Catálogo de publicaciones - libros

Threats for today’s production networks range from fully automated worms and viruses to targeted, highly sophisticated multi-phase attacks carried out manually. In order to properly define and dimension appropriate security architectures and policies for a network, the possible threats have to be identified and assessed both in terms of their impact on the resources to be protected and with respect to the probability and frequency of related attacks. To support this assessment, honeynets, i.e. artificial networks set up specifically to monitor, log and evaluate attack activities, have been proposed. In this paper, experiences and results gained with setting up, deploying and operating such a honeynet are reported together with some comments on the effectiveness of this approach.

Ubiquitous networks and seamless terminals are potential enablers for session mobility and session transfer. In a business environment, session mobility is restricted by the security requirements set forth by corporate security policies to protect corporate assets. Session mobility can be supported to the extent that specified corporate assets are still protected even though a session is transferred to another mobile device. We describe a policy-driven approach for secure session transfers. Secure session transfer mechanisms validate whether or not a session transfer is allowed, establish secure interaction channels with target devices, perform security context negotiation and, if all previous steps are successful, facilitate transferring a session from a source to a target device. The protocol is supported by security policies and digitally signed assertion tokens. Policies define the constraints to be met before (i.e. decision whether transfer is possible or not) and after session transfer (i.e. respective security context.), while tokens are utilized to identify suitable mobile devices that claim trustworthiness, which may be target of a session transfer.

In this paper, we investigated existing and proposed WLAN security technologies designed to improve 802.11 standard. Security concerns over WLAN vulnerabilities are explored, and associated techniques are provided to mitigate these vulnerabilities. We also analyzed the existing architecture types of AAA integrated network security solutions, 802.1X and VPNs. We have extensively analyzed the effect of crypto parameters over WLAN based on packet level characteristics. We have also analyzed the effect of TCP and UDP traffic over our proposed WLAN testbed architecture. We found that TCP and UDP traffic behaves erratically, when security index changes causing drastically degradation of system performance. In this paper, we present a detail study of performance overhead caused by the most widely used security protocols such as WEP, IPSEC VPN and 801.1X. Furthermore, we analyze the effectiveness of such solution, based on measurement of security indexing model implementation. Performance measurement indicates that 802.1X and VPN method can be used based on the service time in future wireless systems, while it can simultaneously provide both the necessary flexibility to network operators and a high level of confidence to end users. General Terms: Mobile security, Wireless privacy, And port based Access point.

Secure routing in ad hoc networks has been extensively studied in recent years. The vast majority of this work, however, has only focused on providing authenticity of the route. Availability of the network in a malicious environment has largely been ignored. In this paper, we divide the secure routing problem into two layers. The first layer provides authenticated routing and the second layer provides a route selection algorithm that selects a route with the highest probability of successful delivery rather than the shortest route. We provide a metric for evaluating this probability. We provide simulation results that demonstrate that our approach increases the throughput by at least ten percent in a network where fifty percent of the nodes are malicious when compared to an approach that selects the shortest route. Furthermore, our approach incurs only a small delay when compared to the delay along the shortest route.

A ring signature scheme can be viewed as a group signature scheme with no anonymity revocation and with simple group setup. A linkable ring signature (LRS) scheme additionally allows anyone to determine if two ring signatures have been signed by the same group member. Recently, Dodis et al. [18] gave a short (constant-sized) ring signature scheme. We extend it to the first short LRS scheme, and reduce its security to a new hardness assumption, the Link Decisional RSA (LD-RSA) Assumption. We also extend [18]’s other schemes to a generic LRS scheme and a generic linkable group signature scheme. We discuss three applications of our schemes. Kiayias and Yung [22] constructed the first e-voting scheme which simultaneously achieves efficient tallying, public verifiability, and write-in capability for a typical voter distribution under which only a small portion writes in. We construct an e-voting scheme based on our short LRS scheme which achieves the same even for all worst-case voter distribution. Direct Anonymous Attestation (DAA) [6] is essentially a ring signature scheme with certain linking properties that can be naturally implemented using LRS schemes. The construction of an offline anonymous e-cash scheme using LRS schemes is also discussed.

In this paper we present, by solving a variant of the guessing secrets problem defined by Chung, Graham and Leighton [3], a sequential traitor tracing scheme equipped with an efficient identification algorithm. Sequential traitor tracing schemes are used to detect piracy in multimedia content broadcast systems, where the traitors illegally rebroadcast the content they receive to unauthorized users.

Generating a prime is an iterative application of generating a random number r and testing the primality of r until r is a prime. Among them, the primality test on r is much more time-consuming than the random number generation and thus it occupies most of the running time of the prime generation. To reduce the running time of the primality test, real applications combine several primality test methods. The most widely used combination is the combination of the trial division and the probabilistic primality test. Although this combination is widely used in practice, few analyses were given on finding the optimal combination, i.e., on finding the optimal number of small primes used in trial division that minimizes the expected running time of this combination. In this paper, we present probabilistic analyses on finding the optimal combinations of the trial division and the probabilistic primality test. Using these analyses, we present three optimal combinations. One is for the primality test and the others are for the safe primality test. The optimal combinations are universal in that they are presented as functions of div and ppt where div is the time required for dividing the random number r by a small prime and ppt is the time required for the probabilistic primality test of r . Thus, in any situation that div and ppt can be measured, the optimal combinations can be calculated from these functions. The experimental results show that our probabilistic analyses predict the optimal combinations well. The predicted optimal combinations can be used as useful guidelines in designing a primality or a safe primality test. The usefulness of the optimal combinations is more evident when the primality test is implemented on embedded systems or crypto-processors because finding optimal combinations using experiments is very time-consuming and inefficient.

Side Channel Attacks have become a serious threat for cryptographic applications on devices with small resources. Indeed, it turns out that the usual randomization techniques can not prevent the recent DPA attacks (RPA and ZPA). The implementation of elliptic curve cryptosystems (ECC) on such devices must combine an optimized use of space memory with a high level of security and efficiency. In this paper we present an efficient SCA-resistant algorithm based on the fixed-base comb method. We propose to modify the binary representation of the secret scalar in order to obtain a new sequence of non-zero bit-strings. This, combined with the use of Randomized Linearly-transformed coordinates (RLC), will prevent the SCA attacks on the comb method, including RPA and ZPA. Furthermore, our algorithm optimizes the size of the precomputed table; we only store 2^ w  − − 1 points instead of 2^ w – 1 for the fixed-base comb method, without affecting in any way the computation time. We also present another countermeasure using a Randomized Initial Point (RIP) to protect the fixed-base comb method against SCA attacks including RPA and ZPA, with an optimized amount of computing time. The cost of this countermeasure does not exceed 2% of the total cost of the fixed-base comb method.

We present an architecture for detecting “zero-day” worms and viruses in incoming email. Our main idea is to intercept every incoming message, pre-scan it for potentially dangerous attachments, and only deliver messages that are deemed safe. Unlike traditional scanning techniques that rely on some form of pattern matching (signatures), we use behavior-based anomaly detection. Under our approach, we “open” all suspicious attachments inside an instrumented virtual machine looking for dangerous actions, such as writing to the Windows registry, and flag suspicious messages. The attachment processing can be offloaded to a cluster of ancillary machines (as many as are needed to keep up with a site’s email load), thus not imposing any computational load on the mail server. Messages flagged are put in a “quarantine” area for further, more labor-intensive processing. Our implementation shows that we can use a large number of malware-checking VMs operating in parallel to cope with high loads. Finally, we show that we are able to detect the actions of all malicious software we tested, while keeping the false positive rate to under 5%.

In order to provide effective support to the principle of least privilege, considering the limitation of traditional privilege mechanisms, this paper proposes a new privilege control model called State-Based Privilege Control (SBPC) and presents the design and implementation of a prototype system for SBPC called Controlled Privilege Framework (CPF) on the Linux operating system platform. SBPC decomposes the time space of a process’ lifetime into a series of privilege states according to activities of the process and its need for special permissions. The privilege state is closely related to the application logic of a process. It is the privilege state transfer event that stimulates a process to transfer from one privilege state into another one. For a specified process, there is a specific set of privileges corresponding to every privilege state of the process. With the implementation of CPF, experiment results show that fine-grain and automatic privilege control can be exercised transparently to traditional applications, threats of intrusion to a system can be reduced greatly, and support to the principle of least privilege can therefore be achieved effectively.