academic papers – Page 10 – SSL and internet security news

Hiding Vulnerabilities in Source Code

November 1, 2021 infossl

academic papers, operating systems, security engineering, Security technology, steganography, Uncategorized, usability, vulnerabilities

Really interesting research demonstrating how to hide vulnerabilities in source code by manipulating how Unicode text is displayed. It’s really clever, and not the sort of attack one would normally think about. From Ross Anderson’s blog: We have discovered ways of manipulating the encoding of source code files so that human viewers and compilers see … Read More “Hiding Vulnerabilities in Source Code” »

Identifying Computer-Generated Faces

September 15, 2021 infossl

academic papers, deep fake, identification, Security technology, Uncategorized

It’s the eyes: The researchers note that in many cases, users can simply zoom in on the eyes of a person they suspect may not be real to spot the pupil irregularities. They also note that it would not be difficult to write software to spot such errors and for social media sites to use … Read More “Identifying Computer-Generated Faces” »

Designing Contact-Tracing Apps

September 13, 2021 infossl

academic papers, COVID-19, geolocation, medicine, privacy, Security technology, smartphones, Uncategorized

Susan Landau wrote an essay on the privacy, efficacy, and equity of contract-tracing smartphone apps. Also see her excellent book on the topic. Powered by WPeMatico

Friday Squid Blogging: Possible Evidence of Squid Paternal Care

September 10, 2021 infossl

academic papers, Security technology, squid, Uncategorized

Researchers have found possible evidence of paternal care among bigfin reef squid. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Powered by WPeMatico

Using “Master Faces” to Bypass Face-Recognition Authenticating Systems

August 6, 2021 infossl

academic papers, authentication, face recognition, Security technology, Uncategorized

Fascinating research: “Generating Master Faces for Dictionary Attacks with a Network-Assisted Latent Space Evolution.” Abstract: A master face is a face image that passes face-based identity-authentication for a large portion of the population. These faces can be used to impersonate, with a high probability of success, any user, without having access to any user-information. We … Read More “Using “Master Faces” to Bypass Face-Recognition Authenticating Systems” »

Storing Encrypted Photos in Google’s Cloud

July 30, 2021 infossl

academic papers, cloud computing, encryption, google, photos, Security technology, Uncategorized

New paper: “Encrypted Cloud Photo Storage Using Google Photos“: Abstract: Cloud photo services are widely used for persistent, convenient, and often free photo storage, which is especially useful for mobile devices. As users store more and more photos in the cloud, significant privacy concerns arise because even a single compromise of a user’s credentials give … Read More “Storing Encrypted Photos in Google’s Cloud” »

Hiding Malware in ML Models

July 27, 2021 infossl

academic papers, artificial intelligence, hacking, machine learning, malware, Security technology, Uncategorized

Interesting research: “EvilModel: Hiding Malware Inside of Neural Network Models”. Abstract: Delivering malware covertly and detection-evadingly is critical to advanced malware campaigns. In this paper, we present a method that delivers malware covertly and detection-evadingly through neural network models. Neural network models are poorly explainable and have a good generalization ability. By embedding malware into … Read More “Hiding Malware in ML Models” »

Insurance and Ransomware

July 1, 2021 infossl

academic papers, cybercrime, cybersecurity, insurance, mitigation, ransomware, reports, Security technology, Uncategorized

As ransomware becomes more common, I’m seeing more discussions about the ethics of paying the ransom. Here’s one more contribution to that issue: a research paper that the insurance industry is hurting more than it’s helping. However, the most pressing challenge currently facing the industry is ransomware. Although it is a societal problem, cyber insurers … Read More “Insurance and Ransomware” »

Intentional Flaw in GPRS Encryption Algorithm GEA-1

June 17, 2021 infossl

academic papers, algorithms, backdoors, cryptanalysis, encryption, Security technology, Uncategorized

General Packet Radio Service (GPRS) is a mobile data standard that was widely used in the early 2000s. The first encryption algorithm for that standard was GEA-1, a stream cipher built on three linear-feedback shift registers and a non-linear combining function. Although the algorithm has a 64-bit key, the effective key length is only 40 … Read More “Intentional Flaw in GPRS Encryption Algorithm GEA-1” »

Detecting Deepfake Picture Editing

June 10, 2021 infossl

academic papers, deep fake, Security technology, tamper detection, Uncategorized

“Markpainting” is a clever technique to watermark photos in such a way that makes it easier to detect ML-based manipulation: An image owner can modify their image in subtle ways which are not themselves very visible, but will sabotage any attempt to inpaint it by adding visible information determined in advance by the markpainter. One … Read More “Detecting Deepfake Picture Editing” »