ebook img

Open Research Problems in Network Security: IFIP WG 11.4 International Workshop, iNetSec 2010, Sofia, Bulgaria, March 5-6, 2010, Revised Selected Papers PDF

177 Pages·2011·8.884 MB·English
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Open Research Problems in Network Security: IFIP WG 11.4 International Workshop, iNetSec 2010, Sofia, Bulgaria, March 5-6, 2010, Revised Selected Papers

Lecture Notes in Computer Science 6555 CommencedPublicationin1973 FoundingandFormerSeriesEditors: GerhardGoos,JurisHartmanis,andJanvanLeeuwen EditorialBoard DavidHutchison LancasterUniversity,UK TakeoKanade CarnegieMellonUniversity,Pittsburgh,PA,USA JosefKittler UniversityofSurrey,Guildford,UK JonM.Kleinberg CornellUniversity,Ithaca,NY,USA AlfredKobsa UniversityofCalifornia,Irvine,CA,USA FriedemannMattern ETHZurich,Switzerland JohnC.Mitchell StanfordUniversity,CA,USA MoniNaor WeizmannInstituteofScience,Rehovot,Israel OscarNierstrasz UniversityofBern,Switzerland C.PanduRangan IndianInstituteofTechnology,Madras,India BernhardSteffen TUDortmundUniversity,Germany MadhuSudan MicrosoftResearch,Cambridge,MA,USA DemetriTerzopoulos UniversityofCalifornia,LosAngeles,CA,USA DougTygar UniversityofCalifornia,Berkeley,CA,USA GerhardWeikum MaxPlanckInstituteforInformatics,Saarbruecken,Germany Jan Camenisch Valentin Kisimov Maria Dubovitskaya (Eds.) Open Research Problems in Network Security IFIP WG 11.4 International Workshop, iNetSec 2010 Sofia, Bulgaria, March 5-6, 2010 Revised Selected Papers 1 3 VolumeEditors JanCamenisch MariaDubovitskaya IBMResearchZurich,Säumerstr.4 8803Rüschlikon,Switzerland E-mail:{jca,mdu}@zurich.ibm.com ValentinKisimov UniversityofNationalandWorldEconomy StudentskiGrad"Hr.Botev",1700Sofia,Bulgaria E-mail:[email protected] ISSN0302-9743 e-ISSN1611-3349 ISBN978-3-642-19227-2 e-ISBN978-3-642-19228-9 DOI10.1007/978-3-642-19228-9 SpringerHeidelbergDordrechtLondonNewYork LibraryofCongressControlNumber:2011920837 CRSubjectClassification(1998):K.6.5,K.4,C.2,E.3,D.4.6,H.3.4-5 LNCSSublibrary:SL4–SecurityandCryptology ©IFIPInternationalFederationforInformationProcessing 2011 Thisworkissubjecttocopyright.Allrightsarereserved,whetherthewholeorpartofthematerialis concerned,specificallytherightsoftranslation,reprinting,re-useofillustrations,recitation,broadcasting, reproductiononmicrofilmsorinanyotherway,andstorageindatabanks.Duplicationofthispublication orpartsthereofispermittedonlyundertheprovisionsoftheGermanCopyrightLawofSeptember9,1965, initscurrentversion,andpermissionforusemustalwaysbeobtainedfromSpringer.Violationsareliable toprosecutionundertheGermanCopyrightLaw. Theuseofgeneraldescriptivenames,registerednames,trademarks,etc.inthispublicationdoesnotimply, evenintheabsenceofaspecificstatement,thatsuchnamesareexemptfromtherelevantprotectivelaws andregulationsandthereforefreeforgeneraluse. Typesetting:Camera-readybyauthor,dataconversionbyScientificPublishingServices,Chennai,India Printedonacid-freepaper SpringerispartofSpringerScience+BusinessMedia(www.springer.com) Preface iNetSec 2010 is the main conference of working group WG 11.4 of IFIP. Orig- inally, the conference was run in the traditional format where research papers get submitted, peer-reviewed, and then presented at the conference. Because there are (far too) many security conferences like that, it was decided in 2009 to change the format into a forum for the discussion of open research problems and directions in network security. To enable this more open style, while still remaining focused on particular topics, we called for two-page abstracts in which the authors were asked to outlineanopenresearchproblemordirection.Theseabstractswerereviewedby theentireprogramcommitteewhorankedeachofthemaccordingtowhetherthe problempresentedwasrelevantandsuitedforadiscussion.Basedonthis,about half of the submitted abstracts were chosen for presentation and discussion at the conference. The authors were asked to later write and submit full papers based on their abstracts and the discussions at the workshop. These are the papers that you are now holding in your hands. The conference also hosted two invited talks. Basie von Solms (President of IFIP) argued in his talk entitled “Securing the Internet: Fact or Fiction?” that securecomputernetworksareanillusionwithwhichwehavetocope.Thepaper tothetalkisalsocontainedintheseproceedings.LeonStraus(PresidentElectof IFIP) shared his insights on “Network and Infrastructure Research Needs from a Financial Business Perspective” which showed how much research can and should learn from practitioners from all fields using computer technologies. Onthelastdayoftheconference,theattendeesgatheredinalivelydiscussion about security and cloud computing that opened the eyes of quite a few. The social highlights of the conference were the Bulgarian dinner accompanied by traditional live music and a guided tour through Sofia that despite the freezing temperature was delightful and impressive. We are grateful to the two invited speakers, the authors, the PC members, and last but certainly not least, the local organizing committee. September 2010 Jan Camenisch Valentin Kisimov iNetSec 2010 Open Research Problems in Network Security University of National and World Economy, Sofia, Bulgaria March 5-6, 2010 Organized in cooperation with IFIP WG 11.4 Executive Committee ProgramChair Jan Camenisch, IBM Research – Zurich Organizing Chair Valentin Kisimov, UNWE Program Committee Jan Camenisch IBM Research Virgil Gligor Carnegie Mellon University Jean-Pierre Hubaux EPFL Simone Fischer-Hu¨bner Karlstad University Dogan Kesdogan University of Siegen Valentin Kisimov UNWE Albert Levi Sabanci University Javier Lopez University of Malaga Refik Molva Eurecom Local Organizing Committee Valentin Kisimov IFIP TC11, UNWE Dimiter Velev UNWE Kamelia Stefanova UNWE Vanya Lazarova UNWE Table of Contents Invited Talk and Scheduling Securing the Internet: Fact or Fiction?.............................. 1 Basie von Solms Open Research Questions of Privacy-EnhancedEvent Scheduling....... 9 Benjamin Kellermann Adversaries Event Handoff Unobservability in WSN............................. 20 Stefano Ortolani, Mauro Conti, Bruno Crispo, and Roberto Di Pietro Emerging and Future Cyber Threats to Critical Systems.............. 29 Edita Djambazova, Magnus Almgren, Kiril Dimitrov, and Erland Jonsson AdversarialSecurity: Getting to the Root of the Problem ............. 47 Raphael C.-W. Phan, John N. Whitley, and David J. Parish PracticalExperienceswithPurenet,a Self-learningMalwarePrevention System ......................................................... 56 Alapan Arnab, Tobias Martin, and Andrew Hutchison A Biometrics-BasedSolution to Combat SIM Swap Fraud............. 70 Louis Jordaan and Basie von Solms Are BGP Routers Open to Attack? An Experiment .................. 88 Ludovico Cavedon, Christopher Kruegel, and Giovanni Vigna Secure Processes Securing the Core University Business Processes ..................... 104 Veliko Ivanov, Monika Tzaneva, Alexandra Murdjeva, and Valentin Kisimov Some Technologies for Information Security Protection in Weak- ControlledComputerSystems andTheirApplicability foreGovernment Services Users ................................................... 117 Anton Palazov VIII Table of Contents Real-Time System for Assessing the Information Security of Computer Networks ....................................................... 123 Dimitrina Polimirova and Eugene Nickolov Evidential Notions of Defensibility and Admissibility with Property Preservation..................................................... 134 Raphael C.-W. Phan, Ahmad R. Amran, John N. Whitley, and David J. Parish Security for Clouds Cloud Infrastructure Security...................................... 140 Dimiter Velev and Plamena Zlateva Security and Privacy Implications of Cloud Computing – Lost in the Cloud .......................................................... 149 Vassilka Tchifilionova The Need for Interoperable Reputation Systems ..................... 159 Sandra Steinbrecher Author Index.................................................. 171 Securing the Internet: Fact or Fiction? Basie von Solms President: IFIP University of Johannesburg Johannesburg, South Africa [email protected] 1 Introduction ThenumberofusersoftheInternet,inwhateverway,isgrowingatanexplosive rate. More and more companies are rolling out new applications based on the Internet, forcing more and more users to leverage these systems and therefore becomeInternetusers.Socialnetworkingsites andapplicationsarealsogrowing at alarming rates, getting more and more users, whom we can call home or private users, involved and active on the Internet. Corporate companies are now also integrating social networking as part of their way of doing business, andgovernmentsareimplementingInternetbasedsystemsrangingfrommedical applications to critical IT infrastructure protection. Therefore millions of people are using the Internet for e-commerce, informa- tion retrieval, research, casual surfing and many other purposes, and this will just keep growing. One estimate is that the amount of data space needed to supportthe fast growingonline economywill double every 11hours by 2012[1]. Inmost,ifnotall,oftheseactivitiesontheInternet,dataandinformationare involved.This mayrangefromthe user’sIPaddressto securepersonalinforma- tion,tosensitivecorporateinformationtocrucialnationalstrategicinformation. The big question is, and has always been, how secure is all this information and data, and can it be properly secured? This of course has worried experts even since information was stored in elec- tronic systems many years ago, but has become much more acute the last few years with the explosive growth of the Internet, and the, in many cases, uncon- trolled flocking of users to be part of Internet usage in some way or the other. This paper objectively investigates this question, based on recent reports in the area of Information Security and Cyber Crime. In paragraph 2 we will investigate what can we understand under the term “securing” of the Internet - what do we want to secure and why. In paragraph 3 we will give an overview of recent cyber crime statistics, and in Section 4 we will give an opinion about the possibility of securing the Internet. 2 What Do We Mean by “Securing” the Internet? It is important to investigate what we have in mind when we say we want to secure the Internet, as there surely are different interpretations of this term. In this paragraphwe will look at possible meanings of the term. J.Camenisch,V.Kisimov,andM.Dubovitskaya(Eds.):iNetSec2010,LNCS6555,pp.1–8,2011. (cid:2)c IFIPInternationalFederationforInformationProcessing2011 2 B. von Solms 2.1 The Ideal Interpretation In the ideal and widest possible interpretation, we can say that securing the Internetmeansthatalldataandinformationstoredonallwebsitesformingpart oftheInternet,andalldataandinformationbeingtransportedovertheInternet aresecuredsothatno unauthorizedpeople cansee (read)orchangethe content (protecting the confidentiality and integrity of the data and information), and that the data and information must be available to authorized users whenever they want to use it (protecting the availability of the data and information.) Thismeansthatallinformationinalldatabasesandintransitmustbesecured and only accessible to the authorized users. Apart from extensive encryption techniques to ensurethis, extensiveidentificationandauthenticationtechniques must be available to ensure that every user is correctly identified and authen- ticated, and logical access control is comprehensively enforced. These measures must ensure that no person can masquerade as another person, and that elec- tronic identities can only be successfully used by the real owners to which such identities were issued. To create this ideal interpretation, the following must be possible: • we must know precisely what is part of the Internet, ie which computers, servers and other equipment • all these infrastructure must be controlled via legal systems to enforce the required confidentiality, integrity and availability • no unauthorized system can be connected to the Internet - authorized by some (central?) managing power • all users’ identity information must be protected in such a way that it can never be compromised in any way • allusersmustbeabsolutelyawareoftherisksofcompromisingtheiridentity information • legalsystemsmustexistinternationallywhichcanenforcetheserequirements • etc etc Even a person with no information security knowledge at all, will agree straight forward that this ideal situation is NOT possible, because of the open and uncontrolled way the Internet is operated and growing. Therefore, in the light of the ideal interpretation of securing the Internet, as discussed above, we must conclude Securing the Internet is fiction - it is just not possible. 2.2 The Realistic Interpretation Let us now investigate a more realistic interpretation. In this realistic interpre- tation, we have to accept that • there is no, and never will be any, central control over the Internet • there is no way to know what the boundaries of the Internet are, i.e. which systems are part of the Internet at any point of time Securingthe Internet:Fact or Fiction? 3 • no legal systems exist (presently) which can enforce any reasonable security (like enforcing encryption and proper identification and authentication) • users do not protect their identity information, and are in most cases not aware of the risk of not doing so • in no way can masquerading, or unauthorized use of identity information be prevented, as users are the weakest link in the chain and can always be seduced to compromise their identity information • cyber crime is rampant and leveraging any possible chink in the armor of the Internet Therefore, in the light of this realistic interpretation of securing the Internet as discussed above, the author concludes Securing the Internet is fiction - it is just not possible. This conclusion will be motivated in the next paragraphs. 3 An Overview of Recent Cyber Crime Statistics An overview of recent cyber crime statistics, provides a good place on which to start and base a motivation for the view taken in the previous paragraph. In this paragraph, we will investigate some recent international reports on cyber crime, and try to get an impression of what is happening. The paragraph will be unstructured in the sense that we will provide a few quotes from specific reports, and then briefly comment on these in paragraph 4. Paragraph 5 will provide some suggestions for the future. 3.1 The Sophos Security Threat Report - 2009 ([2]) Under the summary, Six Months at a glance: • 23 500 infected websites are discovered every day. That’s one every 3.6 sec- onds - four times worse than the same period in 2008 • 15newbogusanti-virusvendorwebsitesarediscoveredeveryday.Thisnum- ber has tripled, up from averageof 5 during 2008 • 89.7% of all business email is spam The report further makes the following very worrying statement: “The vast majority of infected websites are in fact legitimate sites that have been hacked to carry malicious code. Users visiting the web- sites may be infected by simply visitingaffected websites, ...The scope of these attacks cannot be underestimated, since all types of sites - from government departments and educational establishments to em- bassies and political parties ...- have been targeted.”

See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.