46 research outputs found
An IPsec Compatible Implementation of DBRA and IP-ABR
Satellites are some of the most difficult links to exploit in a Quality of Service (QoS) sensitive network, largely due to their high latency, variable-bandwidth and low-bandwidth nature. Central management of shared links has been shown to provide efficiency gains and enhanced QoS by effectively allocating resources according to reservations and dynamic resource availability. In a modern network, segregated by secure gateways and tunnels such as provided by IPsec, central management appears impossible to implement due to the barriers created between a global Dynamic Bandwidth Resource Allocation (DBRA) system and the mediators controlling the individual flows. This thesis explores and evaluates various through-IPsec communications techniques aimed at providing a satellite-to-network control channel, while maintaining data security for all communications involved
File integrity checking
This thesis looks at file execution as an attack vector that leads to the execution of unauthorized code. File integrity checking is examined as a means of removing this attack vector, and the design, implementation, and evaluation of a best-of-breed file integrity checker for the Linux operating system is undertaken. We conclude that the resultant file integrity checker does succeed in removing file execution as an attack vector, does so at a computational cost that is negligible, and displays innovative and useful features that are not currently found in any other Linux file integrity checker
Counter-Measures against Stack Buffer Overflows in GNU/Linux Operating Systems
AbstractWe address the particular cyber attack technique known as stack buffer overflow in GNU/Linux operating systems, which are widely used in HPC environments. The buffer overflow problem has been around for quite some time and continues to be an ever present issue. We develop a mechanism to successfully detect and react whenever a stack buffer overflow occurs. Our solution requires no compile-time support and so can be applied to any program, including legacy or closed source software for which the source code is not available. This makes it especially useful in HPC environments where given their complexity and scope of the computing system, incidents like overflows might be difficult to detect and react to accordingly
Linux Kernel Vulnerabilities: State-of-the-Art Defenses and Open Problems
Avoiding kernel vulnerabilities is critical to achieving security of many systems, because the kernel is often part of the trusted computing base. This paper evaluates the current state-of-the-art with respect to kernel protection techniques, by presenting two case studies of Linux kernel vulnerabilities. First, this paper presents data on 141 Linux kernel vulnerabilities discovered from January 2010 to March 2011, and second, this paper examines how well state-of-the-art techniques address these vulnerabilities. The main findings are that techniques often protect against certain exploits of a vulnerability but leave other exploits of the same vulnerability open, and that no effective techniques exist to handle semantic vulnerabilities---violations of high-level security invariants.United States. Defense Advanced Research Projects Agency. Clean-slate design of Resilient, Adaptive, Secure Hosts (Contract #N66001-10-2-4089
ELFbac: Using the Loader Format for Intent-Level Semantics and Fine-Grained Protection
Adversaries get software to do bad things by rewriting memory and changing control flow. Current approaches to protecting against these attacks leave many exposures; for example, OS-level filesystem protection and OS/architecture support of the userspace/kernelspace distinction fail to protect corrupted userspace code from changing userspace data. In this paper we present a new approach: using the ELF/ABI sections already produced by the standard binary toolchain to define, specify, and enforce fine-grained policy within an application\u27s address space. We experimentally show that enforcement of such policies would stop a large body of current attacks and discuss ways we could extend existing architecture to more efficiently provide such enforcement. Our approach is designed to work with existing ELF executables and the GNU build chain, but it can be extended into the compiler toolchains to support code annotations that take advantage of ELFbac enforcement-while maintaining full compatibility with the existing ELF ABI
Networking Subsystem Configuration Interface
CĂlem diplomovĂ© práce je návrh sĂĹĄovĂ© konfiguraÄŤnĂ knihovny s dĹŻrazem kladenĂ˝m na pĹ™enositelnost mezi operaÄŤnĂmi systĂ©my na bázi Linuxu a BSD a rozšiĹ™itelnosti podpory knihovny. V druhĂ© kapitole práce zkoumá dostupnĂ© konfiguraÄŤnĂ rozhranĂ obou operaÄŤnĂch systĂ©mĹŻ. DetailnÄ› pak rozebĂrá vlastnosti rozhranĂ Netlink socketĹŻ, kterĂ© je primárnĂm konfiguraÄŤnĂm rozhranĂm pro sĂĹĄovĂ© prvky na Linuxu, a systĂ©movĂ© volánĂ ioctl, kterĂ© má na Linuxu menšà schopnosti, ale zato je primárnÄ› pouĹľĂvanĂ© na BSD a jinĂ˝ch UNIX systĂ©mech. Jsou tĂ©Ĺľ zkoumanĂ© rozhranĂ pro konfiguraci rozdĂlnĂ˝ch firewallĹŻ. V tĹ™etĂ kapitole je práce zameĹ™ená na konkrĂ©tnĂ typy sĂĹĄovĂ˝ch zaĹ™ĂzenĂ, specifika jejich konfigurace a jejich návaznost na rozhranĂ jádra popsanĂ© v druhĂ© kapitole. V ÄŤtvrtĂ© kapitole jsou formulovány poĹľadavky na konfiguraÄŤnĂ knihovnu: jednoduchá rozšiĹ™itelnost, pĹ™enositelnost na rĹŻznĂ© operaÄŤnĂ systĂ©my, podpora sledovánĂ zmÄ›n a událostĂ a rozšiĹ™itelnost o rĹŻznĂ© typy uĹľivatelskĂ˝ch rozhranĂ. Na základÄ› vĂ˝zkumu z pĹ™edcházejĂcĂch dvou kapitol je pĹ™ednesen návrh knihovny. Návrh definuje konfiguraÄŤnĂ rozhranĂ jako hierarchii abstraktnĂch tĹ™Ăd, oddÄ›lenĂ˝ch od implementace. To umoĹľnuje mĂt souÄŤasnÄ› nÄ›kolik implementacĂ stejnĂ©ho konfiguraÄŤnĂho rozhranĂ i v rámci jednoho operaÄŤnĂho systĂ©mu. Jako vstupnĂ rozhranĂ knihovny je definovaná tĹ™Ăda LibNCFG, která má na starosti tyto konfiguraÄŤnĂ objekty vytvoĹ™it namĂsto uĹľivatele. TĂmto je dosaĹľená jednoduchá rozšiĹ™itelnost knihovny o novĂ© rozhranĂ operaÄŤnĂch systĂ©mĹŻ i o podporu konfigurace novĂ˝ch sĂĹĄovĂ˝ch prvkĹŻ. Podpora pro novĂ© uĹľivatelskĂ© rozhranĂ se dá implementovat jako nová sluĹľba, která zabaluje rozhranĂ knihovny a poskytuje jiná rozhranĂ. Pro podporu sledovánĂ zmÄ›n poskytuje tĹ™Ăda LibNCFG metody pro registraci zpÄ›tnĂ˝ch volánĂ pro definovanĂ© události. Ve ÄŤtvrtĂ© kapitole práce detailnÄ› popisuje rozhranĂ tĹ™Ădy LibNCFG, modulu Common a tĹ™Ăd NetDevice, EthDevice a BondDevice, kterĂ© definujĂ konfiguraÄŤnĂ rozhranĂ pĹ™ĂslušnĂ˝ch typĹŻ sĂĹĄovĂ˝ch zaĹ™ĂzenĂ. Pro tyto tĹ™Ădy jsou implementovanĂ© konkrĂ©tnĂ tĹ™Ădy NetlinkNetDevice, NetlinkEthDevice a sysfsBondDevice a popsanĂ© jejich implementaÄŤnĂ detaily. V pátĂ© kapitole je popsaná ukázková aplikace, která byla implementovaná pro účely pĹ™edvedenĂ jednoduchosti pouĹľitĂ konfiguraÄŤnĂ knihovny. Nakonec jsou v závÄ›ru shrnutĂ© vĂ˝sledky práce a je vedena diskuze o moĹľnĂ˝ch vylepšenĂch a o pokraÄŤovánĂ projektu.The goal of this thesis is to design a network configuration library with regards to operating system portability and extendability of supported features. To achieve this portable design the thesis explores and analyses the currently available network configuration options of Linux and BSD based operating systems and commonly used network devices. It provides and indepth description of Netlink sockets on Linux as the primary network configuration interface, and ioctl system calls that are used on BSD systems. The gathered information is used to create a portable and extendable library design that separates the configuration interface from its implementation into a hierarchy of abstract classes. Furthermore the class LibNCFG is defined as the entry point of the library which handles object creation and destruction instead of the user. This design provides a high level of extendability and ease of use at the same time. The thesis also describes the chosen parts of the library that were implemented so far. The thesis also describes a simple application that was created to showcase the ease of use of the created library. In the end the library summarizes achieved results and discusses possible improvements and continuation of the project.
Digital Signatures for PTP Using Transparent Clocks
Smart grids use synchronous real-time measurements from phasor measurement units (PMU) across portions of a grid to provide grid-wide integrity. Achieving synchronicity requires either accurate GPS clocks at each PMU or a high-resolution clock synchronization protocol, such as the Precision Time Protocol (PTP), specified in IEEE 1588 with the power profile in IEEE C37.238-2011. PTP does not natively include measures to provide authenticity or integrity for timestamps transmitted across an Ethernet network, though there has been recent work in providing end-to-end integrity of transmitted timestamps. However, PTP for use in the smart grid requires a version of the protocol in which network switches update the trusted timestamp in flight, meaning that an end-to-end approach is no longer sufficient. We propose two methods to provide for the integrity of the transmitted and updated timestamps as well as to ensure the authority of all network devices altering the time. In the first, we amend the PTP standard to include signatures as part of the time packet itself at the cost of increased jitter in the system. In the second, we transmit these signatures over a wireless network, reducing congestion on the original network. We test both methods on a simulated PTP switch intended for experimentation only and demonstrate that the use of a second network dedicated to verification-related information is better for current networks, as including signatures in the original packet causes more jitter than is acceptable for synchronizing PMUs in particular