- Sponsor:
- sigsac
A warm welcome to the 11th ACM Conference on Security and Privacy in Wireless and Mobile Networks! We are excited to meet you in Stockholm and the main KTH campus for this three-day event. The ACM WiSec 2018 is the latest instance of the premier venue for research dedicated to all aspects of security and privacy in wireless and mobile networks, their systems, and their applications. The program will be presented in a single track, along with a poster and demonstration session.
Passwords in the Air: Harvesting Wi-Fi Credentials from SmartCfg Provisioning
Smart devices without an interactive UI (e.g., a smart bulb) typically rely on specific provisioning schemes to connect to wireless networks. Among all the provisioning schemes, SmartCfg is a popular technology to configure the connection between smart ...
Beam-Stealing: Intercepting the Sector Sweep to Launch Man-in-the-Middle Attacks on Wireless IEEE 802.11ad Networks
Millimeter-wave (mm-wave) communication systems provide high data-rates and enable emerging application scenarios, such as 'information showers' for location-based services. Devices are equipped with antenna arrays using dozens of elements to achieve ...
I Send, Therefore I Leak: Information Leakage in Low-Power Wide Area Networks
Low-power wide area networks (LPWANs), such as LoRa, are fast emerging as the preferred networking technology for large-scale Internet of Things deployments (e.g., smart cities). Due to long communication range and ultra low power consumption, LPWAN-...
Operating Channel Validation: Preventing Multi-Channel Man-in-the-Middle Attacks Against Protected Wi-Fi Networks
We present a backwards compatible extension to the 802.11 standard to prevent multi-channel man-in-the-middle attacks. This extension authenticates parameters that define the currently in-use channel.
Recent attacks against WPA2, such as most key ...
SRide: A Privacy-Preserving Ridesharing System
Ridesharing, in which drivers offer to share their rides, allows reduction of travel costs for both drivers and riders; such practice is increasingly popular. Modern ridesharing systems, enhanced with location-based features, have improved user ...
WADAC: Privacy-Preserving Anomaly Detection and Attack Classification on Wireless Traffic
In this work, we address the problem of detecting application-layer attacks on nearby wireless devices. In particular, we assume that the detection scheme is limited to link-layer traffic (either because schemes such as WPA2 are used, and the key is ...
Tracking Private Browsing Sessions using CPU-based Covert Channels
- Nikolay Matyunin,
- Nikolaos A. Anagnostopoulos,
- Spyros Boukoros,
- Markus Heinrich,
- André Schaller,
- Maksim Kolinichenko,
- Stefan Katzenbeisser
In this paper we examine the use of covert channels based on CPU load in order to achieve persistent user identification through browser sessions. In particular, we demonstrate that an HTML5 video, a GIF image, or CSS animations on a webpage can be used ...
On the Impact of Rogue Base Stations in 4G/LTE Self Organizing Networks
Mobile network operators choose Self Organizing Network (SON) concept as a cost-effective method to deploy LTE/4G networks and meet user expectations for high quality of service and bandwidth. The main objective of SON is to introduce automation into ...
LTE Misbehavior Detection in Wi-Fi/LTE Coexistence Under the LAA-LTE Standard
In this paper, we consider the fair coexistence between LTE and Wi-Fi systems in unlicensed bands. We focus on the misbehavior opportunities that stem from the heterogeneity of the coexisting systems and the lack of explicit coordination mechanisms. We ...
Listening Watch: Wearable Two-Factor Authentication using Speech Signals Resilient to Near-Far Attacks
Reducing the level of user effort involved in traditional two-factor authentication (TFA) constitutes an important research topic. A recent effort in this direction leverages ambient sounds to detect the proximity between the second factor device (phone)...
Towards Inferring Mechanical Lock Combinations using Wrist-Wearables as a Side-Channel
Wrist-wearables such as smartwatches and fitness bands are equipped with a variety of high-precision sensors that support novel contextual and activity-based applications. The presence of a diverse set of on-board sensors, however, also expose an ...
Hello, Is It Me You're Looking For?: Differentiating Between Human and Electronic Speakers for Voice Interface Security
Voice interfaces are increasingly becoming integrated into a variety of Internet of Things (IoT) devices. Such systems can dramatically simplify interactions between users and devices with limited displays. Unfortunately voice interfaces also create new ...
Interference Suppression in Bandwidth Hopping Spread Spectrum Communications
Bandwidth hopping spread spectrum (BHSS) has recently been proposed as a spectrum-efficient technique to combat jamming. In BHSS, the transmitter is randomly hopping the signal bandwidth in order to make it unpredictable to an attacker. When the signal ...
An Algebraic Quality-Time-Advantage-Based Key Establishment Protocol
The essence of information assurance resides in the ability to establish secret keys between the legitimate communicating parties. Common approaches to key establishment include public-key infrastructure, key-distribution centers, physical-layer ...
Detecting smartphone state changes through a Bluetooth based timing attack
Bluetooth is a popular wireless communication technology that is available on most mobile devices. Although Bluetooth includes security and privacy preserving mechanisms, we show that a Bluetooth harmless inherent request-response mechanism can taint ...
Signal Jamming Attacks Against Communication-Based Train Control: Attack Impact and Countermeasure
- Subhash Lakshminarayana,
- Jabir Shabbir Karachiwala,
- Sang-Yoon Chang,
- Girish Revadigar,
- Sristi Lakshmi Sravana Kumar,
- David K.Y. Yau,
- Yih-Chun Hu
We study the impact of signal jamming attacks against the communication based train control (CBTC) systems and develop the countermeasures to limit the attacks' impact. CBTC supports the train operation automation and moving-block signaling, which ...
Efficient, Scalable, and Resilient Vehicle-Centric Certificate Revocation List Distribution in VANETs
In spite of progress in securing Vehicular Communication (VC) systems, there is no consensus on how to distribute Certificate Revocation Lists (CRLs). The main challenges lie exactly in (i) crafting an efficient and timely distribution of CRLs for ...
Threat Detection for Collaborative Adaptive Cruise Control in Connected Cars
We study collaborative adaptive cruise control as a representative application for safety services provided by autonomous cars. We provide a detailed analysis of attacks that can be conducted by a motivated attacker targeting the collaborative adaptive ...
SWARD: A Secure WAke-up RaDio against Denial-of-Service on IoT devices
Wake-up radios are mechanisms that control the sleep and active modes of energy-constrained Internet of Things (IoT) nodes. These radios detect pre-determined wake-up tokens and switch the devices to an active state. Such systems are vulnerable to a ...
Lightweight Message Authentication for Constrained Devices
Message Authentication Codes (MACs) used in today's wireless communication standards may not be able to satisfy resource limitations of simpler 5G radio types and use cases such as machine type communications. As a possible solution, we present a ...
Questioning the security and efficiency of the ESIoT approach
ESIoT is a secure access control and authentication protocol introduced for Internet of Things (IoT) applications. The core primitive of ESIoT is an identity-based broadcast encryption scheme called Secure Identity-Based Broadcast Encryption (SIBBE). ...
Opinion: Security Lifetime Labels - Overcoming Information Asymmetry in Security of IoT Consumer Products
The installed base of Internet of Things (IoT) consumer products is steadily increasing, in conjunction with the number of disclosed security vulnerabilities in these devices. In this paper, we share the opinion that strong security measures are ...
Towards Dynamically Monitoring Android Applications on Non-rooted Devices in the Wild
Dynamic analysis is an important technique to reveal sensitive behavior of Android apps. Current works require access to the code-level and system-level events (e.g., API calls and system calls) triggered by the running apps and consequently they can ...
SCAnDroid: Automated Side-Channel Analysis of Android APIs
Although the Android system has been continuously hardened against side-channel attacks, there are still plenty of APIs available that can be exploited. However, most side-channel analyses in the literature consider specifically chosen APIs (or ...
Automated Binary Analysis on iOS: A Case Study on Cryptographic Misuse in iOS Applications
A wide range of mobile applications for Apple's iOS platform process sensitive data and, therefore, rely on protective mechanisms natively provided by the operating system. A wrong application of cryptography or security-critical APIs, however, exposes ...
Android STAR: An Efficient Interaction-Preserving Record-Replay System For Messenger App Usage Surveillance
Messenger apps on smart phones are widely used for easy communication in a collaborative workplace. However, the use of messengers increases risks to both the organization and the collaborators. For example, an employee may receive proprietary ...
My Magnetometer Is Telling You Where I've Been?: A Mobile Device Permissionless Location Attack
Although privacy compromises remain an issue among users and advocacy groups, identification of user location has emerged as another point of concern. Techniques using GPS, Wi-Fi, NFC, Bluetooth tracking and cell tower triangulation are well known. ...
On the Effect of Update Frequency on Geo-Indistinguishability of Mobility Traces
Sharing location data is becoming more popular as mobile devices become ubiquitous. Location-based service providers use this type of data to provide geographically contextualized services to their users. However, sharing exact locations with possibly ...
WLAN Device Fingerprinting using Channel State Information (CSI)
As of IEEE 802.11n, a wireless Network Interface Card (NIC) uses Channel State Information (CSI) to optimize the transmission over multiple antennas. CSI contain radio-metrics such as amplitude and phase. Due to scattering during hardware production ...
Privacy Preservation through Uniformity
Inter-vehicle communications disclose rich information about vehicle whereabouts. Pseudonymous authentication secures communication while enhancing user privacy thanks to a set of anonymized certificates, termed pseudonyms. Vehicles switch the ...
- Proceedings of the 11th ACM Conference on Security & Privacy in Wireless and Mobile Networks