471 research outputs found
Threats and countermeasures for network security
In the late 1980's, the traditional threat of anonymous break-ins to networked computers was joined by viruses and worms, multiplicative surrogates that carry out the bidding of their authors. Technologies for authentication and secrecy, supplemented by good management practices, are the principal countermeasures. Four articles on these subjects are presented
Choosing IT Platforms In The Age Of Stuxnet
This paper addresses the question of choosing/investing in IT (hardware/software) platforms that avoid quick obsolescence and the underlying dilemmas of choosing proprietary software versus open source software, and opting for managed services such as public cloud computing versus in-house hardware/communication infrastructures. These dilemmas in strategic information systems planning have become more significant in light of the recent revelations of security backdoors in commercial software, encryption backdoors in communication software, and governmental access to private data on managed services for national security reasons. This paper considers enterprise-wide challenges and strategies for adopting open source software/hardware in response to these security concerns
Vulnerability analysis of three remote voting methods
This article analyses three methods of remote voting in an uncontrolled
environment: postal voting, internet voting and hybrid voting. It breaks down
the voting process into different stages and compares their vulnerabilities
considering criteria that must be respected in any democratic vote:
confidentiality, anonymity, transparency, vote unicity and authenticity.
Whether for safety or reliability, each vulnerability is quantified by three
parameters: size, visibility and difficulty to achieve. The study concludes
that the automatisation of treatments combined with the dematerialisation of
the objects used during an election tends to substitute visible vulnerabilities
of a lesser magnitude by invisible and widespread vulnerabilities.Comment: 15 page
Using journals to assess non-STEM student learning in STEM courses: A case study in cybersecurity education
Embry-Riddle Aeronautical University offers a minor course of study in cybersecurity as an option in our undergraduate Homeland Security program. Since the students are, by and large, social scientists, the focus of the program is to build hyper-awareness of how cybersecurity integrates within their professional aspirations rather than to provide cybersecurity career-level proficiency. Assessing student learning of the technical aspects cannot be performed using traditional tests, as they would not properly measure what the students are learning in a practical sense. Instead, we employ journals and self-reflection to ask the students to express and demonstrate their learning. Although somewhat harder to grade, the journals have huge benefits to the learning environment as well as to actual learning
Toward least-privilege isolation for software
Hackers leverage software vulnerabilities to disclose, tamper with, or destroy sensitive
data. To protect sensitive data, programmers can adhere to the principle of
least-privilege, which entails giving software the minimal privilege it needs to operate,
which ensures that sensitive data is only available to software components on a
strictly need-to-know basis. Unfortunately, applying this principle in practice is dif-
�cult, as current operating systems tend to provide coarse-grained mechanisms for
limiting privilege. Thus, most applications today run with greater-than-necessary
privileges. We propose sthreads, a set of operating system primitives that allows
�ne-grained isolation of software to approximate the least-privilege ideal. sthreads
enforce a default-deny model, where software components have no privileges by default,
so all privileges must be explicitly granted by the programmer.
Experience introducing sthreads into previously monolithic applications|thus,
partitioning them|reveals that enumerating privileges for sthreads is di�cult in
practice. To ease the introduction of sthreads into existing code, we include Crowbar,
a tool that can be used to learn the privileges required by a compartment. We
show that only a few changes are necessary to existing code in order to partition
applications with sthreads, and that Crowbar can guide the programmer through
these changes. We show that applying sthreads to applications successfully narrows
the attack surface by reducing the amount of code that can access sensitive data.
Finally, we show that applications using sthreads pay only a small performance
overhead. We applied sthreads to a range of applications. Most notably, an SSL
web server, where we show that sthreads are powerful enough to protect sensitive
data even against a strong adversary that can act as a man-in-the-middle in the
network, and also exploit most code in the web server; a threat model not addressed
to date
Security Support in Continuous Deployment Pipeline
Continuous Deployment (CD) has emerged as a new practice in the software
industry to continuously and automatically deploy software changes into
production. Continuous Deployment Pipeline (CDP) supports CD practice by
transferring the changes from the repository to production. Since most of the
CDP components run in an environment that has several interfaces to the
Internet, these components are vulnerable to various kinds of malicious
attacks. This paper reports our work aimed at designing secure CDP by utilizing
security tactics. We have demonstrated the effectiveness of five security
tactics in designing a secure pipeline by conducting an experiment on two CDPs
- one incorporates security tactics while the other does not. Both CDPs have
been analyzed qualitatively and quantitatively. We used assurance cases with
goal-structured notations for qualitative analysis. For quantitative analysis,
we used penetration tools. Our findings indicate that the applied tactics
improve the security of the major components (i.e., repository, continuous
integration server, main server) of a CDP by controlling access to the
components and establishing secure connections
Novel Techniques of Using Diversity in Software Security and Information Hiding
Diversity is an important and valuable concept that has been adopted in many fields to reduce correlated risks and to increase survivability. In information security, diversity also helps to increase both defense capability and fault tolerance for information systems and communication networks, where diversity can be adopted from many different perspectives. This dissertation, in particular, focuses mainly on two aspects of diversity – the application software diversity and the diversity in data interpretation. Software diversity has many advantages over mono-culture in improving system security. A number of previous researches focused on utilizing existing off the shelf diverse software for network protection and intrusion detection, many of which depend on an important assumption – the diverse software utilized in the system is vulnerable only to different exploits. In the first work of this dissertation, we perform a systematic analysis on more than 6,000 vulnerabilities published in 2007 to evaluate the extent to which this assumption is valid. Our results show that the majority of the vulnerable application software products either do not have the same vulnerability, or cannot be compromised with the same exploit code. Following this work, we then propose an intrusion detection scheme which builds on two diverse programs to detect sophisticated attacks on security-critical data. Our model learns the underlying semantic correlation of the argument values in these programs, and consequently gains more accurate context information compared to existing schemes. Through experiments, we show that such context information is effective in detecting attacks which manipulate erratic arguments with comparable false-positive rates. Software diversity does not only exist on desktop and mainframe computers, it also exists on mobile platforms like smartphone operating systems. In our third work in this dissertation, we propose to investigate applications that run on diverse mobile platforms (e.g., Android and iOS) and to use them as the baseline for comparing their security architectures. Assuming that such applications need the same types of privileges to provide the same functionality on different mobile platforms, our analysis of more than 2,000 applications shows that those executing on iOS consistently ask for more permissions than their counterparts running on Android. We additionally analyze the underlying reasons and find out that part of the permission usage differences is caused by third-party libraries used in these applications. Different from software diversity, the fourth work in this dissertation focuses on the diversity in data interpretation, which helps to defend against coercion attacks. We propose Dummy-Relocatable Steganographic file system (DRSteg) to provide deniability in multi user environments where the adversary may have multiple snapshots of the disk content. The diverse ways of interpreting data in the storage allows a data owner to surrender only some data and attribute the unexplained changes across snapshots to the dummy data which are random bits. The level of deniability offered by our file system is configurable by the users, to balance against the resulting performance overhead. Additionally, our design guarantees the integrity of the protected data, except where users voluntarily overwrite data under duress. This dissertation makes valuable contributions on utilizing diversity in software security and information hiding. The systematic evaluation results obtained for mobile and desktop diverse software are important and useful to both research literature and industrial organizations. The proposed intrusion detection system and steganographic file system have been implemented as prototypes, which are effective in protecting valuable user data against adversaries in various threat scenarios
- …