Jefferson's Wheel

Top row: Anant Kharkar, Glenn Field, Ethan Robertson, David Evans, Hao Bai (BSCS 2016), Wenjiang Fan (honorary), Mohammad Etemad, Samee Zahur (PhD 2016), Jack Doerner, Weilin Xu, Longze Chen (MCS 2015), Kevin Zhao.
Front row: Mahnush Movahedi, Ziqi Liu (BACS DMP 2016), Hannah Li

Congratulations to our 2016 SRG Graduates:

Dr. Samee Zahur, PhD 2016
Dissertation: Demystifying Secure Computation: Familiar Abstractions for Efficient Protocols
Dr. Zahur will be joining Google, and working in the group that works on secure computation (broadly) led by SRG alumnus Jonathan McCune.

Hao Bai, BSCS 2016
Thesis project: Mitigating Memory Trace Side-Channels through Cache Loading
Hao will be starting graduate school at Harvard University in the fall.

Ziqi Liu, Distinguished Major with High Distinction in Computer Science (BACS) 2016
DMP project: A Proxy for Mitigating Threats from Embedded Third-party Scripts
Ziqi will be joining Microsoft (Redmond).

Karsten Nohl (SRG CpE PhD 2009) was on CBS’ 60 Minutes (April 17) as their “Moment of the Week”: Hacking into a congressman’s phone.

We heard we could find some of the world’s best hackers in Germany. So we headed for Berlin. Just off a trendy street and through this alley we rang the bell at the door of a former factory. That’s where we met Karsten Nohl, a German hacker, with a doctorate in computer engineering from the University of Virginia.

Karsten demonstrated to the reporter how to track a Congressman’s location and listen in on phone conversations using SS7 vulnerabilities (for a real Congressman, Ted Liu of California, who actually has a CS degree). With permission, of course!

We wanted to see whether Nohl’s group could actually do what they claimed — so we sent an off-the-shelf iPhone from 60 Minutes in New York to Representative Ted Lieu, a congressman from California. He has a computer science degree from Stanford and is a member of the House committee that oversees information technology. He agreed to use our phone to talk to his staff knowing they would be hacked and they were. All we gave Nohl, was the number of the 60 Minutes iPhone that we lent the congressman.

An excerpt from the show was also the 60 Minutes Moment of the Week.

The latest edition of Spectra: The Virginia Engineering and Science Research Journal includes two articles about SRGers!

The first is an article about Sam Havron’s research on using MPC to perform linear regression for social science applications: [PDF]

The second is by Alex Kuck and Nick Skelsey on their work on using a blockchain to provide censorship-resistant messaging: Ombuds: A Public Space with a Single Shared History: [PDF]

The full issue is available at the Spectra site (thanks to Garrett Beeghly for granting permission to post these excerpts here).

Weilin Xu presented his work on Automatically Evading Classifiers today at the Network and Distributed Systems Security Symposium in San Diego, CA (co-advised by Yanjun Qi and myself). The work demonstrates an automated approach for finding evasive variants of malicious PDF files using genetic programming techniques. Starting with a malicious seed file (that is, a PDF file with the intended malicious behavior, but that is correctly classified as malicious by the target classifier), it heuristically searches for an evasive variant that preserves the malicious behavior of the seed sample but is now classified as benign. The method automatically found an evasive variant for every seed in our test set of 500 malicious PDFs for both of the target classifiers used in the experiment (PDFrate and Hidost).

Slides from the talk are below, the full paper and code is available on the EvadeML.org website.

In addition to the results in the paper, Weilin found some new results examining gmail’s PDF malware classifier. We had hoped the classifier used by gmail would be substantially better than what we found in the research prototype classifiers used in the original experiments, and the initial cross-evasion experiments supported this. Of the 500 evasive variants found for Hidost in the original experiment, 387 were also evasive variants against PDFrate, but only 3 of them were evasive variants against Gmail’s classifier.

From those 3, and some other manual tests, however, Weilin was able to find two very simple transformations (any change to JavaScript such as adding a variable declaration, and adding padding to the file) that are effective at finding evasive variants for 47% of the seeds.

The response we got from Google about this was somewhat disappointing (and very inconsistent with my all previous experiences raising security issues to Google):



Its true, of course, that any kind of static program analysis is theoretically impossible to do perfectly. But, that doesn’t mean the dominant email provider shouldn’t be trying to do better to detect one of the main vectors for malware distribution today (and there are, we believe, many fairly straightforward and inexpensive things that could be done to do dramatically better than what Gmail is doing today).

The other new result in the talk that isn’t in the paper is the impact of adjusting the target classifier threshold. The search for evasive variants can succeed even at lower thresholds for defining maliciousness (as shown in the slide below, finding evasive variants against PDFrate at the 0.25 maliciousness threshold).

Google’s Open Source blog has a story by Weilin Xu about his experiences in their Summer of Code before he came to UVA: Coming to America: how Google Summer of Code helped change my life, 3 February 2016.

Karsten Nohl (PhD 2009) presented his work (with Fabian Bräunlein and Philipp Maier) on vulnerabilities in payment protocols (the ones studied are widely used in Germany but not in other countries) at the Chaos Communications Congress on December 27.

The work has been widely covered in the press recently. Here are a few sample articles:

- Watch infosec bods swipe PINs, magstripe data from card readers live on stage, The Register, 30 Dec 2015. (I trust the use of “bods” here is some kind of Britishism, not what it means in American.)

Now let’s look at Poseidon: a crook can buy a Poseidon payment terminal from the internet, and configure it to pretend to be a particular merchant’s systems. To do this, you need three bits of information, which are trivial to obtain…. Now you can perform arbitrary refunds, drawing money from the store’s funds. As there is no interruption to a merchant’s service, the seller will be none the wiser until he or she audits their finances. … German banks have shrugged off their research as merely “theoretical.”

- Payment system security is hilariously bad, BoingBoing (Cory Doctorow), 29 Dec 2015.

- Worries over German retail payments risks, Reuters, 23 December 2015.

A top cyber security researcher has warned German banks that their retail payment systems have security flaws that could allow fraudsters to steal payment card PIN codes, create fake cards or siphon funds from customer or merchant accounts.
Karsten Nohl, who is credited with revealing major security threats in mobile phones, automobiles, security cards and thumb-sized USB drives, told Reuters he has found critical weaknesses in software that runs retail point-of-sale terminals in Germany.

Here’s the latest from Yuchen Zhou (PhD 2015, now at Palo Alto Networks): Dormant Malicious Code Discovered on Thousands of Websites, Yuchen Zhou and Wei Xu, Palo Alto Networks Blog, 14 November 2015.

During our continuous monitoring for a 24-hour period from November 11, 2015 to November 12, 2015, eight days after the initial discovery, the Chuxiong Archives website consistently presented malicious content injected by an attacker depending on the source IP and user agent. We believe that if a user were to visit the compromised website a second time following the initial exposure to the malicious code, the site would recognize the source IP and user-agent and simply remain dormant, not exhibiting any malicious behavior. Because of this anti-analysis/evasion technique, it may easily cause the belief that a website no longer poses a threat, when it remains infected.

At the time of this report, using our malicious web content scanning system, we have already discovered more than four thousands additional, similarly compromised websites globally exhibiting the same ability of being able to be dormant or active depending on source IP and user agent. Investigations regarding this campaign on a larger scale are ongoing and a second report detailing the similarly compromised websites will be published in the near future.

Today we’re releasing our paper on evading machine learning classifiers:

Weilin Xu, Yanjun Qi, and David Evans. Automatically Evading Classifiers: A Case Study on PDF Malware Classifiers Network and Distributed System Security Symposium (NDSS). San Diego, CA. 21-24 February 2016. [PDF, 15 pages]

The main idea behind the paper is to explore how an adaptive adversary can evade a machine learning-based malware classifier by using techniques from genetic programming to automatically explore the space of potential evasive variants.

In a case study using two PDF malware classifiers as targets, we find that it is possible to automatically find evasive variants (that is, variants that preserve the desired malicious behavior while being (mis)classified as benign) for all 500 seeds in our test dataset.

Weilin Xu will present the work at the Network and Distributed Systems Security Symposium in San Diego in February.

For more, see EvadeML.org or the full paper (PDF).

Atlas Obscura has an article about Karsten Nohl (PhD 2009):
Exit Interview: I’m A Crypto-Specialist Working To Secure the Internet For A Billion People, Jeremy Berke, 28 July 2015.

One of the things we’re building is a PayPal competitor–with a modest target of having a few hundred million customers. Everything in India is always on a massive scale. If you could get rid of PayPal passwords, and instead just have a fingerprint–if you could pay for goods at a store with just your fingerprint, that would simplify people’s lives a lot. It would also have the secondary effect of saving some of the security problems, like phishing, that we currently encounter. And this government database is a huge enabler.

If we already have a mandate to collect everybody’s fingerprints, why not use it in the customer’s benefit? The privacy risk is always there. That’s the law and I can’t argue with that. But if the law is already creating this risk, why not create opportunity in the same step?

I went to a very interesting meeting at Darmstadt: CROSSING – Where Quantum Physics, Cryptography, System Security and Software Engineering meet. Lots more diversity than my typical computer security meeting, including a lively debate on quantum physics and superfluid vacuum theory between Nicolas Grisin (founder of ID Quantique and Ross Anderson. Interesting to learn that China is building a huge quantum key distribution network.

I gave a talk on Multi-Party Computation for the Masses:

CROSSING is a 12-year project funded by the German Science Foundation (with reviews every 4 years). Gives some context to US funding agencies that talk about long-range visionary projects with 5-year timelines.