MIT Geospatial Data Center 1 Geospatial Exclusion Mechanism for Cyber Security.
-
Upload
lewis-dustin-carson -
Category
Documents
-
view
229 -
download
0
Transcript of MIT Geospatial Data Center 1 Geospatial Exclusion Mechanism for Cyber Security.
MIT Geospatial Data Center1
Geospatial Exclusion Mechanism for Cyber Security
MIT Geospatial Data Center2
Geospatial Exclusion Mechanism for Cyber Security
Pervasive Computing is flooding the Geospatial Grid:
Source: MIT EPROM
Source: Quake Catcher Network
MIT Geospatial Data Center3
Geospatial Exclusion Mechanism for Cyber Security
Source: MIT Senseable City Laboratory
Pervasive Computing is flooding the Geospatial Grid:
MIT Geospatial Data Center4
Geospatial Exclusion Mechanism for Cyber Security
The mobile device is now a mainstream item:
―Mobile devices are increasingly being used in the same way as personal computers (PCs).
―Mobile devices (e.g. Apple iPhone, Google Android, Research in Motion [RIM] Blackberry, Symbian) have ever-increasing functionality and more accessible architectures.
―Mobile devices offer the convenience of anywhere banking, social networking, emailing, calendaring, et al.
―Mobile devices introduce other features not typically available on a PC, such as global positioning system (GPS) functionality, Bluetooth, Multimedia Messaging Service (MMS), and Short Message Service (SMS).
―Mobile devices are often synchronized with PCs.
―Synchronization, SMS, MMS, Bluetooth, and GPS comprise an extended set of attack vectors against mobile devices.
Source: Lulea University of Technology
MIT Geospatial Data Center5
Geospatial Exclusion Mechanism for Cyber Security
There are many exploits against mobile device users:
―Mobile device users are unlikely to show full headers with such a reduced screen size as compared to their desktop displays.
―Vishing: exploits Voice over Internet Protocol (VoIP); VoIP allows caller identity (ID) to be readily spoofed.
―Smishing: exploits SMS or text messages; these text messages contain links to webpages, phone numbers, etc.
Source: Compufreaks
MIT Geospatial Data Center6
Geospatial Exclusion Mechanism for Cyber Security
The greatest increase in mobile device usage is in Africa:
―300 million of the world‘s 3.5 billion mobile phones are in Africa.
―Mobile phone usage is increasing at twice the rate in Africa as compared to any other continent.
―For the first time in telecommunications technology history, there are more users of mobile phones in the developing world than in the developed world.
―Many people in Africa assert that a smartphone will do a lot more than a $100 laptop.
Source: MIT EPROMSource: One Laptop Per Child
MIT Geospatial Data Center7
Geospatial Exclusion Mechanism for Cyber Security
* MIT GDC chose Africa (ideal honeypot) as its case study region: *―In Africa, the mobile device is the primary means to connect to the
Internet.
―There are 47 countries on the continent of Africa. Counting the island nations that are listed as African, there are 53 countries comprising Africa.
―Currently, only 1 African country, Tunisia, or 1.9% of the African countries has a national Computer Emergency Response Team (CERT); in North America, many cities and towns have their own CERTs. Think pressure sensitivities!
Source: Netizen, Kayak, Paul English
MIT Geospatial Data Center8
Geospatial Exclusion Mechanism for Cyber Security
The mobile device is much harder to defend than a PC:
―Most mobile devices have no anti-viral software. Even those that do can only assist in protecting against known threat signatures.
―Encrypting and decrypting consumes a great deal of the energy supplied by the mobile device battery.
―Many mobile users would rather have extended battery life and sacrifice the security of constantly encrypting and decrypting.
Source: p2pon.com
MIT Geospatial Data Center9
Geospatial Exclusion Mechanism for Cyber Security
Overseas hacking networks are targeting mobile devices:
―An ever-increasing number of tech-savvy consumers are now using mobile devices for much more than phone calls: Banking, Shopping, Calendaring, etc.
Source: Bank of AmericaSource: Google
MIT Geospatial Data Center10
Geospatial Exclusion Mechanism for Cyber Security
MIT, SANS, Trend Micro, Webroot, and other studies show:
―54% submit credit card information, via mobile devices.
―60% store their banking login information, via mobile devices.
―97% store all their contacts on their mobile devices.
―86% don‘t scan for malware on their mobile devices.
―76% click a link sent or posted by a friend on social network sites.
―31% accept friend requests from strangers.
―39% use geolocation on their mobile devices.
―29% share geolocation with people other than their friends.
MIT Geospatial Data Center11
Geospatial Exclusion Mechanism for Cyber Security
We have become addicted to mobile applications:
―An increasing number of mobile device users are accessing the Internet for software installations and updates.
―Each installation/update poses a security risk (e.g. viruses), and can be equated to an ongoing game of Russian Roulette.
―Mobile viruses, malformed SMS messages, Personal Digital Assistant (PDA ) email viruses, and spam all pose threats.
Source: Volker HirschSource: Mobile Marketing Watch
MIT Geospatial Data Center12
Geospatial Exclusion Mechanism for Cyber Security
Mobile devices have many exploitable features:
―Camera
―Microphone
―GPS
Source: AutomationBites
MIT Geospatial Data Center13
Geospatial Exclusion Mechanism for Cyber Security
GPS is not needed to determine your location:
―Internet Protocol (IP)
―Global System for Mobile Communications (GSM) / Universal Mobile Telecommunications System (UMTS)
―Wireless Access Points
―(1) Lure mobile device user to a website, which extracts the Media Access Control (MAC) address and reports this unique identifier to the hacker.
―(2) Feed the unique identifying MAC address into Google Location Services, which can pinpoint the location of the mobile device.
Source: Black Hat Source: Def Con
―Samy Kamkar‘s How I Met Your Girlfriend at Black Hat USA 2010 July 24-29 and Defcon 18
MIT Geospatial Data Center14
Geospatial Exclusion Mechanism for Cyber Security
* MIT GDC chose the mobile device/smartphone for it‘s geospatial cyber security study: *
Source: Mondo TechBlogSource: Gigaom.com
MIT Geospatial Data Center15
Geospatial Exclusion Mechanism for Cyber Security
We live in the era of Graham Cluley‘s World Where Web, which is replete with geolocation services and mapping apps:
Source: Stuart Foster
MIT Geospatial Data Center16
Geospatial Exclusion Mechanism for Cyber Security
―What is the significance of Facebook Places, et al? Even if you don‘t engage in checking-in, when you‘re with friends, and they are checking-in, they can also tag you, just as in a status update or photo, with your current geolocation!
We live in the world of Facebook Places, Foursquare, and Twitter Location Support:
MIT Geospatial Data Center17
Geospatial Exclusion Mechanism for Cyber Security
We are in the world of location check-in:
―Locate Me feature on iPhone
―GPS photo-tagging feature found on most smartphones
Source: MIT Senseable City Lab Source: iPhone
MIT Geospatial Data Center18
Geospatial Exclusion Mechanism for Cyber Security
It‘s Little Brother, not Big Brother that we should worry about.
―Who is Little Brother? The people you don‘t know or don‘t want to know (i.e. the ex-significant other, the creepy people, et al.)
Source: Patti Digh
Little brother can glean where you are not.
―45% of people are very concerned about about revealing when they are away from home.
Little brother can determine where you are.
―What are the implications? Targeted attacks, via WiPhishing, a phishing tactic that fakes a wireless access point (a.k.a. Evil Twin Attack), et al.
MIT Geospatial Data Center19
Geospatial Exclusion Mechanism for Cyber Security
* MIT GDC chose Little Brother as the red team adversary: *
―Defending Against Targeted Attacks with Your Name on Them!
Source: ACME GPS
Source: Online Spy Shop
MIT Geospatial Data Center20
Geospatial Exclusion Mechanism for Cyber Security
―You are now part of the Internet of Things (IOT).
―You are now part of the Internet of Things (IOT).
MIT GDC envisions Outdoor/Indoor || Positive / (Negative |Active/Passive) Geolocation as a robust security credential:
―You can provide ground truth geolocation information (i.e. provenance/pedigree information).
MIT Geospatial Data Center21
Geospatial Exclusion Mechanism for Cyber Security
Outdoor/Indoor Geolocation can be a powerful explicit and implicit authenticator:
―Your movements and actions (e.g. using the wifi at the library, taking a picture with your mobile device, et al) are part of your personal supply chain.
Source: MIT Senseable Cities Lab
Source: iPhoneTunes
Source: Starbucks
MIT Geospatial Data Center22
Geospatial Exclusion Mechanism for Cyber Security
MIT GDC Matrix as guidance for implicit/explicit authentication:
―After all, a study conducted by the Palo Alto Research Center found that most mobile device users find password entry (with a 10% mistype rate) more annoying than lack of coverage, small screen size, or poor voice quality.
MIT Geospatial Data Center23
Geospatial Exclusion Mechanism for Cyber Security
―The HTML5 Geolocation API provides a way to ascertain the location of your mobile devices in a discoverability-agnostic fashion. Parameters include latitude, longitude, altitude, altitudeAccuracy (this will allow you to distinguish Z-depth), timestamp, maximumAge, enableHighAccuracy.
Source: Commscope.com
―You can have an IP likely/unlikely (e.g. you are unlikely to be in the basement of your office building) list, as compared to an IP deny list.
Indoor || Negative | Active Geolocation can be very granular and providently call for explicit re-authentication:
MIT Geospatial Data Center24
Geospatial Exclusion Mechanism for Cyber Security
―You can defend against targeted attacks by personal engagement in security through IOT obscurity!
―It‘s the classic security through obscurity by engaging in EMCON, via an APP that turns off your GPS. Source: James Parra
Non-GPS Indoor || Negative | Passive Geolocation can be excellent security through IOT obscurity:
MIT Geospatial Data Center25
Geospatial Exclusion Mechanism for Cyber Security
Software computes each photo’s viewpoint
and a sparse 3D model of the scene
Software stitches photos together
programmatically
MIT Application Server
How MIT‘s non-GPS Indoor || Negative | Passive Geolocation System is designed:
IBM Big Iron
Software matchesimage
MIT Geospatial Data Center26
Geospatial Exclusion Mechanism for Cyber Security
―Software collects image actively.
―Software transmits images to the MIT application server.
―Software matches image geometry with the pre-indexed image library on the digital media archival server (e.g. IBM Big Iron, which, for each segment of memory, has a storage protection key).
―Software informs mobile device user of current location and nearby points of interest (POI).
IBM Big Iron
MIT Application Server
How MIT‘s non-GPS Indoor || Negative | Passive Geolocation System works:
MIT Geospatial Data Center27
Geospatial Exclusion Mechanism for Cyber Security
Source: MIT Senseable Cities Lab
How MIT‘s non-GPS Indoor || Negative | Passive Geolocation System can be effective EMCON, while still informing you:
MIT Geospatial Data Center28
Geospatial Exclusion Mechanism for Cyber Security
(Negative |Active/Passive) Geolocation Functionality built onIBM Big Iron for species diversification to avoid transitive closure:
MIT Geospatial Data Center29
Geospatial Exclusion Mechanism for Cyber Security
So, we found a triumvirate solution to make it more difficult for Little Brother to target us constantly:―Geolocation emissions control
(EMCON), via an APP that turns off your GPS and an indoor geolocation paradigm shift towards image geometry matching.
―(Negative |Active/Passive) Geolocation as a robust security credential.
―Pre-indexed trusted image library, for image geometry matching, on IBM Big Iron for species diversification to avoid transitive closure.
L1Cache 32 KB
2-4 cycles
L2Cache 512KB
~7 cycles
L3Cache48 MB
14 cycles
RAM64 GB
70 cycles
Disk 10ms10 million cycles
CrossMachine
1-10 ms10 million cycles
MIT Geospatial Data Center30
Geospatial Exclusion Mechanism for Cyber Security
Source: IM2GPS: 3D Reconstruction and Geolocation of Internet Photo Collections
Is this triumvirate solution readily implementable? Yes!
MIT Geospatial Data Center31
Geospatial Exclusion Mechanism for Cyber Security
Probabilistic Spatiotemporal Model
Support Vector Machine Classifier (Machine Learning, via Pattern Recognition)
Earthquake CyberAttack
Event Detection
Traffic Jam
QRCQRC
Treatment of Geolocated Social Media Information as Sensory Data
Geospatial Data Geospatial Data
Arc
hite
cted
to
addr
ess
the
Big
Dat
a P
robl
em
Crowd-sourced Classifiers (Focused upon Unstudied Signatures and Patterns)
Ba
d R
ea
din
g
Dis
info
rma
tion
CompsComps
MIT Geospatial Data Center32
Geospatial Exclusion Mechanism for Cyber Security
Source: S Miles of the MIT Senseable City Laboratory & MIT Geospatial Data Center
Can visualizing big data help detect abnomalies? Yes!
MIT Geospatial Data Center33
Geospatial Exclusion Mechanism for Cyber Security
Source: Geosimulation
Can visualizing big data help detect abnomalies? Yes!
Source: Ekahau
Source: Xirrus
MIT Geospatial Data Center34
Geospatial Exclusion Mechanism for Cyber Security
Can visualizing big data help detect abnomalies? Yes!
Source: S Miles of the MIT Senseable City Laboratory & MIT Geospatial Data Center
MIT Geospatial Data Center35
Geospatial Exclusion Mechanism for Cyber Security
Can visualizing big data help detect abnomalies? Yes!
Source: S Miles of the MIT Senseable City Laboratory & MIT Geospatial Data Center
MIT Geospatial Data Center36
Geospatial Exclusion Mechanism for Cyber Security
Can visualizing big data help detect abnomalies? Yes!
Source: S Miles of the MIT Senseable City Laboratory & MIT Geospatial Data Center
MIT Geospatial Data Center37
Geospatial Exclusion Mechanism for Cyber Security
On behalf of the entire MIT team, thank you for the privilege of providing this brief at the UoM/FIT Cyber Security Expo 2010!