A comunidade empresarial e os profissionais de Sistemas e Processamento de Dados enfrentam atualmente um novo tipo de desafio: A ameaça dos computadores. O crescente volume de computadores e a larga utilização das tecnologias de teleprocessamento e de redes estão levando as organizações à crescente dependencia de sua Estrutura de Informatica e de seu principal produto: os sistemas de informação e os demais elementos a eles associados. Não é dificil constatar que o impacto destas tecnologias tem sido absorvido apenas parcialmente não só por usuários mas tambem pelos profissionais. De fato o desenvolvimento dos computadores não é acompanhado pelo correspondente desenvolvimento dos princípios de Administração de Processamento de Dados. Isso significa que os princípios e normas administrativos e de controle para este tipo de atividade não se encontram no estágio desejado, isto é, não foram estabelecidos princípios e normas definitivos para obter-se uma area de Processamento de Dados completamente segura e confiável. Esta "janela aberta" é, como consequência, o caminho mais curto para práticas criminosas e erros generalizados, os quais resultarão em danos ás operações e aos ativos das organizações. O conceito de segurança amplamente utilizado atualmente refere-se mais à segurança física e não inclui todos os componentes de uma área de Processamento de Dados...

Presidential Decision Directive (PDD) 63 calls for improving the security of Supervisory Control and Data Acquisition (SCADA) and other control systems which operate the critical infrastructure of the United States. In the past, these industrial computer systems relied on security through obscurity. Recent economic and technical shifts within the controls industry have increased their vulnerability to cyber attack. Concurrently, their value as a target has been recognized by terrorist organizations and competing nation states. Network reconnaissance is a basic tool that allows computer security managers to understand their complex systems. However, existing reconnaissance tools incorporate little or no understanding of control systems. This thesis provides a conceptual analysis for the creation of a SCADA network exploration/reconnaissance tool. Several reconnaissance techniques were researched and reviewed in a laboratory environment to determine their utility for SCADA system discovery. Additionally, an application framework using common non-SCADA security tools was created to provide a proof of concept. Development of a viable tool for identifying SCADA systems remotely will help improve critical infrastructure security by improving situational awareness for network managers.

Approved for public release; distribution is unlimited; The Naval Postgraduate School (NPS) Center for Information Systems Security (INFOSEC) Studies and Research (NPS CISR) invites experts in the field of INFOSEC to NPS to lecture on computer security. Other universities, government, and non-government organizations need similar lectures. Two problems arise: experienced security practitioners are few in number and cannot spend a considerable amount of time on the lecture circuit. Also, for many institutions a regular lecture series would be too costly. To solve these problems a method for mass distribution of the NPS security lectures must be designed. Multi media tools were used to capture INFOSEC lectures for cost effective mass dissemination. By using the appropriate equipment, computer technology, and software, a tool was developed which can distribute security lectures to an unlimited audience in multiple formats. The resulting product is a tutorial to give content providers a technique to take archived video tapes, digitize them, edit them, and export them. These lectures can be delivered in HTML, compact disk, and video taped formats. An analysis of the production process yields a set of recommendations for optimizing the user interface and balancing producer and user requirements such as memory conservation...

The Monterey Security Architecture (MYSEA) is a trusted distributed environment enforcing multilevel security policies. To provide a scaleable architecture, a federation of MYSEA servers handles service requests. However, the introduction of multiple servers creates security and usability problems associated with multiple user logins. A single sign-on solution for the MYSEA server federation is needed. After user authenticates once to a single MYSEA server, the user's credentials are used to sign on to the other MYSEA servers. The goal of this thesis is to create a high-level design and specification of a single sign-on framework for MYSEA. This has entailed a review and comparison of existing single sign-on architectures and solutions, a study of the current MYSEA design, the development of a new architecture for single sign-on, an analysis of single signon threats within a MYSEA context, a derivation of single sign-on objectives in MYSEA, leading up to the security requirements for single sign-on in MYSEA. Security and functionality are the main driving factors in the design. Others factors include performance, reliability, and the feasibility of integration into the existing MYSEA MLS network. These results will serve as a basis for a detailed design and future development of sign-on in MYSEA.

This implementation is conceptually simple, and relies only on general assumptions. Specifically, it can be thought of as a 'self-referential' variation on a well-known encryption scheme. 4. Lastly, we show how the computational soundness of the Dolev-Yao model can be maintained even as it is extended to include new operators. In particular, we show how the Diffie-Hellman key-agreement scheme and the computational Diffie-Hellman assumption can be added to the Dolev-Yao model in a computationally sound way.; The Dolev-Yao model is a useful and well-known framework in which to analyze security protocols. However, it models the messages of the protocol at a very high level and makes extremely strong assumptions about the power of the adversary. The computational model of cryptography, on the other hand, takes a much lower-level view of messages and uses much weaker assumptions. Despite the large differences between these two models, we have been able to show that there exists a relationship between them. Previous results of ours demonstrate that certain kinds of computational cryptography can result in an equivalence of sorts between the formal and computational adversary. Specifically: * We gave an interpretation to the messages of the Dolev-Yao model in terms of computational cryptography...

(cont.) We apply the framework to get new results, creating (a) encryption schemes with very short keys, and (b) hash functions that leak no information about their input, yet-paradoxically-allow testing if a candidate vector is close to the input. One of the technical contributions of this research is to provide new, cryptographic uses of mathematical tools from complexity theory known as randomness extractors.; Sharing and maintaining long, random keys is one of the central problems in cryptography. This thesis provides about ensuring the security of a cryptographic key when partial information about it has been, or must be, leaked to an adversary. We consider two basic approaches: 1. Extracting a new, shorter, secret key from one that has been partially compromised. Specifically, we study the use of noisy data, such as biometrics and personal information, as cryptographic keys. Such data can vary drastically from one measurement to the next. We would like to store enough information to handle these variations, without having to rely on any secure storage-in particular, without storing the key itself in the clear. We solve the problem by casting it in terms of key extraction. We give a precise definition of what "security" should mean in this setting...

In 2000, Bond and Anderson exposed a new family of attacks on application programming interfaces (APIs) of security modules. These attacks elicit compromising behaviors using an unexpected sequence of legal calls to the module, uncovering severe security flaws even in widely-deployed cryptographic hardware. Because these attacks do not depend on the underlying ryptographic mechanisms, they often succeed even under the assumption of ideal cryptographic primitives. This thesis presents a methodology for the automatic detection of API attacks. Taking a cue from previous work on the formal analysis of security protocols and noting these attacks' independence from precise cryptographic mechanisms, we model APIs opaquely, purely according to specifications. We use a theorem prover tool and adapt it to the security API context. Several specifications of Cryptographic APIs are implemented for analysis using a theorem prover known as OTTER. These implementations successfully found known attacks, and provide evidence that OTTER will also be able to find new attacks, and perhaps eventually verify security in arbitrary Cryptographic APIs. Based on these implementations, various strategies, potential problems, and solutions are discussed that can be applied towards the formal analysis of Cryptographic APIs. We detail how...

Malicious software is abundant in a world of innumerable computer users, who are constantly faced with these threats from various sources like the internet, local networks and portable drives. Malware is potentially low to high risk and can cause systems to function incorrectly, steal data and even crash. Malware may be executable or system library files in the form of viruses, worms, Trojans, all aimed at breaching the security of the system and compromising user privacy. Typically, anti-virus software is based on a signature definition system which keeps updating from the internet and thus keeping track of known viruses. While this may be sufficient for home-users, a security risk from a new virus could threaten an entire enterprise network. This paper proposes a new and more sophisticated antivirus engine that can not only scan files, but also build knowledge and detect files as potential viruses. This is done by extracting system API calls made by various normal and harmful executable, and using machine learning algorithms to classify and hence, rank files on a scale of security risk. While such a system is processor heavy, it is very effective when used centrally to protect an enterprise network which maybe more prone to such threats.; Comment: 6 pages

Mobile agent technology offers a dramatically evolving computing paradigm in which a program, in the form of a software agent, can suspend its execution on a host computer, transfers itself to another agent-enabled host on the network, and resumes execution on the new host. It is 1960's since mobile code has been used in the form of remote job entry systems. Today's mobile agents can be characterized in a number of ways ranging from simple distributed objects to highly organized intelligent softwares. As a result of this rapid evolvement of mobile agents, plenty of critical security issues has risen and plenty of work is being done to address these problems. The aim is to provide trusted mobile agent systems that can be easily deployed and widely adopted. In this paper, we provide an overview of the most recent threats facing the designers of agent platforms and the developers of agent-based applications. The paper also identifies security objectives, and measures for countering the identified threats and fulfilling those security objectives.; Comment: international journal of computer science issues, march 2014

This paper analyses the security contribution of typical functional-language features by examining them in the light of accepted information security principles. Imperative and functional code are compared to illustrate various cases. In conclusion, there may be an excellent case for the use of functional languages on the grounds of better security; however, empirical research should be done to validate this possibility.

A common approach for introducing security at the physical layer is to rely on the channel variations of the wireless environment. This type of approach is not always suitable for wireless networks where the channel remains static for most of the network lifetime. For these scenarios, a channel independent physical layer security measure is more appropriate which will rely on a secret known to the sender and the receiver but not to the eavesdropper. In this paper, we propose CD-PHY, a physical layer security technique that exploits the constellation diversity of wireless networks which is independent of the channel variations. The sender and the receiver use a custom bit sequence to constellation symbol mapping to secure the physical layer communication which is not known a priori to the eavesdropper. Through theoretical modeling and experimental simulation, we show that this information theoretic construct can achieve Shannon secrecy and any brute force attack from the eavesdropper incurs high overhead and minuscule probability of success. Our results also show that the high bit error rate also makes decoding practically infeasible for the eavesdropper, thus securing the communication between the sender and receiver.; Comment: 9 pages...

Cooperation between wireless network nodes is a promising technique for improving the physical layer security of wireless transmission, in terms of secrecy capacity, in the presence of multiple eavesdroppers. While existing physical layer security literature answered the question "what are the link-level secrecy capacity gains from cooperation?", this paper attempts to answer the question of "how to achieve those gains in a practical decentralized wireless network and in the presence of a secrecy capacity cost for information exchange?". For this purpose, we model the physical layer security cooperation problem as a coalitional game with non-transferable utility and propose a distributed algorithm for coalition formation. Through the proposed algorithm, the wireless users can autonomously cooperate and self-organize into disjoint independent coalitions, while maximizing their secrecy capacity taking into account the security costs during information exchange. We analyze the resulting coalitional structures, discuss their properties, and study how the users can self-adapt the network topology to environmental changes such as mobility. Simulation results show that the proposed algorithm allows the users to cooperate and self-organize while improving the average secrecy capacity per user up to 25.32% relative to the non-cooperative case.; Comment: Best paper Award at Wiopt 2009

Security protocols stipulate how the remote principals of a computer network should interact in order to obtain specific security goals. The crucial goals of confidentiality and authentication may be achieved in various forms, each of different strength. Using soft (rather than crisp) constraints, we develop a uniform formal notion for the two goals. They are no longer formalised as mere yes/no properties as in the existing literature, but gain an extra parameter, the security level. For example, different messages can enjoy different levels of confidentiality, or a principal can achieve different levels of authentication with different principals. The goals are formalised within a general framework for protocol analysis that is amenable to mechanisation by model checking. Following the application of the framework to analysing the asymmetric Needham-Schroeder protocol, we have recently discovered a new attack on that protocol as a form of retaliation by principals who have been attacked previously. Having commented on that attack, we then demonstrate the framework on a bigger, largely deployed protocol consisting of three phases, Kerberos.; Comment: 29 pages, To appear in Theory and Practice of Logic Programming (TPLP) Paper for Special Issue (Verification and Computational Logic)

Teleoperated robots are playing an increasingly important role in military actions and medical services. In the future, remotely operated surgical robots will likely be used in more scenarios such as battlefields and emergency response. But rapidly growing applications of teleoperated surgery raise the question; what if the computer systems for these robots are attacked, taken over and even turned into weapons? Our work seeks to answer this question by systematically analyzing possible cyber security attacks against Raven II, an advanced teleoperated robotic surgery system. We identify a slew of possible cyber security threats, and experimentally evaluate their scopes and impacts. We demonstrate the ability to maliciously control a wide range of robots functions, and even to completely ignore or override command inputs from the surgeon. We further find that it is possible to abuse the robot's existing emergency stop (E-stop) mechanism to execute efficient (single packet) attacks. We then consider steps to mitigate these identified attacks, and experimentally evaluate the feasibility of applying the existing security solutions against these threats. The broader goal of our paper, however, is to raise awareness and increase understanding of these emerging threats. We anticipate that the majority of attacks against telerobotic surgery will also be relevant to other teleoperated robotic and co-robotic systems.

Security protocols are concurrent processes that communicate using cryptography with the aim of achieving various security properties. Recent work on their formal verification has brought procedures and tools for deciding trace equivalence properties (e.g., anonymity, unlinkability, vote secrecy) for a bounded number of sessions. However, these procedures are based on a naive symbolic exploration of all traces of the considered processes which, unsurprisingly, greatly limits the scalability and practical impact of the verification tools. In this paper, we overcome this difficulty by developing partial order reduction techniques for the verification of security protocols. We provide reduced transition systems that optimally eliminate redundant traces, and which are adequate for model-checking trace equivalence properties of protocols by means of symbolic execution. We have implemented our reductions in the tool Apte, and demonstrated that it achieves the expected speedup on various protocols.

User errors while performing security-critical tasks can lead to undesirable or even disastrous consequences. One major factor influencing mistakes and failures is complexity of such tasks, which has been studied extensively in prior research. Another important issue which hardly received any attention is the impact of both accidental and intended distractions on users performing security-critical tasks. In particular, it is unclear whether, and to what extent, unexpected sensory cues (e.g., auditory or visual) can influence user behavior and/or trigger mistakes. Better understanding of the effects of intended distractions will help clarify their role in adversarial models. As part of the research effort described in this paper, we administered a range of naturally occurring -- yet unexpected -- sounds while study participants attempted to perform a security-critical task. We found that, although these auditory cues lowered participants' failure rates, they had no discernible effect on their task completion times. To this end, we overview some relevant literature that explains these somewhat counter-intuitive findings. Conducting a thorough and meaningful study on user errors requires a large number of participants, since errors are typically infrequent and should not be instigated more than once per subject. To reduce the effort of running numerous subjects...

A model of computer system security operation is developed based on the fork-join queueing network formalism. We introduce a security operation performance measure, and show how it may be used to performance evaluation of actual systems.; Comment: Simulation 2001: 4th St. Petersburg Workshop on Simulation, St. Petersburg, Russia, June 18-22, 2001; ISBN 5-7997-0304-9

Model checking is an automatic verification technique to verify hardware and software systems. However it suffers from state-space explosion problem. In this paper we address this problem in the context of cryptographic protocols by proposing a security property-dependent heuristic. The heuristic weights the state space by exploiting the security formulae; the weights may then be used to explore the state space when searching for attacks.

Authenticating humans to computers remains a notable weak point in computer security despite decades of effort. Although the security research community has explored dozens of proposals for replacing or strengthening passwords, they appear likely to remain entrenched as the standard mechanism of human-computer authentication on the Internet for years to come. Even in the optimistic scenario of eliminating passwords from most of today's authentication protocols using trusted hardware devices or trusted servers to perform federated authentication, passwords will persist as a means of "last-mile" authentication between humans and these trusted single sign-on deputies. This dissertation studies the difficulty of guessing human-chosen secrets, introducing a sound mathematical framework modeling human choice as a skewed probability distribution. We introduce a new metric, alpha-guesswork, which can accurately models the resistance of a distribution against all possible guessing attacks. We also study the statistical challenges of estimating this metric using empirical data sets which can be modeled as a large random sample from the underlying probability distribution. This framework is then used to evaluate several representative data sets from the most important categories of human-chosen secrets to provide reliable estimates of security against guessing attacks. This includes collecting the largest-ever corpus of user-chosen passwords...

A mobile computing environment typically involves groups of small, low-power devices interconnected through a mobile and dynamic network. Attempts to secure communication over these “ad-hoc” networks must be scalable to conserve the minimal resources of mobile devices as network sizes grow. In this project, the scalability of differing Group Diffie-Hellman security key generation implementations is examined. In theory, the implementation utilizing a data structure with the lowest theoretical run-time complexity for building the Diffie-Hellman group should prove the most scalable experimentally. A common modular framework was implemented to support generic Group Diffie-Hellman key agreement implementations abstracted from the underlying data structure and traversal mechanism. For comparison, linear, tree-based, and hypercubic Group Diffie-Hellman topologies were implemented and tested. Studies were conducted upon the results to compare the experimental scalability of each implementation to the other implementations as well as the theoretic predictions. The results indicate that the benefits of implementations with low theoretic-complexity are rarely experienced in smaller networks (less than 100 nodes,) and conversely implementations with high theoretic-complexities become unsuitable in larger networks (more than 100 nodes.) These experimental results match the theoretical predictions based on the mathematical properties of each implementation. Since mobile ad-hoc networks are typically small...