CyLab researchers present research at the IEEE Symposium on Security and Privacy

CyLab faculty members and students presented their research on topics ranging from mobile money practices in Africa to uncovering and identifying side-channel and evasion attacks at the 45th Institute of Electrical and Electronics Engineers (IEEE) Symposium on Security and Privacy. Held in San Francisco on May 20-22, the event is the premier forum for presenting developments in computer security and electronic privacy, and for bringing together researchers and practitioners in the field.

Here, we’ve compiled a list of the six papers co-authored by CyLab Security and Privacy Institute members that were presented at the event.

The Role of User-Agent Interactions on Mobile Money Practices in Kenya and Tanzania

Karen Sowon, Carnegie Mellon University; Edith Luhanga, Carnegie Mellon University - Africa;  Lorrie Cranor, Carnegie Mellon University; Giulia Fanti, Carnegie Mellon University; Conrad Tucker, Carnegie Mellon University; Assane Gueye, Carnegie Mellon University - Africa

Abstract: Digital financial services have catalyzed financial inclusion in Africa. Commonly implemented as a mobile wallet service referred to as mobile money (MoMo), the technology provides enormous benefits to its users, some of whom have long been unbanked. While the benefits of mobile money services have largely been documented, the challenges that arise—especially in the interactions between human stakeholders—remain relatively unexplored. In this study, we investigate the practices of mobile money users in their interactions with mobile money agents. We conduct 72 structured interviews in Kenya and Tanzania (n=36 per country). The results show that users and agents design workarounds in response to limitations and challenges that users face within the ecosystem. These include advances or loans from agents, relying on the useragent relationships in place of legal identification requirements, and altering the intended transaction execution to improve convenience. Overall, the workarounds modify one or more of what we see as the core components of mobile money: the user, the agent, and the transaction itself. The workarounds pose new risks and challenges for users and the overall ecosystem. The results suggest a need for rethinking privacy and security of various components of the ecosystem, as well as policy and regulatory controls to safeguard interactions while ensuring the usability of mobile money.

GPU.zip: On the Side-Channel Implications of Hardware-Based Graphical Data Compression

Yingchen Wang, The University of Texas at Austin; Riccardo Paccagnella, Carnegie Mellon University; Zhao Gang, The University of Texas at Austin; Willy R. Vasquez, The University of Texas at Austin; David Kohlbrenner, University of Washington; Hovav Shacham, The University of Texas at Austin; Christopher Fletcher, University of Illinois Urbana-Champaign

Abstract: Compression is a widely-deployed optimization that reduces data movement throughout modern computing stacks. Unfortunately, it is also a well-known source of side-channel leakage capable of leaking (potentially) fine-grained functions of the underlying data. There has, however, been a saving grace. Compression is typically software visible. Thus, software can “opt out” of harm’s way by disabling compression when sensitive data is involved, and tailor mitigations to known, public compression algorithms.

This paper challenges the above conventional wisdom by demonstrating the existence of, and exploiting, software-transparent uses of compression. Specifically, we find that integrated GPUs from Intel and AMD vendors compress graphical data in vendor-specific and undocumented ways — even when software does not specifically request compression. Compression induces data-dependent DRAM traffic and cache utilization, which can be measured through side-channel analysis. We show the efficacy of this side channel by performing cross-origin SVG filter pixel stealing attacks through the browser.

PIANO: Extremely Simple, Single-Server PIR with Sublinear Server Computation

Mingxun Zhou, Andrew Park, Elaine Shi, Wenting Zheng; Carnegie Mellon University

Abstract: We construct a sublinear-time single-server preprocessing Private Information Retrieval (PIR) scheme with an optimal tradeoff between client storage and server computation (up to poly-logarithmic factors). Our scheme achieves amortized O˜(√n) server and client computation and O(√n) online communication per query, and requires Oeλ(√n) client storage. Unlike prior single-server PIR schemes that rely on heavy cryptographic machinery such as Homomorphic Encryption, our scheme relies only on Pseudo-Random Functions (PRF). To the best of our knowledge, PIANO is the first practical single-server sublinear-time PIR scheme, and we outperform the state of-the-art single-server PIR by 10×−300×. In comparison with the best known two-server PIR scheme, PIANO enjoys comparable performance but our construction is considerably simpler. Experimental results show that for a 100GB database and with 60ms round-trip latency, PIANO achieves 93ms response time, while the best known prior scheme requires 11s or more.

Communication-efficient, Fault Tolerant PIR over Erasure Coded Storage

Andrew Park, Trevor Leong, Francisco Maturana, Wenting Zheng, Rashmi Vinayak; Carnegie Mellon University

Abstract: Private information retrieval (PIR) is a technique for a client to retrieve an item from a public database without revealing to an adversarial server the item that was queried. While multi-server PIR has been well-studied in order to obtain better communication and computation relative to single-server schemes, there are far fewer fault-tolerant PIR schemes which can remain functional even in the presence of malicious adversaries. In this paper, we present a solution that combines techniques from both the cryptography and information theory communities to design robust PIR protocols that obtain better computation, communication, and storage compared to prior state-of-the-art schemes. Our results show that our PIR protocols achieve up to 9.1× lower latency, at least 39.2× less total communication, and up to 7.3× less computation than the state-of-art robust PIR protocols for a database 4GB in size and can withstand two malicious servers, and continually outperform the robust PIR baselines for a variety of parameter configurations and failure scenarios.

Pryde: A Modular Generalizable Workflow for Uncovering Evasion Attacks Against Stateful Firewall Deployments

Authors: Soo-jin Moon, Carnegie Mellon University; Milind Srivastava, Carnegie Mellon University; Yves Bieri, Compass Security; Ruben Martins, Carnegie Mellon University; Vyas Sekar, Carnegie Mellon University

Abstract: Stateful firewalls (SFW) play a critical role in securing our network infrastructure. Incorrect implementation of the intended stateful semantics can lead to evasion opportunities, even if firewall rules are configured correctly. Uncovering these opportunities is challenging due to the (1) black-box and proprietary nature of firewalls; (2) diversity of deployments; and (3) complex stateful semantics. To tackle these challenges, we present Pryde. Pryde uses a modular model-guided workflow that generalizes across black-box firewall implementations and deployment-specific settings to generate evasion attacks. Pryde infers a behavioral model of the stateful firewall in the presence of potentially non-TCP-compliant packet sequences. It uses this model in conjunction with attacker capabilities and victim behavior to synthesize custom evasion attacks. Using Pryde, we identify more than 6,000 unique attacks against 4 popular firewalls and 4 host networking stacks, many of which cannot be uncovered by prior work on censorship circumvention and black-box fuzzing.

BOLT: Privacy-Preserving, Accurate and Efficient Inference for Transformers

Qi Pang, Carnegie Mellon University; Jinhao Zhu, University of California, Berkeley; Helen Möllering, Technical University of Darmstadt; Wenting Zheng, Carnegie Mellon University; Thomas Schneider, Technical University of Darmstadt

Abstract: The advent of transformers has brought about significant advancements in traditional machine learning tasks. However, their pervasive deployment has raised concerns about the potential leakage of sensitive information during inference. Existing approaches using secure multiparty computation (MPC) face limitations when applied to transformers due to the extensive model size and resource-intensive matrix-matrix multiplications. In this paper, we present BOLT, a privacy-preserving inference framework for transformer models that supports efficient matrix multiplications and nonlinear computations. Combined with our novel machine learning optimizations, BOLT reduces the communication cost by 10.91x. Our evaluation on diverse datasets demonstrates that BOLT maintains comparable accuracy to floating-point models and achieves 4.8-9.5x faster inference across various network settings compared to the state-of-the-art system.