Visible to the public Virtualization Privacy Auditing

SoS Newsletter- Advanced Book Block


SoS Logo

Virtualization Privacy Auditing

With the growth of Cloud applications, the problems of security and privacy are growing. Determining whether security is working and privacy is being protected requires the ability to successfully audit.  Such audits not only help to determine the protection, but also provide data to inform the development of metrics. The research presented here is current in 2014 as of July 21.

Denzil Ferreira, Vassilis Kostakos, Alastair R. Beresford, Janne Lindqvist, Anind K. Dey. “Securacy: An Empirical Investigation of Android Applications' Network Usage, Privacy and Security.” WiSec '15 Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks, June 2015, Article No. 11. doi:10.1145/2766498.2766506
Abstract: Smartphone users do not fully know what their apps do. For example, an applications' network usage and underlying security configuration is invisible to users. In this paper we introduce Securacy, a mobile app that explores users' privacy and security concerns with Android apps. Securacy takes a reactive, personalized approach, highlighting app permission settings that the user has previously stated are concerning, and provides feedback on the use of secure and insecure network communication for each app. We began our design of Securacy by conducting a literature review and in-depth interviews with 30 participants to understand their concerns. We used this knowledge to build Securacy and evaluated its use by another set of 218 anonymous participants who installed the application from the Google Play store. Our results show that access to address book information is by far the biggest privacy concern. Over half (56.4%) of the connections made by apps are insecure, and the destination of the majority of network traffic is North America, regardless of the location of the user. Our app provides unprecedented insight into Android applications' communications behavior globally, indicating that the majority of apps currently use insecure network connections.
Keywords: applications, context, experience sampling, network, privacy (ID#: 15-5942)


Syed Rizvi, Jungwoo Ryoo, John Kissell, Bill Aiken. “A Stakeholder-Oriented Assessment Index for Cloud Security Auditing.” IMCOM '15 Proceedings of the 9th International Conference on Ubiquitous Information Management and Communication, January 2015, Article No. 55. doi:10.1145/2701126.2701226
Abstract: Cloud computing is an emerging computing model that provides numerous advantages to organizations (both service providers and customers) in terms of massive scalability, lower cost, and flexibility, to name a few. Despite these technical and economical advantages of cloud computing, many potential cloud consumers are still hesitant to adopt cloud computing due to security and privacy concerns. This paper describes some of the unique cloud computing security factors and subfactors that play a critical role in addressing cloud security and privacy concerns. To mitigate these concerns, we develop a security metric tool to provide information to cloud users about the security status of a given cloud vendor. The primary objective of the proposed metric is to produce a security index that describes the security level accomplished by an evaluated cloud computing vendor. The resultant security index will give confidence to different cloud stakeholders and is likely to help them in decision making, increase the predictability of the quality of service, and allow appropriate proactive planning if needed before migrating to the cloud. To show the practicality of the proposed metric, we provide two case studies based on the available security information about two well-known cloud service providers (CSP). The results of these case studies demonstrated the effectiveness of the security index in determining the overall security level of a CSP with respect to the security preferences of cloud users.
Keywords: cloud auditing, cloud security, data privacy, security metrics (ID#: 15-5943)


V. Padmapriya, J. Amudhavel, M. Thamizhselvi, K. Bakkiya, B. Sujitha, K. Prem Kumar. “A Scalable Service Oriented Consistency Model for Cloud Environment (SSOCM).” ICARCSET '15 Proceedings of the 2015 International Conference on Advanced Research in Computer Science Engineering & Technology (ICARCSET 2015), March 2015, Article No. 24. doi:10.1145/2743065.2743089
Abstract: The cloud computing paradigm is located throughout the world which is not only used to gather the user's information but also allows the user to share the information among them. In the existing systems, they have discussed about trace-based verification and auditing consistency model on the worldwide scale, which is very expensive to achieve strong consistency. Most of the consistency is achieved during security operations in the cloud domain with violations. Consistency is easy to integrate with multiple servers and even to maintain it under replication. In our proposed system, the users can be able to easily assess the quality of the cloud service and also choose a precise consistency service provider (CSP) among various applicants. Here a theoretical study of consistency model in cloud computing is conducted thoroughly. Finally, we devise an algorithm and a theorem such as: Heuristic Auditing Strategy (HAS) along with the Consistency, Availability and Partition tolerance (CAP) theorem, where the users can easily assess the best quality of the cloud service and also to choose a right consistency service provider (CSP) among various candidates.
Keywords: Consistency, auditing consistency, consistency service provider (CSP), heuristic strategy (HAS) consistency availability and partition tolerance (CAP) (ID#: 15-5944)


Shanhe Yi, Cheng Li, Qun Li. “A Survey of Fog Computing: Concepts, Applications and Issues.” Mobidata '15 Proceedings of the 2015 Workshop on Mobile Big Data, June 2015, Pages 37-42. doi:10.1145/2757384.2757397
Abstract: Despite the increasing usage of cloud computing, there are still issues unsolved due to inherent problems of cloud computing such as unreliable latency, lack of mobility support and location-awareness. Fog computing can address those problems by providing elastic resources and services to end users at the edge of network, while cloud computing are more about providing resources distributed in the core network. This survey discusses the definition of fog computing and similar concepts, introduces representative application scenarios, and identifies various aspects of issues we may encounter when designing and implementing fog computing systems. It also highlights some opportunities and challenges, as direction of potential future work, in related techniques that need to be considered in the context of fog computing.
Keywords: cloud computing, edge computing, fog computing, mobile cloud computing, mobile edge computing, review (ID#: 15-5945)


Tianwei Zhang, Ruby B. Lee. “CloudMonatt: An Architecture for Security Health Monitoring and Attestation of Virtual Machines in Cloud Computing.” ISCA '15 Proceedings of the 42nd Annual International Symposium on Computer Architecture, June 2015, Pages 362-374. doi:10.1145/2749469.2750422
Abstract: Cloud customers need guarantees regarding the security of their virtual machines (VMs), operating within an Infrastructure as a Service (IaaS) cloud system. This is complicated by the customer not knowing where his VM is executing, and on the semantic gap between what the customer wants to know versus what can be measured in the cloud. We present an architecture for monitoring a VM's security health, with the ability to attest this to the customer in an unforgeable manner. We show a concrete implementation of property-based attestation and a full prototype based on the OpenStack open source cloud software.
Keywords: (not provided) (ID#: 15-5946)


Yubin Xia, Yutao Liu, Cheng Tan, Mingyang Ma, Haibing Guan, Binyu Zang, Haibo Chen.TinMan: Eliminating Confidential Mobile Data Exposure with Security Oriented Offloading.” EuroSys '15 Proceedings of the Tenth European Conference on Computer Systems, April 2015, Article No. 27. doi:10.1145/2741948.2741977
Abstract: The wide adoption of smart devices has stimulated a fast shift of security-critical data from desktop to mobile devices. However, recurrent device theft and loss expose mobile devices to various security threats and even physical attacks. This paper presents TinMan, a system that protects confidential data such as web site password and credit card number (we use the term cor to represent these data, which is short for Confidential Record) from being leaked or abused even under device theft. TinMan separates accesses of cor from the rest of the functionalities of an app, by introducing a trusted node to store cor and offloading any code from a mobile device to the trusted node to access cor. This completely eliminates the exposure of cor on the mobile devices. The key challenges to TinMan include deciding when and how to efficiently and transparently offload execution; TinMan addresses these challenges with security-oriented offloading with a low-overhead tainting scheme called asymmetric tainting to track accesses to cor to trigger offloading, as well as transparent SSL session injection and TCP pay-load replacement to offload accesses to cor. We have implemented a prototype of TinMan based on Android and demonstrated how TinMan protects the information of user's bank account and credit card number without modifying the apps. Evaluation results also show that TinMan incurs only a small amount of performance and power overhead.
Keywords: (not provided) (ID#: 15-5947)


Marshini Chetty, Hyojoon Kim, Srikanth Sundaresan, Sam Burnett, Nick Feamster, W. Keith Edwards. “uCap: An Internet Data Management Tool for the Home. CHI '15 Proceedings of the 33rd Annual ACM Conference on Human Factors in Computing Systems, April 2015, Pages 3093-3102.  doi:10.1145/2702123.2702218
Abstract: Internet Service Providers (ISPs) have introduced "data caps", or quotas on the amount of data that a customer can download during a billing cycle. Under this model, Internet users who reach a data cap can be subject to degraded performance, extra fees, or even temporary interruption of Internet service. For this reason, users need better visibility into and control over their Internet usage to help them understand what uses up data and control how these quotas are reached. In this paper, we present the design and implementation of a tool, called uCap, to help home users manage Internet data. We conducted a field trial of uCap in 21 home networks in three countries and performed an in-depth qualitative study of ten of these homes. We present the results of the evaluation and implications for the design of future Internet data management tools.
Keywords: bandwidth caps, data caps, home networking tools (ID#: 15-5948)


Robert Cowles, Craig Jackson, Von Welch. “Facilitating Scientific Collaborations by Delegating Identity Management: Reducing Barriers & Roadmap for Incremental Implementation.” CLHS '15 Proceedings of the 2015 Workshop on Changing Landscapes in HPC Security, April 2015, Pages 15-19. doi:10.1145/2752499.2752501
Abstract: DOE Labs are often presented with conflicting requirements for providing services to scientific collaboratories. An identity management model involving transitive trust is increasingly common. We show how existing policies allow for increased delegation of identity management within an acceptable risk management framework. Specific topics addressed include deemed exports, DOE orders, Inertia and Risk, Traceability, and Technology Limitations. Real life examples of an incremental approach to implementing transitive trust are presented.
Keywords: access control, cyber security, delegation, identity, identity management, risk management, transitive trust (ID#: 15-5949)


Qiang Liu, Edith C.-H. Ngai, Xiping Hu, Zhengguo Sheng, Victor C.M. Leung, Jianping Yin. “SH-CRAN: Hierarchical Framework to Support Mobile Big Data Computing in a Secure Manner.” Mobidata '15 Proceedings of the 2015 Workshop on Mobile Big Data, June 2015, Pages 19-24.  doi:10.1145/2757384.2757388
Abstract: The heterogeneous cloud radio access network (H-CRAN) has been emerging as a cost-effective solution supporting huge volumes of mobile traffic in the big data era. This paper investigates potential security challenges on H-CRAN and analyzes their likelihoods and difficulty levels. Typically, the security threats in H-CRAN can be categorized into three groups, i.e., security threats towards remote radio heads (RRHs), those towards the radio cloud infrastructure and towards backhaul networks. To overcome challenges made by the security threats, we propose a hierarchical security framework called Secure H-CRAN (SH-CRAN) to protect the H-CRAN system against the potential threats. Specifically, the architecture of SH-CRAN contains three logically independent secure domains (SDs), which are the SDs of radio cloud infrastructure, RRHs and backhauls. The notable merits of SH-CRAN include two aspects: (i) the proposed framework is able to provide security assurance for the evolving H-CRAN system, and (ii) the impacts of any failure are limited in one specific component of H-CRAN. The proposed SH-CRAN can be regarded as the basis of the future security mechanisms of mobile bag data computing.
Keywords: heterogeneous cloud radio access network, hierarchical security framework, mobile big data computing (ID#: 15-5950)


Jun Wang, Zhiyun Qian, Zhichun Li, Zhenyu Wu, Junghwan Rhee, Xia Ning, Peng Liu, Guofei Jiang. “Discover and Tame Long-running Idling Processes in Enterprise Systems.” ASIA CCS '15 Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security, April 2015, Pages 543-554. doi:10.1145/2714576.2714613
Abstract: Reducing attack surface is an effective preventive measure to strengthen security in large systems. However, it is challenging to apply this idea in an enterprise environment where systems are complex and evolving over time. In this paper, we empirically analyze and measure a real enterprise to identify unused services that expose attack surface. Interestingly, such unused services are known to exist and summarized by security best practices, yet such solutions require significant manual effort.  We propose an automated approach to accurately detect the idling (most likely unused) services that are in either blocked or bookkeeping states. The idea is to identify repeating events with perfect time alignment, which is the indication of being idling. We implement this idea by developing a novel statistical algorithm based on autocorrelation with time information incorporated. From our measurement results, we find that 88.5% of the detected idling services can be constrained with a simple syscall-based policy, which confines the process behaviors within its bookkeeping states. In addition, working with two IT departments (one of which is a cross validation), we receive positive feedbacks which show that about 30.6% of such services can be safely disabled or uninstalled directly. In the future, the IT department plan to incorporate the results to build a "smaller" OS installation image. Finally, we believe our measurement results raise the awareness of the potential security risks of idling services.
Keywords: attack surface reduction, autocorrelation, enterprise systems, idling service detection (ID#:15-5951)


Patrick Colp, Jiawen Zhang, James Gleeson, Sahil Suneja, Eyal de Lara, Himanshu Raj, Stefan Saroiu, Alec Wolman. “Protecting Data on Smartphones and Tablets from Memory Attacks.” ASPLOS '15 Proceedings of the Twentieth International Conference on Architectural Support for Programming Languages and Operating Systems, March 2015, Pages 177-189. doi:10.1145/2694344.2694380
Abstract: Smartphones and tablets are easily lost or stolen. This makes them susceptible to an inexpensive class of memory attacks, such as cold-boot attacks, using a bus monitor to observe the memory bus, and DMA attacks. This paper describes Sentry, a system that allows applications and OS components to store their code and data on the System-on-Chip (SoC) rather than in DRAM. We use ARM-specific mechanisms originally designed for embedded systems, but still present in today's mobile devices, to protect applications and OS subsystems from memory attacks.
Keywords: AES, DMA attack, android, arm, bus monitoring, cache, cold boot, encrypted RAM, encrypted memory, iRAM, nexus, tegra (ID#: 15-5952)


Anjo Vahldiek-Oberwagner, Eslam Elnikety, Aastha Mehta, Deepak Garg, Peter Druschel, Rodrigo Rodrigues, Johannes Gehrke, Ansley Post. “Guardat: Enforcing Data Policies at the Storage Layer.” EuroSys '15 Proceedings of the Tenth European Conference on Computer Systems, April 2015, Article No. 13. doi:10.1145/2741948.2741958
Abstract: In today's data processing systems, both the policies protecting stored data and the mechanisms for their enforcement are spread over many software components and configuration files, increasing the risk of policy violation due to bugs, vulnerabilities and misconfigurations. Guardat addresses this problem. Users, developers and administrators specify file protection policies declaratively, concisely and separate from code, and Guardat enforces these policies by mediating I/O in the storage layer. Policy enforcement relies only on the integrity of the Guardat controller and any external policy dependencies. The semantic gap between the storage layer enforcement and per-file policies is bridged using cryptographic attestations from Guardat. We present the design and prototype implementation of Guardat, enforce example policies in a Web server, and show experimentally that its overhead is low.
Keywords: (not provided) (ID#: 15-5953)


Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.