Estudio del problema de la distribución de claves criptográficas en el contexto de las tecnologías cloud (COSITI_128/1314)

Uno de los principales problemas de la criptografía contemporánea reside en la generación y distribución de claves criptográficas. En el contexto de las tecnologías cloud este problema se agudiza. En efecto, el propietario de los activos delega la custodia de los mismos en una tercera parte, en principio, no confiable. De esta forma, el único recurso del que dispone un usuario medio para evitar que un servidor pueda acceder a sus activos de información es el cifrado de los mismos. Así, un usuario podría hacer uso de una aplicación cliente encargada de cifrar la información antes de enviarla al servidor cloud con el que habitualmente trabaja. En el caso de que el usuario pertenezca a un grupo de trabajo, deberá compartir la clave de cifrado para que los componentes de ese grupo puedan acceder al recurso. El objetivo principal del presente trabajo es poder estudiar e ilustrar la dificultad existente en la distribución de claves criptográficas simétricas en entornos cloud. Una vez efectuado el pertinente análisis del estado del arte, a modo de prueba de concepto, se propondrá un prototipo de cliente capaz de poder realizar el cifrado de todos los activos que un usuario quiera subir a un servidor cloud, además de poder descargarlos y compartirlos. Este enfoque proporciona la seguridad de la cual no dispone el usuario al depositar su información directamente en estos tipos de entorno. El cliente desarrollado garantiza la confidencialidad y la integridad de los datos, y además es el encargado de realizar todas las operaciones criptográficas, dejando al servidor fuera de estas tareas. Asimismo, el servidor cloud asegura la disponibilidad de los recursos y un primer nivel de autenticación de un usuario, ya que se encarga de comprobar sus credenciales de acceso al servidor. El cliente que se va a presentar ha sido desarrollado sobre la plataforma Android, debido a su gran cuota de mercado actual, y la disponibilidad de una completa plataforma de desarrollo. Por otro lado, se ha elegido Dropbox como servidor cloud, porque es bastante conocido tanto a nivel de usuarios como de empresas, y proporciona una API de desarrollo que es fácil de usar. Finalmente destacar que se ha optado por una implementación OpenSource, debido a las numerosas ventajas que ofrece este enfoque. Este tipo de implementación tiene una mayor fiabilidad, al ser testeados, usados y corregidos en diferentes entornos. Además, aporta una gran flexibilidad al usuario, pudiendo estudiar cómo funciona el código, para poder modificarlo y adaptarlo a unos requerimientos particulares. Por último, se da libertad de mejorar la implementación realizada para poner esas mejoras a disposición del público, con el fin de que toda la comunidad se beneficie.One of the main problems of contemporary cryptography lies in the generation and distribution of cryptographic keys. In the context of cloud technologies, this problem becomes even more critical. Indeed, the asset owner delegates the custody of her assets to a third party, which is not reliable in principle. Information encryption is the only mean for an average user to prevent a server accessing her information assets. Thus, a user could use a client application for data encryption before sending it to her usual cloud server. In the case that the user belongs to a workgroup, resource sharing requires the user sending the encryption key to the rest of components of the group. The main objective of this work is to study and illustrate the difficulty in distributing symmetric cryptographic keys in cloud environments. Upon completion of the relevant state of the art analysis, and as a proof of concept, a prototype client is proposed to encrypt all assets before a user performs its uploading to a cloud server. This client also enables the download and share of the assets managed through the cloud server. This approach provides the security that the user does not have to place her information directly into these types of environment. The client developed ensures the data confidentiality and integrity, and is also be responsible for performing all cryptographic operations, leaving the server out of these tasks. Finally, the cloud server guarantees resources availability and a first level of user authentication, which consists of validating users’ credentials to accessing the server. The application client of this project has been developed on the Android platform, due to its high current market share, and the availability of a complete development platform. On the other hand, it has been chosen Dropbox as a cloud server, because it is well known by both users and companies, and provides a development API that is easy to use. Finally note that it has been chosen an OpenSource implementation, since it has many advantages. This type of deployment is more reliable because the so-implemented products are tested, used and fixed in different environments by many different users and programmers. They also provide great flexibility to the user, because you can study how the code works, so you can modify and adapt to particular requirements. In short, this approach gives freedom to improve the implementation and to make it public, so that the whole community benefits from it

Optimum parameter machine learning classification and prediction of Internet of Things (IoT) malwares using static malware analysis techniques

Application of machine learning in the field of malware analysis is not a new concept, there have been lots of researches done on the classification of malware in android and windows environments. However, when it comes to malware analysis in the internet of things (IoT), it still requires work to be done. IoT was not designed to keeping security/privacy under consideration. Therefore, this area is full of research challenges. This study seeks to evaluate important machine learning classifiers like Support Vector Machines, Neural Network, Random Forest, Decision Trees, Naive Bayes, Bayesian Network, etc. and proposes a framework to utilize static feature extraction and selection processes highlight issues like over-fitting and generalization of classifiers to get an optimized algorithm with better performance. For background study, we used systematic literature review to find out research gaps in IoT, presented malware as a big challenge for IoT and the reasons for applying malware analysis targeting IoT devices and finally perform classification on malware dataset. The classification process used was applied on three different datasets containing file header, program header and section headers as features. Preliminary results show the accuracy of over 90% on file header, program header, and section headers. The scope of this document just discusses these results as initial results and still require some issues to be addressed which may effect on the performance measures