A security analysis of email communications

The objective of this report is to analyse the security and privacy risks of email communications and identify technical countermeasures capable of mitigating them effectively. In order to do so, the report analyses from a technical point of view the core set of communication protocols and standards that support email communications in order to identify and understand the existing security and privacy vulnerabilities. On the basis of this analysis, the report identifies and analyses technical countermeasures, in the form of newer standards, protocols and tools, aimed at ensuring a better protection of the security and privacy of email communications. The practical implementation of each countermeasure is evaluated in order to understand its limitations and identify potential technical and organisational constrains that could limit its effectiveness in practice. The outcome of the above mentioned analysis is a set of recommendations regarding technical and organisational measures that when combined properly have the potential of more effectively mitigating the privacy and security risks of today's email communications.JRC.G.6-Digital Citizen Securit

Usability and Trust in Information Systems

The need for people to protect themselves and their assets is as old as humankind. People's physical safety and their possessions have always been at risk from deliberate attack or accidental damage. The advance of information technology means that many individuals, as well as corporations, have an additional range of physical (equipment) and electronic (data) assets that are at risk. Furthermore, the increased number and types of interactions in cyberspace has enabled new forms of attack on people and their possessions. Consider grooming of minors in chat-rooms, or Nigerian email cons: minors were targeted by paedophiles before the creation of chat-rooms, and Nigerian criminals sent the same letters by physical mail or fax before there was email. But the technology has decreased the cost of many types of attacks, or the degree of risk for the attackers. At the same time, cyberspace is still new to many people, which means they do not understand risks, or recognise the signs of an attack, as readily as they might in the physical world. The IT industry has developed a plethora of security mechanisms, which could be used to mitigate risks or make attacks significantly more difficult. Currently, many people are either not aware of these mechanisms, or are unable or unwilling or to use them. Security experts have taken to portraying people as "the weakest link" in their efforts to deploy effective security [e.g. Schneier, 2000]. However, recent research has revealed at least some of the problem may be that security mechanisms are hard to use, or be ineffective. The review summarises current research on the usability of security mechanisms, and discusses options for increasing their usability and effectiveness

Measuring Drive-by Download Defense in Depth

Defense in depth is vital as no single security product detects all of today’s attacks. To design defense in depth organizations rely on best practices and isolated product reviews with no way to determine the marginal benefit of additional security products. We propose empirically testing security products’ detection rates by linking multiple pieces of data such as network traffic, executable files, and an email to the attack that generated all the data. This allows us to directly compare diverse security products and to compute the increase in total detection rate gained by adding a security product to a defense in depth strategy not just its stand alone detection rate. This approach provides an automated means of evaluating risks and the security posture of alternative security architectures. We perform an experiment implementing this approach for real drive-by download attacks found in a real time email spam feed and compare over 40 security products and human click-through rates by linking email, URL, network content, and executable file attack data

Digital and Mobile Security for Mexican Journalists and Bloggers

A new survey of 102 journalists and bloggers in 20 Mexican states shows nearly 70 percent have been threatened or have suffered attacks because of their work. In addition, 96 percent say they know of colleagues who have been attacked. Respondents to the survey also say they view cyber-espionage and email-account cracking as the most serious digital risks they face. And while nearly all have access to and rely on the Internet, social networks, mobile phones and blogging platforms for their work, they also admit that they have little or no command of digital security tools such as encryption, use of virtual private networks (VPNs), anonymous Internet navigation and secure file removal. The results of this survey show the urgent need to introduce Mexican journalists and bloggers to new technologies and protocols and help newsrooms develop a culture of digital-security awareness to counter increasingly sophisticated threats and attacks from both governmental agencies and criminal organizations

Computer virus e posta elettronica: una guida per l\u27utente

Today the Internet is a valuable source of information as well as a powerful communication medium, with undoubted social and economic benefits, however it also poses some security risks. Viruses may hide in email attachments or in apparently innocent applications directly downloadable from the Internet. In this work we give an overview of virus types and main defense techniques

A study of the security implications involved with the use of executable World Wide Web content

Malicious executable code is nothing new. While many consider that the concept of malicious code began in the 1980s when the first PC viruses began to emerge, the concept does in fact date back even earlier. Throughout the history of malicious code, methods of hostile code delivery have mirrored prevailing patterns of code distribution. In the 1980s, file infecting and boot sector viruses were common, mirroring the fact that during this time, executable code was commonly transferred via floppy disks. Since the 1990s email has been a major vector for malicious code attacks. Again, this mirrors the fact that during this period of time email has been a common means of sharing code and documents. This thesis examines another model of executable code distribution. It considers the security risks involved with the use of executable code embedded or attached to World Wide Web pages. In particular, two technologies are examined. Sun Microsystems\u27 Java Programming Language and Microsoft\u27s ActiveX Control Architecture are both technologies that can be used to connect executable program code to World Wide Web pages. This thesis examines the architectures on which these technologies are based, as well as the security and trust models that they implement. In doing so, this thesis aims to assess the level of risk posed by such technologies and to highlight similar risks that might occur with similar future technologies. ()

Cloud Computing Security Services to Mitigate DDoS Attacks

This chapter focuses on the challenges and risks faced in cloud security services in the areas which include identity access management, web security, email security, network security, encryption, information security, intrusion management, and disaster management while implementing a cloud service infrastructure. This chapter endorses the best practices in successfully deploying a secure private cloud infrastructure with security measures and mitigation and proposed a unique three-tier infrastructure design to mitigate distributed denial of service attacks on cloud infrastructures

Computer viruses and electronic mail

Today the Internet is a valuable source of information as well as a powerful communication medium, with undoubted social and economic benefits, however it also poses some security risks. Virsuses may hide in email attachments or in appartently innocent applications directly downloadable from the Internet. In this work we give a brief overview of virus types and main defense techniques. Then we present statistical data of virus attacks revealed by an anti-virus SW activated on our e-mail server, and discuss results in terms of virus types and temporal distribution