All sessions will be held in Grand Ballroom AB unless otherwise noted.
The workshop papers are available for download below to registered attendees now and to everyone beginning Monday, August 14. Paper abstracts are available to everyone now. Copyright to the individual works is retained by the author[s].
Downloads for Registered Attendees
(Sign in to your USENIX account to download these files.)
Monday, August 14, 2017
8:00 am–9:00 am
9:00 am-9:10 am
Program Co-Chairs: William Enck, North Carolina State University, and Collin Mulliner, Square Inc.
9:10 am–10:10 am
Chester Wisniewski, Sophos
As offensive "red team" tools become more available, both commercially and open source, they are becoming ever more sophisticated. While this is a boon for the good guys, it is also helping our adversaries mount increasingly advanced attacks at a velocity many are unprepared for. We are also beginning to see tools for hacking medical devices, cars, drones and other tools available to the masses, but will this improve our security or create chaos?
Chester Wisniewski has been involved in the information security space since the late 1980s. He is currently a Principal Research Scientist in the Office of the CTO. Chet divides his time between research, public speaking, writing and attempting to communicate the complexities of security to the press and public in a way they can understand.
Chester has spoken at RSA, InfoSec Europe, LISA, USENIX, Virus Bulletin and many Security BSides events around the world in addition to regularly consulting with NPR, CNN, CBC, The New York Times and other media outlets.
10:10 am–10:30 am
Break with Refreshments
10:30 am–12:30 pm
Below the Hardware
Session Chair: Lucas Davi, University of Duisburg-Essen
Sofia Belikovetsky, Ben-Gurion University of the Negev; Mark Yampolskiy, University of South Alabama; Jinghui Toh, Singapore University of Technology and Design; Jacob Gatlin, University of South Alabama; Yuval Elovici, Ben-Gurion University of the Negev, Singapore University of Technology and Design
Additive Manufacturing (AM, or 3D printing) is an emerging manufacturing technology with far-reaching implications. AM is increasingly used to produce functional parts, including components for safety-critical systems. However, AM’s unique capabilities and dependence on computerization raise a concern that an AM generated part could be sabotaged by a cyber-physical attack.
In this paper, we demonstrate the validity of this concern by presenting a novel attack: reducing the fatigue life of a functional part. We develop a sabotage attack against a specific 3D-printed quadcopter propeller, causing its mid-flight failure, ultimately leading to the quadcopter’s fall and destruction. The study described in this paper presents the very first full chain of attack against AM.We present all stages of the attack, beginning with a cyber-attack aimed at compromising a manufacturing environment and ending with the destruction of the target system that employs this part. Among major scientific contributions of this paper are a new category of a sabotage attack (accelerated fatigue), a novel systematic approach to identify options for such attack involving AM, and a demonstration of an empiric approach for the development and validation of an AM specific malicious manipulation.
We further demonstrate how the proposed sabotage attack can be integrated in a worm, thus enabling a widescale attack targeting either specific or similar enough digital design files of functional parts.
Stephan Kleber, Henrik Ferdinand Nölscher, and Frank Kargl, Institute of Distributed Systems, Ulm University
The very first step for analyzing the security of an embedded device, without prior knowledge of the device’s construction, is analyzing the printed circuit board (PCB) of the device, in order to understand its electrical implementation. This analysis is called PCB reverse engineering and its results are a list of components, technical documentation related to those components, and a schematic reconstruction, that illustrates basic connections between the PCB’s components.
Motivated by the lack of inexpensive methods for efficiently performing PCB reverse engineering, we propose a novel framework that formalizes and automates most of the tasks required for PCB reverse engineering. The framework is capable of automatically detecting components using machine vision, gathering technical documentation from the internet and analyzing technical documents to extract security-relevant information. We implement the concept and evaluate the gain of efficiency and analysis coverage. Our results show that automating almost all steps of PCB reverse engineering is possible. Furthermore, we highlight novel use cases that are enabled by our approach.
Ang Cui and Rick Housley, Red Balloon Security
Numerous Electromagnetic Fault Injection (EMFI) techniques have been used to attack FPGAs, ASICs, cryptographic devices, and microcontrollers. Unlike other classes of fault injection techniques, EMFI-based attacks can, in theory, be carried out non-invasively without requiring physical contact with the victim device. Prior research has demonstrated the viability of EMFI-based attacks against relatively simple, low-frequency, synchronous digital circuits. However, theoretical and practical constraints limit the range, degree of isolation and temporal resolution of existing EM injector hardware. These limitations, combined with the trend towards faster, denser and more complex digital circuits has made the application of many previously proposed EMFI techniques infeasible against modern computers and embedded devices.
This paper makes two contributions. First, we present a novel method of leveraging controlled electromagnetic pulses to attack modern computers using second-order effects of induced faults across multiple components of the target computer. Second, we present the design and implementation of BADFET: a low-cost, high-performance pulsed EMFI platform. We aim to share BADFET with the research community in order to democratize future EMFI research. Using these two contributions, we present a reliable and effective attack against a widely used TrustZone-based secure boot implementation on a multi-core 1Ghz+ ARM embedded system. Additionally, we disclose two novel vulnerabilities within a widely used implementation of TrustZone SMC in Appendix A.
From random block corruption to privilege escalation: A filesystem attack vector for rowhammer-like attacks
Anil Kurmus, Nikolas Ioannou, Matthias Neugschwandtner, Nikolaos Papandreou, and Thomas Parnell, IBM Research Zurich
Rowhammer demonstrated that non-physical hardware-weakness-based attacks can be devastating. In a recent paper, Cai et al.  propose that similar attacks can be performed on MLC NAND flash. In this paper, we discuss the requirements for a successful, full-system, local privilege escalation attack on such media, and show a filesystem based attack vector. We demonstrate the filesystem layer of this attack, showing that a random block corruption of a carefully chosen block is sufficient to achieve privilege escalation. In particular, to motivate the assumptions of this filesystem-level attack, we show the attack primitive that an attacker can obtain by making use of cell-to-cell interference is quite weak, and therefore requires a carefully crafted attack at the OS layer for successful exploitation.
12:30 pm–2:00 pm
Web of Failures
Session Chair: Alex Gantman, Qualcomm
Tommi Unruh and Bhargava Shastry, TU Berlin; Malte Skoruppa, Saarland University; Federico Maggi, FTR, Trend Micro Inc.; Konrad Rieck, TU Braunschweig; Jean-Pierre Seifert, TU Berlin; Fabian Yamaguchi, TU Braunschweig
The Web is replete with tutorial-style content on how to accomplish programming tasks. Unfortunately, even top-ranked tutorials suffer from severe security vulnerabilities, such as cross-site scripting (XSS), and SQL injection (SQLi). Assuming that these tutorials influence real-world software development, we hypothesize that code snippets from popular tutorials can be used to bootstrap vulnerability discovery at scale. To validate our hypothesis, we propose a semi-automated approach to find recurring vulnerabilities starting from a handful of top-ranked tutorials that contain vulnerable code snippets. We evaluate our approach by performing an analysis of tens of thousands of open-source web applications to check if vulnerabilities originating in the selected tutorials recur. Our analysis framework has been running on a standard PC, analyzed 64,415 PHP codebases hosted on GitHub thus far, and found a total of 117 vulnerabilities that have a strong syntactic similarity to vulnerable code snippets present in popular tutorials. In addition to shedding light on the anecdotal belief that programmers reuse web tutorial code in an ad hoc manner, our study finds disconcerting evidence of insufficiently reviewed tutorials compromising the security of open-source projects. Moreover, our findings testify to the feasibility of large-scale vulnerability discovery using poorly written tutorials as a starting point.
One Side-Channel to Bring Them All and in the Darkness Bind Them: Associating Isolated Browsing Sessions
Tom Van Goethem and Wouter Joosen, imec-DistriNet - KULeuven
Online tracking and fingerprinting is becoming increasingly more prevalent and pervasive. The privacy threats associated with these practices have given rise to a wide variety of privacy-enhancing solutions. However, as these solutions retroactively apply patches to existing browsers in an attempt to thwart potential attacks, it is of key importance that the complete threat surface is known such that all risks can be considered. In this paper we evaluate the browser’s threat surface with regard to fingerprinting and tracking in the context of isolated browsing sessions, i.e. regular versus incognito sessions or sessions across different browsers. We uncover and evaluate three types of side-channels, and show how an adversary can exploit these to track users across sessions and even reveal the IP address of Tor users when they use a concurrent browsing session.
Kevin Bock, Daven Patel, George Hughey, and Dave Levin, University of Maryland
CAPTCHAs are the Internet’s first line of defense against automated account creation and service abuse. Google’s reCaptcha, one of the most popular captcha systems, is currently used by hundreds of thousands of websites to protect against automated attackers by testing whether a user is truly human. This paper presents unCaptcha, an automated system that can solve reCaptcha’s most difficult auditory challenges with high success rate. We evaluate unCaptcha using over 450 reCaptcha challenges from live websites, and show that it can solve them with 85.15% accuracy in 5.42 seconds, on average. unCaptcha combines free, public, online speech-to-text engines with a novel phonetic mapping technique, demonstrating that it requires minimal resources to mount a large-scale successful attack on the reCaptcha system.
3:30 pm–4:00 pm
Break with Refreshments
4:00 pm–5:30 pm
Vulnerabilities Be Here
Session Chair: Yves Younan, Cisco Talos
James Patrick-Evans, Lorenzo Cavallaro, and Johannes Kinder, Royal Holloway, University of London
Awarded Best Paper!
USB client device drivers are a haven for software bugs, due to the sheer variety of devices and the tendency of maintenance to slip as devices age. At the same time, the high privilege level of drivers makes them a prime target for exploitation. We present the design and implementation of POTUS, a system for automatically finding vulnerabilities in USB device drivers for Linux, which is based on fault injection, concurrency fuzzing, and symbolic execution. Built on the S2E framework, POTUS exercises the driver under test in a complete virtual machine. It includes a generic USB device that can impersonate arbitrary devices and implements a symbolic fault model. With our prototype implementation, we found and confirmed two previously undiscovered zero-days in the mainline Linux kernel. Furthermore, we show that one of these vulnerabilities can lead to a data-only exploit affecting even hardened systems protected with the latest software and hardware defenses.
Zhenquan Xu and Gongshen Liu, Shanghai Jiao Tong University; Tielei Wang and Hao Xu, PWNZEN InfoTech Co., LTD.
Awarded Best Student Paper!
An uninitialized use refers to a common coding mistake where programmers directly use variables on the stack or the heap before they are initialized. Uninitialized uses, although simple, can lead to severe security consequences. In this paper, we will share our experience in gaining arbitrary kernel code execution in the latest macOS Sierra by exploiting two uninitialized use vulnerabilities for Pwnfest 2016. Specifically, we first analyze the attack surface of the XNU kernel and mitigation techniques, and then study common types of uninitialized uses and potential threats. Then we elaborate on the vulnerabilities and exploitation techniques. Lastly, we summarize the whole exploitation and discuss the reliability of the exploitation.
Bhargava Shastry, Technische Universität Berlin; Federico Maggi, Trend Micro Inc.; Fabian Yamaguchi and Konrad Rieck, Technische Universität Braunschweig; Jean-Pierre Seifert, Technische Universität Berlin
Taint-style vulnerabilities comprise a majority of fuzzer discovered program faults. These vulnerabilities usually manifest as memory access violations caused by tainted program input. Although fuzzers have helped uncover a majority of taint-style vulnerabilities in software to date, they are limited by (i) extent of test coverage; and (ii) the availability of fuzzable test cases. Therefore, fuzzing alone cannot provide a high assurance that all taint-style vulnerabilities have been uncovered.
In this paper, we use static template matching to find recurrences of fuzzer-discovered vulnerabilities. To compensate for the inherent incompleteness of template matching, we implement a simple yet effective match-ranking algorithm that uses test coverage data to focus attention on matches comprising untested code. We prototype our approach using the Clang/LLVM compiler toolchain and use it in conjunction with afl-fuzz, a modern coverage-guided fuzzer. Using a case study carried out on the Open vSwitch codebase, we show that our prototype uncovers corner cases in modules that lack a fuzzable test harness. Our work demonstrates that static analysis can effectively complement fuzz testing, and is a useful addition to the security assessment tool-set. Furthermore, our techniques hold promise for increasing the effectiveness of program analysis and testing, and serve as a building block for a hybrid vulnerability discovery framework.
Tuesday, August 15, 2017
8:00 am–9:00 am
9:00 am–10:00 am
Above the Cloud
Session Chair: Devdatta Akhawe, Dropbox Inc.
Ferdinand Brasser, Technische Universität Darmstadt; Urs Müller, Alexandra Dmitrienko, Kari Kostiainen, and Srdjan Capkun, ETH Zurich; Ahmad-Reza Sadeghi, Technische Universität Darmstadt
Intel SGX isolates the memory of security-critical applications from the untrusted OS. However, it has been speculated that SGX may be vulnerable to side-channel attacks through shared caches. We developed new cache attack techniques customized for SGX. Our attack differs from other SGX cache attacks in that it is easy to deploy and avoids known detection approaches. We demonstrate the effectiveness of our attack on two case studies: RSA decryption and genomic processing. While cache timing attacks against RSA and other cryptographic operations can be prevented by using appropriately hardened crypto libraries, the same cannot be easily done for other computations, such as genomic processing. Our second case study therefore shows that attacks on non-cryptographic but privacy sensitive operations are a serious threat. We analyze countermeasures and show that none of the known defenses eliminates the attack.
Ahmed Atya, Azeem Aqil, Karim Khalil, Zhiyun Qian, and Srikanth V. Krishnamurthy, University of California, Riverside; Thomas F. La Porta, The Pennsylvania State University
Live migration is commonly employed by cloud providers for performance reasons (e.g., ensuring load balancing). Recently, migration has been considered as a countermeasure against cloud-based side-channel attacks. In this paper, we discover an attack using which an adversary can effectively stall a live migration; this can not only hurt performance but also hurt the usage of virtual machine (VM) migration as a defense against cloud-based side channel attacks. Specifically, we discover a KVM vulnerability which, if exploited by a co-resident attacker, can suspend or stall the live migration time by up to 3x in some scenarios. The attacker can also delay her own VM migration, indefinitely to ensure sustained co-residency. The attacks that we propose are essentially based on increasing the volume of dirty pages and creating bus contention, leading to delaying the migration process. We show that this approach does not cause significant interference to side channel attacks such as the Flush+reload attack, which the attacker can continue to carry out in parallel. In fact, the success rates of the Flush+reload can increase by about 100 % (when the defender invokes migrations), if a stalling attack is simultaneously launched.
10:00 am–10:30 am
Break with Refreshments
10:30 am–12:30 pm
Cat and Mouse
Session Chair: Lorenzo Cavallaro, Royal Holloway University of London
Mordechai Guri, Yosef Solewicz, Andrey Daidakulov, and Yuval Elovici, Ben-Gurion University of the Negev, Israel
It's possible to manipulate the headphones, earphones, and simple earbuds connected to a computer, silently turning them into a pair of eavesdropping microphones. This paper focuses on the cyber security threat this behavior poses. We introduce 'SPEAKE(a)R,' a new type of espionage malware that can covertly turn the headphones, earphones, or simple earbuds connected to a PC into microphones when a standard microphone is not present, muted, taped, or turned off. We provide technical background at the hardware and OS levels, and explain why most of the motherboards and audio chipsets of today’s PCs are susceptible to this type of attack. We implemented a malware prototype and tested the signal quality. We also performed a series of speech and recording quality measurements and discuss defensive countermeasures. Our results show that by using SPEAKE(a)R, attackers can record human speech of intelligible quality and eavesdrop from nine meters away.
Martin Grothe, Tobias Niemann, Juraj Somorovsky, and Jörg Schwenk, Ruhr-University Bochum
Bitcoin has been hailed as a new payment mechanism, and is currently accepted by millions of users. One of the major drawbacks of Bitcoin is the resource intensive Proof-of-Work computation. Proof-of-Work is used to establish the blockchain, but this proof of work does not bring any benefits and arguably is a waste of energy. To use these available resources in a more meaningful way, several alternative cryptocurrencies have been presented. One of them is Gridcoin, which rewards the users for solving BOINC problems. Gridcoin currently possesses a market capitalization of $ 23,423,115.
In our work we conducted the first security analysis of Gridcoin. We identified two critical security issues. The first issue allows an attacker to reveal all email addresses of the registered Gridcoin users. Even worse, the second issue gives an attacker the ability to steal the work performed by a BOINC user, and thus effectively steal his Gridcoins. These attacks have severe consequences and completely break the Gridcoin cryptocurrency.
We practically evaluated and confirmed both attacks, and responsibly disclosed them to the Gridcoin maintainers. We developed backwards compatible design changes for the Gridcoin system, in order to protect users’ trust into this promising approach.
Warren He, James Wei, Xinyun Chen, Nicholas Carlini, and Dawn Song, UC Berkeley
Ongoing research has proposed several methods to defend neural networks against adversarial examples, many of which researchers have shown to be ineffective. We ask whether a strong defense can be created by combining multiple (possibly weak) defenses. To answer this question, we study three defenses that follow this approach. Two of these are recently proposed defenses that intentionally combine components designed to work well together. A third defense combines three independent defenses. For all the components of these defenses and the combined defenses themselves, we show that an adaptive adversary can create adversarial examples successfully with low distortion. Thus, our work implies that ensemble of weak defenses is not sufficient to provide strong defense against adversarial examples.
Patrick Hulin and Andy Davis, MIT Lincoln Laboratory; Rahul Sridhar, MIT; Andrew Fasano, Cody Gallagher, Aaron Sedlacek, and Tim Leek, MIT Lincoln Laboratory; Brendan Dolan-Gavitt, New York University
Capture the Flag (CTF) is a popular computer security exercise in which teams competitively attack and/or defend programs in real time. CTFs are currently expensive to build and run; each is a bespoke affair, with challenges and vulnerabilities crafted by experts. This not only limits the educational value for players but also restricts what researchers can learn about human activities during the competition. In this work, we take steps towards making CTFs cheap and reusable by extending our LAVA bug injection system to add exploitable vulnerabilities, enabling rapid generation of new CTF challenges. New LAVA bug types, including memory corruption and address disclosure, form a sufficient set of primitives for program exploitation.
We used these techniques to create AutoCTF, a weeklong event involving teams from four universities. In order to assess how AutoCTF differed from a handmade CTF we conducted surveys and semi-structured interviews after the event. We evaluated both challenge realism and relative effort expended on bug finding and exploit development. Our preliminary results indicate that AutoCTF can form the basis for cost-effective and reusable CTFs, allowing them to be run often and easily. These CTFs can be used to train new generations of security researchers and provide empirical data on human vulnerability discovery and exploit development.
12:30 pm–2:00 pm
2:00 pm–3:30 pm
Session Chair: Glenn Wurster, BlackBerry
Johannes Obermaier and Stefan Tatschner, Fraunhofer Institute AISEC
Almost every microcontroller with integrated flash features firmware readout protection. This is a form of content protection which aims at securing intellectual property (IP) as well as cryptographic keys and algorithms from an adversary. One series of microcontrollers are the STM32 which have recently gained popularity and thus are increasingly under attack. However, no practical experience and information on the resilience of STM32 microcontrollers is publicly available. The paper presents the first investigation of the STM32 security concept, especially targeting the STM32F0 sub-series. Starting with a conceptual analysis, we discover three weaknesses and develop them to vulnerabilities by demonstrating corresponding Proofs-of-Concept. At first, we discover that a common security configuration provides low protection which can be exploited using our Cold-boot Stepping approach to extract critical data or even readout-protected firmware. Secondly, we reveal a design weakness in the security configuration storage which allows an attacker to downgrade the level of firmware protection, thereby enabling additional attacks. Thirdly, we discover and analyze a hardware flaw in the debug interface, attributed to a race condition, that allows us to directly extract read-protected firmware using an iterative approach. Each attack requires only low-priced equipment, thereby increasing the impact of each weakness and resulting in a severe threat altogether.
Luca Reverberi and David Oswald, School of Computer Science, University of Birmingham, UK
A Continuous Glucose Monitoring System is a medical device that continuously monitors a patient’s blood glucose concentration, which is essential in the treatment of diabetes. Although such devices are increasingly used, their security has not been thoroughly studied. In this paper, we analyze a widely used wireless blood glucose monitor, the Dexcom G4. We practically demonstrate a series of security issues in this device that enable, amongst others, the tracking of a user and the forging of incorrect sensor readings. The attacks can be carried out at minimal cost using software-defined radio and low-cost RF chipsets. Finally, we devise and practically implement an efficient protocol based on best practices and well-known crypto algorithms to mitigate the weaknesses we discovered.
Ryad Benadjila, Thales C&S; Mathieu Renard, José Lopes-Esteves, and Chaouki Kasmi, French Network and Information Security Agency - ANSSI
Since 2006, many papers were devoted to the analysis of the security of the Hitag-2 algorithm in the context of vehicles access control. While this algorithm was proven to be cryptographically broken, it is still in use in the car industry. Recently, new vulnerabilities regarding Hitag-2 based Remote Keyless Entry systems have been exposed, leading to the design of an attack allowing to unlock a vehicle and requiring the capture of four to eight radio packets.
However, in this study, it will be shown that specific implementations of Hitag-2 based RKE systems exist, which apply interesting countermeasures and thus are not vulnerable to the aforementioned attack. Furthermore, a detailed black box analysis of such system, from the physical layer up to the rolling code implementation will be proposed. Finally, a new cryptographic weakness will be exposed, which can be exploited to forge valid packets without retrieving the cryptographic key and to open the target vehicle, requiring the capture of only two radio packets.
3:30 pm–4:00 pm
Break with Refreshments
4:00 pm–5:30 pm
Bad Phones Bad Phones ...
Session Chair: Collin Mulliner, Square Inc.
Omer Shwartz, Amir Cohen, Asaf Shabtai, and Yossi Oren, Ben Gurion University
Phone touchscreens, and other similar hardware components such as orientation sensors, wireless charging controllers, and NFC readers, are often produced by third-party manufacturers and not by the phone vendors themselves. Third-party driver source code to support these components is integrated into the vendor’s source code. In contrast to “pluggable” drivers, such as USB or network drivers, the component driver’s source code implicitly assumes that the component hardware is authentic and trustworthy. As a result of this trust, very few integrity checks are performed on the communications between the component and the device’s main processor.
In this paper, we call this trust into question, considering the fact that touchscreens are often shattered and then replaced with aftermarket components of questionable origin. We analyze the operation of a commonly used touchscreen controller. We construct two standalone attacks, based on malicious touchscreen hardware, that function as building blocks toward a full attack: a series of touch injection attacks that allow the touchscreen to impersonate the user and exfiltrate data, and a buffer overflow attack that lets the attacker execute privileged operations. Combining the two building blocks, we present and evaluate a series of end-to-end attacks that can severely compromise a stock Android phone with standard firmware. Our results make the case for a hardware-based physical countermeasure.
Shinjo Park and Altaf Shaik, TU Berlin / Telekom Innovation Laboratories; Ravishankar Borgaonkar and Andrew Martin, University of Oxford; Jean-Pierre Seifert, TU Berlin/Telekom Innovation Laboratories
IMSI catchers, also known as fake base station threats, have recently become a real concern. There are currently a few freely available tools to detect such threats, most of which are Android apps that warn users when they are connected to the fake cellular base station.
In this paper, we evaluate these Android apps and test how resistant they are against various attacking techniques. Such an evaluation is important for not only measuring the available defense against IMSI catchers attacks but also identifying gaps to build effective solutions. We developed White-Stingray, a systematic framework with various attacking capabilities in 2G and 3G networks, and used it for our study. Our results of five popular Android apps are worrisome: none of these apps are resistant to basic privacy identifier catching techniques. Based on our results, we identify limitation of these apps and propose remedies for improving the current state of IMSI catchers detection on mobile devices.
Roee Hay, Aleph Research, HCL Technologies
We discuss the fastboot interface of the Android bootloader, an area of fragmentation in Android devices. We then present a variety of vulnerabilities we have found across multiple Android devices. Most notable ones include Secure Boot & Device Locking bypasses in the Motorola and OnePlus 3/3T bootloaders. Another critical flaw in OnePlus 3/3T enables easy attacks by malicious chargers – the only prerequisite is a powered-off device to be connected. An unexpected attack vector in Nexus 9 is also shown – malicious headphones. Other discovered weaknesses allow for data exfiltration (including a memory dumping of a Nexus 5X device), enablement of hidden functionality such as access to the device’s modem diagnostics and AT interfaces , and attacks against internal System-on-Chips (SoCs) found on the Nexus 9 board.