Catálogo de publicaciones - libros

Malware analysis is the process of determining the behavior and purpose of a given malware sample (such as a virus, worm, or Trojan horse). This process is a necessary step to be able to develop effective detection techniques and removal tools. Security companies typically analyze unknown malware samples using simulated system environments (such as virtual machines or emulators). The reason is that these environments ease the analysis process and provide more control over executing processes. Of course, the goal of malware authors is to make the analysis process as difficult as possible. To this end, they can equip their malware programs with checks that detect whether their code is executing in a virtual environment, and if so, adjust the program’s behavior accordingly. In fact, many current malware programs already use routines to determine whether they are running in a virtualizer such as VMware.

The general belief is that system emulators (such as Qemu) are more difficult to detect than traditional virtual machines (such as VMware) because they handle all instructions in software. In this paper, we seek to answer the question whether this belief is justified. In particular, we analyze a number of possibilities to detect system emulators. Our results shows that emulation can be successfully detected, mainly because the task of perfectly emulating real hardware is complex. Furthermore, some of our tests also indicate that novel technologies that provide hardware support for virtualization (such as Intel Virtualization Technology) may not be as undetectable as previously thought.

One of the most crucial development phases of a network intrusion detection system is the feature selection one. A poorly chosen set of features may lead to a significant drop in the detection rate, regardless of the employed detection method. Despite its importance, we believe, that this research area lacks of comprehensive studies. Our research proposes a model for mining the best features that can be extracted directly from the network packets, by ranking them against their statistical properties during the normal and intrusive stages. As proof of concept, we study the performance of 673 network features while considering a set of 180 different tuning parameters. The main contribution of this work is that it proposes a ranking mechanism to evaluate the effectiveness of features against different types of attacks, and that it suggests a pool of features that could be used to improve the detection process.

Intrusion detection systems (IDSs) can detect and respond to various attacks. However, they cannot detect all attacks, and they are not capable of predicting future attacks. In this research, we propose an automatic intrusion prediction system (IPS) called E-NIPS (Event-based Network Intrusion Prediction System) that can not only detect attacks but also predict future probable attacks. We have utilized network penetration scenarios partitioned into multiple phases depending on the sequences they follow during network penetrations. Each of these phases consists of attack classes that are precursors to attack classes of the next phase. An attack class is a set of attacks that have same the objectives, categorized to generalize network penetration scenarios and to reduce the burden on the prediction engine during intrusion alerts correlation and prediction tasks. Future attacks are predicted based on the attack classes detected in an earlier phase of a penetration scenario. Automatic intrusion prediction provides little but very crucial time required for fortifying networks against attacks, warns network administrators about possible attacks, and reduces the damage caused due to attacks. In this paper, we describe the architecture, operation, and implementation of E-NIPS. The prototype implementation is evaluated based on some of the most commonly occurring network penetration scenarios. The experimental results show that the prototype automatically provides useful information about the occurrence of future attack events.

Today, digital content is routinely distributed over the Internet, and consumed in devices based on open platforms. However, on open platforms users can run exploits, reconfigure the underlying operating system or simply mount replay attacks since the state of any (persistent) storage can easily be reset to some prior state. Faced with this difficulty, existing approaches to Digital Rights Management (DRM) are mainly based on preventing the copying of protected content thus protecting the needs of content providers. These inflexible mechanisms are not tenable in the long term since their restrictiveness prevents reasonable usage scenarios, and even honest users may be tempted to circumvent DRM systems.

In this paper we present a security architecture and the corresponding reference implementation that enables the secure usage and transfer of stateful licenses (and content) on a virtualized open platform. Our architecture allows for openness while protecting security objectives of both users (flexibility, fairer usage, and privacy) and content providers (license enforcement). In particular, it prevents replay attacks that is fundamental for secure management and distribution of stateful licenses. Our main objective is to show the feasibility of secure and fairer distribution and sharing of content and rights among different devices. Our implementation combines virtualization technology, a small security kernel, trusted computing functionality, and a legacy operating system (currently Linux).

We present the first traitor tracing scheme with efficient black-box traitor tracing in which the ratio of the ciphertext and plaintext lengths (the ) is asymptotically 1, which is optimal. Previous constructions in this setting either obtained constant (but not optimal) transmission rate [16], or did not support black-box tracing [10]. Our treatment improves the standard modeling of black-box tracing by additionally accounting for pirate strategies that attempt to escape tracing by purposedly rendering the transmitted content at lower quality.

Our construction relies on the assumption, and attains the same features of public traceability as (a repaired variant of) [10], which is less efficient and requires non-standard assumptions for bilinear groups.

We analyze the security of elastic block ciphers against key-recovery attacks. An elastic version of a fixed-length block cipher is a variable-length block cipher that supports any block size in the range of one to two times the length of the original block. Our method for creating an elastic block cipher involves inserting the round function of the original cipher into a substitution-permutation network. In this paper, we form a polynomial-time reduction between the elastic and original versions of the cipher by exploiting the underlying network structure. We prove that the elastic version of a cipher is secure against a given key-recovery attack if the original cipher is secure against such an attack. Our analysis is based on the general structure of elastic block ciphers ( the network’s structure, the composition methods between rounds in the network and the keying methodology) and is independent of the specific cipher.

This paper reports impossible-differential (ID) attacks on reduced-round versions of the Rijndael cipher with text blocks larger than 128 bits. These attacks follow the framework of the attacks by Biham-Keller and Cheon on the AES, and reach up to seven rounds of large-block Rijndael variants. Even though these ciphers are not standardized as FIPS, like the AES, it is important to evaluate the security of the other Rijndael versions since they provide larger internal states when used as primitives for the construction of stream ciphers and hash functions. The main contributions of this paper are longer ID distinguishers found for large-block Rijndael versions, compared to the ones used for the AES.

In the authenticated encryption mode GCM (Galois Counter Mode), the CTR (counter) mode for data encryption that has no feedback path can easily be pipelined to boost the operating frequency of a hardware implementation. However, the hash function for the authentication tag generation performs multiply-add operations sequentially by chaining the result in the previous cycle, and this becomes the critical path in the high-speed GCM hardware. Therefore, we propose a high-speed pipelined hardware architecture for GCM in conjunction with a pipelined multiply-adder on a Galois field GF(2). This architecture was implemented with a 4-stage pipelined multiply-adder and a 56-stage pipelined AES (Advanced Encryption Standard) circuit by using a 0.13-um CMOS standard cell library. This implementation showed very high throughput of 54.94 Gbps with 272 Kgates for the key lengths of 128, 192, and 256 bits. The high hardware efficiency (throughput/gate) of 201.75 Kbps/gate is also an improvement over prior art.

Oblivious transfer (OT) is a powerful primitive in modern cryptography, often used in a context of semi-honest adversaries. Committed oblivious transfer (COT) is an enhancement involving the use of commitments, which can be used in many applications of OT covering particular malicious adversarial behavior. For OT, many protocols are known that cover the transfer of bit strings rather than just single bits. For COT, though, the known protocols only cover the transfer of bits.

In this paper, we thus present efficient COT protocols for transferring (long) bit strings, which perform quite well in comparison to the most efficient COT protocols for bits. We prove the security of our protocols following the simulation paradigm in the cryptographic model, also assuming the random oracle model for efficient non-interactive proofs. Also, as a motivation for the use of COT instead of OT, we point out that a protocol which uses OT as a subprotocol may have subtle security issues in the presence of malicious adversaries.

A certified email protocol, also known as a non-repudiation protocol, allows a message to be exchanged for an acknowledgement of reception in a fair manner: a sender Alice sends a message to a receiver Bob if and only if Alice receives a receipt from Bob. In this paper, we present a novel approach to combine the authorized Diffie-Hellman key agreement protocol with a modified Schnorr signature effectively to construct our certified email protocol. Our proposed certified email protocol is an optimistic protocol, with an off-line trusted third party being involved only when a party cheats or the communication channel is interrupted during exchange. We also compare our protocol with other optimistic certified email protocols, and conclude that our certified email protocol is the most efficient optimistic certified email protocol.