104 research outputs found
Data Exfiltration:A Review of External Attack Vectors and Countermeasures
AbstractContext One of the main targets of cyber-attacks is data exfiltration, which is the leakage of sensitive or private data to an unauthorized entity. Data exfiltration can be perpetrated by an outsider or an insider of an organization. Given the increasing number of data exfiltration incidents, a large number of data exfiltration countermeasures have been developed. These countermeasures aim to detect, prevent, or investigate exfiltration of sensitive or private data. With the growing interest in data exfiltration, it is important to review data exfiltration attack vectors and countermeasures to support future research in this field. Objective This paper is aimed at identifying and critically analysing data exfiltration attack vectors and countermeasures for reporting the status of the art and determining gaps for future research. Method We have followed a structured process for selecting 108 papers from seven publication databases. Thematic analysis method has been applied to analyse the extracted data from the reviewed papers. Results We have developed a classification of (1) data exfiltration attack vectors used by external attackers and (2) the countermeasures in the face of external attacks. We have mapped the countermeasures to attack vectors. Furthermore, we have explored the applicability of various countermeasures for different states of data (i.e., in use, in transit, or at rest). Conclusion This review has revealed that (a) most of the state of the art is focussed on preventive and detective countermeasures and significant research is required on developing investigative countermeasures that are equally important; (b) Several data exfiltration countermeasures are not able to respond in real-time, which specifies that research efforts need to be invested to enable them to respond in real-time (c) A number of data exfiltration countermeasures do not take privacy and ethical concerns into consideration, which may become an obstacle in their full adoption (d) Existing research is primarily focussed on protecting data in ‘in use’ state, therefore, future research needs to be directed towards securing data in ‘in rest’ and ‘in transit’ states (e) There is no standard or framework for evaluation of data exfiltration countermeasures. We assert the need for developing such an evaluation framework
Plugging in trust and privacy : three systems to improve widely used ecosystems
The era of touch-enabled mobile devices has fundamentally changed our communication habits. Their high usability and unlimited data plans provide the means to communicate any place, any time and lead people to publish more and more (sensitive) information. Moreover, the success of mobile devices also led to the introduction of new functionality that crucially relies on sensitive data (e.g., location-based services). With our today’s mobile devices, the Internet has become the prime source for information (e.g., news) and people need to rely on the correctness of information provided on the Internet. However, most of the involved systems are neither prepared to provide robust privacy guarantees for the users, nor do they provide users with the means to verify and trust in delivered content.
This dissertation introduces three novel trust and privacy mechanisms that overcome the current situation by improving widely used ecosystems. With WebTrust we introduce a robust authenticity and integrity framework that provides users with the means to verify both the correctness and authorship of data transmitted via HTTP. X-pire! and X-pire 2.0 offer a digital expiration date for images in social networks to enforce post-publication privacy. AppGuard enables the enforcement of fine-grained privacy policies on third-party applications in Android to protect the users privacy.Heutige Mobilgeräte mit Touchscreen haben unsere Kommunikationsgewohnheiten grundlegend geändert. Ihre intuitive Benutzbarkeit gepaart mit unbegrenztem Internetzugang erlaubt es uns jederzeit und überall zu kommunizieren und führt dazu, dass immer mehr (vertrauliche) Informationen publiziert werden. Des Weiteren hat der Erfolg mobiler Geräte zur Einführung neuer Dienste die auf vertraulichen Daten aufbauen (z.B. positionsabhängige Dienste) beigetragen. Mit den aktuellen Mobilgeräten wurde zudem das Internet die wichtigste Informationsquelle (z.B. für Nachrichten) und die Nutzer müssen sich auf die Korrektheit der von dort bezogenen Daten verlassen. Allerdings bieten die involvierten Systeme weder robuste Datenschutzgarantien, noch die Möglichkeit die Korrektheit bezogener Daten zu verifizieren.
Diese Dissertation führt drei neue Mechanismen für das Vertrauen und den Datenschutz ein, die die aktuelle Situation in weit verbreiteten Systemen verbessern. WebTrust, ein robustes Authentizitäts- und Integritätssystem ermöglicht es den Nutzern sowohl die Korrektheit als auch die Autorenschaft von über HTTP übertragenen Daten zu verifizieren. X-pire! und X-pire 2.0 bieten ein digitales Ablaufdatum für Bilder in sozialen Netzwerken um Daten auch nach der Publikation noch vor Zugriff durch Dritte zu schützen. AppGuard ermöglicht das Durchsetzen von feingranularen Datenschutzrichtlinien für Drittanbieteranwendungen in Android um einen angemessen Schutz der Nutzerdaten zu gewährleisten
Plugging in trust and privacy : three systems to improve widely used ecosystems
The era of touch-enabled mobile devices has fundamentally changed our communication habits. Their high usability and unlimited data plans provide the means to communicate any place, any time and lead people to publish more and more (sensitive) information. Moreover, the success of mobile devices also led to the introduction of new functionality that crucially relies on sensitive data (e.g., location-based services). With our today’s mobile devices, the Internet has become the prime source for information (e.g., news) and people need to rely on the correctness of information provided on the Internet. However, most of the involved systems are neither prepared to provide robust privacy guarantees for the users, nor do they provide users with the means to verify and trust in delivered content.
This dissertation introduces three novel trust and privacy mechanisms that overcome the current situation by improving widely used ecosystems. With WebTrust we introduce a robust authenticity and integrity framework that provides users with the means to verify both the correctness and authorship of data transmitted via HTTP. X-pire! and X-pire 2.0 offer a digital expiration date for images in social networks to enforce post-publication privacy. AppGuard enables the enforcement of fine-grained privacy policies on third-party applications in Android to protect the users privacy.Heutige Mobilgeräte mit Touchscreen haben unsere Kommunikationsgewohnheiten grundlegend geändert. Ihre intuitive Benutzbarkeit gepaart mit unbegrenztem Internetzugang erlaubt es uns jederzeit und überall zu kommunizieren und führt dazu, dass immer mehr (vertrauliche) Informationen publiziert werden. Des Weiteren hat der Erfolg mobiler Geräte zur Einführung neuer Dienste die auf vertraulichen Daten aufbauen (z.B. positionsabhängige Dienste) beigetragen. Mit den aktuellen Mobilgeräten wurde zudem das Internet die wichtigste Informationsquelle (z.B. für Nachrichten) und die Nutzer müssen sich auf die Korrektheit der von dort bezogenen Daten verlassen. Allerdings bieten die involvierten Systeme weder robuste Datenschutzgarantien, noch die Möglichkeit die Korrektheit bezogener Daten zu verifizieren.
Diese Dissertation führt drei neue Mechanismen für das Vertrauen und den Datenschutz ein, die die aktuelle Situation in weit verbreiteten Systemen verbessern. WebTrust, ein robustes Authentizitäts- und Integritätssystem ermöglicht es den Nutzern sowohl die Korrektheit als auch die Autorenschaft von über HTTP übertragenen Daten zu verifizieren. X-pire! und X-pire 2.0 bieten ein digitales Ablaufdatum für Bilder in sozialen Netzwerken um Daten auch nach der Publikation noch vor Zugriff durch Dritte zu schützen. AppGuard ermöglicht das Durchsetzen von feingranularen Datenschutzrichtlinien für Drittanbieteranwendungen in Android um einen angemessen Schutz der Nutzerdaten zu gewährleisten
Securing group communication in dynamic, disadvantaged networks : implementation of an elliptic-curve pairing-based cryptography library
Thesis (M. Eng.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2006.Includes bibliographical references (p. 155-158).This thesis considers the problem of securing communication among dynamic groups of participants without relying on an online group keying service. As a solution, we offer the design and implementation of the Public Key Group Encryption (PKGE) service. It is a cryptography library, written in C, and designed to be shared among all communications applications on any particular system. PKGE imposes low communication overhead and embraces disconnected operation, making it especially appropriate for deployment in low-bandwidth tactical environments. PKGE provides forward-secure confidentiality and authentication among any subset of users using small communication overhead by bringing together a number of modern cryptographic developments, with the piece de resistance being the elliptic curve-based Collusion-Resistant Broadcast Encryption. The focus of this thesis is primarily the engineering and synthesis of known theoretical schemes; we also present novel extensions to the Boneh-Gentry-Waters encryption scheme. 1. Forward secrecy: Add forward secrecy to the scheme at a cost of T private keys for T security epochs. 2. Optimized session protocols: Sidestep the majority of costs in computation and bandwidth. 3. Cheap over-provisioning of system capacity: Support up to 232 users for resource costs proportional only to the number actually registered. 4. Chosen Ciphertext Attack (CCA) Security: Elevate security from CPA to CCA strength. Using PKGE, we have developed a plugin for Gaim2 as a motivating launch application. The plugin both demonstrates the use of PKGE and enables secure conferencing over the range of Gaim-supported protocols, including Jabber, IRC, AIM, and ICQ. PKGE and its Gaim plugin may be run and further developed under MS Windows, Mac OS X, and Linux operating systems.by Rob Figueiredo.M.Eng
Introductory Computer Forensics
INTERPOL (International Police) built cybercrime programs to keep up with emerging cyber threats, and aims to coordinate and assist international operations for ?ghting crimes involving computers. Although signi?cant international efforts are being made in dealing with cybercrime and cyber-terrorism, ?nding effective, cooperative, and collaborative ways to deal with complicated cases that span multiple jurisdictions has proven dif?cult in practic
Securing IoT Applications through Decentralised and Distributed IoT-Blockchain Architectures
The integration of blockchain into IoT can provide reliable control of the IoT network's
ability to distribute computation over a large number of devices. It also allows the AI
system to use trusted data for analysis and forecasts while utilising the available IoT
hardware to coordinate the execution of tasks in parallel, using a fully distributed
approach.
This thesis's  rst contribution is a practical implementation of a real world IoT-
blockchain application,
ood detection use case, is demonstrated using Ethereum proof
of authority (PoA). This includes performance measurements of the transaction con-
 rmation time, the system end-to-end latency, and the average power consumption.
The study showed that blockchain can be integrated into IoT applications, and that
Ethereum PoA can be used within IoT for permissioned implementation. This can be
achieved while the average energy consumption of running the
ood detection system
including the Ethereum Geth client is small (around 0.3J).
The second contribution is a novel IoT-centric consensus protocol called honesty-
based distributed proof of authority (HDPoA) via scalable work. HDPoA was analysed
and then deployed and tested. Performance measurements and evaluation along with
the security analyses of HDPoA were conducted using a total of 30 di erent IoT de-
vices comprising Raspberry Pis, ESP32, and ESP8266 devices. These measurements
included energy consumption, the devices' hash power, and the transaction con rma-
tion time. The measured values of hash per joule (h/J) for mining were 13.8Kh/J,
54Kh/J, and 22.4Kh/J when using the Raspberry Pi, the ESP32 devices, and the
ESP8266 devices, respectively, this achieved while there is limited impact on each de-
vice's power. In HDPoA the transaction con rmation time was reduced to only one
block compared to up to six blocks in bitcoin.
The third contribution is a novel, secure, distributed and decentralised architecture
for supporting the implementation of distributed arti cial intelligence (DAI) using
hardware platforms provided by IoT. A trained DAI system was implemented over the
IoT, where each IoT device hosts one or more neurons within the DAI layers. This
is accomplished through the utilisation of blockchain technology that allows trusted
interaction and information exchange between distributed neurons. Three di erent
datasets were tested and the system achieved a similar accuracy as when testing on a
standalone system; both achieved accuracies of 92%-98%. The system accomplished
that while ensuring an overall latency of as low as two minutes. This showed the secure architecture capabilities of facilitating the implementation of DAI within IoT
while ensuring the accuracy of the system is preserved.
The fourth contribution is a novel and secure architecture that integrates the ad-
vantages o ered by edge computing, arti cial intelligence (AI), IoT end-devices, and
blockchain. This new architecture has the ability to monitor the environment, collect
data, analyse it, process it using an AI-expert engine, provide predictions and action-
able outcomes, and  nally share it on a public blockchain platform. The pandemic
caused by the wide and rapid spread of the novel coronavirus COVID-19 was used as
a use-case implementation to test and evaluate the proposed system. While providing
the AI-engine trusted data, the system achieved an accuracy of 95%,. This is achieved
while the AI-engine only requires a 7% increase in power consumption. This demon-
strate the system's ability to protect the data and support the AI system, and improves
the IoT overall security with limited impact on the IoT devices.
The  fth and  nal contribution is enhancing the security of the HDPoA through
the integration of a hardware secure module (HSM) and a hardware wallet (HW). A
performance evaluation regarding the energy consumption of nodes that are equipped
with HSM and HW and a security analysis were conducted. In addition to enhancing
the nodes' security, the HSM can be used to sign more than 120 bytes/joule and
encrypt up to 100 bytes/joule, while the HW can be used to sign up to 90 bytes/joule
and encrypt up to 80 bytes/joule. The result and analyses demonstrated that the HSM
and HW enhance the security of HDPoA, and also can be utilised within IoT-blockchain
applications while providing much needed security in terms of con dentiality, trust in
devices, and attack deterrence.
The above contributions showed that blockchain can be integrated into IoT systems.
It showed that blockchain can successfully support the integration of other technolo-
gies such as AI, IoT end devices, and edge computing into one system thus allowing
organisations and users to bene t greatly from a resilient, distributed, decentralised,
self-managed, robust, and secure systems
Security in Computer and Information Sciences
This open access book constitutes the thoroughly refereed proceedings of the Second International Symposium on Computer and Information Sciences, EuroCybersec 2021, held in Nice, France, in October 2021. The 9 papers presented together with 1 invited paper were carefully reviewed and selected from 21 submissions. The papers focus on topics of security of distributed interconnected systems, software systems, Internet of Things, health informatics systems, energy systems, digital cities, digital economy, mobile networks, and the underlying physical and network infrastructures. This is an open access book
- …