Transcript Slide 1

TRUST:Team for Research in
Ubiquitous Secure Technologies
Overview
Shankar Sastry, PI and Dir.
Ruzena Bajcsy, Outreach Dir.
Sigurd Meldal, Education co-Dir.
John Mitchell, co-PI
Vijay Raghavan, Exec Dir
Mike Reiter, co-PI
Fred Schneider, Chief Sci.
Janos Sztipanovits, co-PI and Education Co-Dir
Steve Wicker, co-PI
TRUST First Year Review , April 27-28, 2006
TRUST worthy Systems


More than an Information Technology issue
Complicated interdependencies and composition issues
–
–
–
–



TRUST: “holistic” interdisciplinary systems view of security, software
technology, analysis of complex interacting systems, economic,
legal, and public policy issues
Trustworthiness problems invariably involve solutions with both
technical and policy dimensions (theme of Schneider’s talk)
Goals:
–
–
2
Spans security, systems, and social, legal and economic sciences
Cyber security for computer networks
Critical infrastructure protection
Economic policy, privacy
–
"Overview"
Composition and computer security for component technologies
Integrate and evaluate on testbeds
Address societal objectives for stakeholders in real systems
TRUST First Year Review, April 27,28 2006
2
TRUST Research Vision
Societal Challenges
Privacy
Computer and
Network Security
Critical
Infrastructure
TRUST will address
social, economic and
legal challenges
Integrative Efforts
Identity Theft
Project
Secure Networked
Embedded Systems
Electronic Medical
Records
Component Technologies
Software
Security
Trusted
Platforms
3
Applied Crypto graphic Protocols
Network
Security
"Overview"
Specific systems that
represent these social
challenges.
Details
have
changed
Significantly
but spirit of
this vision
remains.
Complex Inter Dependency mod.
Secure Info Mgt.
Software Tools
Secure Network
Embedded Sys
Model -based
Security Integration.
Secure Compo nent platforms
Econ., Public Pol. Soc.
Chall.
Forensic
and Privacy
Component technologies
that will provide solutions
HCI and
Security
TRUST First Year Review, April 27,28 2006
3
TRUST First Year Portfolio
We decided to use top down (Ex Comm) and bottom up (faculty)
strategic planning at the June 05 kickoff to come up with
 Integrated Research Themes
–
–
–
–
–

Phishing, Viruses, Spam and Identity Theft (leads: Mitchell, Tygar)
Secure Network Embedded Systems (leads: Wicker, Mulligan,
Sztipanovits)
Trusted Platforms and Building Blocks (lead: Wagner)
Software Reliability and Security Tools (leads: Mitchell and Schmidt)
Integrative Trustworthy Systems Design (leads: Sztipanovits and
Sastry)
Integrated Education Themes
–
–
Learning Module repository (lead: Sztipanovits)
National information assurance curriculum development (lead:
Meldal)
4
"Overview"
TRUST First Year Review, April 27,28 2006
4
Evolution of Agenda in 1st Year

Integrative design of trustworthy systems
branched into
–
–


5
Security of the Global Information Grid/ DoD
enterprise networks
Security and Privacy of Electronic Medical Records
Network Defense Portfolio was developed
building from experience with DDOS and
worm defense testbed (DETER/EMIST)
Secure network embedded systems
expanded to include security of physical
infrastructure: for e.g. SCADA/DCS systems
"Overview"
TRUST First Year Review, April 27,28 2006
5
TRUST Second Year Portfolio

Integrative Research Project Themes
–
–
–
–
–
–

Secure Network Embedded Systems (Wicker, Mulligan leads)
Identity Theft, Phishing, Spyware and Related Issues
(Mitchell, Tygar leads)
Electronic Medical Records (Sztipanovits, Bajcsy, Eklund
leads)
Trustworthy Systems (Wagner, Aiken, Reiter leads)
Network Security (Joseph, Birman leads)
Seedling Topics
Integrative Education Project Themes
–
–
–
TRUST Academy Online (TAO: Sztipanovits, Meldal leads)
Education Community Development (EDC Meldal lead)
Outreach (OUR Bajcsy lead)
6
"Overview"
TRUST First Year Review, April 27,28 2006
6
Integrative testbeds:
Cyber Defense Technology and Experimental
Reseach Network: DETER



Inadequate wide scale deployment of security
technologies
Lack of experimental infrastructure
–
Testing and validation in small to medium-scale private
research labs
–
Missing objective test data, traffic and metrics
Create reusable library of test technology for
conducting realistic, rigorous, reproducible, impartial
tests
–
–
7
"Overview"
For assessing attack impact and defense effectiveness
Test data, test configurations, analysis software, and
experiment automation tools
TRUST First Year Review, April 27,28 2006
7
Phishing, Spyware and Identity
Theft

Faking
–

Spoofing
–

An e-mail that seems to
be from a legitimate
source
A Web site that appears
to be “official”
Phishing
–
Luring users to provide
sensitive data
8
From Aucsmith, Microsoft
"Overview"
TRUST First Year Review, April 27,28 2006
8
PHISHING and Spyware Impact
Stats

Phishing: Most people are spoofed
–
–

Economic loss
–
–

Over 60% have visited a fake or spoofed site: 15% admit to havng provided
personal data
Targets: Banks, credit card companies, Web retailers, online auctions (E-bay)
and mortgage companies, 2780 sites in March 2005 alone
1.2 million U.S. adults have lost money
The total dollar impact in first 6 months of 2005: $929 million, in all of 2003 $
1.2B.
Spyware: Software that Collects personal information from you without
your knowledge or permission
–
15 percent of enterprise PCs have a keylogger
Source: Webroot's SpyAudit
–
Number of keyloggers jumped three-fold in 12 months
Source: Sophos

Impact and Support Costs
–
–
9
–
50 % of crashes caused by spware (Microsoft Watson)
Dell, HP, IBM: Spyware causes ~30% of calls
Estimated support costs at $2.5m+ / day
Source: TRUSTe & Gartner
"Overview"
TRUST First Year Review, April 27,28 2006
9
TRUST Client Side Tools


SpoofGuard: Stanford (NDSS ’04)
– Alerts user when browser is viewing a spoofed web page.
– Uses variety of heuristics to identify spoof pages.
– A new type of anomaly detection problem.
Dynamic Security Skins: Berkeley (SOUPS ’05)
–


10
Allows a remote web server to prove its identity in a way that is easy
for human to verify and hard for attacker to spoof: uses a photograph
to create trusted path
PwdHash: Stanford (Usenix Sec ’05)
– Simple mechanism for strengthening password web auth.
SpyBlock: Stanford (http://www.getspyblock.com)
– Prevent Spyware from capturing sensitive data such as
passwords
– Defends against session high jacking malware.
"Overview"
TRUST First Year Review, April 27,28 2006
10
Tech Transfer from Phishing Work

SpoofGuard:
–
–

Some SpoofGuard heuristics now used in
eBay toolbar and Earthlink ScamBlocker.
Very effective against basic phishing attacks.
PwdHash:
–
Collaboration with RSA Security to implement PwdHash on
one-time RSA SecurID passwords.



RSA SecurID passwords vulnerable to online phishing
PwdHash helps strengthen SecurID passwords
SpyBlock
–
Free version (source code) running on Firefox available for
download from http://www.getspyblock.com
11
"Overview"
TRUST First Year Review, April 27,28 2006
11
TESTBED: Cyber Defense Technology and
Experimental Reseach Network: DETER


Inadequate wide scale deployment of security
technologies
Lack of experimental infrastructure
–
–

Testing and validation in small to medium-scale private research labs
Missing objective test data, traffic and metrics
Create reusable library of test technology for conducting
realistic, rigorous, reproducible, impartial tests
–
–
For assessing attack impact and defense effectiveness
Test data, test configurations, analysis software, and experiment
automation tools
12
"Overview"
TRUST First Year Review, April 27,28 2006
12
Secure Network Embedded System
Testbed (557 nodes) at Berkeley
14

Software
– TinyOS
– Deluge
 Network reprogramming
– Drip and Drain (Routing Layer)
 Drip: disseminate
commands
 Drain: collect data
– DetectionEvent
 Multi-moded event
generator
– Multi-sensor fusion and
multiple-target tracking
algorithms

Other testbeds at Cornell,
Vanderbilt (Wicker’s talk)
"Overview"
TRUST First Year Review, April 27,28 2006
14
Oak Ridge/SensorNet
Multiple
Domains
National Warning and Alert System
Regional
Level
Network
Services
Single Domain
15
"Overview"
TRUST First Year Review, April 27,28 2006
15
Health care IT testbeds


Vanderbilt Patient Portal
– Electronic healthcare records
Include real-time monitoring of congestive heart failure patients
– Heterogeneous sensor network for monitoring
–

Data integrated into MyHealth@Vanderbilt patient portal
Berkeley ITALH Testbed: seniors in Sonoma
–
Stationary sensors: Motion detectors, Camera systems
–
Wearable sensor: Fall sensors, Heart rate or pulse monitors
Mobile Gateway
Hospital
Terminal
Secure Internet
and/or
telephone
Sensors: at home and wearable
Mobile Phone
Fall Detector
with Bluetooth
Integrated
Camera
Berkeley Motes
Sensors with
Bluetooth
WLAN
Berkeley
Mote
Sensors
Bluetooth
Home Health
System
16
Ad hoc
Zigbee
network
Zigbee
"Overview"
TRUST First Year Review, April 27,28 2006
16
Federated Sensor Network Testbeds




Existing testbeds at Cornell (museum),
Berkeley, Vanderbilt (dirty bomb detection,
surveillance)
DoE ORNL and LBNL would like to have
national scale testbeds
Industry would like to use testbeds for
SCADA, surveillance applications
Federation Workshop held at Nashville, April
18th, 2006
17
"Overview"
TRUST First Year Review, April 27,28 2006
17
Sensor Networks in Public Places

Protecting Infrastructure
–
Opportunities for embedding sensor networks



–

–
18
TRUST is emphasizing development of supporting
technology for randomly distributed sensors
Buildings
–

Transportation
Water and Fuel
Power Grid
Combine surveillance with energy control
Integrate into building materials
Open Spaces (parks, plazas, etc.)
–
–
"Overview"
Combine surveillance with environmental monitoring
Line-of-sight surveillance technologies
TRUST First Year Review, April 27,28 2006
18
Technology bans
Camera phones
Up-skirt
laws
Camera click
(notice)
Harassment/
stalking
Aural
communications
Title III
Electronic
Communications
ECPA
Certain
images
Privacy zone
Barak Obama
VIDEO PRIVACY IN PUBLIC
SPACES
TRUST First Year Review , April 27-28, 2006
EDUCATIONAL INITIATIVES


Repositories set up, course work/modules
development, summer school
Policy, Technology, Psychological Motivations of
Terrorism: Maurer (Berkeley), Lazowska
(Washington), Savage (UCSD) and Microsoft, Fall 05
http://www.cs.washington.edu/education/courses/csep590/05au/lectures/
–
–
–
–


Lampson, “Accountability and Freedom
Varian “Economics and Computer Security”
Maurer “The Third Wave of Terrorism”
Aucsmith “Crime on the Internet”
Samuelson, Mulligan, Wicker, and Goldberg: Video
Privacy in Public Places
Capacity Building program for HBCU, HSI: Reiter
20
"Overview"
TRUST First Year Review, April 27,28 2006
20
Education Plans Accomplishments
–
–
–
–
–
Working with a Learning Community: BFOIT
Learning Science and Technology Insertion:
VanTH
Curriculum Development and Refinement
Repository Development: CAPE/ELMS
TRUST Summer School and Workshops: WISE
21
"Overview"
TRUST First Year Review, April 27,28 2006
21
Curriculum Development






Content creation
Presentation & Packaging
Learning Strategy Formalization
Delivery methods
Evangelization and dissemination
Challenges
–
–
–
Bringing in the policy-oriented educators
Bringing in the non-CS engineering disciplines
Evangelizing
22
"Overview"
TRUST First Year Review, April 27,28 2006
22
Adoption of New Courseware

Security science (incremental, integrative, learning modules)
–
–
–

Social sciences (incremental, integrative, learning modules)
–
–


In-discipline: Privacy, information management and security,
economics, organization theory, IP
Cross-discipline: Fundamentals of security technologies, technology
awareness
Systems science (new capstone courses)
–
23
In-discipline: operating systems, programming languages,
cryptography, secure networking, hardware architectures…
Canonical security courses
Cross-discipline: Social impact, law, privacy, organizational roles,
infrastructure
Case studies as vehicle for learning modules
Cross-discipline: Design and analysis of complex systems
Courseware repository
–
"Overview"
Web-deliverable courseware – VaNTH/eLMS
TRUST First Year Review, April 27,28 2006
23
Course Repository

Implemented Course Repository in CAPE
–
–
–
–
Specify taxonomy
Define course learning objectives
Simulate learning process via sequencing of course modules
Include relevant resources in a course module




Lecture notes, Presentation slides
Home assignments, Projects
Exams, Quizzes
Web-based Delivery System
–
–
Hosted by VaNTH from Vanderbilt University
https://try.elms.vanth.org
24
"Overview"
TRUST First Year Review, April 27,28 2006
24
Network Security Course Modules

How bad guys work
–

Cryptography
–

25
Authentication and key exchange protocols
Network security standards
–

Secret key, public key, hash functions
Authentication protocols
–

Network attacks from hackers’ perspective
Wireless security, IP security, SSL, email security
Analysis of security protocols
–
"Overview"
Inductive model, game theory, protocol logics…
TRUST First Year Review, April 27,28 2006
25
Outreach: Partner Activities

BFOIT - Berkeley Foundation for Opportunities in Information
Technology
http://www.bfoit.org/

SUPERB-IT - Summer Undergraduate Program in Engineering
Research at Berkeley - Information Technology
http://www.eecs.berkeley.edu/Programs/ugrad/superb/superb.html

SIPHER - Summer Internship Program in Hybrid and Embedded
Software Research
http://fountain.isis.vanderbilt.edu/fountain/Teaching/

Pennsylvania Area HBCU Outreach - Historically Black Colleges and
Universities
http://is.hss.cmu.edu/summer.html
26
"Overview"
TRUST First Year Review, April 27,28 2006
26
Outreach: WISE




27
Women’s Institute in Summer Enrichment (WISE) is
affiliated with the Center for the Team in Research for
Ubiquitous Secure Technology (TRUST).
WISE is a residential summer program on the
University of California, Berkeley campus that brings
together women (but it is not restricted to women
only!)
Courses in several disciplines, including computer
science, economics, law, and electrical engineering.
One-week program includes rigorous classes in the
mornings, and hands-on experiments and teambased projects in the afternoons.
"Overview"
TRUST First Year Review, April 27,28 2006
27
SUMMARY


TRUST has been successfully launched: research, education,
outreach programs under way
Hallmark of TRUST: Grand Challenge Projects
–
Large Integrative Projects





–
Education: Large Projects



–


"Overview"
Repositories: Evaluation using Learning Theory
Modules for existing courses
TRUST Summer School
Outreach: Comprehensive

28
Identity Theft, Phishing, Spyware Defenses
Secure Network Embedded Systems
Trustworthy Systems
Secure Electronic Patient Records Portal
Network Defense
BFOIT, SUPERB, SIPHER
Capacity Building Program for HBCU/HSI
WISE outreach to women researchers
TRUST First Year Review, April 27,28 2006
28