Transcript security services

Fundamental and Emerging Topics in
Network Security
Dr. Haojin Zhu
[email protected]
http://nsec.sjtu.edu.cn/
TA: Long Zhang
[email protected]
1
About Instructor
• Dr. Haojin Zhu, Associate Professor of
Computer Science and Engineering
Department
–
–
–
–
http://nsec.sjtu.edu.cn/
[email protected]
Office: SEIEE 3-509
Office hours:
• by appointment
2
Course Objectives
• Learn some fundamental and advanced issues,
concepts, principles, and mechanisms in network
security
• Learn recent research advances in network security
• Prepare for graduate research in network security
3
Text
• No required textbook
• Research papers listed on the course website
4
Grading
• In-class paper presentation (40%)
• Course research project (3~4 persons a group) (60%)
– A survey on a topic (normally related to your
presentation) (40%)
– 1~2 pages on your findings from this survey (20%)
• Improvement of existing works (protocol/algorithm
design)
• Or System Implementation with a better performance
5
Grading (Cont’d)
• The final grades are computed according to the
following criteria:
– Average: 85~90
– In-class paper presentation: your score is determined by
peer-evaluation (will be discussed later)
– Survey (please indicate each person’s contribution in the
survey paper)
– Research findings (evaluation based on your novelty, and
contribution)
6
Course Outline
• Topic 1: Network Security Fundamentals
– Slides from Ian Goldberg@Univ of Waterloo,
Computer Security and Privacy.
• Topic 2: Advanced network security primitives
– Secret sharing
– Group Key Management
– Broadcast authentication
7
Course Outline
• Topic 3: Emerging research topics
– Present later
8
Research Paper
• Small team -- at most four students per group
• Important Dates
– Team Proposal due: May/5/14 (The first will have the
priority)
– Presentation Schedule fixed: May/5/14
– First Presentation: May/12/14
– Final submission due: one week after last week’s class
• The instructor will be available to discuss your topic
via email or face-to-face discussion (by appointment)
• You should start thinking about team and topic now
– Send email to me and TA
9
Paper Presentation
• Each group presents 2~3 papers depending on the
technical difficulty of the presented papers (two
persons on the same paper).
• We have 20 papers to discuss. (each class for 4
papers, eight persons involved)
10
Presenter’s Preparation
• Please prepare your presentation slides.
• You have 25-30 minutes for your presentation.
Please expect questions after one person’s
presentation. Your presentation will be graded
based on the criteria in the grading form,
which can be downloaded from our course
website.
11
Peer Evaluation
• Your participation in grading is required.
• Your presentation score will be determined by the
evaluations from the instructor (45%), the peer
evaluation from the audience (45%), and your
participation in grading other students' presentations
(10%).
• Please print the evaluation form and hand in the
form after the class. All your evaluations will be kept
as confidential.
12
Peer Evaluation (Cont’d)
• The highest and lowest peer evaluation scores will be
deleted and the average of the remaining scores will
be used as your final peer evaluation score.
• For example, if your peer evaluation scores from
audience are 100, 99, 15, 87, 85, 77, 90. The highest
score 100 is discarded and the lowest score 15 is also
discarded. Your peer evaluation final score is the
average of the remaining scores, which is 87.6
• If you have multiple identical highest/lowest scores,
only one will be deleted.
13
Security Conferences
• 1st tier (Big 4)
• IEEE S&P(Oakland), ACM CCS, USENIX Security,
NDSS
• 2nd tier
• ACSAC, ESORICS, WiSec, AsiaCCS, CT-RSA, and
etc
14
Cryto Conferences
• 1st Tier
• Crypto, EUROCRYPT
• 2nd Tier
• ASIACRYPT, PKC, TCC, Financial Crypto and etc
15
Networking Conferences
• 1st Tier
• SIGCOMM, MOBICOM
• 2nd Tier
• INFOCOM, Mobihoc, SIGMETRICS, CONEXT,
ICNP, ICDCS and etc
16
DATABASE and Data mining
• 1st Tier
• SIGMOD, VLDB, WWW, and etc
17
Presentation Topic 1
Electrical Cash
• [1] Chaum, David (1983). "Blind signatures for untraceable
payments“, Crypto’82.
• [2] Nakamoto, Satoshi. Bitcoin: A Peer-to-Peer Electronic
Cash System. 24 May 2009
• [3] Two Bitcoins at the Price of One? Double-Spending
Attacks on Fast Payments in Bitcoin, ACM CCS 2012.
• [4] PermaCoin: Repurposing Bitcoin Work for Data
Preservation, Oadland’ 2014
18
Presentation Topic 2
Smart Phone Security
• (sp)iPhone: Decoding Vibrations From Nearby Keyboards Using
Mobile Phone Accelerometers, ACM CCS, 2011.
• Analysis of the Communication between Colluding Applications
on Modern Smartphones, ACSAC, 2012.
• Adrienne Porter Felt, Erika Chin, Android permissions
demystified, Steve Hanna, Dawn Song, David Wagner. CCS 2011.
• X. Zhou, S. Demetriou, D. He, N. Muhammad, X. Pan, X. Wang,
C. Gunter and K. Nahrstedt, “Identity, Location, Disease and
More: Inferring Your Secrets from Android Public Resources”.
19
ACM CCS'13.
Presentation Topic 3
Wireless Biometrics
• [1] Active Behavioral Fingerprinting of Wireless Devices,
ACM conference on Wireless Network Security (WiSec),
2008.
• [2] Attacks on Physical-layer Identification, ACM conference
on Wireless Network Security (WiSec), 2010.
• [3] Robust Location Distinction using Temporal Link
Signatures, ACM Conference on Mobile Computing and
Networking (Mobicom), 2007.
20
Presentation Topic 4
Wireless Pairing
• Good Neighbor: Ad Hoc Pairing of Nearby Wireless Devices
by Multiple Antennas, Annual Network & Distributed System
Security Symposium (NDSS) 2011.
• On Pairing Constrained Wireless Devices Based on Secrecy of
Auxiliary Channels: The Case of Acoustic Eavesdropping,
ACM Conference on Computer and Communications Security
(CCS), 2010.
• Secure In-Band Wireless Pairing, Shyam Gollakota, Nabeel
Ahmed, Nickolai Zeldovich, and Dina Katabi
• USENIX Security, 2011.
21
Presentation Topic 5
Location Privacy
• Y.-A. de Montjoye, C. A. Hidalgo, M. Verleysen, and V. D. Blondel,
“Unique in the crowd: The privacy bounds of human mobility,”
Scientific reports, vol. 3, 2013.
• C. Y. Ma, D. K. Yau, N. K. Yip, and N. S. Rao, “Privacy
vulnerability of published anonymous mobility traces,” in
MobiCom’10. ACM, 2010.
• T. Xu and Y. Cai, “Feeling-based location privacy protection for
location-based services,” in CCS’09. ACM, 2009.
• M. Srivatsa and M. Hicks, “Deanonymizing mobility traces: Using
social network as a side-channel,” in CCS’12. ACM, 2012.
• R. Shokri, G. Theodorakopoulos, J. Le Boudec, and J. Hubaux,
“Quantifying location privacy,” in Security and Privacy 2011. IEEE,
22
2011.
•
•
•
•
•
Presentation Topic 6
Anonymous and Pseudonymous
Communication
Anonymous and Pseudonymous Communication, Untraceable
electronic mail, return addresses, and digital pseudonyms,
David Chaum, Communications of the ACM, 1981
Tor: The Second-Generation Onion Router, Roger Dingledine,
Nick Mathewson, Paul Syverson, USENIX Security 2004
Scalable Onion Routing with Torsk,Jon McLachlan, Andrew
Tran, Nicholas Hopper, Yongdae Kim, CCS 2009
ShadowWalker: Peer-to-peer Anonymous Communication
using Redundant Structured Topologies , Prateek Mittal, Nikita
Borisov, CCS 2009
In Search of an Anonymous and Secure Lookup: Attacks on
Structured Peer-to-peer Anonymous Communication Systems
23
Qiyan Wang, Prateek Mittal, Nikita Borisov, CCS 2010
Presentation Topic 7
Sybil Detection in Online Social
Networks
• H. Yu, M. Kaminsky, P. B. Gibbons, and A. Flaxman. Sybilguard:
defending against sybil attacks via social networks. In
SIGCOMM, 2006.
• G. Danezis and P. Mit. Sybilinfer: Detecting sybil nodes using
social networks. In NDSS, 2009.
• You are How You Click: Clickstream Analysis for Sybil Detection,
Gang Wang, Tristan Konolige, Christo Wilson, Xiao Wang, Haitao
Zheng and Ben Y. Zhao, USENIX Security 2013.
• Jialong Zhang and Guofei Gu. "NeighborWatcher: A ContentAgnostic Comment Spam Inference System." NDSS'13, San
Diego, CA, USA. February 2013.
24
Presentation Topic 8
Cloud Security
• Privacy-preserving public auditing for data storage security in
cloud computing, INFOCOM.
• Düppel: Retrofitting Commodity Operating Systems to Mitigate
Cache Side Channels in the Cloud, ACM CCS’13.
• Resource-Freeing Attacks: Improve Your Cloud Performance (at
Your Neighbor's Expense) ACM, CCS’12.
• Hourglass Schemes: How to Prove that Cloud Files Are
Encrypted. ACM CCS’12.
25
Presentation Topic 9
Proximity Authentication Techniques
• Secure Proximity Detection for NFC Devices based on Ambient
Sensor Data. T. Halevi, D. Ma, N. Saxena and T. Xiang.
(ESORICS), 2012.
• Design and Implementation of a Terrorist-Fraud Resilient Distance
Bounding System,Aanjhan Ranganathan, Nils Ole Tippenhauer,
Boris Skoric, Dave Singelee and Srdjan Capkun, ESORICS, 2012.
• Realization of RF Distance Bounding, Kasper Bonne Rasmussen,
Srdjan Capkun , USENIX Security Symposium, 2010.
• Attacks on Public WLAN-based Positioning, Nils Ole
Tippenhauer, Kasper Bonne Rasmussen, Christina P?pper, Srdjan
Capkun MobiSys, 2009.
26
Presentation Topic 10
Jamming Attacks
• The Feasibility of Launching and Detecting Jamming Attacks in
Wireless Networks,, MobiHoc, 2002.
• Jamming-resistant Broadcast Communication without Shared
Keys, Christina Popper, Mario Strasser, Srdjan Capkun, USENIX
Security, 2009.
• Jamming-resistant Key Establishment using Uncoordinated
Frequency Hopping, IEEE Oakland 2008.
• Physical Layer Wireless Security Made Fast and Channel
Independent, Shyamnath Gollakota and Dina Katabi, IEEE
Conference on Computer Communications (INFOCOM), 2011.
• On Limitations of Friendly Jamming for Confidentiality, Nils Ole
Tippenhauer, Luka Malisa, Aanjhan Ranganathan, Srdjan Capkun,
IEEE Symposium on Security and Privacy (S&P), 2013.
27
Presentation Topic 11
Automobile Security
• Comprehensive Experimental Analyses of Automotive Attack
Surfaces, Stephen Checkoway, Damon McCoy, Brian Kantor,
Danny Anderson, Hovav Shacham, Stefan Savage, Karl Koscher,
Alexei Czeskis, Franziska Roesner, and Tadayoshi Kohno,
USENIX Security, August 10–12, 2011.
• Relay Attacks on Passive Keyless Entry and Start Systems in
Modern Cars, Aurelien Francillon, Boris Danev, and Srdjan
Capkun, Network and Distributed System Security Symposium
(NDSS), 2011
• Security and Privacy Vulnerabilities of In-Car Wireless Networks:
A Tire Pressure Monitoring System Case Study, Ishtiaq Roufa,
Rob Millerb, Hossen Mustafaa, Travis Taylora, Sangho Ohb
Wenyuan Xua, Marco Gruteserb, Wade Trappeb, and Ivan Seskarb
28
USENIX conference on Security, 2010
How to Determine Your
Presentation Paper
• Form Your Group First (2~4)
• Send your team member names and the
preferred topics to me & TA (at least 3 topics)
• Come first, choose first (if less than 4, I will
merge the groups otherwise move on to the
next topic)
• If no suitable topics for you, please discuss
with me for an alternative choise.
29
A Brief Review of Basic Security
Concepts
30
Security Objectives
Secrecy
(Confidentiality)
Integrity
Availability
(Denial of Service)
31
Security Objectives
• Secrecy — Prevent/detect/deter improper
disclosure of information
• Integrity — Prevent/detect/deter improper
modification of information
• Availability — Prevent/detect/deter improper
denial of access to services provided by the
system
32
Commercial Example
• Secrecy — An employee should not know the
salary of his manager
• Integrity — An employee should not be able
to modify the employee's own salary
• Availability — Paychecks should be printed on
time as stipulated by law
4/6/2016
33
Military Example
• Secrecy — The target coordinates of a missile
should not be improperly disclosed
• Integrity — The target coordinates of a missile
should not be improperly modified
• Availability — When the proper command is
issued the missile should fire
4/6/2016
34
A Fourth Objective
• Securing computing resources —
Prevent/detect/deter improper use of
computing resources including
– Hardware Resources
– Software resources
– Data resources
– Network resources
35
Security Mechanisms
• In general three types
– Prevention
– Detection
– Tolerance
Good prevention and detection both require
good authentication as a foundation
4/6/2016
36
Security Services
• Security functions are typically made available to
users as a set of security services through APIs or
integrated interfaces
• Confidentiality: protection of any information from
being exposed to unintended entities.
– Information content.
– Parties involved.
– how they communicate, how often, etc.
• Authentication: assurance that an entity of concern
or the origin of a communication is authentic - it’s
what it claims to be or from
• Integrity: assurance that the information has not
been tampered with
4/6/2016
37
Security Services (Cont’d)
• Non-repudiation: offer of evidence that a party is
indeed the sender or a receiver of certain
information
• Access control: facilities to determine and enforce
who is allowed access to what resources, hosts,
software, network connections
• Monitor & response: facilities for monitoring security
attacks, generating indications, surviving (tolerating)
and recovering from attacks
4/6/2016
38
Security Assurance
• How well your security mechanisms guarantee
your security policy
• Everyone wants high assurance
• High assurance implies high cost
– May not be possible
• Trade-off is needed
4/6/2016
39
Security Tradeoffs
Security
Functionality
COST
Ease of Use
4/6/2016
40
Security by Obscurity
• Security by obscurity
– If we hide the inner workings of a system it will be
secure
• More and more applications open their
standards (e.g., TCP/IP, 802.11)
• Widespread computer knowledge and
expertise
4/6/2016
41
Security by Legislation
• Security by legislation says that if we instruct our
users on how to behave we can secure our systems
• For example
– Users should not share passwords
– Users should not write down passwords
– Users should not type in their password when someone is
looking over their shoulder
• User awareness and cooperation is important, but
cannot be the principal focus for achieving security
4/6/2016
42
Threat-Vulnerability
• Threats — Possible attacks on the system
• Vulnerabilities — Weaknesses that may be
exploited to cause loss or harm
4/6/2016
43
Threat Model and Attack Model
• Threat model and attack model need to be
clarified before any security mechanism is
developed
• Threat model
– Assumptions about potential attackers
– Describes the attacker’s capabilities
• Attack model
– Assumptions about the attacks
– Describe how attacks are launched
4/6/2016
44