Friday, May 4, 2007

Application of Ring Signatures

The below cryptographic scheme has many applications, both in security-related systems and in building other cryptographic schemes. Please help suggesting more applications!

Ring signature is a "signer-ambiguous" signature, the verifier can only ensure the message is signed by 1 out of n purported users, but not exactly whom. For signing, (i.e. to produce a ring signature), the actual signer declares an arbitrary set of possible signers that
must include himself, and computes the signature entirely by himself using only
his secret key and the others' public keys. In particular, the other possible "members of this group"may be completely unaware that their public keys are used by a
stranger to produce such a ring signature on a message they have never seen and
would not wish to sign.

You may assume additional properties that you find useful, e.g. 1. perfect anonymity, 2. there exists a guy who can revoke the anonymity of the signature; or 3. we can tell if two signatures are signed by the same signer, but with the identity remains hidden. You name it, I (try to) build it!

A generic anti-spyware solution by access control list at kernel level

Our class has a project about monitoring the access patterns of processes to flag potential abnormalities. The idea is good and I think the combination of this project and the following work will be useful.

Title: A generic anti-spyware solution by access control list at kernel level

URL: http://portal.acm.org/citation.cfm?id=1063041

Abstract:

Spyware refers to programs that steal the user information stored in the user's computer and transmit this information via the internet to a designated home server without the user being aware of this transmission. Existing anti-spyware solutions are not generic and flexible. These solutions either check for the existence of known spyware or try to block the transmission of the private information at the packet level. In this paper, we propose a more generic and flexible anti-spyware solution by utilizing an access control ist in kernel mode of the operating system. The major difference between our approach and the existing approaches is that instead of asking a guard to look for the theft (spyware) or control the exit of the computer (and hence giving the spyware enough time to hide the information to be transmitted). we put a guard besides the treasure (the private information) and carefully control the access to it in the kernel mode. We also show the details of an implementation that realizes our proposed solution.

Monday, April 30, 2007

Hacking!!!! Not always negative.....

With the technological advances in the internet, we also come accross certain evil faces of the internet: criminal hackers. Governments, companies, and private citizens around the world are afraid that some hacker will break into their Web server and replace their logo with pornography, read their e-mail, steal their credit card number from an on-line shopping site, or implant software that will secretly transmit their organization's secrets to the open Internet. They then turn to ethical hackers for help.

Ethical Hacking services - the positive side of hacking are sold under the modern name of "Network Security Services".
Ethical hackers help their customers to find and plug in the security loop holes in their respective sites. Watch out guys their is more to more...this is just an introduction

Reputation in P2P

Reputation-based systems are used to establish trust among members of on-line communities where parties with no prior knowledge of each other use the feedback from their peers to assess the trust worthiness of the peers in the community. Generally the reputation system in P2P network follows four steps.
Step 1: a requestor r locates available resources sending a broadcast Query message to ask for the files it needs to download. Other peers will answer with a QueryHit message to the requesting node to notify that they have the requested resource.
Step 2: Upon receiving a set of QueryHit messages, r selects an offerer o and polls the community for any available reputation information on o sending a Poll message. As a result of step 2, r receives a set V of votes, some of which express a good opinion while others express a bad one.
step 3: r evaluates the votes to collapse any set of votes that may belong to a clique and explicitly selects a random set of votes for verifying their trustworthiness.
step 4: the set of reputations collected in step 3 is computed into an aggregated community-wide reputation value. Base on this reputation value, the requestor r can take a decision on whether accessing the resource offered by o or not.After accessing the resource r can update its local trust on o (depending on whether the downloaded resource was satisfactory of not).
P2PRep is a reputation-based protocol runs in a completely anonymous P2P networks. In P2PReP, local reputation management and community-wide reputation management are two different levels. Local reputation is defined as one single peer’s opinion of one other peer’s reputation, based on its formal experience. The community reputation means the aggregated general opinion given by multiple peers. P2PRep is generally combine these two factors togeter.
P2Prep works well in the environments of the percentage of malicious peers’ increasing and decreasing by changing well-behaved ones to rogues ones and changing rogue ones into well-behaved ones. As to the turn over case in peers’ population, P2PReP confirms its robust-ness showing a percentage of malicious downloads greater about 1% than scenario with no change.

Monday, April 2, 2007

Analyzing network traffic

The following paper seems to be relevant to the topic we discussed in class and takes a look at how to analyze network traffic by generating a state machine from traces. Could these state machines be also feasibly used in an IDS to filter bad traces?

http://comet.lehman.cuny.edu/griffeth/Papers/Agate.pdf

Friday, March 23, 2007

Unusual E-mail Activity


I've been noticing unusual e-mail activities at my nyu account. 3-4 tomes in the past month I've got 'MAILER-DAEMON' failure notice e-mail when I've not send mails at those addresses.

An example is :

Subject failure notice
Hi. This is the qmail-send program at mail.yifansoft.com.
I'm afraid I wasn't able to deliver your message to the following addresses.
This is a permanent error; I've given up. Sorry it didn't work out.

:
Sorry, no mailbox here by that name. vpopmail (#5.1.1)



So, have other people also been getting such emails too ?
And what could these signify ?

Monday, March 12, 2007

A video link to byzantine fault tolerant systems by M. Castro

Hi Class,

here is a video link to a lecture given by M. Castro on the topic of Byzantine fault tolerant systems. If reading the papers is a daunting task for somebody, this is an interesting alternative for sure.

http://www.researchchannel.org/prog/displayevent.aspx?rID=2128&fID=569


Produced by:
University of Washington

April 6, 2000

Speaker(s):
Miguel Castro, Massachusetts Institute of Technology

Runtime:00:54:40

Description:
The growing reliance of our society on computers demands that we provide systems with improved reliability, availability, and security. This talk describes BFT -- a new software Byzantine fault tolerance toolkit that addresses these issues. BFT can be used to build replicated systems that work correctly and remain available even when some of their replicas behave arbitrarily due to malicious attacks, software errors, or hardware failures.

A video link to byzantine fault tolerant systems by M. Castro

Hi Class,

here is a video link to a lecture given by M. Castro on the topic of Byzantine fault tolerant systems. If reading the papers is a daunting task for somebody, this is an interesting alternative for sure.

Produced by:
University of Washington

April 6, 2000

Speaker(s):
Miguel Castro, Massachusetts Institute of Technology

Runtime:00:54:40

Description:
The growing reliance of our society on computers demands that we provide systems with improved reliability, availability, and security. This talk describes BFT -- a new software Byzantine fault tolerance toolkit that addresses these issues. BFT can be used to build replicated systems that work correctly and remain available even when some of their replicas behave arbitrarily due to malicious attacks, software errors, or hardware failures.

Thursday, March 8, 2007

Digg Mafia, Bury Brigade

Some say there is a group of digg.com users that work together to effectively censor digg posts.

There is debate whether this exists:

http://www.wired.com/news/technology/internet/0,72835-0.html?tw=wn_index_3

http://blog.digg.com/?p=66

http://www.pronetadvertising.com/articles/the-bury-brigade-exists-and-heres-my-proof.html

Wednesday, February 28, 2007

Continuation to Did you know series?

The code red worm is a computer worm that attacked computers running the Microsoft IIS web server. Within a week of its release (July 13th 2001) it had infected 3590000 users. It made use of the vulnerability in the indexing software distributed with IIS called as buffer overflow. This worm along with others like slammer, nimda etc are all fast scanning worms. The effectiveness of these worms can be argued to the fact that IPv4 addresses are only 32 bit long thus allowing exhaustive search. This can make one believe that adoption of the 128bit IPv6 addressing should stem the speed due to it sparse address spacing of these worms assuming that the number of internet users dont go up by similar factor. The work factor for finding a target in an IPv6 Internet will increase by approximately 2 to the power 96, rendering random scanning prohibitively expensive. This raises a good point of discussion if this can be a good solution.

Fact on security threat

Fact on security threat:
Clever computer criminals have recently become much more sophisticated in their attacks against online banks. The Internet is now awash in programs called "remote access Trojans," or RATs, that feed on online banking passwords. Designed specifically to lurk in the background, waiting until the user types the name of a well-known bank into a Web browser, the program springs into action, copying every keystroke. The data is sent back to the criminal, who can then raid the online bank

Thursday, February 22, 2007

Did you know series?

Post what you know about security attacks or alarms that you would like to share with others:

Here's one: A fast scanning worm can affect more than half the Internet in 10 sec. The Slammer worm was not quite as fast but it was nearly there. Any ideas as to why?

Thursday, February 1, 2007

Lecture 3: Secure Routing in the Internet

About the man-in-the-middle attack (MITM) in the challenge-response protocol discussed today, I am wondering if the following method works. As Joel also suggested briefly, I am thinking of using of authenticated key agreement protocol (KA) to encounter this problem.

Informally, and for the purpose of our discussion, KA is a public key protocol that establish a session key between two entities, and each party get authenticated by the other.

A secure KA (in the Bellare-Rogaway model or the Canetti-Krawczyk model) can withstand MITM. In particular, a user C forwarding a user A's challenge to user B will only result in two different session keys (one between A and C and another between B and C).

So my suggestion is as follows: use such KA to get a session key (which involves the challenge-response part already), then use the resulting session key to encrypt the signature. If the other side is not the one it purported, then he/she cannot decrypt and get the signature. The encryption here is just symmetric encryption, and the computational overhead involved by KA can be amortized to several invocations (well, there is a security trade off, e.g. the session key is later compromised).

Friday, January 26, 2007

How to Post in this blog?

Each student kindly setup a blogger account... email that to me and post your thoughts as comments. Anonymous posting is not allowed!

Alternatively, send me your email account, I can add you as an author of this blog. Gmail accounts are preferable!

Discussion topic 1

This is a note to all the students in the class: Kindly post a scenario of what would happen when a computer lies and discuss your thoughts in detail about your specific scenario as to how it may affect the security of the overall system.

Wednesday, January 3, 2007

About this blog

This is a blog site for students and researchers to post thoughts centered around the topic "what if a computer lies?" - security problems that arise in large-scale networks and distributed systems because nodes in the systems may propagate bogus information.