Implementing a signing forms mechanism in an open XMPP Server to reduce successful network attacks

Indexación: Scopus.4th School on Systems and Networks, SSN 2018; Universidad AustralValdivia; Chile; 29 October 2018 through 31 October 2018Servers implementing the eXtensible Messag-ing and Presence Protocol (XMPP) enable the near-real-time exchange of structured yet extensible data between any two or more network entities. In this paper we propose to address network attacks, a security issue, by implementing signing forms over an in-band registration mechanism. We validate our proposal implementing this mechanism over OpenFire, which is a free, community-supported and open source XMPP server. Our experiments showed that the number of successful attacks was reduced to 0 when our proposal is implemented. © 2018 CEUR-WS. All rights reserved.http://ceur-ws.org/Vol-2178/SSN2018_paper_26.pd

Secure Bitcoin Wallet

Virtuaalvaluutad ja mobiilne pangandus on tehnoloogilised uuendused, mis on rah- vusvahelises kogukonnas saamas kasvavat tähelepanu oma kättesaadavuse, mugavuse ja kiiruse tõttu. Populaarsuse kasv on kahjuks kaasa toonud ka suurenenud turvariski iden- titeedivarguste näol, tekitades ohu kasutajate anonüümsusele. Riske on võimalik vältida, kasutades krüptograafilisi meetmeid Bitcoini ja teiste hajutatud digitaalsete valuutade vastaste rünnete vähendamiseks sideliinil ning hoiustamisel. See ülevaade koondab erine- vad meetodid ja lahendused selliste rünnete vastu ning uurib nende tõhusust. Lisaks kir- jeldatakse turvalist Bitcoini rahakotti (Secure Bitcoin Wallet), mis on standardne Bitcoini ülekannete klient koos tõhustatud turvaomaduste ja -teenustega.Virtual currencies and mobile banking are technology advancements that are receiving increased attention in the global community because of their accessibility, convenience and speed. However, this popularity comes with growing security concerns, like increasing frequency of identity theft, leading to bigger problems which put user anonymity at risk. One possible solution for these problems is using cryptography to enhance security of Bitcoin or other decentralised digital currency systems and to decrease frequency of attacks on either communication channels or system storage. This report outlines various methods and solutions targeting these issues and aims to understand their effectiveness. It also describes Secure Bitcoin Wallet, standard Bitcoin transactions client, enhanced with various security features and services

Käyttäjien välinen henkilöllisyyden todentaminen nykyaikaisissa kommunikaatio- ja yhteistyöympäristöissä

This thesis describes a method for person-to-person identification on Google Wave networks. The method can also be used for strong authentication on the Wave network. The solution is based on using a trusted third party. The users must first authenticate themselves to a trusted third party and then prove to it that they control a said Wave user account. After these steps, the trusted third party is then able to identify the users participating in a Wave discussion and report the identification results to the other participants. The users can request the trusted third party to reauthenticate a user if needed. The thesis describes also a federated model for person-to-person identification on the Wave network using multiple trusted third parties. The method described can be generalized to any communication networks where the origin of messages can be reliably traced on a domain name level. A proof-of-concept of the identification model was developed and it was used to evaluate the applicability of the model in the real world.Diplomityössä kuvataan menetelmä käyttäjien väliseen henkilöllisyyden todentamiseen Google Wave-verkossa. Kuvattua menetelmää voidaan käyttää myös henkilöiden vahvaan tunnistamiseen Wave-verkossa. Ratkaisu perustuu luotetun kolmannen tahon käyttöön. Käyttäjien tulee ensin tunnistautua luotetulle kolmannelle taholle ja sen jälkeen osoittaa luotetulle taholle omaavansa tietyn Wave-käyttäjätunnuksen. Tämän jälkeen luotettu kolmas taho voi tunnistaa käyttäjät Wave-verkossa ns. Wave-robotin avulla ja kertoa tunnistamisen tulokset muille osallistujille. Tarvittaessa käyttäjät voivat pyytää robotin avulla luotettua tahoa uudelleentunnistamaan käyttäjät. Työssä esitetään myös malli henkilöiden väliseen tunnistamiseen useamman luotetun tahon avulla. Menetelmä on yleistettävissä käytettäväksi sellaisissa keskusteluverkoissa, joissa voidaan luotettavasti tunnistaa, miltä verkon palvelimelta kommunikaatio on tapahtunut. Työssä toteutettiin tekninen kokeilu kehitetystä todennusmenetelmästä ja arvioitiin menetelmän soveltuvuutta käytäntöön

Segurança e privacidade em terminologia de rede

Security and Privacy are now at the forefront of modern concerns, and drive a significant part of the debate on digital society. One particular aspect that holds significant bearing in these two topics is the naming of resources in the network, because it directly impacts how networks work, but also affects how security mechanisms are implemented and what are the privacy implications of metadata disclosure. This issue is further exacerbated by interoperability mechanisms that imply this information is increasingly available regardless of the intended scope. This work focuses on the implications of naming with regards to security and privacy in namespaces used in network protocols. In particular on the imple- mentation of solutions that provide additional security through naming policies or increase privacy. To achieve this, different techniques are used to either embed security information in existing namespaces or to minimise privacy ex- posure. The former allows bootstraping secure transport protocols on top of insecure discovery protocols, while the later introduces privacy policies as part of name assignment and resolution. The main vehicle for implementation of these solutions are general purpose protocols and services, however there is a strong parallel with ongoing re- search topics that leverage name resolution systems for interoperability such as the Internet of Things (IoT) and Information Centric Networks (ICN), where these approaches are also applicable.Segurança e Privacidade são dois topicos que marcam a agenda na discus- são sobre a sociedade digital. Um aspecto particularmente subtil nesta dis- cussão é a forma como atribuímos nomes a recursos na rede, uma escolha com consequências práticas no funcionamento dos diferentes protocols de rede, na forma como se implementam diferentes mecanismos de segurança e na privacidade das várias partes envolvidas. Este problema torna-se ainda mais significativo quando se considera que, para promover a interoperabili- dade entre diferentes redes, mecanismos autónomos tornam esta informação acessível em contextos que vão para lá do que era pretendido. Esta tese foca-se nas consequências de diferentes políticas de atribuição de nomes no contexto de diferentes protocols de rede, para efeitos de segurança e privacidade. Com base no estudo deste problema, são propostas soluções que, através de diferentes políticas de atribuição de nomes, permitem introdu- zir mecanismos de segurança adicionais ou mitigar problemas de privacidade em diferentes protocolos. Isto resulta na implementação de mecanismos de segurança sobre protocolos de descoberta inseguros, assim como na intro- dução de mecanismos de atribuiçao e resolução de nomes que se focam na protecçao da privacidade. O principal veículo para a implementação destas soluções é através de ser- viços e protocolos de rede de uso geral. No entanto, a aplicabilidade destas soluções extende-se também a outros tópicos de investigação que recorrem a mecanismos de resolução de nomes para implementar soluções de intero- perabilidade, nomedamente a Internet das Coisas (IoT) e redes centradas na informação (ICN).Programa Doutoral em Informátic

HTTP Mailbox - Asynchronous Restful Communication

Traditionally, general web services used only the GET and POST methods of HTTP while several other HTTP methods like PUT, PATCH, and DELETE were rarely utilized. Additionally, the Web was mainly navigated by humans using web browsers and clicking on hyperlinks or submitting HTML forms. Clicking on a link is always a GET request while HTML forms only allow GET and POST methods. Recently, several web frameworks/libraries have started supporting RESTful web services through APIs. To support HTTP methods other than GET and POST in browsers, these frameworks have used hidden HTML form fields as a workaround to convey the desired HTTP method to the server application. In such cases, the web server is unaware of the intended HTTP method because it receives the request as POST. Middleware between the web server and the application may override the HTTP method based on special hidden form field values. Unavailability of the servers is another factor that affects the communication. Because of the stateless and synchronous nature of HTTP, a client must wait for the server to be available to perform the task and respond to the request. Browser-based communication also suffers from cross-origin restrictions for security reasons. We describe HTTP Mailbox, a mechanism to enable RESTful HTTP communication in an asynchronous mode with a full range of HTTP methods otherwise unavailable to standard clients and servers. HTTP Mailbox also allows for multicast semantics via HTTP. We evaluate a reference implementation using ApacheBench (a server stress testing tool) demonstrating high throughput (on 1,000 concurrent requests) and a systemic error rate of 0.01%. Finally, we demonstrate our HTTP Mailbox implementation in a human-assisted Web preservation application called “Preserve Me! and a visualization application called Preserve Me! Viz

Protecting Systems From Exploits Using Language-Theoretic Security

Any computer program processing input from the user or network must validate the input. Input-handling vulnerabilities occur in programs when the software component responsible for filtering malicious input---the parser---does not perform validation adequately. Consequently, parsers are among the most targeted components since they defend the rest of the program from malicious input. This thesis adopts the Language-Theoretic Security (LangSec) principle to understand what tools and research are needed to prevent exploits that target parsers. LangSec proposes specifying the syntactic structure of the input format as a formal grammar. We then build a recognizer for this formal grammar to validate any input before the rest of the program acts on it. To ensure that these recognizers represent the data format, programmers often rely on parser generators or parser combinators tools to build the parsers. This thesis propels several sub-fields in LangSec by proposing new techniques to find bugs in implementations, novel categorizations of vulnerabilities, and new parsing algorithms and tools to handle practical data formats. To this end, this thesis comprises five parts that tackle various tenets of LangSec. First, I categorize various input-handling vulnerabilities and exploits using two frameworks. First, I use the mismorphisms framework to reason about vulnerabilities. This framework helps us reason about the root causes leading to various vulnerabilities. Next, we built a categorization framework using various LangSec anti-patterns, such as parser differentials and insufficient input validation. Finally, we built a catalog of more than 30 popular vulnerabilities to demonstrate the categorization frameworks. Second, I built parsers for various Internet of Things and power grid network protocols and the iccMAX file format using parser combinator libraries. The parsers I built for power grid protocols were deployed and tested on power grid substation networks as an intrusion detection tool. The parser I built for the iccMAX file format led to several corrections and modifications to the iccMAX specifications and reference implementations. Third, I present SPARTA, a novel tool I built that generates Rust code that type checks Portable Data Format (PDF) files. The type checker I helped build strictly enforces the constraints in the PDF specification to find deviations. Our checker has contributed to at least four significant clarifications and corrections to the PDF 2.0 specification and various open-source PDF tools. In addition to our checker, we also built a practical tool, PDFFixer, to dynamically patch type errors in PDF files. Fourth, I present ParseSmith, a tool to build verified parsers for real-world data formats. Most parsing tools available for data formats are insufficient to handle practical formats or have not been verified for their correctness. I built a verified parsing tool in Dafny that builds on ideas from attribute grammars, data-dependent grammars, and parsing expression grammars to tackle various constructs commonly seen in network formats. I prove that our parsers run in linear time and always terminate for well-formed grammars. Finally, I provide the earliest systematic comparison of various data description languages (DDLs) and their parser generation tools. DDLs are used to describe and parse commonly used data formats, such as image formats. Next, I conducted an expert elicitation qualitative study to derive various metrics that I use to compare the DDLs. I also systematically compare these DDLs based on sample data descriptions available with the DDLs---checking for correctness and resilience

Security of Smartphones at the Dawn of their Ubiquitousness

The importance of researching in the field of smartphone security is substantiated in the increasing number of smartphones, which are expected to outnumber common computers in the future. Despite their increasing importance, it is unclear today if mobile malware will play the same role for mobile devices as for common computers today. Therefore, this thesis contributes to defining and structuring the field mobile device security with special concern on smartphones and on the operational side of security, i.e., with mobile malware as the main attacker model. Additionally, it wants to give an understanding of the shifting boundaries of the attack surface in this emerging research field. The first three chapters introduce and structure the research field with the main goal of showing what has to be defended against today. Besides introducing related work they structure mobile device attack vectors with regard to mobile malicious software and they structure the topic of mobile malicious software itself with regard to its portability. The technical contributions of this thesis are in Chapters 5 to 8, classified according to the location of the investigation (on the device, in the network, distributed in device and network). Located in the device is MobileSandbox, a software for dynamic malware analysis. As another device-centric contribution we investigate on the efforts that have to be taken to develop an autonomously spreading smartphone worm. The results of these investigations are used to show that device-centric parts are necessary for smartphone security. Additionally, we propose a novel device-centric security mechanism that aims at reducing the attack surface of mobile devices to mobile malware. The network-centric investigations show the possibilities that a mobile network operator can use in its own mobile network for protecting the mobile devices of its clients. We simulate the effectiveness of different security mechanisms. Finally, the distributed investigations show the feasibility of distributed computation algorithms with security modules. We give prototypic implementations of protocols for secure multiparty computation as a modularized version with failure detector and consensus algorithms, and for fair exchange with guardian angels

An interoperable and secure architecture for internet-scale decentralized personal communication

Interpersonal network communications, including Voice over IP (VoIP) and Instant Messaging (IM), are increasingly popular communications tools. However, systems to date have generally adopted a client-server model, requiring complex centralized infrastructure, or have not adhered to any VoIP or IM standard. Many deployment scenarios either require no central equipment, or due to unique properties of the deployment, are limited or rendered unattractive by central servers. to address these scenarios, we present a solution based on the Session Initiation Protocol (SIP) standard, utilizing a decentralized Peer-to-Peer (P2P) mechanism to distribute data. Our new approach, P2PSIP, enables users to communicate with minimal or no centralized servers, while providing secure, real-time, authenticated communications comparable in security and performance to centralized solutions.;We present two complete protocol descriptions and system designs. The first, the SOSIMPLE/dSIP protocol, is a P2P-over-SIP solution, utilizing SIP both for the transport of P2P messages and personal communications, yielding an interoperable, single-stack solution for P2P communications. The RELOAD protocol is a binary P2P protocol, designed for use in a SIP-using-P2P architecture where an existing SIP application is modified to use an additional, binary RELOAD stack to distribute user information without need for a central server.;To meet the unique security needs of a fully decentralized communications system, we propose an enrollment-time certificate authority model that provides asserted identity and strong P2P and user-level security. In this model, a centralized server is contacted only at enrollment time. No run-time connections to the servers are required.;Additionally, we show that traditional P2P message routing mechanisms are inappropriate for P2PSIP. The existing mechanisms are generally optimized for file sharing and neglect critical practical elements of the open Internet --- namely link-level security and asymmetric connectivity caused by Network Address Translators (NATs). In response to these shortcomings, we introduce a new message routing paradigm, Adaptive Routing (AR), and using both analytical models and simulation show that AR significantly improves message routing performance for P2PSIP systems.;Our work has led to the creation of a new research topic within the P2P and interpersonal communications communities, P2PSIP. Our seminal publications have provided the impetus for subsequent P2PSIP publications, for the listing of P2PSIP as a topic in conference calls for papers, and for the formation of a new working group in the Internet Engineering Task Force (IETF), directed to develop an open Internet standard for P2PSIP