Systemization of Pluggable Transports for Censorship Resistance

An increasing number of countries implement Internet censorship at different scales and for a variety of reasons. In particular, the link between the censored client and entry point to the uncensored network is a frequent target of censorship due to the ease with which a nation-state censor can control it. A number of censorship resistance systems have been developed thus far to help circumvent blocking on this link, which we refer to as link circumvention systems (LCs). The variety and profusion of attack vectors available to a censor has led to an arms race, leading to a dramatic speed of evolution of LCs. Despite their inherent complexity and the breadth of work in this area, there is no systematic way to evaluate link circumvention systems and compare them against each other. In this paper, we (i) sketch an attack model to comprehensively explore a censor's capabilities, (ii) present an abstract model of a LC, a system that helps a censored client communicate with a server over the Internet while resisting censorship, (iii) describe an evaluation stack that underscores a layered approach to evaluate LCs, and (iv) systemize and evaluate existing censorship resistance systems that provide link circumvention. We highlight open challenges in the evaluation and development of LCs and discuss possible mitigations.Comment: Content from this paper was published in Proceedings on Privacy Enhancing Technologies (PoPETS), Volume 2016, Issue 4 (July 2016) as "SoK: Making Sense of Censorship Resistance Systems" by Sheharbano Khattak, Tariq Elahi, Laurent Simon, Colleen M. Swanson, Steven J. Murdoch and Ian Goldberg (DOI 10.1515/popets-2016-0028

SUTMS - Unified Threat Management Framework for Home Networks

Home networks were initially designed for web browsing and non-business critical applications. As infrastructure improved, internet broadband costs decreased, and home internet usage transferred to e-commerce and business-critical applications. Today’s home computers host personnel identifiable information and financial data and act as a bridge to corporate networks via remote access technologies like VPN. The expansion of remote work and the transition to cloud computing have broadened the attack surface for potential threats. Home networks have become the extension of critical networks and services, hackers can get access to corporate data by compromising devices attacked to broad- band routers. All these challenges depict the importance of home-based Unified Threat Management (UTM) systems. There is a need of unified threat management framework that is developed specifically for home and small networks to address emerging security challenges. In this research, the proposed Smart Unified Threat Management (SUTMS) framework serves as a comprehensive solution for implementing home network security, incorporating firewall, anti-bot, intrusion detection, and anomaly detection engines into a unified system. SUTMS is able to provide 99.99% accuracy with 56.83% memory improvements. IPS stands out as the most resource-intensive UTM service, SUTMS successfully reduces the performance overhead of IDS by integrating it with the flow detection mod- ule. The artifact employs flow analysis to identify network anomalies and categorizes encrypted traffic according to its abnormalities. SUTMS can be scaled by introducing optional functions, i.e., routing and smart logging (utilizing Apriori algorithms). The research also tackles one of the limitations identified by SUTMS through the introduction of a second artifact called Secure Centralized Management System (SCMS). SCMS is a lightweight asset management platform with built-in security intelligence that can seamlessly integrate with a cloud for real-time updates

IMPROVING NETWORK POLICY ENFORCEMENT USING NATURAL LANGUAGE PROCESSING AND PROGRAMMABLE NETWORKS

Computer networks are becoming more complex and challenging to operate, manage, and protect. As a result, Network policies that define how network operators should manage the network are becoming more complex and nuanced. Unfortunately, network policies are often an undervalued part of network design, leaving network operators to guess at the intent of policies that are written and fill in the gaps where policies don’t exist. Organizations typically designate Policy Committees to write down the network policies in the policy documents using high-level natural languages. The policy documents describe both the acceptable and unacceptable uses of the network. Network operators then take the responsibility of enforcing the policies and verifying whether the enforcement achieves expected requirements. Network operators often encounter gaps and ambiguous statements when translating network policies into specific network configurations. An ill-structured network policy document may prevent network operators from implementing the true intent of the policies, and thus leads to incorrect enforcement. It is thus important to know the quality of the written network policies and to remove any ambiguity that may confuse the people who are responsible for reading and implementing them. Moreover, there is a need not only to prevent policy violations from occurring but also to check for any policy violations that may have occurred (i.e., the prevention mechanisms failed in some way), since unwanted packets or network traffic, were somehow allowed to enter the network. In addition, the emergence of programmable networks provides flexible network control. Enforcing network routing policies in an environment that contains both the traditional networks and programmable networks also becomes a challenge. This dissertation presents a set of methods designed to improve network policy enforcement. We begin by describing the design and implementation of a new Network Policy Analyzer (NPA), which analyzes the written quality of network policies and outputs a quality report that can be given to Policy Committees to improve their policies. Suggestions on how to write good network policies are also provided. We also present Network Policy Conversation Engine (NPCE), a chatbot for network operators to ask questions in natural languages that check whether there is any policy violation in the network. NPCE takes advantage of recent advances in Natural Language Processing (NLP) and modern database solutions to convert natural language questions into the corresponding database queries. Next, we discuss our work towards understanding how Internet ASes connect with each other at third-party locations such as IXPs and their business relationships. Such a graph is needed to write routing policies and to calculate available routes in the future. Lastly, we present how we successfully manage network policies in a hybrid network composed of both SDN and legacy devices, making network services available over the entire network

Laboratory Exercises to Accompany Industrial Control and Embedded Systems Security Curriculum Modules

The daily intrusion attempts and attacks on industrial control systems (ICS) and embedded systems (ES) underscore the criticality of the protection of our Critical Infrastructures (CIs). As recent as mid-July 2018, numerous reports on the infiltration of US utility control rooms by Russian hackers have been published. These successful infiltration and possible manipulation of the utility companies could easily translate to a devastating attack on our nation’s power grid and, consequently, our economy and well-being. Indeed, the need to secure the control and embedded systems which operate our CIs has never been so pronounced. In our attempt to address this critical need, we designed, developed and implemented ICS and ES security curriculum modules with pertinent hands-on laboratory exercises that can be freely adopted across the national setting. This paper describes in detail the modules and the accompanying exercises and proposes future enhancements and extensions to these pedagogical instruments. It highlights the interaction between control and embedded systems security with Presidential Policy Directive 8- the National Preparedness Plan (NPP), cyber risk management, incident handling. To establish the premise the laboratory exercises were developed. This paper outlines the description and content of the modules in the areas of (1) Industrial Control Systems (ICS) Security, (2) embedded systems (ES), and (3) guidelines, standards, and policy. The ICS security modules cover the predominant ICS protocols, ladder logic programming, Human Machine Interface (HMI), defensive techniques, ICS reconnaissance, vulnerability assessment, Intrusion detection, and penetration testing. The ES security modules include topics such as secure firmware programming and authentication mechanisms. In the guidelines, standards, and policy section, the topics covered by the modules include the NPP as it relates to CI protection, risk management, system protection and policy design, and managing operations and controls. An overview of the various hands-on exercises that accompany the course modules is also presented. Further, to evaluate the effectiveness of the pedagogical materials, an initial evaluation was conducted and the survey data were collected, analyzed, and presented. The paper concludes with future enhancements and directives on opportunities for module extensions and course adoption

Standards and practices necessary to implement a successful security review program for intrusion management systems

Thesis (Master)--Izmir Institute of Technology, Computer Engineering, Izmir, 2002Includes bibliographical references (leaves: 84-85)Text in English; Abstract: Turkish and Englishviii, 91 leavesIntrusion Management Systems are being used to prevent the information systems from successful intrusions and their consequences. They also have detection features. They try to detect intrusions, which have passed the implemented measures. Also the recovery of the system after a successful intrusion is made by the Intrusion Management Systems. The investigation of the intrusion is made by Intrusion Management Systems also. These functions can be existent in an intrusion management system model, which has a four layers architecture. The layers of the model are avoidance, assurance, detection and recovery. At the avoidance layer necessary policies, standards and practices are implemented to prevent the information system from successful intrusions. At the avoidance layer, the effectiveness of implemented measures are measured by some test and reviews. At the detection layer the identification of an intrusion or intrusion attempt is made in the real time. The recovery layer is responsible from restoring the information system after a successful intrusion. It has also functions to investigate the intrusion. Intrusion Management Systems are used to protect information and computer assets from intrusions. An organization aiming to protect its assets must use such a system. After the implementation of the system, continuous reviews must be conducted in order to ensure the effectiveness of the measures taken. Such a review can achieve its goal by using principles and standards. In this thesis, the principles necessary to implement a successful review program for Intrusion Management Systems have been developed in the guidance of Generally Accepted System Security Principles (GASSP). These example principles are developed for tools of each Intrusion Management System layer. These tools are firewalls for avoidance layer, vulnerability scanners for assurance layer, intrusion detection systems for detection layer and integrity checkers for recovery layer of Intrusion Management Systems

Pedagogical Resources for Industrial Control Systems Security: Design, Implementation, Conveyance, and Evaluation

Industrial Control Systems (ICS), which are pervasive in our nation’s critical infrastructures, are becoming increasingly at risk and vulnerable to internal and external threats. It is imperative that the future workforce be educated and trained on the security of such systems. However, it is equally important that careful and deliberate considerations must be exercised in designing and implementing the educational and training activities that pertain to ICS. To that end, we designed and implemented pedagogical materials and tools to facilitate the teaching and learning processes in the area of ICS security. In this paper, we describe those resources, the professional development workshop to disseminate the curriculum materials, and the evaluation results pertaining to those artifacts and activities

Spoiled Onions: Exposing Malicious Tor Exit Relays

Several hundred Tor exit relays together push more than 1 GiB/s of network traffic. However, it is easy for exit relays to snoop and tamper with anonymised network traffic and as all relays are run by independent volunteers, not all of them are innocuous. In this paper, we seek to expose malicious exit relays and document their actions. First, we monitored the Tor network after developing a fast and modular exit relay scanner. We implemented several scanning modules for detecting common attacks and used them to probe all exit relays over a period of four months. We discovered numerous malicious exit relays engaging in different attacks. To reduce the attack surface users are exposed to, we further discuss the design and implementation of a browser extension patch which fetches and compares suspicious X.509 certificates over independent Tor circuits. Our work makes it possible to continuously monitor Tor exit relays. We are able to detect and thwart many man-in-the-middle attacks which makes the network safer for its users. All our code is available under a free license