-
Global-Liar: Factuality of LLMs over Time and Geographic Regions
Authors:
Shujaat Mirza,
Bruno Coelho,
Yuyuan Cui,
Christina Pöpper,
Damon McCoy
Abstract:
The increasing reliance on AI-driven solutions, particularly Large Language Models (LLMs) like the GPT series, for information retrieval highlights the critical need for their factuality and fairness, especially amidst the rampant spread of misinformation and disinformation online. Our study evaluates the factual accuracy, stability, and biases in widely adopted GPT models, including GPT-3.5 and G…
▽ More
The increasing reliance on AI-driven solutions, particularly Large Language Models (LLMs) like the GPT series, for information retrieval highlights the critical need for their factuality and fairness, especially amidst the rampant spread of misinformation and disinformation online. Our study evaluates the factual accuracy, stability, and biases in widely adopted GPT models, including GPT-3.5 and GPT-4, contributing to reliability and integrity of AI-mediated information dissemination.
We introduce 'Global-Liar,' a dataset uniquely balanced in terms of geographic and temporal representation, facilitating a more nuanced evaluation of LLM biases. Our analysis reveals that newer iterations of GPT models do not always equate to improved performance. Notably, the GPT-4 version from March demonstrates higher factual accuracy than its subsequent June release. Furthermore, a concerning bias is observed, privileging statements from the Global North over the Global South, thus potentially exacerbating existing informational inequities. Regions such as Africa and the Middle East are at a disadvantage, with much lower factual accuracy. The performance fluctuations over time suggest that model updates may not consistently benefit all regions equally.
Our study also offers insights into the impact of various LLM configuration settings, such as binary decision forcing, model re-runs and temperature, on model's factuality. Models constrained to binary (true/false) choices exhibit reduced factuality compared to those allowing an 'unclear' option. Single inference at a low temperature setting matches the reliability of majority voting across various configurations. The insights gained highlight the need for culturally diverse and geographically inclusive model training and evaluation. This approach is key to achieving global equity in technology, distributing AI benefits fairly worldwide.
△ Less
Submitted 31 January, 2024;
originally announced January 2024.
-
Unveiling the Sentinels: Assessing AI Performance in Cybersecurity Peer Review
Authors:
Liang Niu,
Nian Xue,
Christina Pöpper
Abstract:
Peer review is the method employed by the scientific community for evaluating research advancements. In the field of cybersecurity, the practice of double-blind peer review is the de-facto standard. This paper touches on the holy grail of peer reviewing and aims to shed light on the performance of AI in reviewing for academic security conferences. Specifically, we investigate the predictability of…
▽ More
Peer review is the method employed by the scientific community for evaluating research advancements. In the field of cybersecurity, the practice of double-blind peer review is the de-facto standard. This paper touches on the holy grail of peer reviewing and aims to shed light on the performance of AI in reviewing for academic security conferences. Specifically, we investigate the predictability of reviewing outcomes by comparing the results obtained from human reviewers and machine-learning models. To facilitate our study, we construct a comprehensive dataset by collecting thousands of papers from renowned computer science conferences and the arXiv preprint website. Based on the collected data, we evaluate the prediction capabilities of ChatGPT and a two-stage classification approach based on the Doc2Vec model with various classifiers. Our experimental evaluation of review outcome prediction using the Doc2Vec-based approach performs significantly better than the ChatGPT and achieves an accuracy of over 90%. While analyzing the experimental results, we identify the potential advantages and limitations of the tested ML models. We explore areas within the paper-reviewing process that can benefit from automated support approaches, while also recognizing the irreplaceable role of human intellect in certain aspects that cannot be matched by state-of-the-art AI techniques.
△ Less
Submitted 11 September, 2023;
originally announced September 2023.
-
Freaky Leaky SMS: Extracting User Locations by Analyzing SMS Timings
Authors:
Evangelos Bitsikas,
Theodor Schnitzler,
Christina Pöpper,
Aanjhan Ranganathan
Abstract:
Short Message Service (SMS) remains one of the most popular communication channels since its introduction in 2G cellular networks. In this paper, we demonstrate that merely receiving silent SMS messages regularly opens a stealthy side-channel that allows other regular network users to infer the whereabouts of the SMS recipient. The core idea is that receiving an SMS inevitably generates Delivery R…
▽ More
Short Message Service (SMS) remains one of the most popular communication channels since its introduction in 2G cellular networks. In this paper, we demonstrate that merely receiving silent SMS messages regularly opens a stealthy side-channel that allows other regular network users to infer the whereabouts of the SMS recipient. The core idea is that receiving an SMS inevitably generates Delivery Reports whose reception bestows a timing attack vector at the sender. We conducted experiments across various countries, operators, and devices to show that an attacker can deduce the location of an SMS recipient by analyzing timing measurements from typical receiver locations. Our results show that, after training an ML model, the SMS sender can accurately determine multiple locations of the recipient. For example, our model achieves up to 96% accuracy for locations across different countries, and 86% for two locations within Belgium. Due to the way cellular networks are designed, it is difficult to prevent Delivery Reports from being returned to the originator making it challenging to thwart this covert attack without making fundamental changes to the network architecture.
△ Less
Submitted 14 June, 2023; v1 submitted 13 June, 2023;
originally announced June 2023.
-
Hope of Delivery: Extracting User Locations From Mobile Instant Messengers
Authors:
Theodor Schnitzler,
Katharina Kohls,
Evangelos Bitsikas,
Christina Pöpper
Abstract:
Mobile instant messengers such as WhatsApp use delivery status notifications in order to inform users if a sent message has successfully reached its destination. This is useful and important information for the sender due to the often asynchronous use of the messenger service. However, as we demonstrate in this paper, this standard feature opens up a timing side channel with unexpected consequence…
▽ More
Mobile instant messengers such as WhatsApp use delivery status notifications in order to inform users if a sent message has successfully reached its destination. This is useful and important information for the sender due to the often asynchronous use of the messenger service. However, as we demonstrate in this paper, this standard feature opens up a timing side channel with unexpected consequences for user location privacy. We investigate this threat conceptually and experimentally for three widely spread instant messengers. We validate that this information leak even exists in privacy-friendly messengers such as Signal and Threema.
Our results show that, after a training phase, a messenger user can distinguish different locations of the message receiver. Our analyses involving multiple rounds of measurements and evaluations show that the timing side channel persists independent of distances between receiver locations -- the attack works both for receivers in different countries as well as at small scale in one city. For instance, out of three locations within the same city, the sender can determine the correct one with more than 80% accuracy. Thus, messenger users can secretly spy on each others' whereabouts when sending instant messages. As our countermeasure evaluation shows, messenger providers could effectively disable the timing side channel by randomly delaying delivery confirmations within the range of a few seconds. For users themselves, the threat is harder to prevent since there is no option to turn off delivery confirmations.
△ Less
Submitted 19 October, 2022;
originally announced October 2022.
-
You have been warned: Abusing 5G's Warning and Emergency Systems
Authors:
Evangelos Bitsikas,
Christina Pöpper
Abstract:
The Public Warning System (PWS) is an essential part of cellular networks and a country's civil protection. Warnings can notify users of hazardous events (e.g., floods, earthquakes) and crucial national matters that require immediate attention. PWS attacks disseminating fake warnings or concealing precarious events can have a serious impact, causing fraud, panic, physical harm, or unrest to users…
▽ More
The Public Warning System (PWS) is an essential part of cellular networks and a country's civil protection. Warnings can notify users of hazardous events (e.g., floods, earthquakes) and crucial national matters that require immediate attention. PWS attacks disseminating fake warnings or concealing precarious events can have a serious impact, causing fraud, panic, physical harm, or unrest to users within an affected area. In this work, we conduct the first comprehensive investigation of PWS security in 5G networks. We demonstrate five practical attacks that may impact the security of 5G-based Commercial Mobile Alert System (CMAS) as well as Earthquake and Tsunami Warning System (ETWS) alerts. Additional to identifying the vulnerabilities, we investigate two PWS spoofing and three PWS suppression attacks, with or without a man-in-the-middle (MitM) attacker. We discover that MitM-based attacks have more severe impact than their non-MitM counterparts. Our PWS barring attack is an effective technique to eliminate legitimate warning messages. We perform a rigorous analysis of the roaming aspect of the PWS, incl. its potentially secure version, and report the implications of our attacks on other emergency features (e.g., 911 SIP calls). We discuss possible countermeasures and note that eradicating the attacks necessitates a scrupulous reevaluation of the PWS design and a secure implementation.
△ Less
Submitted 28 October, 2022; v1 submitted 6 July, 2022;
originally announced July 2022.
-
Towards Security-Optimized Placement of ADS-B Sensors
Authors:
Ala' Darabseh,
Christina Pöpper
Abstract:
Automatic Dependent Surveillance Broadcast (ADS-B) sensors deployed on the ground are central to observing aerial movements of aircraft. Their unsystematic placement, however, results in over-densification of sensor coverage in some areas and insufficient sensor coverage in other areas. ADS-B sensor coverage has so far been recognized and analyzed as an availability problem; it was tackled by sens…
▽ More
Automatic Dependent Surveillance Broadcast (ADS-B) sensors deployed on the ground are central to observing aerial movements of aircraft. Their unsystematic placement, however, results in over-densification of sensor coverage in some areas and insufficient sensor coverage in other areas. ADS-B sensor coverage has so far been recognized and analyzed as an availability problem; it was tackled by sensor placement optimization techniques that aim for covering large enough areas. In this paper, we demonstrate that the unsystematic placement of ADS-B sensors leads to a security problem, since the realization and possible deployment of protective mechanisms is closely linked to aspects of redundancy in ADS-B sensor coverage. In particular, we model ADS-B sensor coverage as a multi-dimensional security problem. We then use multi-objective optimization techniques to tackle this problem and derive security-optimized near-optimal placement solutions. Our results show how the location of sensors play a significant role in reducing the success rate of attackers by providing a sufficient number of sensors within a specific geographical area to verify location claims and reducing the exposure to jamming attacks.
△ Less
Submitted 5 April, 2022;
originally announced April 2022.
-
On Security Research Towards Future Mobile Network Generations
Authors:
David Rupprecht,
Adrian Dabrowski,
Thorsten Holz,
Edgar Weippl,
Christina Pöpper
Abstract:
Over the last decades, numerous security and privacy issues in all three active mobile network generations have been revealed that threaten users as well as network providers. In view of the newest generation (5G) currently under development, we now have the unique opportunity to identify research directions for the next generation based on existing security and privacy issues as well as already p…
▽ More
Over the last decades, numerous security and privacy issues in all three active mobile network generations have been revealed that threaten users as well as network providers. In view of the newest generation (5G) currently under development, we now have the unique opportunity to identify research directions for the next generation based on existing security and privacy issues as well as already proposed defenses. This paper aims to unify security knowledge on mobile phone networks into a comprehensive overview and to derive pressing open research questions. To achieve this systematically, we develop a methodology that categorizes known attacks by their aim, proposed defenses, underlying causes, and root causes. Further, we assess the impact and the efficacy of each attack and defense. We then apply this methodology to existing literature on attacks and defenses in all three network generations. By doing so, we identify ten causes and four root causes of attacks. Mapping the attacks to proposed defenses and suggestions for the 5G specification enables us to uncover open research questions and challenges for the development of next-generation mobile networks. The problems of unsecured pre-authentication traffic and jamming attacks exist across all three mobile generations. They should be addressed in the future, in particular, to wipe out the class of downgrade attacks and, thereby, strengthen the users' privacy. Further advances are needed in the areas of inter-operator protocols as well as secure baseband implementations. Additionally, mitigations against denial-of-service attacks by smart protocol design represent an open research question.
△ Less
Submitted 6 March, 2018; v1 submitted 24 October, 2017;
originally announced October 2017.
