Security and Privacy in Communication Networks

String extraction and matching techniques have been widely used in generating signatures for worm detection, but how to generate effective worm signatures in an adversarial environment still remains challenging. For example, attackers can freely manipulate byte distributions within the attack payloads and also can inject well-crafted noisy packets to contaminate the suspicious flow pool. To address these attacks, we propose SAS, a novel Semantics Aware Statistical algorithm for automatic signature generation. When SAS processes packets in a suspicious flow pool, it uses data flow analysis techniques to remove non-critical bytes. We then apply a Hidden Markov Model (HMM) to the refined data to generate state-transition-graph based signatures. To our best knowledge, this is the first work combining semantic analysis with statistical analysis to automatically generate worm signatures. Our experiments show that the proposed technique can accurately detect worms with concise signatures. Moreover, our results indicate that SAS is more robust to the byte distribution changes and noise injection attacks comparing to Polygraph and Hamsa.

In this paper we address the following questions: From a networking perspective, do malicious programs (malware, bots, viruses, etc...) behave differently from benign programs that run daily for various needs? If so, how may we exploit the differences in network behavior to detect them? To address these questions, we are systematically analyzing the behavior of a large set (at the magnitude of 2,000) of malware samples. We present our initial results after analyzing 1000 malware samples. The results show that malicious and benign programs behave quite differently from a network perspective. We are still in the process of attempting to interpret the differences, which nevertheless have been utilized to detect 31 malware samples which were not detected by any antivirus software on Virustotal.com as of 01 April 2010, giving evidence that the differences between malicious and benign network behavior has a possible use in helping stop zero-day attacks on a host machine.

In this paper, we propose a framework to administrate privacy policies in distributed service infrastructure. We define new administrative capabilities that model user preferences and specify how data owners can access to them. We investigate a distributed administration of the privacy policy where three different administrative policies can coexist and one can dominate the other. We define the data collector practices, the legal organisation policies, such as emergency service’s policies, and the negotiated policy between the data collector and services providers. We finally specify how to manage these three distributed privacy administration policies.

Privacy preservation in location based services (LBS) has received extensive attention in recent years. One of the less explored problems in this domain is associated with services that rely on continuous updates from the mobile object. Cloaking algorithms designed to hide user locations in single requests perform poorly in this scenario. The historical k-anonymity property is therefore enforced to ensure that all cloaking regions include at least k objects in common. However, the mobility of the objects can easily render increasingly bigger cloaking regions and degrade the quality of service. To this effect, this paper presents an algorithm to efficiently enforce historical k-anonymity by partitioning of an object’s cloaking region. We further enforce some degree of directional similarity in the k common peers in order to prevent an excessive expansion of the cloaking region.

Online personal health record (PHR) enables patients to manage their own medical records in a centralized way, which greatly facilitates the storage, access and sharing of personal health data. With the emergence of cloud computing, it is attractive for the PHR service providers to shift their PHR applications and storage into the cloud, in order to enjoy the elastic resources and reduce the operational cost. However, by storing PHRs in the cloud, the patients lose physical control to their personal health data, which makes it necessary for each patient to encrypt her PHR data before uploading to the cloud servers. Under encryption, it is challenging to achieve fine-grained access control to PHR data in a scalable and efficient way. For each patient, the PHR data should be encrypted so that it is scalable with the number of users having access. Also, since there are multiple owners (patients) in a PHR system and every owner would encrypt her PHR files using a different set of cryptographic keys, it is important to reduce the key distribution complexity in such multi-owner settings. Existing cryptographic enforced access control schemes are mostly designed for the single-owner scenarios.

In this paper, we propose a novel framework for access control to PHRs within cloud computing environment. To enable fine-grained and scalable access control for PHRs, we leverage attribute based encryption (ABE) techniques to encrypt each patient’s PHR data. To reduce the key distribution complexity, we divide the system into multiple security domains, where each domain manages only a subset of the users. In this way, each patient has full control over her own privacy, and the key management complexity is reduced dramatically. Our proposed scheme is also flexible, in that it supports efficient and on-demand revocation of user access rights, and break-glass access under emergency scenarios.

Wireless networking protocols are increasingly being designed to exploit a user’s measured channel condition; we call such protocols channel-aware. Each user reports its measured channel condition to a manager of wireless resources and a channel-aware protocol uses these reports to determine how resources are allocated to users. In a channel-aware protocol, each user’s reported channel condition affects the performance of every other user. A possible attack against channel-aware protocols is false feedback of channel condition. The deployment of channel-aware protocols increases the risks posed by false feedback. In this paper, we study the potential impact of an attacker that falsely reports its channel condition and propose a defense mechanism to securely estimate channel condition. We analyze our mechanism and evaluate the system performance deploying our mechanism through simulation. Our evaluation shows that our mechanism effectively thwarts channel condition misreporting attack.

Cellular text messaging services are increasingly being relied upon to disseminate critical information during emergencies. Accordingly, a wide range of organizations including colleges, universities and large metropolises now partner with third-party providers that promise to improve physical security by rapidly delivering such messages. Unfortunately, these products do not work as advertised due to limitations of cellular infrastructure and therefore provide a false sense of security to their users. In this paper, we perform the first extensive investigation and characterization of the limitations of an Emergency Alert System (EAS) using text messages as a security incident response and recovery mechanism. Through the use of modeling and simulation based on configuration information from major US carriers, we show emergency alert systems built on text messaging not only can not meet the 10 minute delivery requirement mandated by the WARN Act, but also potentially cause other legitimate voice and SMS traffic to be blocked at rates upwards of 80%. We then show that our results are representative of reality by comparing them to a number of documented but not previously understood failures. Finally, we discuss the causes of the mismatch of expectations and operational ability and suggest a number of techniques to improve the reliability of these systems. We demonstrate that this piece of deployed security infrastructure simply does not achieve its stated requirements.

The move to a pervasive computing environment, with the increasing use of laptops, netbooks, smartphones and tablets, means that we are more reliant on wireless networking and batteries for our daily computational needs. Specifically, this includes applications which have sensitive data that must be securely communicated over VPNs. However, the use of VPNs and mobile, wireless computing creates conflicting needs: VPNs traditionally assume a stable network connection, which is then secured; in contrast, wireless computing assumes a transitory network connection due to mobility or energy-saving protocols. In this work we study the ability to use traditional VPN protocols, specifically IPsec, in mobile environments while permitting for energy savings. Energy savings come from power-cycling the wireless radio when it is not in use.

More specifically, we develop a mathematical model for determining potential power savings on mobile devices when power-cycling the radio in IPsec use settings. Next, we perform performance measurements on IPsec session resumption protocols IKEv2 [1], MOBIKE [2], and IPsec Gateway Failover (IGF) [3] to provide data for our model. We apply the model to over 3000 wireless sessions, and determine the optimal power savings that could be achieved by power-cycling the radio while maintaining an IPsec connection. We show that there is a high-potential for energy savings in the best case. Finally, we develop an efficient and simple real-world online scheduling algorithm that achieves near optimal results for a majority of users.

Kernel rootkits are among the most insidious threats to computer security today. By employing various code injection techniques, they are able to maintain an omnipotent presence in the compromised OS kernels. Existing preventive countermeasures typically employ virtualization technology as part of their solutions. However, they are still limited in either (1) requiring modifying the OS kernel source code for the protection or (2) leveraging software-based virtualization techniques such as binary translation with a high overhead to implement a Harvard architecture (which is robust to various code injection techniques used by kernel rootkits). In this paper, we introduce hvmHarvard, a hardware virtualization-based Harvard architecture that transparently protects commodity OS kernels from kernel rootkit attacks and significantly reduces the performance overhead. Our evaluation with a Xen-based prototype shows that it can transparently protect legacy OS kernels with rootkit resistance while introducing < 5% performance overhead.

Single Sign-On (SSO) is a core component in a federated identity management (FIM). Dynamic Single Sign-on (DSSO) is a more flexible SSO where users can change their service requirements dynamically. However, the security in the current SSO and DSSO systems remain questionable. As an example, personal credentials could be illegally used to allow illegal users to access the services. It is indeed a challenging task to achieve strong security in SSO and DSSO. In this paper, we propose a generic construction of DSSO with strong security. We propose the formal definitions and security models for SSO and DSSO, which enable one to achieve the security of SSO and DSSO with the underlying (standard) security assumptions. We also provide a formal security proof on our generic DSSO scheme.

Web 2.0 platforms are ubiquitously used to share content and personal information, which makes them an inviting and vulnerable target of hackers and phishers alike. In this paper, we discuss an emerging class of attacks, namely content repurposing attacks, which specifically targets sites that host user uploaded content on Web 2.0 sites. This latent threat is poorly addressed, if at all, by current protection systems, both at the remote sites and at the client ends. We design and develop an approach that protects from content repurposing attacks at the client end. As we show through a detailed evaluation, our solution promptly detects and stops various types of attacks and adds no overhead to the user’s local machine or browser where it resides. Further, our approach is light-weight and does not invasively monitor all the user interactions with the browser, providing an effective protection against these new and powerful attacks.

An innate deficiency of the Internet is its susceptibility to IP spoofing. Whereas a router uses a forwarding table to determine where it should send a packet, previous research has found that a router can similarly employ an incoming table to verify where a packet should come from, thereby detecting IP spoofing. Based on a previous protocol for building incoming tables, SAVE, this paper introduces new mechanisms that not only address a critical deficiency of SAVE when it is incrementally deployed (incoming table entries becoming obsolete), but can also push the filtering of spoofing packets towards the SAVE router that is closest to spoofers. With these new mechanisms, and under the assumption of incremental deployment, we further discuss the security of SAVE, evaluate its efficacy, accuracy, and overhead, and look into its deployment incentives. Our results show incoming-table-based IP spoofing detection is a feasible and effective solution.

We present a new denial-of-service attack against 802.11 wireless networks. Our attack exploits previously discovered performance degradation in networks with substantial rate diversity. In our attack, the attacker artificially reduces his link quality by not acknowledging receptions (which we call “partial deafness” because an attacker pretends to have not heard some of the transmission), thereby exploiting the retransmission and rate adaptation mechanisms to reduce Medium Access Control (MAC)-layer performance. As compared to previously proposed attacks, the partial deafness attack is particularly strong because the attacker does not necessarily need any advantage over normal users in terms of transmission power, computation resources, or channel condition.

Previous work has shown that time fairness in sharing the wireless medium can improve network throughput. We show that time-based regulation at the data queue of the access point can similarly mitigate the negative impact of a partial deafness attacker.

The IEEE 802.15.4 standard has attracted time-critical applications in wireless sensor networks (WSNs) because of its beacon-enabled mode and guaranteed time slots (GTSs). However, the GTS management scheme’s built-in security mechanisms still leave the 802.15.4 MAC vulnerable to attacks. Further, the existing techniques in the literature for securing 802.15.4 either focus on non beacon-enabled mode 802.15.4 or cannot defend against insider attacks for beacon-enabled mode 802.15.4. In this paper we illustrate this by demonstrating attacks on the availability and integrity of a beacon-enabled 802.15.4 sensor network. To confirm the validity of the attacks, we implement the attacks using Tmote Sky Motes for sensor nodes, where the malicious node is deployed as an inside attacker. We show that the malicious node can easily exploit information retrieved from the beacon frames to compromise the integrity and availability of the network. We also discuss possible defense mechanisms against these attacks.

The publish/subscribe model offers a loosely-coupled communication paradigm where applications interact indirectly and asynchronously. Publisher applications generate events that are sent to interested applications through a network of brokers. Subscriber applications express their interest by specifying filters that brokers can use for routing the events. Supporting confidentiality of messages being exchanged is still challenging. First of all, it is desirable that any scheme used for protecting the confidentiality of both the events and filters should not require the publishers and subscribers to share secret keys. In fact, such a restriction is against the loose-coupling of the model. Moreover, such a scheme should not restrict the expressiveness of filters and should allow the broker to perform event filtering to route the events to the interested parties. Existing solutions do not fully address those issues. In this paper, we provide a novel scheme that supports (i) confidentiality for events and filters; (ii) filters can express very complex constraints on events even if brokers are not able to access any information on both events and filters; (iii) and finally it does not require publishers and subscribers to share keys.

Enforcing security often requires the two legitimate parties of a communication to determine whether they share a secret, without disclosing information (e.g. the shared secret itself, or just the existence of such a secret) to third parties—or even to the other party, if it is not the legitimate party but an adversary pretending to impersonate the legitimate one. In this paper, we propose CED² (Communication Efficient Disjointness Decision), a probabilistic and distributed protocol that allows two parties—each one having a finite set of elements—to decide about the disjointness of their sets. CED² is particularly suitable for devices having constraints on energy, communication, storage, and bandwidth. Examples of these devices are satellite phones, or nodes of wireless sensor networks. We show that CED² significantly improves the communication cost compared to the state of the art, while providing the same degree of privacy and security. Analysis and simulations support the findings.

In order to tolerate servers’ Byzantine failures, a distributed storage service of self-verifying data (e.g., certificates) needs to make three security properties be Byzantine fault tolerant (BFT): data consistency, data availability, and confidentiality of the (signing service’s) private key. Building such systems demands the integration of Byzantine quorum systems (BQS), which only make data consistency and availability be BFT, and threshold signature schemes (TSS), which only make confidentiality of the private key be BFT. Two families of correct or valid TSS-BQS systems (of which the server protocols carry all the design options) have been proposed in the literature. Motivated by the failures in finding a third family of valid server protocols, we study the reverse problem and formally prove that it is impossible to find any third family of valid TSS-BQS systems. To obtain this proof, we develop a validity theory on server protocols of TSS-BQS systems. It is shown that the only two families of valid server protocols, “predicted” (or deduced) by the validity theory, precisely match the existing protocols.

The security of smart phones is increasingly important due to their rapid popularity. Mobile computing on smart phones introduces many new characteristics such as personalization, mobility, pay-for-service and limited resources. These features require additional privacy protection and resource usage constraints in addition to the security and privacy concerns on traditional computers. As one of the leading open source mobile platform, Android is also facing security challenges from the mobile environment. Although many security measures have been applied in Android, the existing security mechanism is coarse-grained and does not take into account the context information, which is of particular interest because of the mobility and personality of a smart phone device.

To address these challenges, we propose a context-aware usage control model ConUCON, which leverages the context information to enhance data protection and resource usage control on a mobile platform. We also extend the existing security mechanism to implement a policy enforcement framework on the Android platform based on ConUCON. With ConUCON, users are able to employ fine-grained and flexible security mechanism to enhance privacy protection and resource usage control. The extended security framework on Android enables mobile applications to run with better user experiences. The implementation of ConUCON and its evaluation study demonstrate that it can be practically adapted for other types of mobile platform.

Many embedded systems have relatively strong security requirements because they handle confidential data or support secure electronic transactions. A prototypical example are payment terminals. To ensure that sensitive data such as cryptographic keys cannot leak, security-critical parts of these systems are implemented as separate chips, and hence physically isolated from other parts of the system.

But isolation can also be implemented in software. Higher-end computing platforms are equipped with hardware support to facilitate the implementation of virtual memory and virtual machine monitors. However many embedded systems lack such hardware features.

In this paper, we propose a design for a generic and very lightweight hardware mechanism that can support an efficient implementation of isolation for several subsystems that share the same processor and memory space. A prototypical application is the software implementation of cryptographic support with strong assurance on the secrecy of keys, even towards other code sharing the same processor and memory. Secure co-habitation of code from different stakeholders on the same system is also supported.

We propose a framework that uses environment information to enhance computer security. We apply our framework to: enhance IDS performance; and to enrich the expressiveness of access/rate controls. The environment information is gathered by external (w.r.t the host) sensors, and transmitted via an out-of-band channel, and thus it is hard for adversaries not having physical access to compromise the system. The information gathered still remains intact even if malware use rootkit techniques to hide its activities. Due to requirements on user privacy, the information gathered could be coarse and simple. We show that such simple information is already useful in several experimental evaluations. For instance, binary user presence indicating at a workstation can help to detect DDoS zombie attacks and illegal email spam. Our framework takes advantage of the growing popularity of multimodal sensors and physical security information management systems. Trends in sensor costs suggest that it will be cost-effective in the near future.

While we can now outsource data backup to third-party cloud storage services so as to reduce data management costs, security concerns arise in terms of ensuring the privacy and integrity of outsourced data. We design FADE, a practical, implementable, and readily deployable cloud storage system that focuses on protecting deleted data with policy-based file assured deletion. FADE is built upon standard cryptographic techniques, such that it encrypts outsourced data files to guarantee their privacy and integrity, and most importantly, assuredly deletes files to make them unrecoverable to anyone (including those who manage the cloud storage) upon revocations of file access policies. In particular, the design of FADE is geared toward the objective that it acts as an overlay system that works seamlessly atop today’s cloud storage services. To demonstrate this objective, we implement a working prototype of FADE atop Amazon S3, one of today’s cloud storage services, and empirically show that FADE provides policy-based file assured deletion with a minimal trade-off of performance overhead. Our work provides insights of how to incorporate value-added security features into current data outsourcing applications.

The main goal of anonymity protocols is to protect the identities of communicating entities in a network communication. An anonymity protocol can be characterized by a noisy channel in the information-theoretic sense. The anonymity of the protocol is then tightly related to how much information is being leaked by the channel. In this paper we investigate a new idea of measuring the information leaked based on how much the rows of the channel probabilities matrix are different from each other. We considered each row of the matrix as a point in the n-dimensional space and we used statistical dispersion measures to estimate how much the points are scattered in the space. Empirical results showed that the two proposed measures KLSD and KLMD are sensitive to the modifications of the attacker capabilities and most importantly they are stable when the a priori distribution on the secret events changes. We show that a variant of KLSD coincides with the classical notion of mutual information which gives the latter an interesting geometric interpretation. The same idea of statistical dispersion is used in a new decision function when the protocol is re-executed several times.

Hidden Markov Models (HMMs) have applications in several areas of computer security. One drawback of HMMs is the selection of appropriate model parameters, which is often ad hoc or requires domain-specific knowledge. While algorithms exist to find local optima for some parameters, the number of states must always be specified and directly impacts the accuracy and generality of the model. In addition, domain knowledge is not always available or may be based on assumptions that prove incorrect or sub-optimal.

We apply the ε-machine—a special type of HMM—to the task of constructing network protocol models solely from network traffic. Unlike previous approaches, ε-machine reconstruction infers the minimal HMM architecture directly from data and is well suited to applications such as anomaly detection. We draw distinctions between our approach and previous research, and discuss the benefits and challenges of ε-machine for protocol model inference.

Knowledge-based programs provide an abstract level of description of protocols in which agent actions are related to their states of knowledge. The paper describes how epistemic model checking technology may be applied to discover and verify concrete implementations based on this abstract level of description. The details of the implementations depend on the specific context of use of the protocol. The knowledge-based approach enables the implementations to be optimized relative to these conditions of use. The approach is illustrated using extensions of the Dining Cryptographers protocol, a security protocol for anonymous broadcast.

A DNS wildcard can be used to point arbitrary requests for host names within a domain to a specific host name or IP address. Wildcards offer administrators the convenience of not having to change DNS entries when host names change. However, we are not aware of any work that documents how wildcards are used in practice. Such a study is particularly important now, because Internet miscreants are starting to exploit DNS wildcards for convenience and possibly for evading blacklists based on exact host names. In this paper, we study the prevalence and uses of wildcards among the good, bad, and ugly domains in the Internet. We find that wildcards are in extensive use among businesses that monetize unregistered domains, domains hosted by large web-hosting providers, blogging sites, and websites connected to scam, phishing, and malware.

DNS cache poisoning is a serious threat to today’s Internet. We develop a formal model of the semantics of DNS caches, including the bailiwick rule and trust-level logic, and use it to systematically investigate different types of cache poisoning and to generate templates for attack payloads. We explain the impact of the attacks on DNS resolvers such as BIND, MaraDNS, and Unbound and their implications for several defenses against DNS cache poisoning.

Abuse-freeness is an important security requirement for con-tract-signing protocols. In previous work, Kähler, Küsters, and Wilke proposed a definition for offline abuse-freeness. In this work, we generalize this definition to online abuse-freeness and apply it to two prominent contract-signing protocols. We demonstrate that online abuse-freeness is strictly stronger than offline abuse-freeness.