On the Use of Secret Sharing as a Secure Multi-use Pad

Secret sharing (SS) is a cryptographic method proposed independently by Adi Shamir and George Blakley in 1979 to encode the keys of public-key cryptography by splitting them into maximally entropic shares that are distributed to participants, only revealing the secret when combined. Each new sharing instance, even of the same key, produces a different set of shares to distribute anew. This paper investigates SS as an independent cipher to secure confidential messages between a limited set of trusted participants by eliminating the need to redistribute shares. A participant's master share is permanently fixed and unlimited temporary shares are created and combined with it to reveal new messages. Security is argued against specific and general attacks

Image steganography applications for secure communication

To securely communicate information between parties or locations is not an easy task considering the possible attacks or unintentional changes that can occur during communication. Encryption is often used to protect secret information from unauthorised access. Encryption, however, is not inconspicuous and the observable exchange of encrypted information between two parties can provide a potential attacker with information on the sender and receiver(s). The presence of encrypted information can also entice a potential attacker to launch an attack on the secure communication. This dissertation investigates and discusses the use of image steganography, a technology for hiding information in other information, to facilitate secure communication. Secure communication is divided into three categories: self-communication, one-to-one communication and one-to-many communication, depending on the number of receivers. In this dissertation, applications that make use of image steganography are implemented for each of the secure communication categories. For self-communication, image steganography is used to hide one-time passwords (OTPs) in images that are stored on a mobile device. For one-to-one communication, a decryptor program that forms part of an encryption protocol is embedded in an image using image steganography and for one-to-many communication, a secret message is divided into pieces and different pieces are embedded in different images. The image steganography applications for each of the secure communication categories are discussed along with the advantages and disadvantages that the applications have over more conventional secure communication technologies. An additional image steganography application is proposed that determines whether information is modified during communication. CopyrightDissertation (MSc)--University of Pretoria, 2012.Computer Scienceunrestricte

Data Exfiltration:A Review of External Attack Vectors and Countermeasures

AbstractContext One of the main targets of cyber-attacks is data exfiltration, which is the leakage of sensitive or private data to an unauthorized entity. Data exfiltration can be perpetrated by an outsider or an insider of an organization. Given the increasing number of data exfiltration incidents, a large number of data exfiltration countermeasures have been developed. These countermeasures aim to detect, prevent, or investigate exfiltration of sensitive or private data. With the growing interest in data exfiltration, it is important to review data exfiltration attack vectors and countermeasures to support future research in this field. Objective This paper is aimed at identifying and critically analysing data exfiltration attack vectors and countermeasures for reporting the status of the art and determining gaps for future research. Method We have followed a structured process for selecting 108 papers from seven publication databases. Thematic analysis method has been applied to analyse the extracted data from the reviewed papers. Results We have developed a classification of (1) data exfiltration attack vectors used by external attackers and (2) the countermeasures in the face of external attacks. We have mapped the countermeasures to attack vectors. Furthermore, we have explored the applicability of various countermeasures for different states of data (i.e., in use, in transit, or at rest). Conclusion This review has revealed that (a) most of the state of the art is focussed on preventive and detective countermeasures and significant research is required on developing investigative countermeasures that are equally important; (b) Several data exfiltration countermeasures are not able to respond in real-time, which specifies that research efforts need to be invested to enable them to respond in real-time (c) A number of data exfiltration countermeasures do not take privacy and ethical concerns into consideration, which may become an obstacle in their full adoption (d) Existing research is primarily focussed on protecting data in ‘in use’ state, therefore, future research needs to be directed towards securing data in ‘in rest’ and ‘in transit’ states (e) There is no standard or framework for evaluation of data exfiltration countermeasures. We assert the need for developing such an evaluation framework

Information leakage and steganography: detecting and blocking covert channels

This PhD Thesis explores the threat of information theft perpetrated by malicious insiders. As opposite to outsiders, insiders have access to information assets belonging the organization, know the organization infrastructure and more importantly, know the value of the different assets the organization holds. The risk created by malicious insiders have led both the research community and commercial providers to spend efforts on creating mechanisms and solutions to reduce it. However, the lack of certain controls by current proposals may led security administrators to a false sense of security that could actually ease information theft attempts. As a first step of this dissertation, a study of current state of the art proposals regarding information leakage protections has been performed. This study has allowed to identify the main weaknesses of current proposals which are mainly the usage of steganographic algorithms, the lack of control of modern mobile devices and the lack of control of the action the insiders perform inside the different trusted applications they commonly use. Each of these drawbacks have been explored during this dissertation. Regarding the usage of steganographic algorithms, two different steganographic systems have been proposed. First, a steganographic algorithm that transforms source code into innocuous text has been presented. This system uses free context grammars and to parse the source code to be hidden and produce an innocuous text. This system could be used to extract valuable source code from software development environments, where security restrictions are usually softened. Second, a steganographic application for iOS devices has also been presented. This application, called “Hide It In” allows to embed images into other innocuous images and send those images through the device email account. This application includes a cover mode that allows to take pictures without showing that fact in the device screen. The usage of these kinds of applications is suitable in most of the environments which handle sensitive information, as most of them do not incorporate mechanisms to control the usage of advanced mobile devices. The application, which is already available at the Apple App Store, has been downloaded more than 5.000 times. In order to protect organizations against the malicious usage of steganography, several techniques can be implemented. In this thesis two different approaches are presented. First, steganographic detectors could be deployed along the organization to detect possible transmissions of stego-objects outside the organization perimeter. In this regard, a proposal to detect hidden information inside executable files has been presented. The proposed detector, which measures the assembler instruction selection made by compilers, is able to correctly identify stego-objects created through the tool Hydan. Second, steganographic sanitizers could be deployed over the organization infrastructure to reduce the capacity of covert channels that can transmit information outside the organization. In this regard, a framework to avoid the usage of steganography over the HTTP protocol has been proposed. The presented framework, diassembles HTTP messages, overwrites the possible carriers of hidden information with random noise and assembles the HTTP message again. Obtained results show that it is possible to highly reduce the capacity of covert channels created through HTTP. However, the system introduces a considerable delay in communications. Besides steganography, this thesis has also addressed the usage of trusted applications to extract information from organizations. Although applications execution inside an organization can be restricted, trusted applications used to perform daily tasks are generally executed without any restrictions. However, the complexity of such applications can be used by an insider to transform information in such a way that deployed information protection solutions are not able to detect the transformed information as sensitive. In this thesis, a method to encrypt sensitive information using trusted applications is presented. Once the information has been encrypted it is possible to extract it outside the organization without raising any alarm in the deployed security systems. This technique has been successfully evaluated against a state of the art commercial data leakage protection solution. Besides the presented evasion technique, several improvements to enhance the security of current DLP solutions are presented. These are specifically focused in avoiding information leakage through the usage of trusted applications. The contributions of this dissertation have shown that current information leakage protection mechanisms do not fully address all the possible attacks that a malicious insider can commit to steal sensitive information. However, it has been shown that it is possible to implement mechanisms to avoid the extraction of sensitive information by malicious insiders. Obviously, avoiding such attacks does not mean that all possible threats created by malicious insiders are addressed. It is necessary then, to continue studying the threats that malicious insiders pose to the confidentiality of information assets and the possible mechanisms to mitigate them. ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------Esta tesis doctoral explora la amenaza creada por los empleados maliciosos en lo referente a la confidencialidad de la información sensible (o privilegiada) en posesión de una organización. Al contrario que los atacantes externos a la organización, los atacantes internos poseen de acceso a los activos de información pertenecientes a la organización, conocen la infraestructura de la misma y lo más importante, conocen el valor de los mismos. El riesgo creado por los empleados maliciosos (o en general atacantes internos) ha llevado tanto a la comunidad investigadora como a los proveedores comerciales de seguridad de la información a la creación de mecanismos y soluciones para reducir estas amenazas. Sin embargo, la falta de controles por parte de ciertas propuestas actuales pueden inducir una falsa sensación de seguridad en los administradores de seguridad de las organizaciones, facilitando los posibles intentos de robo de información. Para la realización de esta tesis doctoral, en primer lugar se ha realizado un estudio de las propuestas actuales con respecto a la protección de fugas de información. Este estudio ha permitido identificar las principales debilidades de las mismas, que son principalmente la falta de control sobre el uso de algoritmos esteganográficos, la falta de control de sobre dispositivos móviles avanzados y la falta de control sobre las acciones que realizan los empleados en el interior de las organizaciones. Cada uno de los problemas identificados ha sido explorado durante la realización de esta tesis doctoral. En lo que respecta al uso de algoritmos esteganográficos, esta tesis incluye la propuesta de dos sistemas de ocultación de información. En primer lugar, se presenta un algoritmo esteganográfico que transforma código fuente en texto inocuo. Este sistema utiliza gramáticas libres de contexto para transformar el código fuente a ocultar en un texto inocuo. Este sistema podría ser utilizado para extraer código fuente valioso de entornos donde se realiza desarrollo de software (donde las restricciones de seguridad suelen ser menores). En segundo lugar, se propone una aplicación esteganográfica para dispositivos móviles (concretamente iOS). Esta aplicación, llamada “Hide It In” permite incrustar imágenes en otras inocuas y enviar el estegoobjeto resultante a través de la cuenta de correo electrónico del dispositivo. Esta aplicación incluye un modo encubierto, que permite tomar imágenes mostrando en el propio dispositivo elementos del interfaz diferentes a los de a cámara, lo que permite tomar fotografías de forma inadvertida. Este tipo de aplicaciones podrían ser utilizadas por empleados malicios en la mayoría de los entornos que manejan información sensible, ya que estos no suelen incorporar mecanismos para controlar el uso de dispositivos móviles avanzados. La aplicación, que ya está disponible en la App Store de Apple, ha sido descargada más de 5.000 veces. Otro objetivo de la tesis ha sido prevenir el uso malintencionado de técnicas esteganográficas. A este respecto, esta tesis presenta dos enfoques diferentes. En primer lugar, se pueden desplegar diferentes detectores esteganográficos a lo largo de la organización. De esta forma, se podrían detectar las posibles transmisiones de estego-objetos fuera del ámbito de la misma. En este sentido, esta tesis presenta un algoritmo de estegoanálisis para la detección de información oculta en archivos ejecutables. El detector propuesto, que mide la selección de instrucciones realizada por los compiladores, es capaz de identificar correctamente estego-objetos creados a través de la herramienta de Hydan. En segundo lugar, los “sanitizadores” esteganográficos podrían ser desplegados a lo largo de la infraestructura de la organización para reducir la capacidad de los posibles canales encubiertos que pueden ser utilizados para transmitir información sensible de forma descontrolada.. En este sentido, se ha propuesto un marco para evitar el uso de la esteganografía a través del protocolo HTTP. El marco presentado, descompone los mensajes HTTP, sobrescribe los posibles portadores de información oculta mediante la inclusión de ruido aleatorio y reconstruye los mensajes HTTP de nuevo. Los resultados obtenidos muestran que es posible reducir drásticamente la capacidad de los canales encubiertos creados a través de HTTP. Sin embargo, el sistema introduce un retraso considerable en las comunicaciones. Además de la esteganografía, esta tesis ha abordado también el uso de aplicaciones de confianza para extraer información sensible de las organizaciones. Aunque la ejecución de aplicaciones dentro de una organización puede ser restringida, las aplicaciones de confianza, que se utilizan generalmente para realizar tareas cotidianas dentro de la organización, se ejecutan normalmente sin ninguna restricción. Sin embargo, la complejidad de estas aplicaciones puede ser utilizada para transformar la información de tal manera que las soluciones de protección ante fugas de información desplegadas no sean capaces de detectar la información transformada como sensibles. En esta tesis, se presenta un método para cifrar información sensible mediante el uso de aplicaciones de confianza. Una vez que la información ha sido cifrada, es posible extraerla de la organización sin generar alarmas en los sistemas de seguridad implementados. Esta técnica ha sido evaluada con éxito contra de una solución comercial para la prevención de fugas de información. Además de esta técnica de evasión, se han presentado varias mejoras en lo que respecta a la seguridad de las actuales soluciones DLP. Estas, se centran específicamente en evitar la fuga de información a través del uso de aplicaciones de confianza. Las contribuciones de esta tesis han demostrado que los actuales mecanismos para la protección ante fugas de información no responden plenamente a todos los posibles ataques que puedan ejecutar empleados maliciosos. Sin embargo, también se ha demostrado que es posible implementar mecanismos para evitar la extracción de información sensible mediante los mencionados ataques. Obviamente, esto no significa que todas las posibles amenazas creadas por empleados maliciosos hayan sido abordadas. Es necesario por lo tanto, continuar el estudio de las amenazas en lo que respecta a la confidencialidad de los activos de información y los posibles mecanismos para mitigar las mismas

Data Hiding and Its Applications

Data hiding techniques have been widely used to provide copyright protection, data integrity, covert communication, non-repudiation, and authentication, among other applications. In the context of the increased dissemination and distribution of multimedia content over the internet, data hiding methods, such as digital watermarking and steganography, are becoming increasingly relevant in providing multimedia security. The goal of this book is to focus on the improvement of data hiding algorithms and their different applications (both traditional and emerging), bringing together researchers and practitioners from different research fields, including data hiding, signal processing, cryptography, and information theory, among others

Big Data Security (Volume 3)

After a short description of the key concepts of big data the book explores on the secrecy and security threats posed especially by cloud based data storage. It delivers conceptual frameworks and models along with case studies of recent technology

Free vibration of symmetric angly-plane layered truncated conical shells under classical theory

Truncated conical shell finds wide ranging of engineering applications. They are used in space crafts, robots, shelters, domes, tanks, nozzles and in machinery devices. Thus, the study of their vibrational characteristics has long been of interest for the designers. The use of the lamination for the structures leads to design with the maximum reliability and minimum weight. Moreover, the study of free vibration of laminated conical shells has been treated by a number of researchers. Irie et al. (1982) studied free vibration of conical shells with variable thickness using Rayleigh-Ritz method of solution. Wu and Wu (2000) provided 3D elasticity solutions for the free vibration analysis of laminated conical shells by an asymptotic approach. Wu and Lee (2001) studied the natural frequencies of laminated conical shells with variable stiffness using the differential quadrature method under first-order shear deformation theory (FSDT). Tripathi et al. (2007) studied the free vibration of composite conical shells with random material properties of the finite element method. Civalek (2007) used the Discrete Singular Convolution (DSC) to investigate the frequency response of orthotropic conical and cylindrical shells. Sofiyez et al. (2009) studied the vibrations of orthotropic non-homogeneous conical shells with free boundary conditions. Ghasemi et al. (2012) presented their study of free vibration of composite conical shells which was investigated under various boundary conditions using the solution of beam function and Galerkin method. Viswanathan et al. (2007, 2011) studied free vibration of laminated cross-ply plates, including shear deformation, symmetric angle-ply laminated cylindrical shells of variable thickness with shear deformation theory using the spline collocation method. In the present work, free vibration of symmetric angle-ply laminated truncated conical shells is analyzed and displacement functions are approximated using cubic and quantic spline and collocation procedure is applied to obtain a set of field equations. The field equations along with the equations of boundary conditions yield a system of homogeneous simultaneous algebraic equations on the assumed spline coefficients which resulting to the generalized eigenvalue problem. This eigenvalue problem is solved using eigensolution technique to get as many eigenfrequencies as required. The effect of circumferential mode number, length ratio, cone angle, ply angles and number of layers under two boundary conditions on the frequency parameter is studied for three- and five- layered conical shells consisting of two types of layered materials

Introductory Computer Forensics

INTERPOL (International Police) built cybercrime programs to keep up with emerging cyber threats, and aims to coordinate and assist international operations for ?ghting crimes involving computers. Although signi?cant international efforts are being made in dealing with cybercrime and cyber-terrorism, ?nding effective, cooperative, and collaborative ways to deal with complicated cases that span multiple jurisdictions has proven dif?cult in practic