Non-blind watermarking of network flows

Linking network flows is an important problem in intrusion detection as well as anonymity. Passive traffic analysis can link flows but requires long periods of observation to reduce errors. Active traffic analysis, also known as flow watermarking, allows for better precision and is more scalable. Previous flow watermarks introduce significant delays to the traffic flow as a side effect of using a blind detection scheme; this enables attacks that detect and remove the watermark, while at the same time slowing down legitimate traffic. We propose the first non-blind approach for flow watermarking, called RAINBOW, that improves watermark invisibility by inserting delays hundreds of times smaller than previous blind watermarks, hence reduces the watermark interference on network flows. We derive and analyze the optimum detectors for RAINBOW as well as the passive traffic analysis under different traffic models by using hypothesis testing. Comparing the detection performance of RAINBOW and the passive approach we observe that both RAINBOW and passive traffic analysis perform similarly good in the case of uncorrelated traffic, however, the RAINBOW detector drastically outperforms the optimum passive detector in the case of correlated network flows. This justifies the use of non-blind watermarks over passive traffic analysis even though both approaches have similar scalability constraints. We confirm our analysis by simulating the detectors and testing them against large traces of real network flows

Complex Attack Analysis and Safeguard Selection: a Cost-Oriented Approach

When intelligent threats attack a system, they rarely achieve their goals by exploiting a single vulnerability. Rather, they achieve their goals by composing attacks and by exploiting structural security flaws of the target system. Attack graphs have been the de facto tool for discovering possible complex attacks. This thesis proposes a cost-effective safeguard selection strategy, which first identifies a complex attack set that covers all the complex attacks through the use of attack graphs and later selects a minimal set of countermeasures through the formulation and resolution of an integer linear programming problem. Multiple goals in conjunction or disjunction relation can be analyzed. We have built a working prototype system that implements this strategy and that helps maximizing the return-on-investment by identifying critical stepping-stone hosts and by suggesting the most cost-effective set of countermeasures. The mechanism of this approach is independent of the modeling abstraction level. We have considered both an example model that goes into the details of elementary attacks and an example model that targets worst-case analysis

Modelling the costs and benefits of Honeynets

For many IT-security measures exact costs and benefits are not known. This makes it difficult to allocate resources optimally to different security measures. We present a model for costs and benefits of so called Honeynets. This can foster informed reasoning about the deployment of honeynet technology.Comment: was presented at the "Third Annual Workshop on Economics and Information Security" 2004 (WEIS04

Exploratory study to explore the role of ICT in the process of knowledge management in an Indian business environment

In the 21st century and the emergence of a digital economy, knowledge and the knowledge base economy are rapidly growing. To effectively be able to understand the processes involved in the creating, managing and sharing of knowledge management in the business environment is critical to the success of an organization. This study builds on the previous research of the authors on the enablers of knowledge management by identifying the relationship between the enablers of knowledge management and the role played by information communication technologies (ICT) and ICT infrastructure in a business setting. This paper provides the findings of a survey collected from the four major Indian cities (Chennai, Coimbatore, Madurai and Villupuram) regarding their views and opinions about the enablers of knowledge management in business setting. A total of 80 organizations participated in the study with 100 participants in each city. The results show that ICT and ICT infrastructure can play a critical role in the creating, managing and sharing of knowledge in an Indian business environment

A Multi-Agent Systems Approach for Analysis of Stepping Stone Attacks

Stepping stone attacks are one of the most sophisticated cyber-attacks, in which attackers make a chain of compromised hosts to reach a victim target. In this Dissertation, an analytic model with Multi-Agent systems approach has been proposed to analyze the propagation of stepping stones attacks in dynamic vulnerability graphs. Because the vulnerability configuration in a network is inherently dynamic, in this Dissertation a biased min-consensus technique for dynamic graphs with fixed and switching topology is proposed as a distributed technique to calculate the most vulnerable path for stepping stones attacks in dynamic vulnerability graphs. We use min-plus algebra to analyze and provide necessary and sufficient convergence conditions to the shortest path in the fixed topology case. A necessary condition for the switching topology case is provided. Most cyber-attacks involve an attacker launching a multi-stage attack by exploiting a sequence of hosts. This multi-stage attack generates a chain of ``stepping stones” from the origin to target. The choice of stepping stones is a function of the degree of exploitability, the impact, attacker’s capability, masking origin location, and intent. In this Dissertation, we model and analyze scenarios wherein an attacker employs multiple strategies to choose stepping stones. The problem is modeled as an Adjacency Quadratic Shortest Path using dynamic vulnerability graphs with multi-agent dynamic system approach. With this approach, the shortest stepping stone path with maximum node degree and the shortest stepping stone path with maximum impact are modeled and analyzed. Because embedded controllers are omnipresent in networks, in this Dissertation as a Risk Mitigation Strategy, a cyber-attack tolerant control strategy for embedded controllers is proposed. A dual redundant control architecture that combines two identical controllers that are switched periodically between active and restart modes is proposed. The strategy is addressed to mitigate the impact due to the corruption of the controller software by an adversary. We analyze the impact of the resetting and restarting the controller software and performance of the switching process. The minimum requirements in the control design, for effective mitigation of cyber-attacks to the control software that implies a “fast” switching period is provided. The simulation results demonstrate the effectiveness of the proposed strategy when the time to fully reset and restart the controller is faster than the time taken by an adversary to compromise the controller. The results also provide insights into the stability and safety regions and the factors that determine the effectiveness of the proposed strategy

A Guidance Template for Attack Sequence Specification in Cyber Attack Simulation

Over the past decade the cost and frequency of cybercrime has skyrocketed and is still increasing year over year. Major targets of cyber attacks are financial organizations, energy and utility companies, governmental agencies, and technology companies. However, almost all businesses are at risk. The increasing threat and cost of cyber crime is caused by many factors, including: the increasing reliance on cyber networks, constantly evolving exploitation and cyber attack methods, and insufficient development of defensive mechanisms to predict and prevent cyber attackers. Promising research in the proactive defense against cyber attacks exists in the field of cyber situational awareness (Cyber SA), but is limited partially due to the limited availability of cyber attack data from desirable attack scenarios. This work improves upon previous development of a cyber attack simulator capable of modeling complex cyber attacks consisting of computer networks, their defenses, and cyber attacker behavior. The main contribution of this work is the introduction of a new model called the Attack Guidance Template (AGT), responsible for the definition of simulated cyber attack sequences and for guiding the attacker to the goal of the attack sequence. The AGT allows the user to define desired cyber attack sequences with flexibility and ranging levels of specificity. This work also introduces an attack sequence analyzer to aid the user in understanding the likelihood of the model attack sequences being accomplished successfully with different attackers across various networks. To ensure the validity of these developments, both the analyzer and the AGT are verified and compared to the previous cyber attack guidance template