In this reboot of the Three Paper Thursdays, back after a hiatus of almost eight years, I consider the many different ways in which programs can be sanitised to detect, or mitigated to prevent the use of, the many programmer errors that can introduce security vulerabilities in low-level languages such as C and C++. We first look at a new binary translation technique, before covering the many compiler techniques in the literature, and finally finishing off with my own hardware analysis architecture.
Continue reading Three Paper Thursday: Sanitisers and MitigatorsFC 2020
I’m at Financial Cryptography 2020 and will try to liveblog some of the talks in followups to this post.
The keynote was given by Allison Nixon, Chief Research Officer of Unit221B, on “Fraudsters Taught Us that Identity is Broken”.
Allison started by showing the Mitchell and Webb clip. In a world where even Jack Dorsey got his twitter hacked via incoming SMS, what is identity? Your thief becomes you. Abuse of old-fashioned passports was rare as they were protected by law; now they’re your email address (which you got by lying to an ad-driven website) and phone number (which gets taken away and given to a random person if you don’t pay your bill). If lucky you might have a signing key (generated on a general purpose computer, and hard to revoke – that’s what bitcoin theft is often about). The whole underlying system is wrong. Email domains, like phone numbers, lapse if you forget to pay your bill; fraudsters actively look for custom domains and check if yours has lapsed, while relying parties mostly don’t. Privacy regulations in most countries prevent you from looking up names from phone numbers; many have phone numbers owned by their employers. Your email address can be frozen or removed because of spam if you’re bad or are hacked, while even felons are not deprived of their names. Evolution is not an intelligent process! People audit password length but rarely the password reset policy: many use zero-factor auth, meaning information that’s sort-of public like your SSN. In Twitter you reset your password then message customer support asking them to remove two-factor, and they do, so long as you can log on! This is a business necessity as too many people lose their phone or second factor, so this customer-support backdoor will never be properly closed. Many bitcoin exchanges have no probation period, whether mandatory or customer option. SIM swap means account theft so long as phone number enables password reset – she also calls this zero-factor authentication.
SIM swap is targeted, unlike most password-stuffing attacks, and compromises people who comply with all the security rules. Allison tried hard to protect herself against this fraud but mostly couldn’t as the phone carrier is the target. This can involve data breaches at the carrier, insider involvement and the customer service back door. Email domain abuse is similar; domain registrars are hacked or taken over. Again, the assumptions made about the underlying infrastructure are wrong. Your email can be reset by your phone number and vice versa. Your private key can be stolen via your cloud backups. Both identity vendors and verifiers rely on unvetted third parties; vendors can’t notify verifiers of a hack. The system failure is highlighted by the existence of criminal markets in identity.
There are unrealistic expectations too. As a user of a general-purpose computer, you have no way to determine whether your machine is suitable for storing private keys, and almost 100% of people are unable to comply with security advice. That tells you it’s the system that’s broken. It’s a blame game, and security advice is as much cargo cult as anything else.
What would a better identity system look like? There would be an end to ever-changing advice; you’d be notified if your information got stolen, just as you know if your physical driving license is stolen; there would be an end to unreasonable expectations of both humans and computers; the legal owner of the identity would be the person identified and would be non-transferable and irrevocable; it would not depend on the integrity of 3rd-party systems like DNS and CAs and patch management mechanisms; we’ll know we’re there once the criminal marketplace vanishes.
Questions: What might we do about certificate revocation? A probation period is the next thing to do, as how people learn of a SIM swap is a flood of password reset messages in email, and then it’s a race. I asked whether rather than fixing the whole world, we should fix it one relying party at a time? Banks give you physical tokens after all, as they’re regulated and have to eat the losses. Allison agreed; in 2019 she talked about SIM swap to many banks but had no interest from any crypto exchange. Curiously, the lawsuits tend to target carriers rather than the exchanges. What about SS7? There are sophisticated Russian criminal gangs doing such attacks, but they require a privileged position in the network, like BGP attacks. What about single signon? The market is currently in flux and might eventually settle on a few vendors. What about SMS spoofing attacks? Allison hasn’t seen them in 4g marketplaces or in widespread criminal use. Caller-ID spoofing is definitely used, by bad guys who organise SWATting. Should we enforce authentication tokens? The customer service department will be inundated with people who have lost theirs and that will become the backdoor. Would blockchains help? No, they’re just an audit log, and the failures are upstream. The social aspect is crucial: people know how to protect their physical cash in their wallet, and a proper solution to the identity problem must work like that. It’s not an impossible task, and might involve a chip in your driver’s license. It’s mostly about getting the execution right.
Identifying Unintended Harms of Cybersecurity Countermeasures
In this paper (winner of the eCrime 2019 Best Paper award), we consider the types of things that can go wrong when you intend to make things better and more secure. Consider this scenario. You are browsing through Internet and see a news headline on one of the presidential candidates. You are unsure if the headline is true. What you can do is to navigate to a fact-checking website and type in the headline of interest. Some platforms also have fact-checking bots that would update periodically on false information. You do some research through three fact-checking websites and the results consistently show that the news contains false information. You share the results as a comment on the news article. Within two hours, you receive hundreds of notifications with comments countering your resources with other fact-checking websites.
Such a scenario is increasingly common as we rely on the Internet and social media platforms for information and news. Although they are meant to increase security, these cybersecurity countermeasures can result in confusion and frustration among users due to the incorporation of additional actions as part of users’ daily online routines. As seen, fact-checking can easily be used as a mechanism for attacks and demonstration of in-group/out-group distinction which can contribute further to group polarisation and fragmentation. We identify these negative effects as unintended consequences and define it as shifts in expected burden and/or effort to a group.
To understand unintended harms, we begin with five scenarios of cyber aggression and deception. We identify common countermeasures for each scenario, and brainstorm potential unintended harms with each countermeasure. The unintended harms are inductively organized into seven categories: 1) displacement, 2) insecure norms, 3) additional costs, 4) misuse, 5) misclassification, 6) amplification and 7) disruption. Applying this framework to the above scenario, insecure norms, miuse, and amplification are both unintended consequences of fact-checking. Fact-checking can foster a sense of complacency where checked news are automatically seen as true. In addition, fact-checking can be used as tools for attacking groups of different political views. Such misuse facilitates amplification as fact-checking is being used to strengthen in-group status and therefore further exacerbate the issue of group polarisation and fragmentation.
To allow for a systematic application to existing or new cybersecurity measures by practitioners and stakeholders, we expand the categories into a functional framework by developing prompts for each harm category. During this process, we identify the underlying need to consider vulnerable groups. In other words, practitioners and stakeholders need to take into consideration the impacts of countermeasures on at-risk groups as well as the possible creation of new vulnerable groups as a result of deploying a countermeasure. Vulnerable groups refer to user groups who may suffer while others are unaffected or prosper from the countermeasure. One example is older adult users where their non-familiarity and less frequent interactions with technologies means that they are forgotten or hidden when assessing risks and/or countermeasures within a system.
It is important to note the framework does not propose measurements for the severity or the likelihood of unintended harm occurring. Rather, the emphasis of the framework is in raising stakeholders’ and practitioners’ awareness of possible unintended consequences. We envision this framework as a common-ground tool for stakeholders, particularly for coordinating approaches in complex, multi-party services and/or technology ecosystems. We would like to extend a special thank you to Schloss Dagstuhl and the organisers of Seminar #19302 (Cybersafety Threats – from Deception to Aggression). It brought all of the authors together and laid out the core ideas in this paper. A complimentary blog post by co-author Dr Simon Parkin can be found at UCL’s Benthams Gaze blog. The accepted manuscript for this paper is available here.
From Playing Games to Committing Crimes: A Multi-Technique Approach to Predicting Key Actors on an Online Gaming Forum
I recently travelled to Pittsburgh, USA, to present the paper “From Playing Games to Committing Crimes: A Multi-Technique Approach to Predicting Key Actors on an Online Gaming Forum” at eCrime 2019, co-authored with Ben Collier and Alice Hutchings. The accepted version of the paper can be accessed here.
The structure and content of various underground forums have been studied in the literature, from threat detection to the classification of marketplace advertisements. These platforms can provide a mechanism for knowledge sharing and a marketplace between cybercriminals and other members.
However, gaming-related activity on underground hacking forums have been largely unexplored. Meanwhile, UK law enforcement believe there is a potential link between playing online games and committing cybercrime—a possible cybercrime pathway. A small-scale study by the NCA found that users looking for gaming cheats on these types of forums can lead to interactions with users involved in cybercrime, leading to a possible first offences, followed by escalating levels of offending. Also, there has been interest from UK law enforcement in exploring intervention activity which aim to deter gamers from becoming involved in cybercrime activity.
We begin to explore this by presenting a data processing pipeline framework, used to identify potential key actors on a gaming-specific forum, using predictive and clustering methods on an initial set of key actors. We adapt open-source tools created for use in analysis of an underground hacking forum and apply them to this forum. In addition, we add NLP features, machine learning models, and use group-based trajectory modelling.
From this, we can begin to characterise key actors, both by looking at the distributions of predictions, and from inspecting each of the models used. Social network analysis, built using author-replier relationships, shows key actors and predicted key actors are well connected, and group-based trajectory modelling highlights a much higher proportion of key actors are contained in both a high-frequency super-engager trajectory in the gaming category, and in a high-frequency super-engager posting activity in the general category.
This work provides an initial look into a perceived link between playing online games and committing cybercrime by analysing an underground forum focused on cheats for games.
Honware: A Virtual Honeypot Framework for Capturing CPE and IoT Zero Days
Existing defenses are slow to detect zero day exploits and capture attack traffic targeting inadequately secured Customer Premise Equipment (CPE) and Internet of Things (IoT) devices. This means that attackers have considerable periods of time to find and compromise vulnerable devices before the attack vectors are well understood and mitigation is in place.
About a month ago we presented honware at eCrime 2019, a new honeypot framework that enables the rapid construction of honeypots for a wide range of CPE and IoT devices. The framework automatically processes a standard firmware image (as is commonly provided for updates) and runs the system with a special pre-built Linux kernel without needing custom hardware. It then logs attacker traffic and records which of their actions led to a compromise.
We provide an extensive evaluation and show that our framework is scalable and significantly better than existing emulation strategies in emulating the devices’ firmware applications. We were able to successfully process close to 2000 firmware images across a dozen brands (TP-Link, Netgear, D-Link…) and run them as honeypots. Also, as we use the original firmware images, the honeypots are not susceptible to fingerprinting attacks based on protocol deviations or self-revealing properties.
By simplifying the process of deploying realistic honeypots at Internet scale, honware supports the detection of malware types that often go unnoticed by users and manufactures. We hope that honware will be used at Internet scale by manufacturers setting up honeypots for all of their products and firmware versions or by researchers looking for new types of malware.
The paper is available here.
Security Engineering, and Sustainability
Yesterday I got the audience at the 36th Chaos Computer Congress in Leipzig to vote on the cover art for the third edition of my textbook on Security Engineering: you can see the result here.
It was a privilege to give a talk at 36C3; as the theme was sustainability, I spoke on The Sustainability of Safety, Security and Privacy. This is a topic on which I’ve written and spoken several times in recent years, but we now have some progress to report. The EU has changed the rules to require that if you sell goods with digital components (whether embedded software, associated cloud services or smartphone apps) then these have to be maintained for as long as the customer might reasonably expect.
2020 Caspar Bowden Award
You are invited to submit nominations for the 2020 Caspar Bowden Award for Outstanding Research in Privacy Enhancing Technologies. The Caspar Bowden PET award is presented annually to researchers who have made an outstanding contribution to the theory, design, implementation, or deployment of privacy enhancing technology. It is awarded at the annual Privacy Enhancing Technologies Symposium (PETS), and carries a cash prize as well as a physical award monument.
Any paper by any author written in the area of privacy enhancing technologies is eligible for nomination. However, the paper must have appeared in a refereed journal, conference, or workshop with proceedings published in the period from April 1, 2018 until March 31, 2020.
Note that we do not accept nominations for publications in conference proceedings when the dates of the conference fall outside of the nomination window. For example, a IEEE Symposium on Security and Privacy (“Oakland”) paper made available on IEEE Xplore prior to the March 31 deadline would not be eligible, as the conference happens in May. Please note that PETS is associated with a journal publication, PoPETs, so any PoPETs paper published in an issue appearing before the March 31 deadline is eligible (which typically means only Issue 1 of the current year).
Anyone can nominate a paper by sending an email message to award-chairs20@petsymposium.org containing the following:
. Paper title
. Author(s)
. Author(s) contact information
. Publication venue and full reference
. Link to an available online version of the paper
. A nomination statement of no more than 500 words.
All nominations must be submitted by April 5, 2020. The award committee will select one or two winners among the nominations received. Winners must be present at the PET Symposium in order to receive the Award. This requirement can be waived only at the discretion of the PET advisory board. The complete Award rules including eligibility requirements can be found here.
Caspar Bowden PET Award Chairs (award-chairs20@petsymposium.org)
Simone Fischer-Hübner, Karlstad University
Ross Anderson, University of Cambridge
Caspar Bowden PET Award Committee
Erman Ayday, Bilkent University
Nataliia Bielova, Inria
Sonja Buchegger, KTH
Ian Goldberg, University of Waterloo
Rachel Greenstadt, NYU
Marit Hansen, Unabhängiges Datenschutzzentrum Schleswig Holstein -ULD
Dali Kaafar, CSIRO
Eran Toch, Tel Aviv University
Carmela Troncoso, EPFL
Matthew Wright, Rochester Institute of Technology
More information about the Caspar Bowden PET award (including past winners) is available here.
Rental scams
One of the cybercrimes that bothers us at Cambridge is accommodation fraud. Every October about 1% the people who come as grad students or postdocs rent an apartment that just doesn’t exist. Sites like Craigslist are full of ads that are just too good to be true. While the university does what it can to advise new hires and admissions to use our own accommodation services if they cannot check out an apartment personally, perhaps 50 new arrivals still turn up to find that they have nowhere to live, their money is gone, and the police aren’t interested. This is not a nice way to start your PhD.
Some years ago a new postdoc, Sophie van der Zee, almost fell for such a scam, and then got to know someone here who had actually become a victim. She made this into a research project, and replied to about a thousand scam ads. We analysed the persuasion techniques that the crooks used.
Here at last is our analysis: The gift of the gab: Are rental scammers skilled at the arts of persuasion? We found that most of the techniques the scammers used are straight from the standard marketing textbook (Cialdini) rather than from the lists of more exotic scam techniques compiled by fraud researchers such as Stajano and Wilson. The only significant exception was appeals to sympathy. Most of the scammers were operating out of West Africa in what appears to have one or more boilerhouse sales operations. They work from scripts, very much like people selling insurance or home improvements.
Previous cybercrime research looked at both high-value targeted operations and scale attackers who compromise machines in bulk. This is an example of fraud lying between the “first class” and “economy class” versions of cybercrime.
Rental scams are still a problem for new staff and students. Since this work was done, things have changed somewhat, in that most of the scams are now run by an operator using slick websites who, according to the local police, appears to be based in Germany. We have repeatedly tried, and failed, to persuade the police (local and Met), the NCA and the NCSC to have his door broken down. Unfortunately the British authorities appear to lack the motivation to extradite foreigners who commit small frauds at scale. So if you want to steal a few million a year, take it from a few thousand people, a thousand pounds at a time. So long as you stay overseas there seems to be little risk of arrest.
APWG eCrime 2019
Last week the APWG Symposium on Electronic Crime Research was held at Carnegie Mellon University in Pittsburgh. The Cambridge Cybercrime Centre was very well-represented at the symposium. Of the 12 accepted research papers, five were authored or co-authored by scholars from the Centre. The topics of the research papers addressed a wide range of cybercrime issues, ranging from honeypots to gaming as pathways to cybercrime. One of the papers with a Cambridge author, “Identifying Unintended Harms of Cybersecurity Countermeasures”, received the Best Paper award. The Honorable Mention award went to “Mapping the Underground: Supervised Discovery of Cybercrime Supply Chains”, which was a collaboration between NYU, ICSI and the Centre.
In this post, we will provide a brief description for each paper in this post. The final versions aren’t yet available, we will blog them in more detail as they appear.
Best Paper
Identifying Unintended Harms of Cybersecurity Countermeasures
Yi Ting Chua, Simon Parkin, Matthew Edwards, Daniela Oliveira, Stefan Schiffner, Gareth Tyson, and Alice Hutchings
In this paper, the authors consider that well-intentioned cybersecurity risk management activities can create not only unintended consequences, but also unintended harms to user behaviours, system users, or the infrastructure itself. Through reviewing countermeasures and associated unintended harms for five cyber deception and aggression scenarios (including tech-abuse, disinformation campaigns, and dating fraud), the authors identified categorizations of unintended harms. These categories were further developed into a framework of questions to prompt risk managers to consider harms in a structured manner, and introduce the discussion of vulnerable groups across all harms. The authors envision that this framework can act as a common-ground and a tool bringing together stakeholders towards a coordinated approach to cybersecurity risk management in a complex, multi-party service and/or technology ecosystem.
Honorable Mention
Mapping the Underground: Supervised Discovery of Cybercrime Supply Chains
Rasika Bhalerao, Maxwell Aliapoulios, Ilia Shumailov, Sadia Afroz, and Damon McCoy
Cybercrime forums enable modern criminal entrepreneurs to collaborate with other criminals into increasingly efficient and sophisticated criminal endeavors.
Understanding the connections between different products and services is currently very expensive and requires a lot of time-consuming manual effort. In this paper, we propose a language-agnostic method to automatically extract supply chains from cybercrime forum posts and replies. Our analysis of generated supply chains highlights unique differences in the lifecycle of products and services on offer in Russian and English cybercrime forums.
Honware: A Virtual Honeypot Framework for Capturing CPE and IoT Zero Day
Alexander Vetterl and Richard Clayton
We presented honware, a new honeypot framework which can rapidly emulate a wide range of CPE and IoT devices without any access to the manufacturers’ hardware.
The framework processes a standard firmware image and will help to detect real attacks and associated vulnerabilities that might otherwise be exploited for considerable periods of time without anyone noticing.
From Playing Games to Committing Crimes: A Multi-Technique Approach to Predicting Key Actors on an Online Gaming Forum
Jack Hughes , Ben Collier, and Alice Hutchings
This paper proposes a systematic framework for analysing forum datasets, which contain minimal structure and are non-trivial to analyse at scale. The paper takes a multi-technique approach drawing on a combination of features relating to content and metadata, to predict potential key actors. From these predictions and trained models, the paper begins to look at characteristics of the group of potential key actors, which may benefit more from targeted intervention activities.
Fighting the “Blackheart Airports”: Internal Policing in the Chinese Censorship Circumvention Ecosystem
Yi Ting Chua and Ben Collier
In this paper, the authors provide an overview of the self-policing mechanisms present in the ecosystem of services used in China to circumvent online censorship. We conducted an in-depth netnographic study of four Telegram channels which were used to co-ordinate various kinds of attacks on groups and individuals offering fake or scam services. More specifically, these actors utilized cybercrime tools such as denial of service attack and doxxing to punish scammers. The motivations behind this self-policing appear to be genuinely altruistic, with individuals largely concerned with maintaining a stable ecosystem of services to allow Chinese citizens to bypass the Great Firewall. Although this is an emerging phenomenon, it appears to be developing into an important and novel kind of trust mechanism within this market
UKRI Digital Security by Design: A £190M research programme around Arm’s Morello – an experimental ARMv8-A CPU, SoC, and board with CHERI support
PIs: Robert N. M. Watson (Cambridge), Simon W. Moore (Cambridge), Peter Sewell (Cambridge), and Peter G. Neumann (SRI)
Since 2010, SRI International and the University of Cambridge, supported by DARPA, have been developing CHERI: a capability-system extension to RISC Instruction-Set Architectures (ISAs) supporting fine-grained memory protection and scalable compartmentalization .. while retaining incremental deployability within current C and C++ software stacks. This ten-year research project has involved hardware-software-semantic co-design: FPGA prototyping, compiler development, operating-system development, and application adaptation, as well as formal modeling and proof. Extensively documented in technical reports and research papers, we have iterated on CHERI as we evaluated and improved microarchitectural overheads, performance, software compatibility, and security.
As we know, mainstream computer systems are still chronically insecure. One of the main reasons for this is that conventional hardware architectures and C/C++ language abstractions, dating back to the 1970s, provide only coarse-grained memory protection. Without memory safety, many coding errors turn into exploitable security vulnerabilities. In our ASPLOS 2019 paper on CheriABI (best paper award), we demonstrated that a complete UNIX userspace and application suite could be protected by strong memory safety with minimal source-code disruption and acceptable performance overheads. Scalable software compartmentalization offers mitigation for future unknown classes of vulnerabilities by enabling greater use of design patterns such as software sandboxing. Our An Introduction to CHERI technical report introduces our approach including the architecture, microarchitectural contributions, formal models, software protection model, and practical software adaptation. The CHERI ISA v7 specification is the authoritative reference to the architecture, including both the architecture-neutral protection model and its concrete mappings into the 64-bit MIPS and 32/64-bit RISC-V ISAs. Our Rigorous Engineering technical report describes our modelling and mechanised proof of key security properties.
Today, we are very excited to be able to talk about another long-running aspect of our DARPA-supported work: A collaboration since 2014 with engineers at Arm to create an experimental adaptation of CHERI to the ARMv8-A architecture. This widely used ISA is the foundation for the vast majority of mobile phones and tablets, including those running iOS and Android. The £170M UKRI program Digital Security by Design (DSbD) was announced in late September 2019 to explore potential applications of CHERI — with a £70M investment by UKRI, and a further £117M from industry including involvement by Arm, Microsoft, and Google. Today, UKRI and Arm announced that the Arm Morello board will become available from 2021: Morello is a prototype 7nm high-end multi-core superscalar ARMv8-A processor (based on Arm’s Neoverse N1), SoC, and board implementing experimental CHERI extensions. As part of this effort, the UK Engineering and Physical Sciences Research Council (EPSRC) has also announced a new £8M programme to fund UK academics to work with Morello. Arm will release their Morello adaptation of our CHERI Clang/LLVM toolchain, and we will release a full adaptation of our open-source CHERI reference software stack to Morello (including our CheriBSD operating system and application suite) as foundations for research and prototyping on Morello. Watch the DSbD workshop videos from Robert Watson (Cambridge), Richard Grisenthwaite (Arm), and Manuel Costa (Microsoft) on CHERI and Morello, which are linked below, for more information.
This is an incredible opportunity to validate the CHERI approach, with accompanying systems software and formal verification, through an industrial scale and industrial quality hardware design, and to broaden the research community around CHERI to explore its potential impact. You can read the announcements about Morello here:
- A blog post by Richard Grisenthwaite (Chief Architect, Arm) on DSbD and Morello
- A blog post by Cambridge’s Department of Computer Science and Technology on DSbD and Morello
- The announcement from the UK Department for Business, Energy, and Industrial Strategy (BEIS)
Recordings of several talks on CHERI and Morello are now available from the ISCF Digital Security by Design Challenge Collaborators’ Workshop (26 September 2019), including:
- Robert Watson (Cambridge)’s talk on CHERI, and on our transition collaboration with Arm (video) (slides)
- Richard Grisenthwaite (Arm)’s talk on the Morello board and CHERI transition (video) (slides)
- Manuel Costa (Microsoft)’s talk on memory safety and potential opportunities arising with CHERI and Morello (video)
In addition, we are maintaining a CHERI DSbD web page with background information on CHERI, announcements regarding Morello, links to DSbD funding calls, and information regarding software artefacts, formal models, and so on. We will continue to update that page as the programme proceeds.
This has been possible through the contributions of the many members of the CHERI research team over the last ten years, including: Hesham Almatary, Jonathan Anderson, John Baldwin, Hadrien Barrel, Thomas Bauereiss, Ruslan Bukin, David Chisnall, James Clarke, Nirav Dave, Brooks Davis, Lawrence Esswood, Nathaniel W. Filardo, Khilan Gudka, Brett Gutstein, Alexandre Joannou, Robert Kovacsics, Ben Laurie, A. Theo Markettos, J. Edward Maste, Marno van der Maas, Alfredo Mazzinghi, Alan Mujumdar, Prashanth Mundkur, Steven J. Murdoch, Edward Napierala, Kyndylan Nienhuis, Robert Norton-Wright, Philip Paeps, Lucian Paul-Trifu, Alex Richardson, Michael Roe, Colin Rothwell, Peter Rugg, Hassen Saidi, Stacey Son, Domagoj Stolfa, Andrew Turner, Munraj Vadera, Jonathan Woodruff, Hongyan Xia, and Bjoern A. Zeeb.
Approved for public release; distribution is unlimited. This work was supported by the Defense Advanced Research Projects Agency (DARPA) and the Air Force Research Laboratory (AFRL), under contract FA8750-10-C-0237 (CTSRD), with additional support from FA8750-11-C-0249 (MRC2), HR0011-18-C-0016 (ECATS), and FA8650-18-C-7809 (CIFV) as part of the DARPA CRASH, MRC, and SSITH research programs. The views, opinions, and/or findings contained in this report are those of the authors and should not be interpreted as representing the official views or policies of the Department of Defense or the U.S. Government. We also acknowledge the EPSRC REMS Programme Grant (EP/K008528/1), the ERC ELVER Advanced Grant (789108), the Isaac Newton Trust, the UK Higher Education Innovation Fund (HEIF), Thales E-Security, Microsoft Research Cambridge, Arm Limited, Google, Google DeepMind, HP Enterprise, and the Gates Cambridge Trust.