SaTC: CORE: Small: Side-channel Attacks Against Mobile Users: Singularity Detection, Behavior Identification, and Automated Rectification

SaTC：核心：小型：针对移动用户的旁道攻击：奇点检测、行为识别和自动纠正

• 批准号: 1815636
• 负责人: GUAN-HUA TU
• 金额: $ 50万
• 依托单位: Michigan State University
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2018
• 资助国家: 美国
• 起止时间: 2018-10-01 至 2023-09-30
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1815636&HistoricalAwards=false
• 关键词: SaTC; CORE; Small; Side; channel

Side-channel attacks have been proven effective to infer sensitive information (such as user activities) that should not be disclosed to unauthorized users. Owing to the closed nature of the cellular network infrastructure, adversaries cannot easily capture encrypted mobile network traffic, thus protecting against side-channel information leakage of mobile users. However, with the recent proliferation of software defined radio platforms and emerging Internet Protocol-based cellular network services over public networks (including Wi-Fi calling), mobile phone users are now exposed to more serious side-channel information leakage than before. This project aims to conduct a comprehensive investigation of side-channel attacks against mobile phone users by collecting, labeling, mining, and analyzing mobile users' encrypted mobile data. The success of this research will not only contribute new techniques to discover security vulnerabilities that can be exploited from side-channel information leakage, but also develop novel automated rectification mechanisms to safeguard users. The proposed activities may contribute to the upcoming 5G technology standardization and train a new generation of engineers and students. This project makes three technical contributions: (1) New techniques for mobile data collection and labeling: Cellular network control-plane signals indicate a variety of cellular network events (such as changes in a user's Quality-of-Service profile or location) which may be exploited to invade user privacy. However, the current-generation cellular sniffers cannot distinguish well between control-plane signals and data-plane data packets when they are transmitted over the same physical channel. This project will develop new techniques to collect encrypted mobile network traffic including control-plane signals and data-plane data packets and label them with user behaviors and network events; (2) Advanced Singularity Detection and Behavior Identification mechanism: This project will study and develop end-to-end frameworks that can perform singularity detection and behavior identification simultaneously. This involves processing limited labeled data and mining frequent patterns for emerging behaviors; (3) Mobile/cellular-friendly automated rectification mechanisms: The state-of-the-art security defenses for side-channel attacks are not designed for mobile networked systems. For example, mobile users pay a performance penalty for the noise added to their data packets. This project will develop mobile-friendly (meaning low memory usage) and cellular-friendly (meaning compatible with standards and operators' charging model) automated rectification mechanisms to secure a variety of mobile devices.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

侧通道攻击已被证明有效地推断不应向未经授权的用户披露的敏感信息（例如用户活动）。由于蜂窝网络基础架构的封闭性质，对手无法轻易捕获加密的移动网络流量，从而防止移动用户的侧通道信息泄漏。但是，随着软件定义的无线电平台和新兴的Internet协议通过公共网络（包括Wi-Fi呼叫）的扩散，移动电话用户现在会暴露于比以前更严重的侧通道信息泄漏。该项目旨在通过收集，标签，采矿和分析移动用户的加密移动数据来对对移动电话用户的侧渠道攻击进行全面调查。这项研究的成功不仅会为发现可以从侧通道信息泄漏中利用的安全漏洞提供新技术，而且还开发了新型的自动化纠正机制来保护用户。拟议的活动可能有助于即将到来的5G技术标准化，并培训新一代的工程师和学生。该项目做出了三个技术贡献：（1）移动数据收集和标签的新技术：蜂窝网络控制平面信号指示各种蜂窝网络事件（例如用户服务质量配置文件或位置的变化）被利用以入侵用户隐私。但是，电流生成的蜂窝嗅探器在通过同一物理通道传输时无法区分控制平面信号和数据平面数据包。该项目将开发新技术，以收集加密的移动网络流量，包括控制平面信号和数据平面数据包，并用用户行为和网络事件标记它们； （2）高级奇异性检测和行为识别机制：该项目将研究和开发可以同时执行奇异性检测和行为识别的端到端框架。这涉及处理有限的标记数据和新兴行为的频繁模式； （3）移动/蜂窝友好的自动化整流机制：侧通道攻击的最新安全防御措施不是为移动网络系统设计的。例如，移动用户为添加到其数据包中的噪声支付绩效罚款。该项目将开发对移动友好型（意味着低内存使用率）和蜂窝友好型（意味着与标准和运营商的充电模型兼容）自动纠正机制，以确保各种移动设备。此奖项反映了NSF的法定任务，并且被认为是值得的。通过基金会的智力优点和更广泛的影响评估标准通过评估来支持。

项目成果

Exploring the Insecurity of Google Account Registration Protocol via Model Checking

通过模型检查探索Google帐户注册协议的不安全性

• DOI: 10.1109/ssci44817.2019.9003113
• 发表时间: 2019
• 期刊: 2019 IEEE Symposium Series on Computational Intelligence (SSCI
• 作者: Xie, Tian;Wang, Sihan;Tu, Guan-Hua;Li, Chi-Yu;Lei, Xinyu
• 通讯作者: Lei, Xinyu

Dissecting Operational Cellular IoT Service Security: Attacks and Defenses

• DOI: 10.1109/tnet.2023.3313557
• 发表时间: 2024-04
• 期刊: IEEE/ACM Transactions on Networking
• 作者: Sihan Wang;Tian Xie;Min-Yue Chen;Guan-Hua Tu;Chi-Yu Li;Xinyu Lei;Polun Chou;Fu-Cheng Hsieh;Yiwen Hu;Li Xiao;Chunyi Peng

The Untold Secrets of WiFi-Calling Services: Vulnerabilities, Attacks, and Countermeasures

• DOI: 10.1109/tmc.2020.2995509
• 发表时间: 2021-11
• 期刊: IEEE Transactions on Mobile Computing
• 影响因子: 7.9
• 作者: Tian Xie;Guan-Hua Tu;Bangjie Yin;Chi-Yu Li;Chunyi Peng;Mi Zhang;Hui Liu;Xiaoming Liu

MPKIX: Towards More Accountable and Secure Internet Application Services via Mobile Networked Systems

• DOI: 10.1109/tmc.2022.3141694
• 发表时间: 2023-06
• 期刊: IEEE Transactions on Mobile Computing
• 影响因子: 7.9
• 作者: Tian Xie;Sihan Wang;Xinyu Lei;Jingwen Shi;Guan-Hua Tu;Chi-Yu Li

Security Threats from Bitcoin Wallet Smartphone Applications: Vulnerabilities, Attacks, and Countermeasures

比特币钱包智能手机应用程序的安全威胁：漏洞、攻击和对策

• DOI: 10.1145/3422337.3447832
• 发表时间: 2021
• 期刊: CODASPY '21: Proceedings of the Eleventh ACM Conference on Data and Application Security and Privacy
• 作者: Hu, Yiwen;Wang, Sihan;Tu, Guan-Hua;Xiao, Li;Xie, Tian;Lei, Xinyu;Li, Chi-Yu
• 通讯作者: Li, Chi-Yu