2,994 research outputs found
Threats and countermeasures for network security
In the late 1980's, the traditional threat of anonymous break-ins to networked computers was joined by viruses and worms, multiplicative surrogates that carry out the bidding of their authors. Technologies for authentication and secrecy, supplemented by good management practices, are the principal countermeasures. Four articles on these subjects are presented
A Touch of Evil: High-Assurance Cryptographic Hardware from Untrusted Components
The semiconductor industry is fully globalized and integrated circuits (ICs)
are commonly defined, designed and fabricated in different premises across the
world. This reduces production costs, but also exposes ICs to supply chain
attacks, where insiders introduce malicious circuitry into the final products.
Additionally, despite extensive post-fabrication testing, it is not uncommon
for ICs with subtle fabrication errors to make it into production systems.
While many systems may be able to tolerate a few byzantine components, this is
not the case for cryptographic hardware, storing and computing on confidential
data. For this reason, many error and backdoor detection techniques have been
proposed over the years. So far all attempts have been either quickly
circumvented, or come with unrealistically high manufacturing costs and
complexity.
This paper proposes Myst, a practical high-assurance architecture, that uses
commercial off-the-shelf (COTS) hardware, and provides strong security
guarantees, even in the presence of multiple malicious or faulty components.
The key idea is to combine protective-redundancy with modern threshold
cryptographic techniques to build a system tolerant to hardware trojans and
errors. To evaluate our design, we build a Hardware Security Module that
provides the highest level of assurance possible with COTS components.
Specifically, we employ more than a hundred COTS secure crypto-coprocessors,
verified to FIPS140-2 Level 4 tamper-resistance standards, and use them to
realize high-confidentiality random number generation, key derivation, public
key decryption and signing. Our experiments show a reasonable computational
overhead (less than 1% for both Decryption and Signing) and an exponential
increase in backdoor-tolerance as more ICs are added
Phishing – the threat of internet banking
The attractiveness of Internet banking, the dynamics and the integration with e-business is still growing. The current use of electronic banking is defined by cyberspace and abused in the form of cyber terrorism as well. Therefore it is in the interest of all banks to focus on minimizing the real attacks. This article analyzes and compares the current possibilities against so-called phishing and identifies the area of the safe use of Internet banking in terms of the current potential threats in this area
Infrasense Introduction and Outline
Proposal of Infrasense, including introduction, outline, technical specs, website information, funders, and research. Collected material for Infrasense by Robert Saucier and KIT artist collective
Side-channel based intrusion detection for industrial control systems
Industrial Control Systems are under increased scrutiny. Their security is
historically sub-par, and although measures are being taken by the
manufacturers to remedy this, the large installed base of legacy systems cannot
easily be updated with state-of-the-art security measures. We propose a system
that uses electromagnetic side-channel measurements to detect behavioural
changes of the software running on industrial control systems. To demonstrate
the feasibility of this method, we show it is possible to profile and
distinguish between even small changes in programs on Siemens S7-317 PLCs,
using methods from cryptographic side-channel analysis.Comment: 12 pages, 7 figures. For associated code, see
https://polvanaubel.com/research/em-ics/code
RESEARCH ON SECURE VIRUS TROJAN IN CYBERSECURITY PLATFORM
Security is main issue of this generation of computing because many types of attacks are increasing day by day. Establishing a network is not a big issue for network administrators but protecting the entire network is a big issue. There are various methods and tools are available today for destroying the existing network. In this paper we mainly emphasize on the network security also we present some major issues that can affect our network, Trojan horse virus can give rise to the leakage of internal data. Keywords:Security, Trojan Horse, System, Network
- …