Tackling Spam and Spoof Email

The loss of productivity due to Spam has reached a critical limit. Spoof emails have dented confidence of people in communications from organisations. This is happening in an age where email has been recognised as a cost effective way of communicating. Companies have to invest resources to increase the confidence of consumers rather than abandoning the use of emails. This leaves two avenues of pursuing the matter, either email vendors have to implement safeguards or users have to implement technology and procedures. The paper will look at ways in which spam and spoof emails are being tackled and also make suggestions on how confidence can be raised by the use of hybrid approaches

Privacy in Voice-over-IP mitigating the risks at SIP intermediaries

Telephony plays a fundamental role in our society. It enables remote parties to interact and express themselves over great distances. The telephone as a means of communicating has become part of every day life. Organisations and industry are now looking at Voice over IP (VoIP) technologies. They want to take advantage of new and previously unavailable voice services. Various interested parties are seeking to leverage the emerging VoIP technology for more flexible and efficient communication between staff, clients and partners. VoIP is a recent innovation enabled by Next Generation Network (NGN). It provides and enables means of communication over a digital network, specifically the Internet. VoIP is gaining wide spread adoption and will ultimately replace traditional telephony. The result of this trend is a ubiquitous, global and digital communication infrastructure. VoIP, however, still faces many challenges. It is not yet as reliable and dependable as the current Public Switched Telephone Network (PSTN). The employed communication protocols are immature with many security flaws and weaknesses. Session Initiation Protocol (SIP), a popular VoIP protocol does not sufficiently protect a users privacy. A user’s information is neither encrypted nor secured when calling a remote party. There is a lack of control over the information included in the SIP messages. Our specific concern is that private and sensitive information is exchanged over the public internet. This dissertation concerns itself with the communication path chosen by SIP when establishing a session with a remote party. In SIP, VoIP calls are established over unknown and untrusted intermediaries to reach the desired party. We analyse the SIP headers to determine the information leakage at each chosen intermediary. Our concerns for possible breach of privacy when using SIP were confirmed by the findings. A user’s privacy can be compromised through the extraction of explicit private details reflected in SIP headers. It is further possible to profile the user and determine communication habits from implicit time, location and device information. Our research proposes enhancements to SIP. Each intermediary must digitally sign over the SIP headers ensuring the communication path was not be altered. These signatures are added sequentially creating a chain of certified intermediaries. Our enhancements to SIP do not seek to encrypt the headers, but to use these intermediary signatures to reduce the risk of information leakage. We created a model of our proposed enhancements for attaching signatures at each intermediary. The model also provides a means of identifying unknown or malicious intermediaries prior to establishing a SIP session. Finally, the model was specified in Z notation. The Z specification language was well suited to accurately and precisely represent our model. This formal notation was adopted to specify the types, states and model behaviour. The specification was validated using the Z type-checker ZTC. CopyrightDissertation (MSc)--University of Pretoria, 2010.Computer Scienceunrestricte

The cost of free instant messaging: an attack modelling perspective

Instant Messaging (IM) has grown tremendously over the last few years. Even though IM was originally developed as a social chat system, it has found a place in many companies, where it is being used as an essential business tool. However, many businesses rely on free IM and have not implemented a secure corporate IM solution. Most free IM clients were never intended for use in the workplace and, therefore, lack strong security features and administrative control. Consequently, free IM clients can provide attackers with an entry point for malicious code in an organization’s network that can ultimately lead to a company’s information assets being compromised. Therefore, even though free IM allows for better collaboration in the workplace, it comes at a cost, as the title of this dissertation suggests. This dissertation sets out to answer the question of how free IM can facilitate an attack on a company’s information assets. To answer the research question, the dissertation defines an IM attack model that models the ways in which an information system can be attacked when free IM is used within an organization. The IM attack model was created by categorising IM threats using the STRIDE threat classification scheme. The attacks that realize the categorised threats were then modelled using attack trees as the chosen attack modelling tool. Attack trees were chosen because of their ability to model the sequence of attacker actions during an attack. The author defined an enhanced graphical notation that was adopted for the attack trees used to create the IM attack model. The enhanced attack tree notation extends traditional attack trees to allow nodes in the trees to be of different classes and, therefore, allows attack trees to convey more information. During the process of defining the IM attack model, a number of experiments were conducted where IM vulnerabilities were exploited. Thereafter, a case study was constructed to document a simulated attack on an information system that involves the exploitation of IM vulnerabilities. The case study demonstrates how an attacker’s attack path relates to the IM attack model in a practical scenario. The IM attack model provides insight into how IM can facilitate an attack on a company’s information assets. The creation of the attack model for free IM lead to several realizations. The IM attack model revealed that even though the use of free IM clients may seem harmless, such IM clients can facilitate an attack on a company’s information assets. Furthermore, certain IM vulnerabilities may not pose a great risk by themselves, but when combined with the exploitation of other vulnerabilities, a much greater threat can be realized. These realizations hold true to what French playwright Jean Anouilh once said: “What you get free costs too much”