aw are preventing abuse of privacy sensitive sensors via
play

AW ARE : Preventing Abuse of Privacy-Sensitive Sensors via Operation - PowerPoint PPT Presentation

Jun 22, 2023 •257 likes •813 views

AW ARE : Preventing Abuse of Privacy-Sensitive Sensors via Operation Bindings Giuseppe Petracca Ahmad-Atamli Reineh Trent Jaeger gxp18@cse.psu.edu atamli@cs.ox.ac.uk tjaeger@cse.psu.edu The Pennsylvania State University University of

  1. AW ARE : Preventing Abuse of Privacy-Sensitive Sensors via Operation Bindings Giuseppe Petracca Ahmad-Atamli Reineh Trent Jaeger gxp18@cse.psu.edu atamli@cs.ox.ac.uk tjaeger@cse.psu.edu The Pennsylvania State University University of Oxford, UK The Pennsylvania State University School of Electrical Engineering and Computer Science Dept. of Electrical Engineering and Computer Science School of Electrical Engineering and Computer Science Institute for Networking and Security Research Institute for Networking and Security Research Yuqiong Sun Jens Grossklags yuqiong_sun@symantec.com jens.grossklags@in.tum.de Symantec Research Labs, US Technical University of Munich, DE 1

  2. Increasing Availability of Privacy-Sensitive Sensors Controlling when applications may use privacy-sensitive sensors (i.e., cameras, microphones, and touch screens): Entertainment Banking Screen Sharing G. Petracca et al. - AW ARE : Preventing Abuse of Privacy-Sensitive Sensors via Operation Bindings 2

  3. Abuse of Privacy-Sensitive Sensors G. Petracca et al. - AW ARE : Preventing Abuse of Privacy-Sensitive Sensors via Operation Bindings 3

  4. Real World Incidents G. Petracca et al. - AW ARE : Preventing Abuse of Privacy-Sensitive Sensors via Operation Bindings 4

  5. Current Authorization Mechanisms Install-Time First-Use Beginning in Android 6.0 (API level 23), users grant permissions to apps while the app is running, not whey the install the app! G. Petracca et al. - AW ARE : Preventing Abuse of Privacy-Sensitive Sensors via Operation Bindings 5

  6. Shortcomings G. Petracca et al. - AW ARE : Preventing Abuse of Privacy-Sensitive Sensors via Operation Bindings 6

  7. Shortcomings G. Petracca et al. - AW ARE : Preventing Abuse of Privacy-Sensitive Sensors via Operation Bindings 7

  8. Shortcomings G. Petracca et al. - AW ARE : Preventing Abuse of Privacy-Sensitive Sensors via Operation Bindings 8

  9. What Is The Access Control Problem? Series ISSN: XXXX-XXXX JAEGER M S YNTHESIS L ECTURES ON C & & Morgan Claypool Publishers I NFORMATION S ECURITY , P RIV ACY, AND T RUST Series Editor: Ravi Sandhu, University of Texas at San Antonio Operating System Operating System Security Security Trent Jaeger, The Pennsylvania State University Operating systems provide the fundamental mechanisms for securing computer processing. Since the 1960s, operating systems designers have explored how to build “secure” operating systems — operating systems whose OPERATING SYSTEM SECURITY mechanisms protect the system against a motivated adversary. Recently, the importance of ensuring such security has become a mainstream issue for all operating systems. In this book, we examine past research that outlines the requirements for a secure operating system and research that implements example systems that aim for such requirements. For system designs that aimed to satisfy these requirements, we see that the complexity of software systems often results in implementation challenges that we are still exploring to this day. However, if a system design does not aim for achieving the secure operating system requirements, then its security features fail to protect the system in a myriad of ways. We also study systems that have been retrofit with secure operating system features after an initial deployment. In all cases, the conflict between function on one hand and security on the other leads to difficult choices and the potential for unwise compromises. From this book, we hope that systems designers and implementers will learn the requirements for operating systems that effectively enforce Trent Jaeger security and will better understand how to manage the balance between function and security. About SYNTHESIs Morgan Claypool This volume is a printed version of a work that appears in the Synthesis Digital Library of Engineering and Computer Science. Synthesis Lectures provide concise, original presentations of important research and development topics, published quickly, in digital and print formats. For more information & visit www.morganclaypool.com S YNTHESIS L ECTURES ON ISBN: 978-1-59829-212-1 I NFORMATION S ECURITY , P RIV ACY, AND T RUST & 90000 Morgan Claypool Publishers w w w . m o r g a n c l a y p o o l . c o m 9 781598 292121 Ravi Sandhu, Series Editor G. Petracca et al. - AW ARE : Preventing Abuse of Privacy-Sensitive Sensors via Operation Bindings 9

  10. Confused Deputy Problem Permission holder (Android system) may be tricked into using its permissions (sensor access) based on a misleading/malicious request (from an app) Typically related to servers being tricked into unauthorized file access E.g., web server serving a password file by mishandling malicious request Goal in this case : System only grants sensor access when system and user approve How does the Android system validate user approval? How do users know what they are approving? Good news : Android system can capture all user input events G. Petracca et al. - AW ARE : Preventing Abuse of Privacy-Sensitive Sensors via Operation Bindings 10

  11. Proposed Defenses Input-Driven Access Control (IDAC) Authorize an operation request that immediately follows a user input event User inputs associated with operation authorizations Binding between the user inputs and the authorized operations still unknown to the system! G. Petracca et al. - AW ARE : Preventing Abuse of Privacy-Sensitive Sensors via Operation Bindings 11

  12. Proposed Defenses User-Driven Access Control (UDAC) Applications must use system-defined gadgets associated with particular operations Binding between the user input and the authorized operation explicit to the system Binding still not explicit to the user! G. Petracca et al. - AW ARE : Preventing Abuse of Privacy-Sensitive Sensors via Operation Bindings 12

  13. Limitations of Prior Work Leverage the user as weak link to circumvent protection mechanisms! “User Interface Attacks” User may fail to: Identify the application requesting sensor access Recognize subtle changes in the Graphic User Interface (GUI) Understand the operation granted by a particular gadget G. Petracca et al. - AW ARE : Preventing Abuse of Privacy-Sensitive Sensors via Operation Bindings 13

  14. User Interface Attacks (Bait-and-Switch) Window A x Interac(on #1 G. Petracca et al. - AW ARE : Preventing Abuse of Privacy-Sensitive Sensors via Operation Bindings 14

  15. User Interface Attacks (Bait-and-Switch) Window A x Interac(on #2 G. Petracca et al. - AW ARE : Preventing Abuse of Privacy-Sensitive Sensors via Operation Bindings 15

  16. User Interface Attacks (Bait-and-Switch) Window A x Interac(on #3 G. Petracca et al. - AW ARE : Preventing Abuse of Privacy-Sensitive Sensors via Operation Bindings 16

  17. User Interface Attacks (Bait-and-Switch) Window A x Interac(on #4 G. Petracca et al. - AW ARE : Preventing Abuse of Privacy-Sensitive Sensors via Operation Bindings 17

  18. User Interface Attacks (Bait-and-Switch) Window A x Interac(on #5 G. Petracca et al. - AW ARE : Preventing Abuse of Privacy-Sensitive Sensors via Operation Bindings 18

  19. User Interface Attacks (Bait-and-Switch) Window A x The applica*on maintained Interac(on #4 the windowing display context but switched the widget to record audio “Bait-and-Switch A:ack” G. Petracca et al. - AW ARE : Preventing Abuse of Privacy-Sensitive Sensors via Operation Bindings 19

  20. User Interface Attacks (Application Spoofing) Window A x G. Petracca et al. - AW ARE : Preventing Abuse of Privacy-Sensitive Sensors via Operation Bindings 20

  21. User Interface Attacks (Application Spoofing) Window A x A click by the user allows the Legi(mate App to record audio G. Petracca et al. - AW ARE : Preventing Abuse of Privacy-Sensitive Sensors via Operation Bindings 21

  22. User Interface Attacks (Application Spoofing) Window A x “Applica(on Spoofing A:ack” A click by the user allows the Spoofing App to record audio G. Petracca et al. - AW ARE : Preventing Abuse of Privacy-Sensitive Sensors via Operation Bindings 22

  23. Proposed Defenses User-Driven Access Control (UDAC) Applications must use system-defined gadgets Compatibility Issue associated with particular operations G. Petracca et al. - AW ARE : Preventing Abuse of Privacy-Sensitive Sensors via Operation Bindings 23

  24. Proposed Defenses User-Driven Access Control (UDAC) Applications must use system-defined gadgets associated with particular operations 3,000,000+ apps Need Redesign No Customization G. Petracca et al. - AW ARE : Preventing Abuse of Privacy-Sensitive Sensors via Operation Bindings 24

  25. Research Objectives Prevent User Interface Attacks Maintain a low authorization effort for the user Ensure compatibility with existing applications Ensure a performance overhead not perceivable by the user G. Petracca et al. - AW ARE : Preventing Abuse of Privacy-Sensitive Sensors via Operation Bindings 25

  26. Preventing Operation Switching Attacks Goal : Prevent applications from changing the mapping between a widget and the associated operation Window A x Take Photo Record Video G. Petracca et al. - AW ARE : Preventing Abuse of Privacy-Sensitive Sensors via Operation Bindings 26-1

  27. Preventing Operation Switching Attacks Goal : Prevent applications from changing the mapping between a widget and the associated operation Window A x Take Photo Record Video G. Petracca et al. - AW ARE : Preventing Abuse of Privacy-Sensitive Sensors via Operation Bindings 26-2

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

AW ARE : Preventing Abuse of Privacy-Sensitive Sensors via Operation Bindings Giuseppe Petracca

AW ARE : Preventing Abuse of Privacy-Sensitive Sensors via Operation Bindings Giuseppe Petracca

AW ARE : Preventing Abuse of Privacy-Sensitive Sensors via Operation Bindings Giuseppe Petracca Ahamad-Atamli Reineh Trent Jaeger gxp18@cse.psu.edu atamli@cs.ox.ac.uk tjaeger@cse.psu.edu The Pennsylvania State University University of

860 views • 50 slides
MoVid 13? Landon Cox Duke University Want to share sensitive data. Devices have sensors and

MoVid 13? Landon Cox Duke University Want to share sensitive data. Devices have sensors and

What would you submit to MoVid 13? Landon Cox Duke University Want to share sensitive data. Devices have sensors and talk to the cloud . Data is often sensitive (e.g., location, images). Mobile sensing services Tremendous opportunities

567 views • 11 slides
Preserving the Privacy of Sensitive Relationships in Graph Data Motivation Valuable Data! No

Preserving the Privacy of Sensitive Relationships in Graph Data Motivation Valuable Data! No

Preserving the Privacy of Sensitive Relationships in Graph Data Motivation Valuable Data! No privacy breaches! Public Data Anonymization Data representation? Privacy breach? Value of data? Data publisher Privacy Analyst Work by: Elena

80 views • 3 slides
References The Use of Opioids for Chronic Non-Cancer Pain While Preventing Abuse and Diversion

References The Use of Opioids for Chronic Non-Cancer Pain While Preventing Abuse and Diversion

References The Use of Opioids for Chronic Non-Cancer Pain While Preventing Abuse and Diversion ASPMN National Conference, September 2016. 1. American Society of Addiction Medicine, (2012). Public policy statement on measures to counteract

552 views • 3 slides
Preventing and Remediating Criminal Abuse of Online Infrastructure Michel van Eeten 1

Preventing and Remediating Criminal Abuse of Online Infrastructure Michel van Eeten 1

Preventing and Remediating Criminal Abuse of Online Infrastructure Michel van Eeten 1 Breaking into computers might be the bicycle theft of the future Netherlands Attorney General Gerrit van der Burg 2 DDoS in Netherlands, 2015 >

535 views • 29 slides
Preventing Abuse of the Non-Profit Sector to Finance Terrorism Special meeting of the

Preventing Abuse of the Non-Profit Sector to Finance Terrorism Special meeting of the

Project on Preventing Abuse of the Non-Profit Sector to Finance Terrorism Special meeting of the Counter-Terrorism Committee United Nations, New York 2012-11-20 The Need for Technical Assistance Growth of the NPO sector FATF

402 views • 8 slides
Best Practices for Preventing FMLA Abuse: Using the FMLA to your Advantage You are placed on

Best Practices for Preventing FMLA Abuse: Using the FMLA to your Advantage You are placed on

Best Practices for Preventing FMLA Abuse: Using the FMLA to your Advantage You are placed on notice of an employees need for FMLA leave. What is the first thing you do? Dont give leave prematurely Before designating leave as FMLA,

336 views • 30 slides
Identifying and Preventing Conditions for Web Privacy Leakage Craig E. Wills Computer Science

Identifying and Preventing Conditions for Web Privacy Leakage Craig E. Wills Computer Science

Identifying and Preventing Conditions for Web Privacy Leakage Craig E. Wills Computer Science Department Worcester Polytechnic Institute Worcester, MA USA W3C Workshop on Web Tracking and User Privacy April, 2011 1 Its Not Just Tracking

474 views • 4 slides
Adults their rights, protecting them Section 42 and preventing abuse. Enquiries Delivered

Adults their rights, protecting them Section 42 and preventing abuse. Enquiries Delivered

Safeguarding is Safeguarding about making people aware of Adults their rights, protecting them Section 42 and preventing abuse. Enquiries Delivered by: Jane Hughes Safeguarding Consultant on behalf of Hampshire Safeguarding Adults

489 views • 35 slides
Preventing Substance Abuse and Supporting Student Social-Emotional Wellbeing Presented to the

Preventing Substance Abuse and Supporting Student Social-Emotional Wellbeing Presented to the

Middletown Township Public School District Preventing Substance Abuse and Supporting Student Social-Emotional Wellbeing Presented to the Municipal Alliance on Saturday, May 18, 2019 Personnel Support for Student Social/Emotional Wellbeing

118 views • 11 slides
1 Sensors Intrude on Privacy Accelerometers can leak keystrokes [1], gyroscopes can leak

1 Sensors Intrude on Privacy Accelerometers can leak keystrokes [1], gyroscopes can leak

1 Sensors Intrude on Privacy Accelerometers can leak keystrokes [1], gyroscopes can leak voice [2], etc. What is the threat from devices never intended to be sensors in the first place? Accelerometers: [1] Marquardt et al., CCS '11,

705 views • 29 slides
Our Product Range Color Sensors Luminescence Sensors Contrast Sensors Opacity

Our Product Range Color Sensors Luminescence Sensors Contrast Sensors Opacity

EMX Industries Inc . Application Driven Sensors Our Product Range Color Sensors Luminescence Sensors Contrast Sensors Opacity Sensors Brightness Sensors Special Sensors Bluetooth Switch The Facts Fastest Speed

309 views • 10 slides
Telemedicine Credentialing and Privileging Protecting Patient Privacy, Avoiding Fraud and Abuse

Telemedicine Credentialing and Privileging Protecting Patient Privacy, Avoiding Fraud and Abuse

Presenting a live 90 minute webinar with interactive Q&A Telemedicine Credentialing and Privileging Protecting Patient Privacy, Avoiding Fraud and Abuse Liability, Ensuring Quality Care WEDNES DAY, AUGUS T 21, 2013 1pm Eastern |

947 views • 61 slides
CS 5412/LECTURE 17 Ken Birman LEAVE NO TRACE BEHIND Spring, 2019

CS 5412/LECTURE 17 Ken Birman LEAVE NO TRACE BEHIND Spring, 2019

CS 5412/LECTURE 17 Ken Birman LEAVE NO TRACE BEHIND Spring, 2019 HTTP://WWW.CS.CORNELL.EDU/COURSES/CS5412/2019SP 1 THE PRIVACY PUZZLE FOR I O T We have sensors everywhere, including in very sensitive settings. They are capturing information

897 views • 65 slides
New Directions in Privacy- preserving Machine Learning Kamalika Chaudhuri University of

New Directions in Privacy- preserving Machine Learning Kamalika Chaudhuri University of

New Directions in Privacy- preserving Machine Learning Kamalika Chaudhuri University of California, San Diego Sensitive Data Medical Records Genetic Data Search Logs AOL Violates Privacy AOL Violates Privacy Netflix Violates Privacy [NS08]

957 views • 92 slides
A6: Sensitive Data Exposure A6 Sensitive Data Exposure Sensitive data stored or transmitted

A6: Sensitive Data Exposure A6 Sensitive Data Exposure Sensitive data stored or transmitted

A6: Sensitive Data Exposure A6 Sensitive Data Exposure Sensitive data stored or transmitted insecurely Failure to protect all sensitive data Usernames, passwords, password hashes, credit-card information, identity info Session

415 views • 17 slides
Branding The Jewellery & Gold Business By Harish Bijoor, Founder, Harish Bijoor Consults

Branding The Jewellery & Gold Business By Harish Bijoor, Founder, Harish Bijoor Consults

Branding The Jewellery & Gold Business By Harish Bijoor, Founder, Harish Bijoor Consults Inc. 2 nd India Gold & Jewellery Summit, New Delhi, India 23 November, 2018 For a start.. Lets define a brand . What is a

740 views • 21 slides
lilachbullock.com lilachbullock.com Building relationships on Twitter means: increased brand

lilachbullock.com lilachbullock.com Building relationships on Twitter means: increased brand

lilachbullock.com lilachbullock.com Building relationships on Twitter means: increased brand awareness more engagement Twitter is perfect for connecting with => better results! customers, influencers & more.

622 views • 40 slides
- Columbia county Charter commission D ecember 18, 2001 5: 30 P.M . The Columbia County Charter

- Columbia county Charter commission D ecember 18, 2001 5: 30 P.M . The Columbia County Charter

- Columbia county Charter commission D ecember 18, 2001 5: 30 P.M . The Columbia County Charter Commission met in a regularly scheduled meeting at the Columbia County Courthouse. ORD ER The meeting came to order. Rick Bicknell opened with prayer,

520 views • 13 slides
City of Sanibel Planning Department STAFF REPORT Planning Commission Meeting July 9, 2013

City of Sanibel Planning Department STAFF REPORT Planning Commission Meeting July 9, 2013

City of Sanibel Planning Department STAFF REPORT Planning Commission Meeting July 9, 2013 Agenda Item: No. 7 a. Subject: Commercial Redevelopment Kickoff Discussion by the Planning Commission At the June 6, 2013 City Council meeting Staff

129 views • 11 slides
Preserving St. Laurentius A Neighborhood Perspective As a professor of architecture I have seen

Preserving St. Laurentius A Neighborhood Perspective As a professor of architecture I have seen

Preserving St. Laurentius A Neighborhood Perspective As a professor of architecture I have seen how important buildings like these are to their neighborhoods. Don't let short-term private profit outweigh the long-term public benefit. -Don

408 views • 7 slides
What the Consumer Financial What the Consumer Financial Protection Bureau Means for Private

What the Consumer Financial What the Consumer Financial Protection Bureau Means for Private

What the Consumer Financial What the Consumer Financial Protection Bureau Means for Private Protection Bureau Means for Private Sector Colleges and Universities Sector Colleges and Universities Association of Private Sector Colleges and

863 views • 58 slides
Community Energy Aggregation Program - Round II A Local Services Program for Lowering Energy

Community Energy Aggregation Program - Round II A Local Services Program for Lowering Energy

Montgomery Township Community Energy Aggregation Program - Round II A Local Services Program for Lowering Energy Costs Consultants: Gabel Associates, Inc. www.gabelassociates.com Review of the MCEA Program: How does it work? Program is

146 views • 13 slides
The POC is diverse group made up of mothers, fathers, community members, students, and

The POC is diverse group made up of mothers, fathers, community members, students, and

Armory Square Presentation Slide1 The POC is diverse group made up of mothers, fathers, community members, students, and environmental advocateswe are more than just a bunch of people holding plungers Slide 2 If Nancy Cantor is

140 views • 3 slides

More recommend