multiple IP blacklists that contain over 50 million addresses tied to the top five search engines and tens of anti-virus and security crawlers. We use our findings to develop an anti-cloaking system that detects split-view content returned to two or more distinct browsing profiles with an accuracy of 95.5% and a false positive rate of 0.9% when tested on a labeled dataset of 94,946 URLs. We apply our system to an unlabeled set of 135,577 search and advertisement URLs keyed on high-risk terms (e.g., luxury products, weight loss supplements) to characterize the prevalence of threats in the wild and expose variations in cloaking techniques across traffic sources. Our study provides the first broad perspective of cloaking as it affects Google Search and Google Ads and underscores the minimum capabilities necessary of security crawlers to bypass the state of the art in mobile, rDNS, and IP cloaking.
View details
