SaTC: CORE: Small: Side-channel Attacks Against Mobile Users: Singularity Detection, Behavior Identification, and Automated Rectification

SaTC：核心：小型：针对移动用户的旁道攻击：奇点检测、行为识别和自动纠正

• 批准号: 1815636
• 负责人: GUAN-HUA TU
• 金额: $ 50万
• 依托单位: Michigan State University
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2018
• 资助国家: 美国
• 起止时间: 2018-10-01 至 2023-09-30
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1815636&HistoricalAwards=false
• 关键词: SaTC; CORE; Small; Side; channel

Side-channel attacks have been proven effective to infer sensitive information (such as user activities) that should not be disclosed to unauthorized users. Owing to the closed nature of the cellular network infrastructure, adversaries cannot easily capture encrypted mobile network traffic, thus protecting against side-channel information leakage of mobile users. However, with the recent proliferation of software defined radio platforms and emerging Internet Protocol-based cellular network services over public networks (including Wi-Fi calling), mobile phone users are now exposed to more serious side-channel information leakage than before. This project aims to conduct a comprehensive investigation of side-channel attacks against mobile phone users by collecting, labeling, mining, and analyzing mobile users' encrypted mobile data. The success of this research will not only contribute new techniques to discover security vulnerabilities that can be exploited from side-channel information leakage, but also develop novel automated rectification mechanisms to safeguard users. The proposed activities may contribute to the upcoming 5G technology standardization and train a new generation of engineers and students. This project makes three technical contributions: (1) New techniques for mobile data collection and labeling: Cellular network control-plane signals indicate a variety of cellular network events (such as changes in a user's Quality-of-Service profile or location) which may be exploited to invade user privacy. However, the current-generation cellular sniffers cannot distinguish well between control-plane signals and data-plane data packets when they are transmitted over the same physical channel. This project will develop new techniques to collect encrypted mobile network traffic including control-plane signals and data-plane data packets and label them with user behaviors and network events; (2) Advanced Singularity Detection and Behavior Identification mechanism: This project will study and develop end-to-end frameworks that can perform singularity detection and behavior identification simultaneously. This involves processing limited labeled data and mining frequent patterns for emerging behaviors; (3) Mobile/cellular-friendly automated rectification mechanisms: The state-of-the-art security defenses for side-channel attacks are not designed for mobile networked systems. For example, mobile users pay a performance penalty for the noise added to their data packets. This project will develop mobile-friendly (meaning low memory usage) and cellular-friendly (meaning compatible with standards and operators' charging model) automated rectification mechanisms to secure a variety of mobile devices.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

侧信道攻击已被证明可以有效地推断出不应向未经授权的用户披露的敏感信息（如用户活动）。由于蜂窝网络基础设施的封闭性质，对手不能容易地捕获加密的移动的网络业务，从而防止移动的用户的侧信道信息泄漏。然而，随着最近软件定义无线电平台的激增和公共网络上新兴的基于因特网协议的蜂窝网络服务（包括Wi-Fi呼叫），移动的电话用户现在暴露于比以前更严重的侧信道信息泄漏。该项目旨在通过收集、标记、挖掘和分析移动的用户的加密移动的数据，对针对移动的电话用户的侧信道攻击进行全面调查。这项研究的成功不仅将有助于新的技术来发现安全漏洞，可以利用侧通道信息泄漏，但也开发新的自动纠正机制，以保护用户。拟议的活动可能有助于即将到来的5G技术标准化，并培养新一代工程师和学生。该项目做出了三项技术贡献：（1）移动的数据收集和标记的新技术：蜂窝网络控制平面信号指示各种蜂窝网络事件（例如用户的服务质量配置文件或位置的变化），这些事件可能被利用来侵犯用户隐私。然而，当前一代蜂窝嗅探器在控制平面信号和数据平面数据分组在相同的物理信道上传输时不能很好地区分它们。本项目将开发新技术，以收集加密的移动的网络流量，包括控制平面信号和数据平面数据包，并将其标记为用户行为和网络事件;（2）高级奇异性检测和行为识别机制：本项目将研究和开发能够同时执行奇异性检测和行为识别的端到端框架。这涉及到处理有限的标记数据和挖掘频繁模式的新兴行为;（3）移动的/蜂窝友好的自动纠正机制：最先进的安全防御侧信道攻击不是专为移动的网络系统。例如，移动的用户为添加到其数据分组的噪声付出性能损失。该项目将开发移动友好（意味着低内存使用）和蜂窝友好（意味着与标准和运营商的收费模式兼容）的自动纠正机制，以保护各种移动的设备。该奖项反映了NSF的法定使命，并通过使用基金会的知识价值和更广泛的影响审查标准进行评估，被认为值得支持。

项目成果

Exploring the Insecurity of Google Account Registration Protocol via Model Checking

通过模型检查探索Google帐户注册协议的不安全性

• DOI: 10.1109/ssci44817.2019.9003113
• 发表时间: 2019
• 期刊: 2019 IEEE Symposium Series on Computational Intelligence (SSCI
• 作者: Xie, Tian;Wang, Sihan;Tu, Guan-Hua;Li, Chi-Yu;Lei, Xinyu
• 通讯作者: Lei, Xinyu

The Untold Secrets of WiFi-Calling Services: Vulnerabilities, Attacks, and Countermeasures

• DOI: 10.1109/tmc.2020.2995509
• 发表时间: 2021-11
• 期刊: IEEE Transactions on Mobile Computing
• 影响因子: 7.9
• 作者: Tian Xie;Guan-Hua Tu;Bangjie Yin;Chi-Yu Li;Chunyi Peng;Mi Zhang;Hui Liu;Xiaoming Liu

Dissecting Operational Cellular IoT Service Security: Attacks and Defenses

• DOI: 10.1109/tnet.2023.3313557
• 发表时间: 2024-04
• 期刊: IEEE/ACM Transactions on Networking
• 作者: Sihan Wang;Tian Xie;Min-Yue Chen;Guan-Hua Tu;Chi-Yu Li;Xinyu Lei;Polun Chou;Fu-Cheng Hsieh;Yiwen Hu;Li Xiao;Chunyi Peng

MPKIX: Towards More Accountable and Secure Internet Application Services via Mobile Networked Systems

• DOI: 10.1109/tmc.2022.3141694
• 发表时间: 2023-06
• 期刊: IEEE Transactions on Mobile Computing
• 影响因子: 7.9
• 作者: Tian Xie;Sihan Wang;Xinyu Lei;Jingwen Shi;Guan-Hua Tu;Chi-Yu Li

Security Threats from Bitcoin Wallet Smartphone Applications: Vulnerabilities, Attacks, and Countermeasures

比特币钱包智能手机应用程序的安全威胁：漏洞、攻击和对策

• DOI: 10.1145/3422337.3447832
• 发表时间: 2021
• 期刊: CODASPY '21: Proceedings of the Eleventh ACM Conference on Data and Application Security and Privacy
• 作者: Hu, Yiwen;Wang, Sihan;Tu, Guan-Hua;Xiao, Li;Xie, Tian;Lei, Xinyu;Li, Chi-Yu
• 通讯作者: Li, Chi-Yu