Modeling Class of Software Vulnerabilities with Vulnerability Cause Graphs

Vulnerabilities discovered in software are not only due to programming errors but also due to designflaws. There are a number of methods to avoid design flaws which are all manual processes and needexpertise. We believe that the study of models of classes of vulnerabilities would give developerssufficient knowledge in how to avoid these vulnerabilities. A model of class of vulnerability can alsohelp in the decision making process during the software development process.In this thesis, we present a procedure for modeling a class of vulnerabilities given instances ofVulnerability Cause Graphs (VCGs). Using VCGs will structure the representation of causes tovulnerabilities.The approach presented in this thesis makes it possible to divide the work of modeling a class ofvulnerability without any permanent dependence on any specific persons. The approach is also flexible enough to accommodate new causes of vulnerabilities in software when being discovered

Usability evaluation of IPsec configuring components

The security protocol IPsec is used in the LTE network to achieve a securecommunication from prying eyes. However, the use of IPsec is optional bythe LTE standard. Whether or not to use the IPsec thus becomes a securitydecision that each operator has to make after having considered applicablerisks and anticipated costs. It is also important to consider the OperationalExpenditure (OPEX) for deploying, operating, and maintaining the IPsecinstallation. One important factor that can aect OPEX is usability. Forthis reason understanding the usability properties of a system can help toidentify improvements that can reduce OPEX.This study mainly focused on investigating the challenges and also investigateswhether poor usability was a contributing factor for deploymentchallenges of IPsec in the LTE infrastructure. Additionally, this study alsofocused on prerequisite knowledge for an individual in order to ensure thecorrect deployment of IPsec in the LTE network.Cognitive Walkthrough and Heuristic Evaluation usability methods wereused in this study. By using these methods, several usability issues related toIPsec conguring components like documentation, the MO structure, anda used tool were identied. It was also identied that each componenthad rooms for improvements, especially for documentation which can signicantly aid in the deployment of IPsec. Moreover, in order to smoothlydeploy IPsec in the LTE network, it is important to have beforehand knowledgeof conguring components used to deploy IPsec

Collaborative Network Security: Targeting Wide-area Routing and Edge-network Attacks

To ensure that services can be delivered reliably and continuously over theInternet, it is important that both Internet routes and edge networks aresecured. However, the sophistication and distributed nature of many at-tacks that target wide-area routing and edge networks make it difficult foran individual network, user, or router to detect these attacks. Thereforecollaboration is important. Although the benefits of collaboration betweendifferent network entities have been demonstrated, many open questionsstill remain, including how to best design distributed scalable mechanismsto mitigate attacks on the network infrastructure. This thesis makes severalcontributions that aim to secure the network infrastructure against attackstargeting wide-area routing and edge networks. First, we present a characterization of a controversial large-scale routinganomaly, in which a large Telecom operator hijacked a very large numberof Internet routes belonging to other networks. We use publicly availabledata from the time of the incident to understand what can be learned aboutlarge-scale routing anomalies and what type of data should be collected inthe future to diagnose and detect such anomalies. Second, we present multiple distributed mechanisms that enable col-laboration and information sharing between different network entities thatare affected by such attacks. The proposed mechanisms are applied in thecontexts of collaborating Autonomous Systems (ASes), users, and servers,and are shown to help raise alerts for various attacks. Using a combina-tion of data-driven analysis and simulations, based on publicly availablereal network data (including traceroutes, BGP announcements, and net-work relationship data), we show that our solutions are scalable, incur lowcommunication and processing overhead, and provide attractive tradeoffsbetween attack detection and false alert rates. Finally, for a set of previously proposed routing security mechanisms,we consider the impact of regional deployment restrictions, the scale of thecollaboration, and the size of the participants deploying the solutions. Al-though regional deployment can be seen as a restriction and the participationof large networks is often desirable, we find interesting cases where regionaldeployment can yield better results compared to random global deployment,and where smaller networks can play an important role in achieving bettersecurity gains. This study offers new insights towards incremental deploy-ment of different classes of routing security mechanisms

Collaborative framework for protection against attacks targeting BGP and edge networks

This paper presents the design and data-driven overhead analysis of PrefiSec, a distributed framework that helps collaborating organizations to effectively maintain and share network information in the fight against miscreants. PrefiSec is a novel distributed IP-prefix-based solution, which maintains information about the activities associated with IP prefixes (blocks of IP addresses) and autonomous systems (AS) and enables efficient sharing of this information between participants. Within PrefiSec, we design and evaluate simple and scalable mechanisms that help to protect against prefixisubprefix attacks and interception attacks, and enable sharing of prefix related information related to a wide range of edge-based attacks, such as spamming and scanning. We also include an evaluation of which ASes need to collaborate, to what extent the size and locality of ASes matter, and how many ASes are needed to achieve good efficiency in detecting anomalous route announcements. Public wide-area BGP-announcements, traceroutes, and simulations are used to estimate the overhead, scalability, and alert rates. Our results show that PrefiSec helps improve system security, and can scale to large systems. (C) 2017 Elsevier B.V. All rights reserved.Funding Agencies|Swedish National Graduate School in Computer Science (CUGS)</p

Characterizing large-scale routing anomalies: A case study of the China Telecom incident,

Abstract. China Telecom&apos;s hijack of approximately 50,000 IP prefixes in April 2010 highlights the potential for traffic interception on the Internet. Indeed, the sensitive nature of the hijacked prefixes, including US government agencies, garnered a great deal of attention and highlights the importance of being able to characterize such incidents after they occur. We use the China Telecom incident as a case study, to understand (1) what can be learned about large-scale routing anomalies using public data sets, an

Crowd-based Detection of Routing Anomalies on the Internet

The Internet is highly susceptible to routing attacks and there is no universally deployed solution that ensures that traffic is not hijacked by third parties. Individuals or organizations wanting to protect themselves from sustained attacks must therefore typically rely on measurements and traffic monitoring to detect attacks. Motivated by the high overhead costs of continuous active measurements, we argue that passive monitoring combined with collaborative information sharing and statistics can be used to provide alerts about traffic anomalies that may require further investigation. In this paper we present and evaluate a user-centric crowd-based approach in which users passively monitor their network traffic, share information about potential anomalies, and apply combined collaborative statistics to identify potential routing anomalies. The approach uses only passively collected round-trip time (RTT) measurements, is shown to have low overhead, regardless if a central or distributed architecture is used, and provides an attractive tradeoff between attack detection rates (when there is an attack) and false alert rates (needing further investigation) under normal conditions. Our data-driven analysis using longitudinal and distributed RTT measurements also provides insights into detector selection and the relative weight that should be given to candidate detectors at different distances from the potential victim node

Does Scale, Size, and Locality Matter? : Evaluation of Collaborative BGP Security Mechanisms

The Border Gateway Protocol (BGP) was not designed with security in mind and is vulnerable to many attacks, including prefix/subprefix hijacks, interception attacks, and imposture attacks. Despite many protocols having been proposed to detect or prevent such attacks, no solution has been widely deployed. Yet, the effectiveness of most proposals relies on largescale adoption and cooperation between many large Autonomous Systems (AS). In this paper we use measurement data to evaluate some promising, previously proposed techniques in cases where they are implemented by different subsets of ASes, and answer questions regarding which ASes need to collaborate, the importance of the locality and size of the participating ASes, and how many ASes are needed to achieve good efficiency when different subsets of ASes collaborate. For our evaluation we use topologies and routing information derived from real measurement data. We consider collaborative detection and prevention techniques that use (i) prefix origin information, (ii) route path updates, or (iii) passively collected round-trip time (RTT) information. Our results and answers to the above questions help determine the effectiveness of potential incremental rollouts, incentivized or required by regional legislation, for example. While there are differences between the techniques and two of the three classes see the biggest benefits when detection/prevention is performed close to the source of an attack, the results show that significant gains can be achieved even with only regional collaboration

Collaborative framework for protection against attacks targeting BGP and edge networks

This paper presents the design and data-driven overhead analysis of PrefiSec, a distributed framework that helps collaborating organizations to effectively maintain and share network information in the fight against miscreants. PrefiSec is a novel distributed IP-prefix-based solution, which maintains information about the activities associated with IP prefixes (blocks of IP addresses) and autonomous systems (AS) and enables efficient sharing of this information between participants. Within PrefiSec, we design and evaluate simple and scalable mechanisms that help to protect against prefixisubprefix attacks and interception attacks, and enable sharing of prefix related information related to a wide range of edge-based attacks, such as spamming and scanning. We also include an evaluation of which ASes need to collaborate, to what extent the size and locality of ASes matter, and how many ASes are needed to achieve good efficiency in detecting anomalous route announcements. Public wide-area BGP-announcements, traceroutes, and simulations are used to estimate the overhead, scalability, and alert rates. Our results show that PrefiSec helps improve system security, and can scale to large systems. (C) 2017 Elsevier B.V. All rights reserved.Funding Agencies|Swedish National Graduate School in Computer Science (CUGS)</p

The hidden mailman and his mailbag : Routing path analysis from a European perspective

The postal system is often used as an analogy when describing Internet routing. However, in addition to similarities, there are some significant differences. First, and most importantly, the Autonomous Systems (ASes) that operate the routers along the end-to-end path of a packet can often inspect and manipulate the packet and its content. Second, due to lack of secure routing mechanisms, packet paths can be diverted through additional non-trusted ASes. Although we often know the first network we connect through and the service that we access, we seldom know the networks that forward our packets. We can think of these networks as hidden mailmen. To better understand these networks and their potential access to information, we characterize the ASes along the paths of typical Internet packets between European example clients and the most popular web domains. We also identify ASes and countries with higher path coverage and investigate if there are differences in the HTTPS usage among paths that may take additional detours. Our results highlight the role played by North American (typically US-based) ASes and glean insights into how vulnerable the detoured traffic is to man-in-the-middle attacks compared to regular traffic

Stroke intracerebral multiple infarcts: Rare neurological presentation of honey bee bite

Honey-bee bites which require urgent hospitalization is very rare. It is mainly seen as occupational hazards in farmers, tree dwellers and honey collectors. Common clinical presentation includes minor localized reactions in form of swelling and redness sometimes anaphylactic reaction. Infrequent major complications reported from different studies include rhabdomyolysis, acute renal failure (ARF), acute pulmonary edema, intravascular coagulation, encephalopathy and very rarely cerebral haemorrhage. Stroke due to multiple intra- cerebral infarcts along with rhabdomyolysis in patient of honey-bee bite is rare neurological complication. We report a case of 70 year man with honey-bee bite and multiple intracerebral infarcts presented as stroke, and rhabdomyolysis and ARF. When a patient presented with honey-bee bite, one should suspect serious complications. Despite advances in the understanding of pathophysiology its complications remains enigmatic and in some instances may be multifactorial. Various therapeutic interventions if started early after diagnosis reduces the possible consequences as potential reversibility of the illness