Section: New Results
Security in infrastructure-less and constrained networks
Participants : Claude Castelluccia, Mohamed Ali Kaafar, Aurélien Francillon, Daniele Perito, Mate Soos, Pere Manils, Sana Ben Hamida, Abdelberi Chaabane.
Software-based program code attestation in wireless sensor networks
Embedded systems are employed in several critical environments where correct operation is an important requirement. Malicious nodes in a Wireless Sensor Network (WSN) can be used to disrupt the network operation by deviating from the prescribed protocol or to launch internal attacks. Preventing node compromise is difficult; it is therefore desirable to detect compromised nodes to isolate them from the network. This is performed through code attestation , i.e., the base station verifies that each of the nodes is still running the initial application and, hence, has not been compromised. Attestation techniques based on tamper-resistant hardware, while possible are not generally available, nor are foreseen to be cost effective for lightweight WSNs nodes.
Software-based attestation is a promising solution for verifying the trustworthiness of inexpensive, resource constrained sensors, because it does not require dedicated hardware, nor physical access to the device. Previously proposed techniques are based on a challenge-response paradigm. In this paradigm, the verifier (usually the base station) challenges a prover (a target device) to compute a checksum of its memory. The prover either computes the checksum using a fixed integrity verification routine or downloads it from the verifier right before running the protocol. In practice, memory words are read and incrementally loaded to the checksum computation routine. To prevent replay or pre-computation attacks, the verifier challenges the prover with a nonce to be included in the checksum computation. Since the verifier is assumed to know the exact memory contents and hardware configuration of the prover, it can compute the expected response and compare it with the received one. If values match, the node is genuine, otherwise, it has most likely been compromised.
This work highlights shortcomings of several code attestation techniques for embedded devices and shows practical attacks against them. First, we developped a Rootkit for embedded systems – a malicious program that allows a permanent and undetectable presence on a system – that circumvents attestation by hiding itself in non-executable memories. The implementation of this attack uses a technique called Return-Oriented Programming (ROP), a generalization of return-into-libc. ROP can be used by the adversary to compromise the node and perform arbitrary computations without inje cting code. Node compromise is achieved by reusing and controlling pieces of code already pr esent in the device's memory. Second, we designed an attack that uses code compression to free memory space whi ch can be used to hide malicious code.
We also developped some specific attacks against previously proposed attestation protocols, ultimately showing the difficulty of software-based attestation design.
This work has been published at the ACM CCS'09 
Implantable Medical Device Security
In order to facilitate communication and data readout, new generations of Implantable Medical Devices (IMDs), such as pacemakers, are equipped with radio transceivers. Such interfaces makes it convenient for medical professionals to get access to the data they need but they also introduce some unique security and privacy challenges, access to personal data and the unauthorized modification of IMD parameters being the most prominent.
In order to prevent unauthorized access to IMDs, conventional solutions, based on public-key cryptography or on preloaded secret keys cannot be directly applied since they typically also prevent access to IMDs in emergency scenarios where the IMD needs to be accessible to emergency ambulance staff. IMDs therefore create a tension between access control, i.e., patient privacy, and patient safety. Several solutions were proposed to address this problem. Some solutions are based on external devices such as access tokens and communication cloakers, whereas others rely on close-range communication channels (e.g., RFID). In addition to possibly being stolen, lost, or simply forgotten by the patient, external devices also serve as a constant reminder to the patient of her/his condition. Access control solutions based on close-range communication have the advantage of being simple and intuitive, but do not provide any firm guarantees about the range of communication. Namely, an attacker with a strong enough transmitter and a high-gain antenna will still be able to communicate with the IMD even from far outside the intended range (for RFID-based solutions from up to ten meters away). Currently deployed solutions based on magnetic switches are equally based on close-range communication; in addition they do not require any form of authentication to unlock access to the device and are thus inherently insecure (incidents were reported when pacemakers were unlocked by a magnetic field from a patient's headphones).
In this work, we propose a new access control mechanism for implantable medical devices. This mechanism is based on ultrasonic distance-bounding and enables an implanted medical device to grant access to its resources only to those devices that are in its close proximity. Our solution resembles close-range communication solutions proposed in prior work in that it requires a device to be close to the IMD to get access, but differs in that it prevents the attacker from accessing the IMD from further away, regardless of the type of transceiver or antenna he has. Its security relies on the speed of the sound which can not be altered. Moreover, unlike prior proposals, our solution enables IMDs to predefine an exact range from which they can be accessed (with a high degree of accuracy). We achieve this with a new proximity-based device pairing protocol based on ultrasonic distance bounding. In this protocol, messages are cryptographically tied to the distance bounds measured by the IMD, to the device that requests access. We analyze the security of our protocol in detail and discuss possible extensions related to efficiency and DoS protection.
We demonstrate the feasibility of our approach through experiments in an emulated patient environment. We show that, although implanted, IMDs can successfully verify the proximity of other devices. We further make new observations about the security of implementations of ultrasonic distance-bounding protocols. We show that without appropriate shielding of their ultrasonic circuitry, implementations of these protocols are vulnerable to attacks resulting from induced current in the audio receiver circuitry. We further show that given that our solution relies on ultrasonic distance-bounding, it can be implemented at low cost on existing IMD platforms (note that some pacemakers already come equipped with speakers).
Finally, we discuss the integration of our scheme with other solutions proposed for access to IMDs. We show that our solution can be easily combined with solutions based on security credentials or tokens as well as with solutions that aim to prevent battery draining Denial-of-Service attacks on IMDs. It also naturally integrates with solutions based on sonic user alerts. This work has been published at ACM CCS'09  .
Defending Embedded Systems Against Control Flow Attacks
We developped a control flow enforcement technique based on an Instruction Based Memory Access Control (IBMAC) implemented in hardware. It is specifically designed to protect low-cost embedded systems against malicious manipulation of their control flow as well as preventing accidental stack overflows. This is achieved by using a simple hardware modification to divide the stack in a data and a control flow stack (or return stack). Moreover access to the control flow stack is restricted only to return and call instructions, which prevents control flow manipulation. Previous solutions tackled the problem of control flow injection on general purpose computing devices and are rarely applicable to the simpler low-cost embedded devices, that lack for example of a Memory Management Unit (MMU) or execution rings. Our approach is binary compatible with legacy applications and only requires minimal changes to the tool-chain. Additionally, it does not increase memory usage, allows an optimal usage of stack memory and prevents accidental stack corruption at run-time. We have implemented and tested IBMAC on the AVR micro-controller using both a simulator and an implementation of the modified core on a FPGA. The implementation on reconfigurable hardware showed a small resulting overhead in terms of number of gates, and therefore a low overhead of expected production costs.
This work was published at ACM SecureCode09  .
RFID Private Identification
We have been participating in the ANR RFID-AP project, and working on contactless card security and the security of embedded, low-cost cryptographic algorithms. We have been working with the community-driven OpenPCD contactless reader (for which we have submitted some patches).
Cryptography ensures the condentiality and authenticity of information but often relies on unproven assumptions. SAT solvers are a powerful tool to test the hardness of certain problems and have successfully been used to test hardness assumptions. This work extends a SAT solver to eciently work on cryptographic problems. The paper further illustrates how SAT solvers process cryptographic functions using automatically generated visualizations, introduces techniques for simplifying the solving process by modifying cipher representations, and demonstrates the feasibility of the approach by solving three stream ciphers. To optimize a SAT solver for cryptographic problems, we extended the solver's input language to support the XOR operation that is common in cryptography. To better understand the inner workings of the adapted solver and to identify bottlenecks, we visualize its execution. Finally, to improve the solving time signicantly, we remove these bottlenecks by altering the function representation and by pre-parsing the resulting system of equations. The main contribution of this work is a new approach to solving cryptographic problems by adapting both the problem description and the solver synchronously instead of tweaking just one of them. Using these techniques, we were able to solve a well-researched stream cipher 26 times faster than was previously possible.
This work has been published at SAT'09  .
Physical Layer Security
New approaches that generate secret keys from radio channels characteristics have been recently proposed. The security of these schemes usually relies on the reciprocity principle which states that the channel fluctuations can be a source of common randomness for two communicating peers and these fluctuations canât be measured by any eavesdropper. A validation of these properties for indoor environments is presented in this work. The shared keys are created by measuring the reciprocal channel features and converting this information to binary vectors using a quantization algorithm. This paper addresses the problem of quantization. It identifies an important weakness of existing key generation algorithms and it shows that the secret bits extraction has a significant impact on the robustness and security of these algorithms. A new adaptive quantization algorithm for secret key generation is presented. This method has the advantages to create sufficient long secret keys with a high key agreement ratio between authorized users without revealing information to the attacker. The new scheme is experimentally validated using Ultra Wide Band technology.
This paper has been published at NTMS'09  .
Geolocalization of Hidden Servers
Cyber-crime is consolidating as a major threat for end users and infrastructures on the Internet. Criminals are employing ever changing and more sophisticated techniques to improve the effectiveness, reliability and stealthiness of their illegal activities. Entire underground infrastructures of compromised computers, called botnets, have bee n created to perform a wide range of illegal activities like sending unsolicited e-mail messages, identity theft, disrupting the availability of online services, etc.
An emerging new use of botnets by cyber-criminals is a technique called fast-flux, which allows them to reliably host illegal content within a botnet. The study of these malicious networks by security researchers is made difficult by the use of encrypted and obfuscated communications between the participating nodes inside botnets. This calls for research in non-invasive network measurement techniques on botnets in order to understand the way they are used, possibly uncovering the motivations behind them.
Recent promising proposals within the network community, provide ways to reveal either geographic coordinates or network virtual coordinates of Internet hosts. The general idea used to geolocalize Internet hosts is to consider a set of landmarks measuring network distances towards targets and then consider a model that represents a relationship between the geographic distance and the network measurements. Such model, once calibrated, is used by each landmark to derive a geographic distance towards the target, that is then located using multilateration.
In this work, we extended the Constraint-Based Geolocation (CBG) technique to proxied communications, revealing in particular the geographic position of the roots of fast-flux networks. We perform an experimental evaluation of the accuracy of localization in a controlled environment, using the PlanetLab infrastructure, where the exact location of targets is known. Our experimentations show promising results, with geolocalization accuracy similar or even better than non-proxied communication. In particular, we are able to localize hidden servers with mean error distance below 100 km . A vast majority of the obtained confidence zones, a zone where the target lies with a very high probability, allows for a resolution at the regional or even city level, similarly to the original non-proxied system.
In the light of these encouraging results, we tested our geolocalization approach in the wild and located several fast-flux servers. We then validated these results by infiltrating the Waledac fast-flux network to retrieve the IP addresses of some malicious servers.
This work has been published at ACM IMC'09  .
Cyber-Crime defenses and Botnets Study
While the Internet was probably one of the most important innovations of the past years, it is now commonly believed that it has reached its limits and a new architecture is required. Several researchers have already proposed to re-designe the Internet using a clean slate approach. One the reasons that is often cited is the lack of security of the current Internet. While the Internet is very reliable, it does not provide any build-in security mechanisms. It is advocated that the new Internet should be designed with security as one of the major requirements. I think this is a very interesting and exciting challenge. However, in order to achieve this goal, we should first have a clear understanding of today's security threats and how the Internet is used by cyber-criminals. Cyber-attacks are becoming more and more elaborated. Few years ago, the attacks were performed by script-kiddies that were just having fun. Nowadays, the attacks are performed by professionals that have very different motivations. These criminals are very innovative and use state-of the art technologies. One of the main threats today are botnets. A botnet is a network of compromised hosts on the Internet under the control of an attacker. They are used to send spams, performed Denial of Service attacks or collect/steal confidential data. Botnets account for more than 90% of all spams sent everyday.
We have also recently set-up a new research activity on cyber-crime and botnet monitoring. We have studied a particular botnet, so called Storm. Storm uses a peer-to-peer protocol in order to coordinate the bots (the infected hosts) in the botnet. We have infiltrated Storm and were able to evaluate its size and study its malicious activities. Our study led to a great understanding of the inner workings of this botnet: how it is controlled, what kind of illegal activities are conducted with it, etc.
In order to prevent the geo-localization of their malicious servers (phishing, illegal commercial servers), cyber-criminals usually use techniques based on proxies to hide the IP addresses of these machines. These proxies are usually compromized nodes (that are part of a botnet) and are changed very frequently, using a technique called “DNS Fax-fluxing”. We are currently working on techniques to localize hidden servers. We showed that despite these re-direction mechanisms, it is still possible to geo-localize the malicious servers. We have then developed a tool that achieve such a geo-localization automatically.
This work has been published in ACM IMC 2009 
The main goal of this research activity is to study how botnets actually work and how criminals operate. More generally, we are aiming at understanding the underground economy and to contribute to the design of the Next Generation Internet . This underground economy is very well structure and composed of many different actors. Some actors find vulnerabilities that are used by other actors to develop exploits. These exploits are then sold to other criminals that use them to compromise nodes and create botnets. These botnets are then rented for criminal activities (such as spamming, DoS attacks, extorsion and so on.).
Unstructured Overlay Security
Recently, we have also been interested in the security of overlay networks. An overlay network is a virtual network formed by a subset of nodes in the underlying layer and virtual links composed of one or more hops on the lower-layer links. Recent research has shown a promising future for using application-layer overlay network to introducing new applications and services, e.g. multicast, resilient routing, peer-topeer file sharing, etc. However, no means exist today to perform large scale monitoring and anomaly detection in such networks. Although risks are common and attacks could be achieved by any legitimate user or an attackers that bypasses any authentication mechanisms. In this work, we have identified possible attacks on the overlay networks, and studied the impact of these attacks on the applications relying on these overlays. In a second step, we experimented with different classical traffic monitoring techniques to prove the inefficiency of the different application identification proposals (e.g. packet, flows, host aggregation techniques) when facing P2P-specific attacks. In a third step, we proposed to adopt a user-behavior identification technique to monitor overlay networks, and extend such monitoring to anomaly detection by designing a normal interaction model in such networks. This work has for now been published in 
Internet topology-inference security
We are also currently interested in Internet topology-inference security. So far, Internet measurements assumed the correct behavior of different entities that are participating in the measurements campaigns; However, since many malicious nodes may be involved into the measurements, we need to design robust-measurements techniques that would allow for an accurate and safe measurements of the Internet. We first illustrate this work by designing ways to hide path similarity exchanges among monitors that are exchanging sensitive topology data. In essence, the performance of several Internet applications often relies on the measurability of path similarity between different participants. In particular, the performance of content distribution networks mainly relies on the awareness of content sources topology information. It is commonly admitted nowadays that, in order to ensure either path redundancy or efficient content replication, topological similarities between sources is evaluated by exchanging raw traceroute data, and by a hop by hop comparison of the IP topology observed from the sources to the several hundred or thousands of destinations. In this work, based on real data we collected, we advocate that path similarity comparisons between different Internet entities can be much simplified and secured using lossy coding techniques, such as Bloom filters, to exchange compressed topology information. The technique we introduce to evaluate path similarity enforces both scalability and data confidentiality while maintaining a high level of accuracy. In addition, we demonstrate that our technique is scalable as it requires a small amount of active probing and is not targets dependent. This is an ongoing work we are actively investigating with the university of Louvain in Belgium and is under submissions  .
We are developing an 'owner-centric networking' architecture. This novel concept will considerably reduce 'data pollution' and improve privacy on the Internet. Content on the Internet (documents, emails, chats, images, videos etc) is often disseminated and replicated on different peers or servers. As a result, users lose the control and ownership of their content as soon as they release it.The crux of the problem is that the Internet simply never forgets, and information that is posted lingers virtually forever. Furthermore, the design of the current Internet places no limit on data diffusion, nor any right to an individual to modify or remove what he/she wrote on a forum chat, or on a famous social network's walls.
This data pollution creates many privacy concerns, since this lost content can be used to collect information about users without their consent. For example, there have been several recent cases of employers using social networks (such as Facebook) to spy on their employees. The Internet of the Future should solve these data pollution and privacy problems. However, according to Schneier, "Privacy isn't something that occurs naturally online, it must be deliberately architected". More specifically, we argue that the future Internet should give individuals control over their data. Users should be able to retrieve their previously posted content in order to withdraw or modify it. In other words, the Internet should enforce the 'right to forget', which is a constitutional law in several countries.
Unfortunately, most if not all future Internet architecture proposals seem to have ignored this issue so far. For example, the content-centric networking (CCN) architecture, which proposes that the focus be shifted from transmitting data by geographic location to disseminating it via named content, actually increases data pollution. In CCN, content is not only hosted by servers but also diffuses from its point of creation to where the consumers are. As a result, individuals completely lose control over their content as it becomes distributed (lost) on the Internet without their consent or even knowledge.
That said, we believe that content-centric networking is still a very attractive solution, if it then evolves towards an owner-centric architecture (OCN) that considers content ownership as bedrock. We have proposed the OCN architecture that gives control back to the users over their data.
This work has been published at ERCIM News  and FIST'09  .