@inproceedings{bib_De-a_2024, AUTHOR = {Ankit Gangwal, Aashish Paliwal, Mauro Conti}, TITLE = {De-authentication using Ambient Light Sensor}, BOOKTITLE = {IEEE Access}. YEAR = {2024}}

While user authentication happens before initiating or resuming a login session, de-authentication detects the absence of a previously-authenticated user to revoke her currently active login session. The absence of proper de-authentication can lead to well-known lunchtime attacks, where a nearby adversary takes over a carelessly departed user's running login session. The existing solutions for automatic de-authentication have distinct practical limitations, e.g., extraordinary deployment requirements or high initial cost of external equipment. In this paper, we propose "DE-authentication using Ambient Light sensor" (DEAL), a novel, inexpensive, fast, and user-friendly de-authentication approach. DEAL utilizes the built-in ambient light sensor of a modern computer to determine if the user is leaving her work-desk. DEAL, by design, is resilient to natural shifts in lighting conditions and can be configured to handle abrupt changes in ambient illumination (e.g., due to toggling of room lights). We collected data samples from 4800 sessions with 120 volunteers in 4 typical workplace settings and conducted a series of experiments to evaluate the quality of our proposed approach thoroughly. Our results show that DEAL can de-authenticate a departing user within 4 seconds with a hit rate of 89.15% and a fall-out of 7.35%. Finally, bypassing DEAL to launch a lunchtime attack is practically infeasible as it requires the attacker to either take the user's position within a few seconds or manipulate the sensor readings sophisticatedly in real-time.

@inproceedings{bib_Auto_2023, AUTHOR = {Ankit Gangwal, Shubham Singh, Abhijeet Srivastava}, TITLE = {AutoSpill: Credential Leakage from Mobile Password Managers}, BOOKTITLE = {ACM Conference on Data and Application Security and Privacy}. YEAR = {2023}}

Password managers (PMs) are becoming increasingly popular on mobile devices, especially on small-screen devices, mainly due to the convenience of automatically filling credentials into login forms. Modern mobile OSes advocate for system-wide autofill frameworks to support autofilling on browsers as well as other apps. Mobile OSes also empower apps to directly render web content within WebView controls without redirecting users to the main browser. par We present a novel technique, called AutoSpill, to leak users' saved credentials during an autofill operation on a webpage loaded into an app's WebView. AutoSpill conveniently dodges the secure autofill process. The majority of popular Android PMs considered in our experiments were found vulnerable to AutoSpill; even when the app hosting the WebView is not actively participating in the leak. Android intermediates in the autofill process because of its app sandboxing. Hence, the responsibility for any credential leakage is often stranded between PMs and the Android system. We investigate the root causes of AutoSpill and propose countermeasures to fundamentally fix AutoSpill for both the parties. We responsibly disclosed our findings to the affected PMs and Android security team.

@inproceedings{bib_On_t_2023, AUTHOR = {Ankit Gangwal, Aakash Jain, Mauro Conti}, TITLE = {On the Feasibility of Profiling Electric Vehicles through Charging Data}, BOOKTITLE = {Network and Distributed System Security Symposium}. YEAR = {2023}}

Electric vehicles (EVs) represent the long-term green substitute for traditional fuel-based vehicles. To encourage EV adoption, the trust of the end-users must be assured. In this work, we focus on a recently emerging privacy threat of profiling and identifying EVs via the analog electrical data exchanged during the EV charging process. The core focus of our work is to investigate the feasibility of such a threat at scale. To this end, we first propose an improved EV profiling approach that outperforms the state-of-the-art EV profiling techniques. Next, we exhaustively evaluate the performance of our improved approach to profile EVs in real-world settings. In our evaluations, we conduct a series of experiments including 25032 charging sessions from 530 real EVs, sub-sampled datasets with different data distributions, etc. Our results show that even with our improved approach, profiling and individually identifying the growing number of EVs appear extremely difficult in practice; at least with the analog charging data utilized throughout the literature. We believe that our findings from this work will further foster the trust of potential users in the EV ecosystem, and consequently, encourage EV adoption.

@inproceedings{bib_A_Fi_2023, AUTHOR = {Ankit Gangwal, T V K Apoorva, Alessandro Brighente, Mauro Conti}, TITLE = {A First Look at Shill Looping in NFT Ecosystem}, BOOKTITLE = {International Workshop on Information Forensics and Security}. YEAR = {2023}}

Abstract—Initially designed to represent ownership of various assets, Non-Fungible Tokens (NFTs) have emerged as a new tool in the blockchain domain for investment and trading. The NFT markets are rapidly budding with significant growth in trading volumes over the last few years. While the NFT ecosystem is continuously evolving, users are exploring astute trading practices to gain financial profits. In this paper, we uncover shill looping, a novel NFT trade practice that NFT owners can exploit to artificially inflate the price of an NFT token. We investigate shill looping and its primary effects in a multi-billion dollar NFT collection called BAYC, showing that approximately 50% of these NFTs exhibit shill looping. Our empirical analysis shows that shill looping significantly boosts the average NFT values by over 45% in the best case. Our initial results highlight the severeness of the shill looping phenomenon

@inproceedings{bib_BLEW_2022, AUTHOR = {Ankit Gangwal, Shubham Singh, Riccardo Spolaor, Abhijeet Srivastava}, TITLE = {BLEWhisperer: Exploiting BLE Advertisements for Data Exfiltration.}, BOOKTITLE = {European Symposium on Research in Computer Security}. YEAR = {2022}}

Bluetooth technology has enabled short-range wireless communication for billions of devices. Bluetooth Low-Energy (BLE) variant aims at improving power consumption on battery-constrained devices. BLE-enabled devices broadcast information (e.g., as beacons) to nearby devices via advertisements. Unfortunately, such functionality can become a double-edged sword at the hands of attackers. In this paper, we primarily show how an attacker can exploit BLE advertisements to exfiltrate information from BLE-enable devices. In particular, our attack establishes a communication medium between two devices without requiring any prior authentication or pairing. We develop a proof-of-concept attack framework on the Android ecosystem and assess its performance via a thorough set of experiments. Our results indicate that such an exfiltration attack is indeed possible though with a limited data rate. Nevertheless, we also demonstrate potential use cases and enhancements to our attack that can further its severeness. Finally, we discuss possible countermeasures to prevent such an attack.

@inproceedings{bib_Anal_2022, AUTHOR = {Ankit Gangwal, Valluri Rahul, Mauro Conti}, TITLE = {Analyzing Price Deviations in DeFi Oracles}, BOOKTITLE = {Cryptology and Network Security}. YEAR = {2022}}

Decentralized Finance (DeFi) promises to transform the traditional financial systems into fair and transparent protocols that do not require trusted third parties. To circumvent the high volatility of crypto-assets, DeFi protocols advocate collateralizing their assets against conventional financial instruments. To do so, these protocols require access to external or off-chain data, such as asset exchange rates. DeFi protocols rely on oracles to access such information. Importing external data onto the chain via oracles consists of multiple data processing and aggregation stages. Thus, it is critical to minimize errors or deviations while the ground truth data moves through these stages. In this paper, we investigate the degree of price deviations at different levels between the data source and the final output rendered to an on-chain requester. In particular, we focus on Chainlink’s oracle network for ETH-USD pricing. Our results …

@inproceedings{bib_A_su_2022, AUTHOR = {Ankit Gangwal, Gangavalli Haripriya Ravali, Tvk Apoorva}, TITLE = {A survey of Layer-two blockchain protocols}, BOOKTITLE = {Journal on Network and Computer Applications}. YEAR = {2022}}

After the success of the Bitcoin blockchain, came several cryptocurrencies and blockchain solutions in the last decade. Nonetheless, Blockchain-based systems still suffer from low transaction rates and high transaction processing latencies, which hinder blockchains’ scalability. An entire class of solutions, called Layer-1 scalability solutions, have attempted to incrementally improve such limitations by adding/modifying fundamental blockchain attributes. Recently, a completely different class of works, called Layer-2 protocols, have emerged to tackle the blockchain scalability issues using unconventional approaches. Layer-2 protocols improve transaction processing rates, periods, and fees by minimizing the use of underlying slow and costly blockchains. In fact, the main chain acts just as an instrument for trust establishment and dispute resolution among Layer2 participants, where only a few transactions are dispatched to the main chain. Thus, Layer-2 blockchain protocols have the potential to transform the domain. However, rapid and discrete developments have resulted in diverse branches of Layer2 protocols. In this work, we systematically create a broad taxonomy of such protocols and implementations. We discuss each Layer-2 protocol class in detail and also elucidate their respective approaches, salient features, requirements, etc. Moreover, we outline the issues related to these protocols along with a comparative discussion. Our thorough study will help further systematize the knowledge dispersed in the domain and help the readers to better understand the field of Layer-2 protocols. Index Terms—Blockchain, Layer-2, Off-chain, Scalability.