Fundamental and Emerging Topics in Network Security

Dr. Haojin ZhuZhu-hj@cs.sjtu.edu.cn http://nsec.sjtu.edu.cn/

TA: Long Zhanghckrzl@gmail.com

1

About Instructor

• Dr. Haojin Zhu, Associate Professor of Computer Science and Engineering Department– http://nsec.sjtu.edu.cn/– zhu-hj@cs.sjtu.edu.cn– Office: SEIEE 3-509– Office hours:

• by appointment

2

Course Objectives

• Learn some fundamental and advanced issues, concepts, principles, and mechanisms in network security

• Learn recent research advances in network security• Prepare for graduate research in network security

3

Text

• No required textbook• Research papers listed on the course website

4

Grading

• In-class paper presentation (40%)• Course research project (3~4 persons a group) (60%)– A survey on a topic (normally related to your

presentation) (40%)– 1~2 pages on your findings from this survey (20%)• Improvement of existing works (protocol/algorithm

design)• Or System Implementation with a better performance

5

Grading (Cont’d)

• The final grades are computed according to the following criteria: – Average: 85~90– In-class paper presentation: your score is determined by

peer-evaluation (will be discussed later)– Survey (please indicate each person’s contribution in the

survey paper)– Research findings (evaluation based on your novelty, and

contribution)

6

Course Outline

• Topic 1: Network Security Fundamentals– Slides from Ian Goldberg@Univ of Waterloo,

Computer Security and Privacy.

• Topic 2: Advanced network security primitives– Secret sharing– Group Key Management– Broadcast authentication

7

Course Outline • Topic 3: Emerging research topics– Present later

8

Research Paper

• Small team -- at most four students per group• Important Dates– Team Proposal due: May/5/14 (The first will have the

priority) – Presentation Schedule fixed: May/5/14– First Presentation: May/12/14– Final submission due: one week after last week’s class

• The instructor will be available to discuss your topic via email or face-to-face discussion (by appointment)

• You should start thinking about team and topic now– Send email to me and TA

9

Paper Presentation

• Each group presents 2~3 papers depending on the technical difficulty of the presented papers (two persons on the same paper).

• We have 20 papers to discuss. (each class for 4 papers, eight persons involved)

10

Presenter’s Preparation

• Please prepare your presentation slides. • You have 25-30 minutes for your

presentation. Please expect questions after one person’s presentation. Your presentation will be graded based on the criteria in the grading form, which can be downloaded from our course website.

11

Peer Evaluation

• Your participation in grading is required. • Your presentation score will be determined by the

evaluations from the instructor (45%), the peer evaluation from the audience (45%), and your participation in grading other students' presentations (10%).

• Please print the evaluation form and hand in the form after the class. All your evaluations will be kept as confidential.

12

Peer Evaluation (Cont’d)

• The highest and lowest peer evaluation scores will be deleted and the average of the remaining scores will be used as your final peer evaluation score.

• For example, if your peer evaluation scores from audience are 100, 99, 15, 87, 85, 77, 90. The highest score 100 is discarded and the lowest score 15 is also discarded. Your peer evaluation final score is the average of the remaining scores, which is 87.6

• If you have multiple identical highest/lowest scores, only one will be deleted.

13

Security Conferences

• 1st tier (Big 4)• IEEE S&P(Oakland), ACM CCS, USENIX

Security, NDSS

• 2nd tier• ACSAC, ESORICS, WiSec, AsiaCCS, CT-RSA, and

etc

14

Cryto Conferences

• 1st Tier• Crypto, EUROCRYPT

• 2nd Tier• ASIACRYPT, PKC, TCC, Financial Crypto and etc

15

Networking Conferences

• 1st Tier• SIGCOMM, MOBICOM

• 2nd Tier• INFOCOM, Mobihoc, SIGMETRICS, CONEXT,

ICNP, ICDCS and etc

16

DATABASE and Data mining

• 1st Tier • SIGMOD, VLDB, WWW, and etc

17

Presentation Topic 1Electrical Cash

• [1] Chaum, David (1983). "Blind signatures for untraceable payments“, Crypto’82.

• [2] Nakamoto, Satoshi. Bitcoin: A Peer-to-Peer Electronic Cash System. 24 May 2009

• [3] Two Bitcoins at the Price of One? Double-Spending Attacks on Fast Payments in Bitcoin, ACM CCS 2012.

• [4] PermaCoin: Repurposing Bitcoin Work for Data Preservation, Oadland’ 2014

18

Presentation Topic 2Smart Phone Security

• (sp)iPhone: Decoding Vibrations From Nearby Keyboards Using Mobile Phone Accelerometers, ACM CCS, 2011.

• Analysis of the Communication between Colluding Applications on Modern Smartphones, ACSAC, 2012.

• Adrienne Porter Felt, Erika Chin, Android permissions demystified, Steve Hanna, Dawn Song, David Wagner. CCS 2011.

• X. Zhou, S. Demetriou, D. He, N. Muhammad, X. Pan, X. Wang, C. Gunter and K. Nahrstedt, “Identity, Location, Disease and More: Inferring Your Secrets from Android Public Resources”. ACM CCS'13.

19

Presentation Topic 3Wireless Biometrics

• [1] Active Behavioral Fingerprinting of Wireless Devices, ACM conference on Wireless Network Security (WiSec), 2008.

• [2] Attacks on Physical-layer Identification, ACM conference on Wireless Network Security (WiSec), 2010.

• [3] Robust Location Distinction using Temporal Link Signatures, ACM Conference on Mobile Computing and Networking (Mobicom), 2007.

20

Presentation Topic 4Wireless Pairing

• Good Neighbor: Ad Hoc Pairing of Nearby Wireless Devices by Multiple Antennas, Annual Network & Distributed System Security Symposium (NDSS) 2011.

• On Pairing Constrained Wireless Devices Based on Secrecy of Auxiliary Channels: The Case of Acoustic Eavesdropping, ACM Conference on Computer and Communications Security (CCS), 2010.

• Secure In-Band Wireless Pairing, Shyam Gollakota, Nabeel Ahmed, Nickolai Zeldovich, and Dina Katabi

• USENIX Security, 2011.

21

Presentation Topic 5Location Privacy

• Y.-A. de Montjoye, C. A. Hidalgo, M. Verleysen, and V. D. Blondel, “Unique in the crowd: The privacy bounds of human mobility,” Scientific reports, vol. 3, 2013.

• C. Y. Ma, D. K. Yau, N. K. Yip, and N. S. Rao, “Privacy vulnerability of published anonymous mobility traces,” in MobiCom’10. ACM, 2010.

• T. Xu and Y. Cai, “Feeling-based location privacy protection for location-based services,” in CCS’09. ACM, 2009.

• M. Srivatsa and M. Hicks, “Deanonymizing mobility traces: Using social network as a side-channel,” in CCS’12. ACM, 2012.

• R. Shokri, G. Theodorakopoulos, J. Le Boudec, and J. Hubaux, “Quantifying location privacy,” in Security and Privacy 2011. IEEE, 2011.

22

Presentation Topic 6Anonymous and Pseudonymous

Communication• Anonymous and Pseudonymous Communication, Untraceable

electronic mail, return addresses, and digital pseudonyms, David Chaum, Communications of the ACM, 1981

• Tor: The Second-Generation Onion Router, Roger Dingledine, Nick Mathewson, Paul Syverson, USENIX Security 2004

• Scalable Onion Routing with Torsk,Jon McLachlan, Andrew Tran, Nicholas Hopper, Yongdae Kim, CCS 2009

• ShadowWalker: Peer-to-peer Anonymous Communication using Redundant Structured Topologies , Prateek Mittal, Nikita Borisov, CCS 2009

• In Search of an Anonymous and Secure Lookup: Attacks on Structured Peer-to-peer Anonymous Communication Systems Qiyan Wang, Prateek Mittal, Nikita Borisov, CCS 2010

23

Presentation Topic 7Sybil Detection in Online Social

Networks• H. Yu, M. Kaminsky, P. B. Gibbons, and A. Flaxman. Sybilguard:

defending against sybil attacks via social networks. In SIGCOMM, 2006.

• G. Danezis and P. Mit. Sybilinfer: Detecting sybil nodes using social networks. In NDSS, 2009.

• You are How You Click: Clickstream Analysis for Sybil Detection, Gang Wang, Tristan Konolige, Christo Wilson, Xiao Wang, Haitao Zheng and Ben Y. Zhao, USENIX Security 2013.

• Jialong Zhang and Guofei Gu. "NeighborWatcher: A Content-Agnostic Comment Spam Inference System." NDSS'13, San Diego, CA, USA. February 2013.

24

Presentation Topic 8Cloud Security

• Privacy-preserving public auditing for data storage security in cloud computing, INFOCOM.

• Düppel: Retrofitting Commodity Operating Systems to Mitigate Cache Side Channels in the Cloud, ACM CCS’13.

• Resource-Freeing Attacks: Improve Your Cloud Performance (at Your Neighbor's Expense) ACM, CCS’12.

• Hourglass Schemes: How to Prove that Cloud Files Are Encrypted. ACM CCS’12.

25

Presentation Topic 9Proximity Authentication Techniques• Secure Proximity Detection for NFC Devices based on Ambient

Sensor Data. T. Halevi, D. Ma, N. Saxena and T. Xiang. (ESORICS), 2012.

• Design and Implementation of a Terrorist-Fraud Resilient Distance Bounding System,Aanjhan Ranganathan, Nils Ole Tippenhauer, Boris Skoric, Dave Singelee and Srdjan Capkun, ESORICS, 2012.

• Realization of RF Distance Bounding, Kasper Bonne Rasmussen, Srdjan Capkun , USENIX Security Symposium, 2010.

• Attacks on Public WLAN-based Positioning, Nils Ole Tippenhauer, Kasper Bonne Rasmussen, Christina P?pper, Srdjan Capkun MobiSys, 2009.

26

Presentation Topic 10Jamming Attacks

• The Feasibility of Launching and Detecting Jamming Attacks in Wireless Networks,, MobiHoc, 2002.

• Jamming-resistant Broadcast Communication without Shared Keys, Christina Popper, Mario Strasser, Srdjan Capkun, USENIX Security, 2009.

• Jamming-resistant Key Establishment using Uncoordinated Frequency Hopping, IEEE Oakland 2008.

• Physical Layer Wireless Security Made Fast and Channel Independent, Shyamnath Gollakota and Dina Katabi, IEEE Conference on Computer Communications (INFOCOM), 2011.

• On Limitations of Friendly Jamming for Confidentiality, Nils Ole Tippenhauer, Luka Malisa, Aanjhan Ranganathan, Srdjan Capkun, IEEE Symposium on Security and Privacy (S&P), 2013. 27

Presentation Topic 11Automobile Security

• Comprehensive Experimental Analyses of Automotive Attack Surfaces, Stephen Checkoway, Damon McCoy, Brian Kantor, Danny Anderson, Hovav Shacham, Stefan Savage, Karl Koscher, Alexei Czeskis, Franziska Roesner, and Tadayoshi Kohno, USENIX Security, August 10–12, 2011.

• Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars, Aurelien Francillon, Boris Danev, and Srdjan Capkun, Network and Distributed System Security Symposium (NDSS), 2011

• Security and Privacy Vulnerabilities of In-Car Wireless Networks: A Tire Pressure Monitoring System Case Study, Ishtiaq Roufa, Rob Millerb, Hossen Mustafaa, Travis Taylora, Sangho Ohb Wenyuan Xua, Marco Gruteserb, Wade Trappeb, and Ivan Seskarb USENIX conference on Security, 2010 28

How to Determine Your Presentation Paper

• Form Your Group First (2~4)• Send your team member names and the

preferred topics to me & TA (at least 3 topics)• Come first, choose first (if less than 4, I will

merge the groups otherwise move on to the next topic)

• If no suitable topics for you, please discuss with me for an alternative choise.

29

A Brief Review of Basic Security Concepts

30

Security Objectives

31

Secrecy(Confidentiality)

Integrity Availability(Denial of Service)

Security Objectives

• Secrecy — Prevent/detect/deter improper disclosure of information

• Integrity — Prevent/detect/deter improper modification of information

• Availability — Prevent/detect/deter improper denial of access to services provided by the system

32

Commercial Example

• Secrecy — An employee should not know the salary of his manager

• Integrity — An employee should not be able to modify the employee's own salary

• Availability — Paychecks should be printed on time as stipulated by law

3304/20/23

Military Example• Secrecy — The target coordinates of a missile

should not be improperly disclosed• Integrity — The target coordinates of a missile

should not be improperly modified• Availability — When the proper command is

issued the missile should fire

3404/20/23

A Fourth Objective

• Securing computing resources — Prevent/detect/deter improper use of computing resources including– Hardware Resources– Software resources– Data resources– Network resources

35

Security Mechanisms

• In general three types– Prevention – Detection– Tolerance

36

Good prevention and detection both require good authentication as a foundation

Good prevention and detection both require good authentication as a foundation

04/20/23

Security Services• Security functions are typically made available to users as

a set of security services through APIs or integrated interfaces

• Confidentiality: protection of any information from being exposed to unintended entities.– Information content.– Parties involved.– how they communicate, how often, etc.

• Authentication: assurance that an entity of concern or the origin of a communication is authentic - it’s what it claims to be or from

• Integrity: assurance that the information has not been tampered with

3704/20/23

Security Services (Cont’d)

• Non-repudiation: offer of evidence that a party is indeed the sender or a receiver of certain information

• Access control: facilities to determine and enforce who is allowed access to what resources, hosts, software, network connections

• Monitor & response: facilities for monitoring security attacks, generating indications, surviving (tolerating) and recovering from attacks

3804/20/23

Security Assurance

• How well your security mechanisms guarantee your security policy

• Everyone wants high assurance• High assurance implies high cost– May not be possible

• Trade-off is needed

3904/20/23

Security Tradeoffs

40

Security Functionality

Ease of Use

COST

04/20/23

Security by Obscurity

• Security by obscurity– If we hide the inner workings of a system it will be

secure• More and more applications open their

standards (e.g., TCP/IP, 802.11)• Widespread computer knowledge and

expertise

4104/20/23

Security by Legislation

• Security by legislation says that if we instruct our users on how to behave we can secure our systems

• For example– Users should not share passwords– Users should not write down passwords– Users should not type in their password when someone is

looking over their shoulder• User awareness and cooperation is important, but

cannot be the principal focus for achieving security

4204/20/23

Threat-Vulnerability

• Threats — Possible attacks on the system• Vulnerabilities — Weaknesses that may be

exploited to cause loss or harm

4304/20/23

Threat Model and Attack Model

• Threat model and attack model need to be clarified before any security mechanism is developed

• Threat model– Assumptions about potential attackers– Describes the attacker’s capabilities

• Attack model– Assumptions about the attacks– Describe how attacks are launched

4404/20/23