OblivIO: Securing reactive programs by oblivious execution with bounded traffic overheads
- URL: http://arxiv.org/abs/2301.08148v2
- Date: Wed, 02 Jul 2025 22:09:25 GMT
- Title: OblivIO: Securing reactive programs by oblivious execution with bounded traffic overheads
- Authors: Jeppe Fredsgaard Blaabjerg, Aslan Askarov,
- Abstract summary: Traffic analysis attacks remain a significant problem for online security.<n>Despite online services increasingly using encrypted traffic, the shape of the traffic is not hidden.<n>We present OblivIO, a secure language for writing reactive programs driven by network events.
- Score: 0.0
- License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
- Abstract: Traffic analysis attacks remain a significant problem for online security. Communication between nodes can be observed by network level attackers as it inherently takes place in the open. Despite online services increasingly using encrypted traffic, the shape of the traffic is not hidden. To prevent traffic analysis, the shape of a system's traffic must be independent of secrets. We investigate adapting the data-oblivious approach the reactive setting and present OblivIO, a secure language for writing reactive programs driven by network events. Our approach pads with dummy messages to hide which program sends are genuinely executed. We use an information-flow type system to provably enforce timing-sensitive noninterference. The type system is extended with potentials to bound the overhead in traffic introduced by our approach. We address challenges that arise from joining data-oblivious and reactive programming and demonstrate the feasibility of our resulting language by developing an interpreter that implements security critical operations as constant-time algorithms.
Related papers
- Semantic Communication-Enhanced Split Federated Learning for Vehicular Networks: Architecture, Challenges, and Case Study [50.345531105285524]
Vehicular edge intelligence (VEI) is vital for future intelligent transportation systems.<n>Traditional centralized learning in dynamic vehicular networks faces significant communication overhead and privacy risks.<n>This paper presents a semantic communication-enhanced split federated learning (SC-USFL) framework.
arXiv Detail & Related papers (2026-03-05T08:36:49Z) - Detecting Object Tracking Failure via Sequential Hypothesis Testing [80.7891291021747]
Real-time online object tracking in videos constitutes a core task in computer vision.<n>We propose interpreting object tracking as a sequential hypothesis test, wherein evidence for or against tracking failures is gradually accumulated over time.<n>We propose both supervised and unsupervised variants by leveraging either ground-truth or solely internal tracking information.
arXiv Detail & Related papers (2026-02-13T14:57:15Z) - Just Ask: Curious Code Agents Reveal System Prompts in Frontier LLMs [65.6660735371212]
We present textbftextscJustAsk, a framework that autonomously discovers effective extraction strategies through interaction alone.<n>It formulates extraction as an online exploration problem, using Upper Confidence Bound--based strategy selection and a hierarchical skill space spanning atomic probes and high-level orchestration.<n>Our results expose system prompts as a critical yet largely unprotected attack surface in modern agent systems.
arXiv Detail & Related papers (2026-01-29T03:53:25Z) - Safeguard: Security Controls at the Software Defined Network Layer [0.3823356975862005]
We present Safeguard, a rule-based policy that overlaps a data-driven policy to prevent unintended responses for edge cases in network traffic.<n>We show how additional rulesets to allow known-good traffic are essential in utilizing a data-driven network policy.
arXiv Detail & Related papers (2026-01-24T07:59:25Z) - Multi-Agent-Driven Cognitive Secure Communications in Satellite-Terrestrial Networks [58.70163955407538]
Malicious eavesdroppers pose a serious threat to private information via satellite-terrestrial networks (STNs)<n>We propose a cognitive secure communication framework driven by multiple agents that coordinates spectrum scheduling and protection through real-time sensing.<n>We exploit generative adversarial networks to produce adversarial matrices, and employ learning-aided power control to set real and adversarial signal powers for protection layer.
arXiv Detail & Related papers (2026-01-06T10:30:41Z) - SafeCoop: Unravelling Full Stack Safety in Agentic Collaborative Driving [16.620713493180165]
Collaborative driving systems leverage vehicle-to-everything (V2X) communication across multiple agents to enhance driving safety and efficiency.<n>Traditional V2X systems face persistent challenges, including high bandwidth demands, semantic loss, and interoperability issues.<n>Recent advances investigate natural language as a promising medium, which can provide semantic richness, decision-level reasoning, and human-machine interoperability at significantly lower bandwidth.
arXiv Detail & Related papers (2025-10-20T21:41:28Z) - Explainable Machine Learning for Cyberattack Identification from Traffic Flows [5.834276858232939]
We simulate cyberattacks in a semi-realistic environment, using a traffic network to analyze disruption patterns.<n>We develop a deep learning-based anomaly detection system, demonstrating that Longest Stop Duration and Total Jam Distance are key indicators of compromised signals.<n>This work enhances AI-driven traffic security, improving both detection accuracy and trustworthiness in smart transportation systems.
arXiv Detail & Related papers (2025-05-02T17:34:14Z) - Hiding in Plain Sight: An IoT Traffic Camouflage Framework for Enhanced Privacy [2.0257616108612373]
Existing single-technique obfuscation methods, such as packet padding, often fall short in dynamic environments like smart homes.<n>This paper introduces a multi-technique obfuscation framework designed to enhance privacy by disrupting traffic analysis.
arXiv Detail & Related papers (2025-01-26T04:33:44Z) - NetFlowGen: Leveraging Generative Pre-training for Network Traffic Dynamics [72.95483148058378]
We propose to pre-train a general-purpose machine learning model to capture traffic dynamics with only traffic data from NetFlow records.<n>We address challenges such as unifying network feature representations, learning from large unlabeled traffic data volume, and testing on real downstream tasks in DDoS attack detection.
arXiv Detail & Related papers (2024-12-30T00:47:49Z) - MIETT: Multi-Instance Encrypted Traffic Transformer for Encrypted Traffic Classification [59.96233305733875]
Classifying traffic is essential for detecting security threats and optimizing network management.<n>We propose a Multi-Instance Encrypted Traffic Transformer (MIETT) to capture both token-level and packet-level relationships.<n>MIETT achieves results across five datasets, demonstrating its effectiveness in classifying encrypted traffic and understanding complex network behaviors.
arXiv Detail & Related papers (2024-12-19T12:52:53Z) - CryptoFormalEval: Integrating LLMs and Formal Verification for Automated Cryptographic Protocol Vulnerability Detection [41.94295877935867]
We introduce a benchmark to assess the ability of Large Language Models to autonomously identify vulnerabilities in new cryptographic protocols.
We created a dataset of novel, flawed, communication protocols and designed a method to automatically verify the vulnerabilities found by the AI agents.
arXiv Detail & Related papers (2024-11-20T14:16:55Z) - Compromising Embodied Agents with Contextual Backdoor Attacks [69.71630408822767]
Large language models (LLMs) have transformed the development of embodied intelligence.
This paper uncovers a significant backdoor security threat within this process.
By poisoning just a few contextual demonstrations, attackers can covertly compromise the contextual environment of a black-box LLM.
arXiv Detail & Related papers (2024-08-06T01:20:12Z) - Multi-Agent Reinforcement Learning for Assessing False-Data Injection
Attacks on Transportation Networks [27.89472896063777]
We introduce a computational framework to find worst-case data-injection attacks against transportation networks.
First, we devise an adversarial model with a threat actor who can manipulate drivers by increasing the travel times that they perceive on certain roads.
Then, we employ hierarchical multi-agent reinforcement learning to find an approximate adversarial strategy for data manipulation.
arXiv Detail & Related papers (2023-12-22T11:48:13Z) - Darknet Traffic Analysis A Systematic Literature Review [0.0]
The objective of an anonymity tool is to protect the anonymity of its users through the implementation of strong encryption and obfuscation techniques.
The strong anonymity feature also functions as a refuge for those involved in illicit activities who aim to avoid being traced on the network.
This paper presents a comprehensive analysis of methods of darknet traffic using machine learning techniques to monitor and identify the traffic attacks inside the darknet.
arXiv Detail & Related papers (2023-11-27T19:27:50Z) - Scalable AI Generative Content for Vehicular Network Semantic
Communication [46.589349524682966]
This paper unveils a scalable Artificial Intelligence Generated Content (AIGC) system that leverages an encoder-decoder architecture.
The system converts images into textual representations and reconstructs them into quality-acceptable images, optimizing transmission for vehicular network semantic communication.
Experimental results suggest that the proposed method surpasses the baseline in perceiving vehicles in blind spots and effectively compresses communication data.
arXiv Detail & Related papers (2023-11-23T02:57:04Z) - Machine Learning for Encrypted Malicious Traffic Detection: Approaches,
Datasets and Comparative Study [6.267890584151111]
In post-COVID-19 environment, malicious traffic encryption is growing rapidly.
We formulate a universal framework of machine learning based encrypted malicious traffic detection techniques.
We implement and compare 10 encrypted malicious traffic detection algorithms.
arXiv Detail & Related papers (2022-03-17T14:00:55Z) - Decoder Fusion RNN: Context and Interaction Aware Decoders for
Trajectory Prediction [53.473846742702854]
We propose a recurrent, attention-based approach for motion forecasting.
Decoder Fusion RNN (DF-RNN) is composed of a recurrent behavior encoder, an inter-agent multi-headed attention module, and a context-aware decoder.
We demonstrate the efficacy of our method by testing it on the Argoverse motion forecasting dataset and show its state-of-the-art performance on the public benchmark.
arXiv Detail & Related papers (2021-08-12T15:53:37Z) - Better than the Best: Gradient-based Improper Reinforcement Learning for
Network Scheduling [60.48359567964899]
We consider the problem of scheduling in constrained queueing networks with a view to minimizing packet delay.
We use a policy gradient based reinforcement learning algorithm that produces a scheduler that performs better than the available atomic policies.
arXiv Detail & Related papers (2021-05-01T10:18:34Z) - TANTRA: Timing-Based Adversarial Network Traffic Reshaping Attack [46.79557381882643]
We present TANTRA, a novel end-to-end Timing-based Adversarial Network Traffic Reshaping Attack.
Our evasion attack utilizes a long short-term memory (LSTM) deep neural network (DNN) which is trained to learn the time differences between the target network's benign packets.
TANTRA achieves an average success rate of 99.99% in network intrusion detection system evasion.
arXiv Detail & Related papers (2021-03-10T19:03:38Z) - Certifiable Robustness to Adversarial State Uncertainty in Deep
Reinforcement Learning [40.989393438716476]
Deep Neural Network-based systems are now the state-of-the-art in many robotics tasks, but their application in safety-critical domains remains dangerous without formal guarantees on network robustness.
Small perturbations to sensor inputs are often enough to change network-based decisions, which was recently shown to cause an autonomous vehicle to swerve into another lane.
This work leverages research on certified adversarial robustness to develop an online certifiably robust for deep reinforcement learning algorithms.
arXiv Detail & Related papers (2020-04-11T21:36:13Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.