Using AI to create artificial fingerprints that can unlock strangers’ phones… abusing electric vehicle charging stations to overwhelm the power grid… exploiting 3D printer technology to execute an all-new form of supply chain attack…
These may have once sounded like far-flung ideas, but top cyber minds at New York University have been actively exploring such scenarios in cutting-edge research detailed yesterday at a special roundtable discussion hosted by the NYU Center for Cybersecurity at the Tandon School of Engineering in Brooklyn.
The roundtable was held as part of CSAW (Cyber Security Awareness Week), an innovative and student-run annual cybersecurity event, held this year in six university locations around the world: Brooklyn, France, India, Israel, Mexico and the United Arab Emirates.
Students from multiple higher-learning institutions who attended the event were invited to participate in nine different contests, including an Applied Research Competition (for the best academic paper), a Capture the Flag exercise, a “red team” challenge and an opportunity to hack neural networks.
CSAW attendee Michael Richmond Jones, a computer science senior at Rensselaer Polytechnic Institute in Troy, New York, said the event was presented a “chance to practice all the skills that I’ve been learning over the semester… see new places and definitely to network with lots of of interesting people.”
Indeed, there was no shortage of interesting people or intriguing topics during the roundtable discussion.
Fooling Fingerprint Scanners
No two fingerprints are alike, but researchers found a way to create a scenario where smartphones fingerprint sensors essentially say: “Close enough!”
In a discussion on artificial intelligence and deepfakes technologies, Julian Togelius, associate professor of computer science and engineering at NYU, explained how AI can be used to create fake synthetic fingerprints – aka "MasterPrints" – that can trick the biometric fingerprint-matching technology found in many mobile devices.
“Some people’s fingerprints just seem to be better than others. They’re just better at unlocking their own phones and sometimes others’,” said Togelius. “So we started digging into this” to see if they could recreate this phenomenon through deep learning.
Togelius and four other academic researchers published a paper on their research back in October 2018. The method is referred to as Latent Variable Evolution, and involves training a generative adversarial network machine learning system by feeding it a data set of genuine fingerprint images.
Using this training, the AI eventually learns to create its own imaginary fingerprints. Then the researchers take the images through an evolutionary optimization process to narrow down the candidates until they find an image that, in the eyes of a smartphone, successfully matches up with a large number of genuine fingerprint images.
“You could basically ask the system: ‘Search in the space of non-[genuine] fingerprints for the ones that unlock the most different phones.’ It worked shockingly well,” said Togelius.
Ultimately the researchers were able to create synthetic fingerprint images that tricked standard-quality smartphone fingerprint readers 22.5 percent of the time.
Abusing Electric Car Charging Stations
There’s an urban legend that if too many people flush their toilets at the same time – perhaps during halftime of a Super Bowl – they will overload the sewage system. This is not true, but the same can’t be said for electric car charging stations and the power grid.
Last summer, NYU announced that researchers from the Tandon School conducted a series of simulations and determined that if a fleet of roughly 1,000 plug-in electric vehicles were all to charge simultaneously in Manhattan, the power drain would be enough to overwhelm the power grid and cause a major outage.
Yury Dvorkin, assistant professor in NYU Tandon’s Department of Electrical and Computer Engineering, explained to reporters at CSAW that malicious hackers could theoretically cause a blackout condition by weaponizing electric vehicles and publicly available power grid data with the intent to execute a demand-side attack. Dvorkin, along with Professor of Electrical and Computer Engineering Ramesh Karri (who was also at CSAW) collaborated on this study alongside doctoral candidate Samrat Acharya, who led the research project.
According to the researchers, every electric vehicle that interfaces with a public charging station generates data regarding its location, charging time, and the average power expended at each station per hour. Malicious actors could potentially aggregate such information through a combination of third-party apps, public documents and resources published by industry standards bodies, and then use that data to develop and optimize a data-driven attack strategy that, according to the researchers' published paper, manipulates electric vehicle and changing station loads “to induce frequency instability in the power grid.”
Using collected data, “Someone can time the attack in such a way that the system is already stressed due to, say, a peak demand on the system, and manipulate the charging process of electric vehicles to show that power system equipment is being operated above its technical limits,” said Dvorkin. “And as a result of that, the system operator will have no choice but to disconnect certain districts of the city from the power supply.”
A scary new dimension to 3D Printers
On Nov. 8, CSAW held one of its more intriguing contests, Hack3D, a 3D printing competition. In this scenario, students attempted to reconstruct a corrupted .gcode file (a 3D printer format), and then later hack an anti-counterfeiting system that protects CAD models.
Indeed, a large focus of the Tandon School’s research into 3D printing (aka additive manufacturing) has focused on preventing counterfeiting and intellectual property theft. An August 2018 research paper and corresponding press release from the school warned that flawed parts printed from stolen design files could resulted in the mechanical failure of 3D-printed products ranging from aircraft parts to medical implants. To address this issue, a team of NYU researchers formulated a method for embedding tracking codes (such as QR codes) into 3D products features’ to ensure a products is authentic and not an unauthorized copy.
But this is not the only threat. At CSAW, Tandon faculty also noted the that attackers could potentially sabotage 3D printers to create products with undetectable flaws, in what essentially constitutes a unique form of a supply chain attack. “The next generation of threats are going to be in… additive manufacturing…” said Karri during the roundtable discussion.
Nikhil Gupta, a professor in Tandon’s Department of Mechanical and Aerospace Engineering who co-authored the anti-counterfeiting research paper, told SC Media that companies using 3D printers often operate the machines in segregated subnetworks, keeping them offline to prevent remote hacking of the equipment. Nevertheless, he said the printers could theoretically be infected through a malicious software or firmware update, or even by a supply chain attack whereby the printer hardware was embedded with a malicious component during its manufacturing. Gutpa said even the printing material itself could potentially contain vulnerabilities.
Potentially, any of these scenarios could result in defects that require a company to “recall [an] entire batch” of products. “That’s a really scary scenario,” he said.
