Choosing IT Platforms In The Age Of Stuxnet

This paper addresses the question of choosing/investing in IT (hardware/software) platforms that avoid quick obsolescence and the underlying dilemmas of choosing proprietary software versus open source software, and opting for managed services such as public cloud computing versus in-house hardware/communication infrastructures.  These dilemmas in strategic information systems planning have become more significant in light of the recent revelations of security backdoors in commercial software, encryption backdoors in communication software, and governmental access to private data on managed services for national security reasons.  This paper considers enterprise-wide challenges and strategies for adopting open source software/hardware in response to these security concerns

Analysis domain model for shared virtual environments

The field of shared virtual environments, which also encompasses online games and social 3D environments, has a system landscape consisting of multiple solutions that share great functional overlap. However, there is little system interoperability between the different solutions. A shared virtual environment has an associated problem domain that is highly complex raising difficult challenges to the development process, starting with the architectural design of the underlying system. This paper has two main contributions. The first contribution is a broad domain analysis of shared virtual environments, which enables developers to have a better understanding of the whole rather than the part(s). The second contribution is a reference domain model for discussing and describing solutions - the Analysis Domain Model

Three Decades of Deception Techniques in Active Cyber Defense -- Retrospect and Outlook

Deception techniques have been widely seen as a game changer in cyber defense. In this paper, we review representative techniques in honeypots, honeytokens, and moving target defense, spanning from the late 1980s to the year 2021. Techniques from these three domains complement with each other and may be leveraged to build a holistic deception based defense. However, to the best of our knowledge, there has not been a work that provides a systematic retrospect of these three domains all together and investigates their integrated usage for orchestrated deceptions. Our paper aims to fill this gap. By utilizing a tailored cyber kill chain model which can reflect the current threat landscape and a four-layer deception stack, a two-dimensional taxonomy is developed, based on which the deception techniques are classified. The taxonomy literally answers which phases of a cyber attack campaign the techniques can disrupt and which layers of the deception stack they belong to. Cyber defenders may use the taxonomy as a reference to design an organized and comprehensive deception plan, or to prioritize deception efforts for a budget conscious solution. We also discuss two important points for achieving active and resilient cyber defense, namely deception in depth and deception lifecycle, where several notable proposals are illustrated. Finally, some outlooks on future research directions are presented, including dynamic integration of different deception techniques, quantified deception effects and deception operation cost, hardware-supported deception techniques, as well as techniques developed based on better understanding of the human element.Comment: 19 page

Interoperability middleware for IIoT gateways based on international standard ontologies and standardized digital representation

Recent advances in the areas of microelectronics, information technology, and communication protocols have made the development of smaller devices with greater processing capacity and lower energy consumption. This context contributed to the growing number of physical devices in industrial environments which are interconnected and communicate via the internet, enabling concepts such as Industry 4.0 and the Industrial Internet of Things (IIoT). These nodes have different sensors and actuators that monitor and control environment data. Several companies develop these devices, including diverse communication protocols, data structures, and IoT platforms, which leads to interoperability issues. In IoT scenarios, interoperability is the ability of two systems to communicate and share services. Therefore, communication problems can make it unfeasible to use heterogeneous devices, increasing the project’s financial cost and development time. In an industry, interoperability is related to different aspects, such as physical communication, divergent device communication protocols, and syntactical problems, referring to the distinct data structure. Developing a new standard for solving these matters may bring interoperability-related drawbacks rather than effectively solving these issues. Therefore, to mitigate interoperability problems in industrial applications, this work proposes the development of an interoperability middleware for Edge-enabled IIoT gateways based on international standards. The middleware is responsible for translating communication protocols, updating data from simulations or physical nodes to the assets’ digital representations, and storing data locally or remotely. The middleware adopts the IEEE industrial standard ontologies combined with assets’ standardized digital models. As a case study, a simulation replicates the production of a nutrient solution for agriculture, controlled by IIoT nodes. The use case consists of three devices, each equipped with at least five sensors or actuators, communicating in different communication protocols and exchanging data using diverse structures. The performance of the proposed middleware and its proposed translations algorithms were evaluated, obtaining satisfactory results for mitigating interoperable in industrial applications.Devido a recentes avanços nas áreas de microeletrônica, tecnologia da informação, e protocolos de comunicação tornaram possível o desenvolvimento de dispositivos cada vez menores com maior capacidade de processamento e menor consumo energético. Esse contexto contribuiu para o crescente nú- mero desses dispositivos na industria que estão interligados via internet, viabilizando conceitos como Indústria 4.0 e Internet das Coisas Industrial (IIoT). Esses nós possuem diferentes sensores e atuadores que monitoram e controlam os dados do ambiente. Esses equipamentos são desenvolvidos por diferentes empresas, incluindo protocolos de comunicação, estruturas de dados e plataformas de IoT distintos, acarretando em problemas de interoperabilidade. Em cenários de IoT, interoperabilidade, é a capacidade de sistemas se comunicarem e compartilharem serviços. Portanto, esses problemas podem inviabilizar o uso de dispositivos heterogêneos, aumentando o custo financeiro do projeto e seu tempo de desenvolvimento. Na indústria, interoperabilidade se divide em diferentes aspectos, como comunicação e problemas sintáticos, referentes à estrutura de dados distinta. O desenvolvimento de um padrão industrial pode trazer mais desvantagens relacionadas à interoperabilidade, em vez de resolver esses problemas. Portanto, para mitigar problemas relacionados a intoperabilidade industrial, este trabalho propõe o desenvolvimento de um middleware de interoperável para gateways IIoT baseado em padrões internacionais e ontologias. O middleware é responsável por traduzir diferentes protocolos de comunicação, atualizar os dados dos ativos industriais por meio de suas representações digitais, esses armazenados localmente ou remotamente. O middleware adota os padrões ontológicos industriais da IEEE combinadas com modelos digitais padronizados de ativos industriais. Como estudo de caso, são realizadas simulações para a produção de uma solução nutritiva para agricultura, controlada por nós IIoT. O processo utiliza três dispositivos, cada um equipado com pelo menos cinco sensores ou atuadores, por meio de diferentes protocolos de comunicação e estruturas de dados. O desempenho do middleware proposto e seus algoritmos de tradução foram avaliados e apresentados no final do trabalho, os quais resultados foram satisfatórios para mitigar a interoperabilidade em aplicações industriais

Packet filter performance monitor (anti-DDOS algorithm for hybrid topologies)

DDoS attacks are increasingly becoming a major problem. According to Arbor Networks, the largest DDoS attack reported by a respondent in 2015 was 500 Gbps. Hacker News stated that the largest DDoS attack as of March 2016 was over 600 Gbps, and the attack targeted the entire BBC website. With this increasing frequency and threat, and the average DDoS attack duration at about 16 hours, we know for certain that DDoS attacks will not be going away anytime soon. Commercial companies are not effectively providing mitigation techniques against these attacks, considering that major corporations face the same challenges. Current security appliances are not strong enough to handle the overwhelming traffic that accompanies current DDoS attacks. There is also a limited research on solutions to mitigate DDoS attacks. Therefore, there is a need for a means of mitigating DDoS attacks in order to minimize downtime. One possible solution is for organizations to implement their own architectures that are meant to mitigate DDoS attacks. In this dissertation, we present and implement an architecture that utilizes an activity monitor to change the states of firewalls based on their performance in a hybrid network. Both firewalls are connected inline. The monitor is mirrored to monitor the firewall states. The monitor reroutes traffic when one of the firewalls become overwhelmed due to a HTTP DDoS flooding attack. The monitor connects to the API of both firewalls. The communication between the rewalls and monitor is encrypted using AES, based on PyCrypto Python implementation. This dissertation is structured in three parts. The first found the weakness of the hardware firewall and determined its threshold based on spike and endurance tests. This was achieved by flooding the hardware firewall with HTTP packets until the firewall became overwhelmed and unresponsive. The second part implements the same test as the first, but targeted towards the virtual firewall. The same parameters, test factors, and determinants were used; however a different load tester was utilized. The final part was the implementation and design of the firewall performance monitor. The main goal of the dissertation is to minimize downtime when network firewalls are overwhelmed as a result of a DDoS attack

Beyond SELinux: the Case for Behavior-Based Policy and Trust Languages

Despite the availability of powerful mechanisms for security policy and access control, real-world information security practitioners---both developers and security officers---still find themselves in need of something more. We believe that this is the case because available policy languages do not provide clear and intelligible ways to allow developers to communicate their knowledge and expectations of trustworthy behaviors and actual application requirements to IT administrators. We work to address this policy engineering gap by shifting the focus of policy language design to this communication via behavior-based policies and their motivating scenarios

Architectural Vulnerabilities in Plug-and-Play Systems

Plug-and-play architectures enhance systems’ extensibility by providing a framework that enables additional functionalities to be added or removed from the system at their runtime. Such frameworks are often implemented through a set of well-defined interfaces that form the extension points for the pluggable functionalities. However, the plug-ins can increase the applications attack surface or introduce untrusted behavior into the system. Designing a secure plug-and-play architecture is critical and non-trivial as the features provided by plug-ins are not known in advance. In this paper, we conduct an in-depth study of seven systems with plug-and-play architectures. In total, we have analyzed 3,183 vulnerabilities from Chromium, Thunderbird, Firefox, Pidgin, WordPress, Apache OfBiz, and OpenMRS whose core architecture is based on a plug-and-play approach. We have also identified the common security vulnerabilities related to the plug-and-play architectures, and mechanisms to mitigate them by following a grounded theory approach. We found a total of 303 vulnerabilities that are rooted in extensibility design decisions. We also observed that these plugin-related vulnerabilities were caused by 15 different types of problems. We present these 15 types of security issues observed in the case studies and the design mechanisms that could prevent such vulnerabilities. Finally, as a result of this study, we have used formal modeling in order to guide developers of plug and play systems in verifying that their architectures are free of many of these types of security issues