pdf mirage content masking attack against information
play

PDF Mirage: Content Masking Attack Against Information-Based Online - PowerPoint PPT Presentation

Jul 01, 2023 •152 likes •681 views

PDF Mirage: Content Masking Attack Against Information-Based Online Services Ian Markwood*, Dakun Shen*, Yao Liu, and Zhuo Lu University of South Florida *Co-first authors Presented by Ian Markwood Outline Motivation Background

  1. PDF Mirage: Content Masking Attack Against Information-Based Online Services Ian Markwood*, Dakun Shen*, Yao Liu, and Zhuo Lu University of South Florida *Co-first authors Presented by Ian Markwood

  2. Outline • Motivation • Background Information • Content Masking Attack – Against Conference Reviewer Assignment Systems – Against Plagiarism Detection – Against Document Indexing • Content Masking Defense • Conclusion

  3. Motivation • The Adobe Portable Document Format (PDF) is the standard for consistent cross-computer document rendering • PDF documents cannot be edited with commonly accessible tools (MS Word, Adobe Reader, etc.) • This confers a sense of integrity to the document for the end user

  4. Motivation • There is a disconnect between the content of a PDF and what is actually displayed • A computer and a human see two different things

  5. Motivation • Within this disconnect we can perform a content masking attack which compromises the content integrity of PDF files • Three information-based online systems rely on the integrity of PDF documents: – Automatic reviewer assignment systems for academic papers – Plagiarism detection systems – Search engines

  6. Outline • Motivation • Background Information • Content Masking Attack – Against Conference Reviewer Assignment Systems – Against Plagiarism Detection – Against Document Indexing • Content Masking Defense • Conclusion

  7. Background Information • What do these services have in common? – They support PDF submission – They scrape the text out of submitted PDF files to perform their function, rather than using Optical Character Recognition (OCR) – Text scraping copies the plaintext out of all strings within the PDF file – Ignores font associated with text

  8. Background Information • Automatic conference reviewer assignment systems – Use topic matching to assign reviewers to submitted papers – Compare frequent words appearing in reviewers’ published papers to frequent words appearing in submitted papers – INFOCOM uses Latent Semantic Indexing (LSI)

  9. Background Information • Plagiarism detection systems – Measure similarity between strings within subject document and all other documents submitted thus far • Document indexing – Search engines return documents based on the similarity of their content to the search string

  10. Outline • Motivation • Background Information • Content Masking Attack – Against Conference Reviewer Assignment Systems – Against Plagiarism Detection – Against Document Indexing • Content Masking Defense • Conclusion

  11. Content Masking Attack plaintext cipher ciphertext

  12. Content Masking Attack • “Masking font” – a custom font with some rearrangement of the character/glyph relationship • Open source tools such as Font Forge allow copy/paste of character glyphs within fonts • Custom fonts may be imported into L A T E X

  13. Outline • Motivation • Background Information • Content Masking Attack – Against Conference Reviewer Assignment Systems – Against Plagiarism Detection – Against Document Indexing • Content Masking Defense • Conclusion

  14. Content Masking Attack Against Automatic Conference Reviewer Assignment Systems • An author can target a specific reviewer by replacing enough key words in the paper with key words from the reviewer’s papers • Key words – uncommon words that appear most frequently

  15. Content Masking Attack Against Automatic Conference Reviewer Assignment Systems • Algorithm: – Order key words in subject paper and target reviewer’s corpus by descending frequency – Construct a “word mapping” between these two lists – Create a “character mapping” between the letters of each pair of words

  16. Content Masking Attack Against Automatic Conference Reviewer Assignment Systems • Challenges: – One-to-Many Character Mapping – Word Length Disparity

  17. Content Masking Attack Against Automatic Conference Reviewer Assignment Systems • Experiment: – We have reproduced the INFOCOM automatic reviewer assignment system – This includes 114 TPC members from a well- known security conference and 2094 of their recently published papers for training – 100 additional papers used as testing data

  18. Content Masking Attack Against Automatic Conference Reviewer Assignment Systems • Experiment: – Matching a paper to one reviewer Similarity scores relative to amount of words masked. Blue stars show the desired matching.

  19. Content Masking Attack Against Automatic Conference Reviewer Assignment Systems • Experiment: – Matching a paper to one reviewer Word masking requirements for all 100 testing papers

  20. Content Masking Attack Against Automatic Conference Reviewer Assignment Systems • Experiment: – Matching a paper to one reviewer Masking font requirements for all 100 testing papers

  21. Content Masking Attack Against Automatic Conference Reviewer Assignment Systems • Experiment: – Matching a paper to multiple reviewers Similarity scores relative to amount of words masked, between a paper and three reviewers. Blue stars, black circles, and green triangles show the desired matchings

  22. Outline • Motivation • Background Information • Content Masking Attack – Against Conference Reviewer Assignment Systems – Against Plagiarism Detection – Against Document Indexing • Content Masking Defense • Conclusion

  23. Content Masking Attack Against Plagiarism Detection • A cheating student can evade a plagiarism detector by replacing the underlying text with gibberish • Use a “scrambling font” to render the gibberish as legible (plagiarized) text • Results in zero similarity with existing work

  24. Content Masking Attack Against Plagiarism Detection • Zero similarity is unrealistic due to common phrases in language • We evaluate three methods to target a specific similarity score • Each method chooses what text to scramble and what text to leave unaltered

  25. Content Masking Attack Against Plagiarism Detection • By letter – Use scrambling font which scrambles all characters – Remove characters from being scrambled by order of their frequency of appearance in the language – Continue removing characters until a target similarity score is reached

  26. Content Masking Attack Against Plagiarism Detection • By word, in frequency of appearance – Use scrambling font which scrambles all characters – Order distinct words by frequency of appearance – Apply scrambling font to all words – Remove scrambling font from distinct words until a target similarity score is reached

  27. Content Masking Attack Against Plagiarism Detection • By word, at random – Use scrambling font which scrambles all characters – Iterate over document, applying scrambling font at random according to chosen probability – Modify probability until a target similarity score is reached

  28. Content Masking Attack Against Plagiarism Detection • Experiment: – Apply scrambling fonts to 10 published papers and target 5-15% similarity score measured by Turnitin

  29. Outline • Motivation • Background Information • Content Masking Attack – Against Conference Reviewer Assignment Systems – Against Plagiarism Detection – Against Document Indexing • Content Masking Defense • Conclusion

  30. Content Masking Attack Against Document Indexing • An attacker can place spam or illicit content in PDF documents indexed by search engines • These PDFs can show ads instead of legitimate content that users search for

  31. Content Masking Attack Against Document Indexing • This can be considered a special case of the reviewer assignment system subversion method • Instead of masking particular words, we are masking the entire document • Not constrained by spaces however

  32. Content Masking Attack Against Document Indexing • The larger number of masked characters requires more masking fonts • Instead of generating fonts ad hoc, we make one font for each glyph • ~84 fonts • Allows for easy automated generation of masked documents

  33. Content Masking Attack Against Document Indexing • Experiment – Used 5 well-known published papers – Masked each as gibberish

  34. Content Masking Attack Against Document Indexing • Experiment – Submitted them to leading search engines for indexing (Google, Bing, Yahoo!, DuckDuckGo) – Results were the same for all test documents

  35. Content Masking Attack Against Document Indexing • Experiment Search Indexed Attack Evades Spam Not Later Engine Papers Successful Detection Removed Google ✔ ✘ ✘ ✘ Bing ✔ ✔ ✔ ✔ Yahoo! ✔ ✔ ✘ à ✔ ✔ DuckDuckGo ✔ ✔ ✔ ✔

  36. Content Masking Attack Against Document Indexing • Experiment

  37. Outline • Motivation • Background Information • Content Masking Attack – Against Conference Reviewer Assignment Systems – Against Plagiarism Detection – Against Document Indexing • Content Masking Defense • Conclusion

  38. Content Masking Defense • One feasible defense: perform Optical Character Recognition (OCR) on the document to check the integrity of each character. • Problem: – High computational overhead – High false positive rate 50,000 - 75,000 characters

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Low Randomness Masking and Shulfifgn: An Evaluation Using Mutual Information Kostas

Low Randomness Masking and Shulfifgn: An Evaluation Using Mutual Information Kostas

Low Randomness Masking and Shulfifgn: An Evaluation Using Mutual Information Kostas Papagiannopoulos kostaspap88@gmail.com kpcrypto.net Radboud University Nijmegen Digital Security Department The Netherlands 1 Overview Masking,

785 views • 46 slides
Rendering Mirage Team 3 Seo Hansol, Lim Mingi CS482 Fall 2018 Midterm Presentation 1 Contents

Rendering Mirage Team 3 Seo Hansol, Lim Mingi CS482 Fall 2018 Midterm Presentation 1 Contents

Rendering Mirage Team 3 Seo Hansol, Lim Mingi CS482 Fall 2018 Midterm Presentation 1 Contents Introduction Background Previous Works Our Ideas 2 Introduction 3 Mirage inferior mirage superior mirage By Conjecture

498 views • 46 slides
Leakage Resilient Masking Schemes Sebastian Faust Ruhr University Bochum 1 Modern cryptography

Leakage Resilient Masking Schemes Sebastian Faust Ruhr University Bochum 1 Modern cryptography

Leakage Resilient Masking Schemes Sebastian Faust Ruhr University Bochum 1 Modern cryptography Until 1970s: Design crypto algorithm secure against one attack Find attack C Find attack B Crypto Crypto algorithm A algorithm B secure against

631 views • 51 slides
Formal Analysis of the Entropy / Security Trade-off in First-Order Masking Countermeasures

Formal Analysis of the Entropy / Security Trade-off in First-Order Masking Countermeasures

Introduction RSM: Rotating Sboxes Masking Information Theoretic Evaluation of RSM Security Evaluation of RSM against CPA and 2O-CPA Conclusions and Perspectives Formal Analysis of the Entropy / Security Trade-off in First-Order Masking

539 views • 38 slides
Very High-Order Masking: Efficient Implementation and Security Evaluation Anthony Journault and

Very High-Order Masking: Efficient Implementation and Security Evaluation Anthony Journault and

Very High-Order Masking: Efficient Implementation and Security Evaluation Anthony Journault and Franois-Xavier Standaert UCL (Louvain-la-Neuve, Belgium) CHES 2017, Taipei, Taiwan Outline Background Masking Barthe et al. masking

614 views • 48 slides
Proposal to add masking function to GFM Proposal part 1 Adding a masking reference attribute on

Proposal to add masking function to GFM Proposal part 1 Adding a masking reference attribute on

Proposal to add masking function to GFM Proposal part 1 Adding a masking reference attribute on the spatial attribute type. Proposal part 2 Details of the masking attribute addition. Table 3-13 - S100_GF_SpatialAttributeType Role Name

558 views • 8 slides
Rendering Mirage Team 3 Seo Hansol, Lim Mingi CS482 Fall 2018 Final Presentation 1 DEMO 2

Rendering Mirage Team 3 Seo Hansol, Lim Mingi CS482 Fall 2018 Final Presentation 1 DEMO 2

Rendering Mirage Team 3 Seo Hansol, Lim Mingi CS482 Fall 2018 Final Presentation 1 DEMO 2 Contents Artistic Editing For Mirage Image Our Idea Challenges Implementation 3 Artistic Editing For Mirage Image 4 Refractive Index

523 views • 37 slides
Masking schemes: evaluation Oscar Reparaz COSIC/KU Leuven PROOFS Taipei (Taiwan)

Masking schemes: evaluation Oscar Reparaz COSIC/KU Leuven PROOFS Taipei (Taiwan)

Masking schemes: evaluation Oscar Reparaz COSIC/KU Leuven PROOFS Taipei (Taiwan) 2017-09-29 1 quick intro to masking masking = countermeasure against DPA idea: secret sharing b = b 1 + b 2 individual shares tell you nothing

752 views • 45 slides
On the Multiplicative Complexity of Boolean Functions and Bitsliced Higher-Order Masking Dahmun

On the Multiplicative Complexity of Boolean Functions and Bitsliced Higher-Order Masking Dahmun

On the Multiplicative Complexity of Boolean Functions and Bitsliced Higher-Order Masking Dahmun Goudarzi and Matthieu Rivain CHES 2016, Santa-Barbara Higher-Order Masking x = x 1 + x 2 + + x d 2/28 Higher-Order Masking x = x 1 + x 2 +

855 views • 42 slides
Identifying Attack Vectors Professor Larry Heimann Web Application Security Information Systems

Identifying Attack Vectors Professor Larry Heimann Web Application Security Information Systems

Identifying Attack Vectors Professor Larry Heimann Web Application Security Information Systems Nothing is in isolation Attack surface An attack surface is the total number of possible attack vectors Think of a house, with the

309 views • 15 slides
Attack on Traffic Systems These attack examples have happened in the past. We will take an

Attack on Traffic Systems These attack examples have happened in the past. We will take an

From start to finish how a cyber attack would be performed on traffic system, we will go over first day >> exploitation of the device >> the real-world aftermath. Mission Secure, Inc. Attack on Traffic Systems These attack examples

556 views • 18 slides
Disclosures Masking and Breast Density Volpare Health Solutions (Wellington, New Zealand) Can we

Disclosures Masking and Breast Density Volpare Health Solutions (Wellington, New Zealand) Can we

6/8/2017 Disclosures Masking and Breast Density Volpare Health Solutions (Wellington, New Zealand) Can we Quantify Masking Risk? co-founder and shareholder Qview Medical (Los Altos, CA) Nico Karssemeijer consultant, co-founder and

883 views • 18 slides
Id Identify fy a Phishing Attack CWU Information Security Services Id Identify fy a Phishing

Id Identify fy a Phishing Attack CWU Information Security Services Id Identify fy a Phishing

Id Identify fy a Phishing Attack CWU Information Security Services Id Identify fy a Phishing Attack An email address that tries to disguise itself as legitimate Outlook Team <msOutlook@outlook.com> Confirm Acount Details Hello

108 views • 7 slides
Understanding the Masking-Shadowing Function INRIA ; CNRS ; Univ. Grenoble Alpes in

Understanding the Masking-Shadowing Function INRIA ; CNRS ; Univ. Grenoble Alpes in

Understanding the Masking-Shadowing Function in Understanding the Masking-Shadowing Function in Microfacet-Based BRDFs 2014-09-01 Microfacet-Based BRDFs Eric Heitz Understanding the Masking-Shadowing Function INRIA ; CNRS ; Univ. Grenoble

808 views • 77 slides
Agendas Information Control and Terrorism: Tracking the Mumbai Terrorist Attack through Twitter

Agendas Information Control and Terrorism: Tracking the Mumbai Terrorist Attack through Twitter

Agendas Information Control and Terrorism: Tracking the Mumbai Terrorist Attack through Twitter Analysis of terrorists decision making cycle during the Mumbai terrorist attack Onook Oh*, Manish Agrawal^ , H. Raghav Rao* Situation

297 views • 6 slides
A New Side-Channel Attack on RSA Prime Generation Thomas Finke, Max Gebhardt, Werner Schindler

A New Side-Channel Attack on RSA Prime Generation Thomas Finke, Max Gebhardt, Werner Schindler

A New Side-Channel Attack on RSA Prime Generation Thomas Finke, Max Gebhardt, Werner Schindler Federal Office for Information Security (BSI), Germany Lausanne, September 7, 2009 Outline r Introduction and Motivation r The Attack r Basic attack

514 views • 25 slides
Variable Fonts and the future of typography Jason Pamental | @jpamental BostonCSS Meetup |

Variable Fonts and the future of typography Jason Pamental | @jpamental BostonCSS Meetup |

Variable Fonts and the future of typography Jason Pamental | @jpamental BostonCSS Meetup | Vermonster Designer, Writer, Tinkerer, Typographer 25 April, 2018 cosmografia del minor mondo Type well used is invisible as type

1.74k views • 134 slides
Reef to Coast Airborne mapping of developments in the coastal region Presented by Veroniva

Reef to Coast Airborne mapping of developments in the coastal region Presented by Veroniva

30/11/2016 Reef to Coast Airborne mapping of developments in the coastal region Presented by Veroniva Macovei and Dr. Holger Eichstaedt Objectives Efficient and fast mapping for: Engineering, planning and preventive maintenance

201 views • 17 slides
+ Glacier Bay National Park Alaska Mapping Executive Committee (AMEC) Juneau, AK August

+ Glacier Bay National Park Alaska Mapping Executive Committee (AMEC) Juneau, AK August

+ Glacier Bay National Park Alaska Mapping Executive Committee (AMEC) Juneau, AK August 29, 2018 2 Agenda Welcome and Introductions James Reilly, USGS and Tim Gallaudet, DOC AMEC Theme Status Report - Kevin Gallagher, USGS

909 views • 69 slides
Drones in agriculture at UC Davis Travis Parker Plant Biology Graduate Group LASER, January 31,

Drones in agriculture at UC Davis Travis Parker Plant Biology Graduate Group LASER, January 31,

Drones in agriculture at UC Davis Travis Parker Plant Biology Graduate Group LASER, January 31, 2019 Why dr hy drone ones in s in ag? g? -need for increased agricultural production -consumer demand for responsible farm management -farm

723 views • 23 slides
GUIDELINES FOR PLENARY SESSIONS & ABSTRACT PRESENTATIONS INSTRUCTIONS TO SPEAKERS WHEN YOU

GUIDELINES FOR PLENARY SESSIONS & ABSTRACT PRESENTATIONS INSTRUCTIONS TO SPEAKERS WHEN YOU

GUIDELINES FOR PLENARY SESSIONS & ABSTRACT PRESENTATIONS INSTRUCTIONS TO SPEAKERS WHEN YOU ARRIVE AT THE CONGRESS CENTRE : Collect your registration material at the registration desk within the registration area Kindly upload your

222 views • 3 slides
WEAK BLR S IN AGN? S TEFANO B IANCHI November 17 th 2016 NuSTAR Science Meeting 2016

WEAK BLR S IN AGN? S TEFANO B IANCHI November 17 th 2016 NuSTAR Science Meeting 2016

W HAT DO WE LEARN FROM INTRINSICALLY WEAK BLR S IN AGN? S TEFANO B IANCHI November 17 th 2016 NuSTAR Science Meeting 2016 Caltech, Pasadena CA, U.S.A. T HE U NIFICATION M ODEL VIEW In standard Unified Models NLR (e.g. Antonucci 1993)

433 views • 15 slides
ON THE PRESENTATION OF ORIENTATION DISTRIBUTION FUNCTIONS BY MODEL FUNCTIONS. Article May 1986

ON THE PRESENTATION OF ORIENTATION DISTRIBUTION FUNCTIONS BY MODEL FUNCTIONS. Article May 1986

See discussions, stats, and author profiles for this publication at: https://www.researchgate.net/publication/292009181 ON THE PRESENTATION OF ORIENTATION DISTRIBUTION FUNCTIONS BY MODEL FUNCTIONS. Article May 1986 CITATIONS READS 34 51 4

446 views • 11 slides
Two-loop resummation in (F)APT A. P. Bakulev Bogoliubov Lab. Theor. Phys., JINR (Dubna, Russia)

Two-loop resummation in (F)APT A. P. Bakulev Bogoliubov Lab. Theor. Phys., JINR (Dubna, Russia)

Two-loop resummation in (F)APT A. P. Bakulev Bogoliubov Lab. Theor. Phys., JINR (Dubna, Russia) Two-loop resummation in (F)APT p. 1 Bogoliubov Readings@JINR, Dubna (Russia), Sept. 2225, 2010 OUTLINE Intro: Analytic Perturbation Theory

1.1k views • 99 slides

More recommend