SaTC: CORE: Medium: Countering Surveillanceware Using Deception-Based Generative Models and Systems Mechanisms

SaTC：核心：中：使用基于欺骗的生成模型和系统机制对抗监视软件

• 批准号: 2055123
• 负责人: Vincent Bindschaedler
• 金额: $ 120万
• 依托单位: University of Florida
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2021
• 资助国家: 美国
• 起止时间: 2021-01-01 至 2024-12-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=2055123&HistoricalAwards=false
• 关键词: SaTC; CORE; Medium; Countering; Surveillanceware

Surveillanceware (i.e., stalkerware, creepware, spyware, etc.) is a serious and increasingly common cybersecurity threat. In a typical scenario, a malicious individual installs software on a victim's mobile device that tracks the device's location, enabling remote monitoring of its activity. This is not a hypothetical threat: there are reports of intimate partner abusers installing spyware on their victims' smartphones and of journalists, political dissidents, and human rights activists being similarly targeted by repressive regimes. Traditional defenses such as antivirus software are unable to fully counter this threat. While antivirus software may be able to flag and remove surveillanceware, some victims are unable to uninstall surveillanceware because of coercion such as threats of physical violence. This project seeks to systematically study surveillanceware and develop new artificial intelligence (AI)-based defenses for it. In doing so, the project helps broaden cybersecurity research to include the concerns of vulnerable individuals and groups (e.g., survivors of intimate partner violence) whose cybersecurity needs have often historically been neglected. To pursue the project, the investigators plan to assemble a diverse team and collaborate with local organizations (e.g., domestic abuse shelters) and international partners (e.g., the Coalition Against Stalkerware).The focus of this research effort is the design of methods and tools to mitigate the threat of surveillanceware, and in particular, developing a deception-based system that uses machine learning techniques and system security mechanisms to produce fake but plausible ("synthetic") data to be fed to the monitoring apparatus of surveillanceware instead of the real data. The research is naturally organized into three thrusts, starting with a comprehensive analysis of surveillanceware and its capabilities for the purpose of adversarial modeling. The second thrust builds on this analysis to develop techniques to create fake but plausible data that can be used as decoy. This requires the use of machine learning techniques, specifically deep generative models. The final thrust involves designing system mechanisms that can be combined with the machinery developed in the previous thrust to ensure the integrity of the defense. In so doing, the project will move forward an understanding of formal adversarial models for surveillanceware, techniques for synthesizing plausible data and deniable data embedding, and system-level mechanisms that integrate with machine learning techniques to thwart surveillance.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

监视软件（即，stalkerware、creepware、spyware等）这是一个日益严重的网络安全威胁。在典型的情况下，恶意人员在受害者的移动终端上安装软件，跟踪设备的位置，从而实现对其活动的远程监控。这不是一个假设的威胁：有报道称，亲密伴侣虐待者在受害者的智能手机上安装间谍软件，记者、持不同政见者和人权活动家也成为镇压政权的类似目标。防病毒软件等传统防御手段无法完全应对这种威胁。虽然防病毒软件可以标记和删除监视软件，但有些受害者由于受到人身暴力威胁等胁迫而无法卸载监视软件。该项目旨在系统地研究监视软件，并为其开发新的基于人工智能（AI）的防御措施。在此过程中，该项目有助于扩大网络安全研究，以包括弱势个人和群体的担忧（例如，亲密伴侣暴力的幸存者），他们的网络安全需求在历史上常常被忽视。为了实施该项目，调查人员计划组建一个多元化的团队，并与当地组织（例如，家庭虐待庇护所）和国际伙伴（例如，这项研究工作的重点是设计方法和工具来减轻监视软件的威胁，特别是开发一种基于欺骗的系统，该系统使用机器学习技术和系统安全机制来产生虚假但可信的（“合成”）数据，而不是真实的数据，以馈送到监视软件的监视设备。这项研究自然分为三个方面，首先是全面分析监视软件及其对抗建模的能力。第二个重点是在这种分析的基础上开发技术，以创建可用作诱饵的虚假但可信的数据。这需要使用机器学习技术，特别是深度生成模型。最后的推进包括设计系统机制，这些机制可以与前一次推进中开发的机械相结合，以确保防御的完整性。通过这样做，该项目将推进对监视软件的正式对抗模型的理解，合成合理数据和可否认数据嵌入的技术，以及与机器学习技术相结合以阻止监视的系统级机制。该奖项反映了NSF的法定使命，并被认为值得通过使用基金会的智力价值和更广泛的影响审查标准进行评估来支持。

项目成果

DP-Mix: Mixup-based Data Augmentation for Differentially Private Learning

• DOI: 10.48550/arxiv.2311.01295
• 发表时间: 2023-11
• 期刊: ArXiv
• 作者: Wenxuan Bao;Francesco Pittaluga;Vijay Kumar;Vincent Bindschaedler

Analyzing the Monetization Ecosystem of Stalkerware

分析跟踪软件的货币化生态系统

• DOI: 10.56553/popets-2022-0101
• 发表时间: 2022
• 期刊: Proceedings on Privacy Enhancing Technologies
• 作者: Gibson, Cassidy;Frost, Vanessa;Platt, Katie;Garcia, Washington;Vargas, Luis;Rampazzi, Sara;Bindschaedler, Vincent;Traynor, Patrick;Butler, Kevin
• 通讯作者: Butler, Kevin