Security comparison of ownCloud, Nextcloud, and Seafile in open source cloud storage solutions

Cloud storage has become one of the most efficient and economical ways to store data over the web. Although most organizations have adopted cloud storage, there are numerous privacy and security concerns about cloud storage and collaboration. Furthermore, adopting public cloud storage may be costly for many enterprises. An open-source cloud storage solution for cloud file sharing is a possible alternative in this instance. There is limited information on system architecture, security measures, and overall throughput consequences when selecting open-source cloud storage solutions despite widespread awareness. There are no comprehensive comparisons available to evaluate open-source cloud storage solutions (specifically owncloud, nextcloud, and seafile) and analyze the impact of platform selections. This thesis will present the concept of cloud storage, a comprehensive understanding of three popular open-source features, architecture, security features, vulnerabilities, and other angles in detail. The goal of the study is to conduct a comparison of these cloud solutions so that users may better understand the various open-source cloud storage solutions and make more knowledgeable selections. The author has focused on four attributes: features, architecture, security, and vulnerabilities of three cloud storage solutions ("ownCloud," "Nextcloud," and "Seafile") since most of the critical issues fall into one of these classifications. The findings show that, while the three services take slightly different approaches to confidentiality, integrity, and availability, they all achieve the same purpose. As a result of this research, the user will have a better understanding of the factors and will be able to make a more informed decision on cloud storage options

Automated intrusion recovery for web applications

Thesis (Ph. D.)--Massachusetts Institute of Technology, Department of Electrical Engineering and Computer Science, 2013.Cataloged from PDF version of thesis.Includes bibliographical references (pages 93-97).In this dissertation, we develop recovery techniques for web applications and demonstrate that automated recovery from intrusions and user mistakes is practical as well as effective. Web applications play a critical role in users' lives today, making them an attractive target for attackers. New vulnerabilities are routinely found in web application software, and even if the software is bug-free, administrators may make security mistakes such as misconfiguring permissions; these bugs and mistakes virtually guarantee that every application will eventually be compromised. To clean up after a successful attack, administrators need to find its entry point, track down its effects, and undo the attack's corruptions while preserving legitimate changes. Today this is all done manually, which results in days of wasted effort with no guarantee that all traces of the attack have been found or that no legitimate changes were lost. To address this problem, we propose that automated intrusion recovery should be an integral part of web application platforms. This work develops several ideas-retroactive patching, automated UI replay, dependency tracking, patch-based auditing, and distributed repair-that together recover from past attacks that exploited a vulnerability, by retroactively fixing the vulnerability and repairing the system state to make it appear as if the vulnerability never existed. Repair tracks down and reverts effects of the attack on other users within the same application and on other applications, while preserving legitimate changes. Using techniques resulting from these ideas, an administrator can easily recover from past attacks that exploited a bug using nothing more than a patch fixing the bug, with no manual effort on her part to find the attack or track its effects. The same techniques can also recover from attacks that exploit past configuration mistakes-the administrator only has to point out the past request that resulted in the mistake. We built three prototype systems, WARP, POIROT, and AIRE, to explore these ideas. Using these systems, we demonstrate that we can recover from challenging attacks in real distributed web applications with little or no changes to application source code; that recovery time is a fraction of the original execution time for attacks with a few affected requests; and that support for recovery adds modest runtime overhead during the application's normal operation.by Ramesh Chandra.Ph.D

Survey and Analysis of Android Authentication Using App Locker

Android Smart phones have gained immense popularity over the years and is undoubtedly more popular than other operating system phones. Following the similar lines android wear was introduced. Steadily android wear is making its way into our daily lives. It helps keep track of the sleep you have, helps you reach fitness goals, keeps track of phone and helps users have easy authentication. Due to the usage of smart lock which enables phone to be unlocked as long as connected to the android wear, this leads to almost no security on both the ends as android wear before Android 5.0 has no lock. We aim to produce the existing authentication methods in android phones and wear and the threats that plague both kinds of devices. As authentication is one of the major building blocks of security, through research we aim at designing a system for android phones which will be able to protect the sensitive data on devices which will be at risk through smart lock using encryption techniques. In this proposed system, the user would be able to decide which applications are needed to be secured when he is using smart lock. This application will enable lock for those user chosen applications as soon as the smart phone device is connected to android wear and similarly disables the lock when connection is disabled between the devices and communication between devices is made secure using encryption algorithms. This application does not interfere with easy phone authentication which users demand but it makes sure data is protected and users are authenticated with the help of multiple authentication layering

CloudIDS: Cloud Intrusion Detection Model Inspired by Dendritic Cell Mechanism

Cloud Computing Security is a new era of computer technology and opens a new research area and creates a lot of opportunity of exploration. One of the new implementation in Cloud is Intrusion Detection System (IDS).There are problems with existing IDS approach in Cloud environment. Implementing traditional IDS need a lot of self-maintenance and did not scale with the customer security requirements. In addition, maintenance of traditional IDS in Cloud Computing system requires expertise and consumes more time where not each Cloud user has. A decentralized traditional IDS approach where being deployed in current Cloud Computing infrastructure will make the IDS management become complicated. Each user's IDS will not be the same in term of type and configurations and each user may have outdated signatures. Inter VM's communication also become a big concern when we implementing Cloud Computing system where communication between Clouds are not monitored and controlled by the traditional IDS. A specific IDS model for Cloud computing is required to solve these problems. In this paper, we develop a prototype of Cloud IDS inspired by Dendritic Cell mechanism. Experiment result proved that Cloud IDS was able to detect any attempt to attack the Cloud environment. The experiments show that the Cloud IDS model based on Dendritic Cell algorithm able to identify and detect novel threat that targeting Cloud environment

A Model for User-centric Information Security Risk Assessment and Response

Managing and assessing information security risks in organizations is a well understood and accepted approach, with literature providing a vast array of proposed tools, methods and techniques. They are, however, tailored for organizations, with little literature supporting how these can be achieved more generally for end-users, i.e. users, who are solely responsible for their devices, data and for making their own security decisions. To protect against them, technical countermeasures alone has been found insufficient as it can be misused by users and become vulnerable to various threats. This research focuses on better understanding of human behavior which is vital for ensuring an efficient information security environment. Motivated by the fact that different users react differently to the same stimuli, identifying the reasons behind variations in security behavior and why certain users could be “at risk” more than others is a step towards developing techniques that can enhance user’s behavior and protect them against security attacks. A user survey was undertaken to explore users security behavior in several domains and to investigate the correlation between users characteristics and their risk taking behavior. Analysis of the results demonstrated that user’s characteristics do play a significant role in affecting their security behavior risk levels. Based upon these findings, this study proposed a user-centric model that is intended to provide a comprehensive framework for assessing and communicating information security risks for users of the general public with the aim of monitoring, assessing and responding to user’s behavior in a continuous, individualized and timely manner. The proposed approach is built upon two components: assessing risks and communicating them. Aside from the traditional risk assessment formula, three risk estimation models are proposed: a user-centric, system-based and an aggregated model to create an individualized risk profile. As part of its novelty, both user-centric and behavioral-related factors are considered in the assessment. This resulted in an individualized and timely risk assessment in granular form. Aside from the traditional risk communication approach of one message/one-size-fits-all, a gradual response mechanism is proposed to individually and persuasively respond to risk and educate the user of his risk-taking behavior. Two experiments and a scenario-based simulation of users with varying user-centric factors has been implemented to simulate the proposed model, how it works and to evaluate its effectiveness and usefulness. The proposed approach worked in the way it was expected to. The analysis of the experiments results provided an indication that risk could be assessed differently for the same behavior based upon a number of user-centric and behavioral-related factors resulting in an individualized granular risk score/level. This granular risk assessment, away from high, medium and low, provided a more insightful evaluation of both risk and response. The analysis of results was also useful in demonstrating how risk is not the same for all users and how the proposed model is effective in adapting to differences between users offering a novel approach to assessing information security risks

CGC monitor: A vetting system for the DARPA cyber grand challenge

The article of record as published may be found at https://doi.org/10.1016/j.diin.2018.04.016In PressThe CGC Monitor is available at https://github.com/mfthomps/ cgc-monitor. Analysis results from CFE, generated by the monitor, are at https://github.com/mfthomps/CGC-Analysis.The DARPA Cyber Grand Challenge (CGC) pit autonomous machines against one another in a battle to discover, mitigate, and take advantage of software vulnerabilities. The competitors repeatedly formulated and submitted binary software for execution against opponents, and to mitigate attacks mounted by opponents. The US Government sought confidence that competitors legitimately won their rewards (a prize pool of up to $6.75 million USD), and competitors deserved evidence that all parties operated in accordance with the rules, which prohibited attempts to subvert the competition infrastructure. To support those goals, we developed an analysis system to vet competitor software submissions destined for execution on the competition infrastructure, the classic situation of running untrusted software. In this work, we describe the design and implementation of this vetting system, as well as results gathered in deployment of the system as part of the CGC competition. The analysis system is imple- mented upon a high-fidelity full-system simulator requiring no modifications to the monitored operating system. We used this system to vet software submitted during the CGC Qualifying Event, and the CGC Final Event. The overwhelming majority of the vetting occurred in an automated fashion, with the system automatically monitoring the full x86-based system to detection corruption of operating system execution paths and data structures. However, the vetting system also facilitates investigation of any execution deemed suspicious by the automated process (or indeed any analysis required to answer queries related to the competition). An analyst may replay any software interaction using an IDA Pro plug-in, which utilizes the IDA debugger client to execute the session in reverse. In post-mortem analysis, we found no evidence of attempted infrastructure subversion and further conclude that of the 20 vulnerable software services exploited in the CGC Final Event, half were exploited in ways unintended by the service authors. Six services were exploited due to vulnerabilities accidentally included by the authors, while an additional four were exploited via the author-intended vulnerability, but via an unanticipated path.This work was supported in part by the Defense Advanced Research Projects AgencyAir Force award number FA8750- 12-D-0005Approved for public release; distribution is unlimited

Rethinking Privacy and Security Mechanisms in Online Social Networks

With billions of users, Online Social Networks(OSNs) are amongst the largest scale communication applications on the Internet. OSNs enable users to easily access news from local and worldwide, as well as share information publicly and interact with friends. On the negative side, OSNs are also abused by spammers to distribute ads or malicious information, such as scams, fraud, and even manipulate public political opinions. Having achieved significant commercial success with large amount of user information, OSNs do treat the security and privacy of their users seriously and provide several mechanisms to reinforce their account security and information privacy. However, the efficacy of those measures is either not thoroughly validated or in need to be improved. In sight of cyber criminals and potential privacy threats on OSNs, we focus on the evaluations and improvements of OSN user privacy configurations, account security protection mechanisms, and trending topic security in this dissertation. We first examine the effectiveness of OSN privacy settings on protecting user privacy. Given each privacy configuration, we propose a corresponding scheme to reveal the target user\u27s basic profile and connection information starting from some leaked connections on the user\u27s homepage. Based on the dataset we collected on Facebook, we calculate the privacy exposure in each privacy setting type and measure the accuracy of our privacy inference schemes with different amount of public information. The evaluation results show that (1) a user\u27s private basic profile can be inferred with high accuracy and (2) connections can be revealed in a significant portion based on even a small number of directly leaked connections. Secondly, we propose a behavioral-profile-based method to detect OSN user account compromisation in a timely manner. Specifically, we propose eight behavioral features to portray a user\u27s social behavior. A user\u27s statistical distributions of those feature values comprise its behavioral profile. Based on the sample data we collected from Facebook, we observe that each user\u27s activities are highly likely to conform to its behavioral profile while two different user\u27s profile tend to diverge from each other, which can be employed for compromisation detection. The evaluation result shows that the more complete and accurate a user\u27s behavioral profile can be built the more accurately compromisation can be detected. Finally, we investigate the manipulation of OSN trending topics. Based on the dataset we collected from Twitter, we manifest the manipulation of trending and a suspect spamming infrastructure. We then measure how accurately the five factors (popularity, coverage, transmission, potential coverage, and reputation) can predict trending using an SVM classifier. We further study the interaction patterns between authenticated accounts and malicious accounts in trending. at last we demonstrate the threats of compromised accounts and sybil accounts to trending through simulation and discuss countermeasures against trending manipulation

A decision support system for corporations cyber security risk management

This thesis presents a decision aiding system named C3-SEC (Contex-aware Corporative Cyber Security), developed in the context of a master program at Polytechnic Institute of Leiria, Portugal. The research dimension and the corresponding software development process that followed are presented and validated with an application scenario and case study performed at Universidad de las Fuerzas Armadas ESPE – Ecuador. C3-SEC is a decision aiding software intended to support cyber risks and cyber threats analysis of a corporative information and communications technological infrastructure. The resulting software product will help corporations Chief Information Security Officers (CISO) on cyber security risk analysis, decision-making and prevention measures for the infrastructure and information assets protection. The work is initially focused on the evaluation of the most popular and relevant tools available for risk assessment and decision making in the cyber security domain. Their properties, metrics and strategies are studied and their support for cyber security risk analysis, decision-making and prevention is assessed for the protection of organization's information assets. A contribution for cyber security experts decision support is then proposed by the means of reuse and integration of existing tools and C3-SEC software. C3-SEC extends existing tools features from the data collection and data analysis (perception) level to a full context-ware reference model. The software developed makes use of semantic level, ontology-based knowledge representation and inference supported by widely adopted standards, as well as cyber security standards (CVE, CPE, CVSS, etc.) and cyber security information data sources made available by international authorities, to share and exchange information in this domain. C3-SEC development follows a context-aware systems reference model addressing the perception, comprehension, projection and decision/action layers to create corporative scale cyber security situation awareness

Development of secured algorithm to enhance the privacy and security template of biometric technology

A Thesis Submitted in Partial Fulfillment of the Requirements for the Degree of Doctor of Philosophy in Mathematical and Computer Science and Engineering of the Nelson Mandela African Institution of Science and TechnologyThe security of information and personal privacy are the growing concerns in today’s human life worldwide. The storage of biometric data in the database has raised the prospect of compromising the database leading to grave risks and misuse of the person’s privacy such as growth in terrorism and identity fraud. When a person’s biometric data stored is revealed, their security and privacy are being compromised. This research described a detailed evaluation on several outbreaks and threats associated with the biometric technology. It analyzed the user’s fear and intimidations to the biometric technology alongside the protection steps for securing the biometric data template in the database. It is known that, when somebody’s biometric data template is compromised from the database that consequently might indicate proof of identity robbery of that person. Mixed method to compute and articulate the results as well as a new tactic of encryption-decryption algorithm with a design pattern of Model View Template (MVT) are used for securing the biometric data template in the database. The model managed information logically, the view indicated the visualization of the data, and the template directed the data migration into pattern object. Factors influencing fear of biometric technology such as an exposer of personal information, improper data transfer, and data misuse are found. Strong knowledge of the ideal technology like the private skills of the biometric technology, data secrecy and perceived helpfulness are established. The fears and attacks along the technology like a counterfeit of documents and brute-force attack are known. The designed algorithm based on the cryptographic module of the Fernet keys instance are utilized. The Fernet keys are combined to generate a multiFernet key, integrated with biometric data to produce two encrypted files (byte and text file). These files are incorporated with Twilio message and firmly stored in the database. The storage database has security measures that guard against an impostor’s attack. The database system can block the attacker from unauthorized access. Thus, significantly increased individual data privacy and integrity