Visible to the public International Conferences: Dependable Systems and Networks (2014) - USA

SoS Newsletter- Advanced Book Block

Dependable Systems and Networks (2014)


As part of the series focused upon specific international conferences, the citations given here are from the 2014 44th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), held in Atlanta, Georgia on 23-26 June 2014. All relate to security issue research.

  • Cuong Pham; Estrada, Z.; Phuong Cao; Kalbarczyk, Z.; Iyer, R.K., "Reliability and Security Monitoring of Virtual Machines Using Hardware Architectural Invariants," Dependable Systems and Networks (DSN), 2014 44th Annual IEEE/IFIP International Conference on, pp.13,2 4, 23-26 June 2014. doi: 10.1109/DSN.2014.19 This paper presents a solution that simultaneously addresses both reliability and security (RnS) in a monitoring framework. We identify the commonalities between reliability and security to guide the design of Hyper Tap, a hyper visor-level framework that efficiently supports both types of monitoring in virtualization environments. In Hyper Tap, the logging of system events and states is common across monitors and constitutes the core of the framework. The audit phase of each monitor is implemented and operated independently. In addition, Hyper Tap relies on hardware invariants to provide a strongly isolated root of trust. Hyper Tap uses active monitoring, which can be adapted to enforce a wide spectrum of RnS policies. We validate Hyper Tap by introducing three example monitors: Guest OS Hang Detection (GOSHD), Hidden Root Kit Detection (HRKD), and Privilege Escalation Detection (PED). Our experiments with fault injection and real root kits/exploits demonstrate that Hyper Tap provides robust monitoring with low performance overhead.
    Keywords: monitoring; reliability; security of data; virtual machines; GOSHD; Guest OS Hang Detection; HRKD; Hyper Tap; PED; active monitoring; fault injection; hardware architectural invariants; hidden root kit detection; hyper visor-level framework; privilege escalation detection; reliability; robust monitoring; security monitoring framework; virtual machines; virtualization environments; Data structures; Hardware; Kernel; Monitoring; Reliability; Security; Virtual machine monitors; Fault Injection; Hypervisor; Invariant; Monitoring; Reliability; Rootkit; Security (ID#:14-3095)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6903563&isnumber=6903544
  • Haq, O.; Ahmed, W.; Syed, A.A., "Titan: Enabling Low Overhead and Multi-faceted Network Fingerprinting of a Bot," Dependable Systems and Networks (DSN), 2014 44th Annual IEEE/IFIP International Conference on, pp.37, 44, 23-26 June 2014. doi: 10.1109/DSN.2014.20 Botnets are an evolutionary form of malware, unique in requiring network connectivity for herding by a botmaster that allows coordinated attacks as well as dynamic evasion from detection. Thus, the most interesting features of a bot relate to its rapidly evolving network behavior. The few academic and commercial malware observation systems that exist, however, are either proprietary or have large cost and management overhead. Moreover, the network behavior of bots changes considerably under different operational contexts. We first identify these various contexts that can impact its fingerprint. We then present Titan: a system that generates faithful network fingerprints by recreating all these contexts and stressing the bot with different network settings and host interactions. This effort includes a semi-automated and tunable containment policy to prevent bot proliferation. Most importantly, Titan has low cost overhead as a minimal setup requires just two machines, while the provision of a user-friendly web interface reduces the setup and management overhead. We then show a fingerprint of the Crypto locker bot to demonstrate automatic detection of its domain generation algorithm (DGA). We also demonstrate the effective identification of context specific behavior with a controlled deployment of Zeus botnet.
    Keywords: invasive software; Botnets; Crypto locker bot; DGA; Titan system; Zeus botnet; bot detection; bot proliferation prevention; botmaster; containment policy; domain generation algorithm; malware; malware observation systems; network connectivity; network fingerprinting; Context; Fingerprint recognition; IP networks; Logic gates; Malware; Ports (Computers); Sensors; botnets; containment policy; malware fingerprint; software defined networking; testbed (ID#:14-3096)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6903565&isnumber=6903544
  • Howard, G.M.; Gutierrez, C.N.; Arshad, F.A.; Bagchi, S.; Yuan Qi, "pSigene: Webcrawling to Generalize SQL Injection Signatures," Dependable Systems and Networks (DSN), 2014 44th Annual IEEE/IFIP International Conference on, pp.45, 56, 23-26 June 2014. doi: 10.1109/DSN.2014.21 Intrusion detection systems (IDS) are an important component to effectively protect computer systems. Misuse detection is the most popular approach to detect intrusions, using a library of signatures to find attacks. The accuracy of the signatures is paramount for an effective IDS, still today's practitioners rely on manual techniques to improve and update those signatures. We present a system, called pSigene, for the automatic generation of intrusion signatures by mining the vast amount of public data available on attacks. It follows a four-step process to generate the signatures, by first crawling attack samples from multiple public cyber security web portals. Then, a feature set is created from existing detection signatures to model the samples, which are then grouped using a biclustering algorithm which also gives the distinctive features of each cluster. Finally the system automatically creates a set of signatures using regular expressions, one for each cluster. We tested our architecture for SQL injection attacks and found our signatures to have a True and False Positive Rates of 90.52% and 0.03%, respectively and compared our findings to other SQL injection signature sets from popular IDS and web application firewalls. Results show our system to be very competitive to existing signature sets.
    Keywords: SQL; authorisation; data mining; digital signatures; portals; IDS; SQL injection attack; SQL injection signature; Webcrawling; biclustering algorithm; crawling attack; data mining; intrusion detection system; misuse detection; pSigene; public cyber security Web portal; Clustering algorithms; Computer security; Databases; Feature extraction; Manuals; Portals; SQL injection; biclustering; signature generalization; web application security}, (ID#:14-3097)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6903566&isnumber=6903544
  • Haitao Du; Yang, S.J., "Probabilistic Inference for Obfuscated Network Attack Sequences," Dependable Systems and Networks (DSN), 2014 44th Annual IEEE/IFIP International Conference on, pp.57, 67, 23-26 June 2014. doi: 10.1109/DSN.2014.22 Facing diverse network attack strategies and overwhelming alters, much work has been devoted to correlate observed malicious events to pre-defined scenarios, attempting to deduce the attack plans based on expert models of how network attacks may transpire. Sophisticated attackers can, however, employ a number of obfuscation techniques to confuse the alert correlation engine or classifier. Recognizing the need for a systematic analysis of the impact of attack obfuscation, this paper models attack strategies as general finite order Markov models, and treats obfuscated observations as noises. Taking into account that only finite observation window and limited computational time can be afforded, this work develops an algorithm to efficiently inference on the joint distribution of clean and obfuscated attack sequences. The inference algorithm recovers the optimal match of obfuscated sequences to attack models, and enables a systematic and quantitative analysis on the impact of obfuscation on attack classification.
    Keywords: Markov processes; computer network security; invasive software; Markov models; attack obfuscation; diverse network attack strategies; finite observation window; limited computational time; obfuscated attack sequences; obfuscated network attack sequences; observed malicious events; probabilistic inference; sophisticated attackers; systematic analysis; Computational modeling; Dynamic programming; Hidden Markov models; Inference algorithms; Markov processes; Probabilistic logic; Vectors (ID#:14-3098)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6903567&isnumber=6903544
  • Anceaume, E.; Busnel, Y.; Le Merrer, E.; Ludinard, R.; Marchand, J.L.; Sericola, B., "Anomaly Characterization in Large Scale Networks," Dependable Systems and Networks (DSN), 2014 44th Annual IEEE/IFIP International Conference on, pp.68, 79, 23-26 June 2014. doi: 10.1109/DSN.2014.23 The context of this work is the online characterization of errors in large scale systems. In particular, we address the following question: Given two successive configurations of the system, can we distinguish massive errors from isolated ones, the former ones impacting a large number of nodes while the second ones affect solely a small number of them, or even a single one? The rationale of this question is twofold. First, from a theoretical point of view, we characterize errors with respect to their neighbourhood, and we show that there are error scenarios for which isolated and massive errors are indistinguishable from an omniscient observer point of view. We then relax the definition of this problem by introducing unresolved configurations, and exhibit necessary and sufficient conditions that allow any node to determine the type of errors it has been impacted by. These conditions only depend on the close neighbourhood of each node and thus are locally computable. We present algorithms that implement these conditions, and show through extensive simulations, their performances. Now from a practical point of view, distinguishing isolated errors from massive ones is of utmost importance for networks providers. For instance, for Internet service providers that operate millions of home gateways, it would be very interesting to have procedures that allow gateways to self distinguish whether their dysfunction is caused by network-level errors or by their own hardware or software, and to notify the service provider only in the latter case.
    Keywords: computerised monitoring; digital simulation; distributed processing ; security of data; anomaly characterization; error online characterization; extensive simulations ;isolated errors; large scale distributed systems; large scale networks; large scale systems; massive errors; online monitoring problem; Bismuth; Measurement; Monitoring; Observers; Peer-to-peer computing; Quality of service; Trajectory; Error detection; large scale systems; local algorithms (ID#:14-3099)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6903568&isnumber=6903544
  • Daiping Liu; Haining Wang; Stavrou, A., "Detecting Malicious Javascript in PDF through Document Instrumentation," Dependable Systems and Networks (DSN), 2014 44th Annual IEEE/IFIP International Conference on, pp.100, 111, 23-26 June 2014. doi: 10.1109/DSN.2014.92 An emerging threat vector, embedded malware inside popular document formats, has become rampant since 2008. Owed to its wide-spread use and Javascript support, PDF has been the primary vehicle for delivering embedded exploits. Unfortunately, existing defenses are limited in effectiveness, vulnerable to evasion, or computationally expensive to be employed as an on-line protection system. In this paper, we propose a context-aware approach for detection and confinement of malicious Javascript in PDF. Our approach statically extracts a set of static features and inserts context monitoring code into a document. When an instrumented document is opened, the context monitoring code inside will cooperate with our runtime monitor to detect potential infection attempts in the context of Javascript execution. Thus, our detector can identify malicious documents by using both static and runtime features. To validate the effectiveness of our approach in a real world setting, we first conduct a security analysis, showing that our system is able to remain effective in detection and be robust against evasion attempts even in the presence of sophisticated adversaries. We implement a prototype of the proposed system, and perform extensive experiments using 18623 benign PDF samples and 7370 malicious samples. Our evaluation results demonstrate that our approach can accurately detect and confine malicious Javascript in PDF with minor performance overhead.
    Keywords: Java; document handling; feature extraction ;invasive software; ubiquitous computing; Javascript execution; Javascript support; PDF; context monitoring code; context-aware approach; document format; document instrumentation; embedded malware; emerging threat vector; evasion attempt; malicious Javascript confinement; malicious Javascript detection; malicious document identification; online protection system; potential infection attempt detection; runtime feature; runtime monitoring; security analysis; sophisticated adversaries; static feature extraction; Context; Feature extraction; Instruments; Malware; Monitoring; Portable document format; Runtime; Malcode bearing PDF; document instrumentation; malicious Javascript; malware detection and confinement (ID#:14-3100)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6903571&isnumber=6903544
  • Bin Liang; Wei You; Liangkun Liu; Wenchang Shi; Heiderich, M., "Scriptless Timing Attacks on Web Browser Privacy," Dependable Systems and Networks (DSN), 2014 44th Annual IEEE/IFIP International Conference on, pp.112,123, 23-26 June 2014 doi: 10.1109/DSN.2014.93 The existing Web timing attack methods are heavily dependent on executing client-side scripts to measure the time. However, many techniques have been proposed to block the executions of suspicious scripts recently. This paper presents a novel timing attack method to sniff users' browsing histories without executing any scripts. Our method is based on the fact that when a resource is loaded from the local cache, its rendering process should begin earlier than when it is loaded from a remote website. We leverage some Cascading Style Sheets (CSS) features to indirectly monitor the rendering of the target resource. Three practical attack vectors are developed for different attack scenarios and applied to six popular desktop and mobile browsers. The evaluation shows that our method can effectively sniff users' browsing histories with very high precision. We believe that modern browsers protected by script-blocking techniques are still likely to suffer serious privacy leakage threats.
    Keywords: data privacy; online front-ends; CSS features; Web browser privacy; Web timing attack methods; cascading style sheets; client-side scripts; desktop browser; mobile browser; privacy leakage threats; rendering process; script-blocking techniques; scriptless timing attacks; user browsing history; Animation; Browsers; Cascading style sheets; History; Rendering (computer graphics);Timing; Web privacy; browsing history; scriptless attack; timing attack (ID#:14-3101)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6903572&isnumber=6903544
  • Shaw, A.; Doggett, D.; Hafiz, M., "Automatically Fixing C Buffer Overflows Using Program Transformations," Dependable Systems and Networks (DSN), 2014 44th Annual IEEE/IFIP International Conference on, pp.124, 135, 23-26 June 2014. doi: 10.1109/DSN.2014.25 Fixing C buffer overflows at source code level remains a manual activity, at best semi-automated. We present an automated approach to fix buffer overflows by describing two program transformations that automatically introduce two well-known security solutions to C source code. The transformations embrace the difficulties of correctly analyzing and modifying C source code considering pointers and aliasing. They are effective: they fixed all buffer overflows featured in 4,505 programs of NIST's SAMATE reference dataset, making the changes automatically on over 2.3 million lines of code (MLOC). They are also safe: we applied them to make hundreds of changes on four open source programs (1.7 MLOC) without breaking the programs. Automated transformations such as these can be used by developers during coding, and by maintainers to fix problems in legacy code. They can be applied on a case by case basis, or as a batch to fix the root causes behind buffer overflows, thereby improving the dependability of systems.
    Keywords: C language; public domain software; security of data; source code (software) ;source coding; C source code; MLOC; NIST SAMATE reference dataset; automatic C buffer overflow fixing; legacy code; million lines of code; open source programs; program transformations; security solutions; source coding; Algorithm design and analysis; Arrays; ISO standards; Libraries; Manuals; Security; buffer; dependability; overflow; security (ID#:14-3102)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6903573&isnumber=6903544
  • Lerner, L.W.; Franklin, Z.R.; Baumann, W.T.; Patterson, C.D., "Application-Level Autonomic Hardware to Predict and Preempt Software Attacks on Industrial Control Systems," Dependable Systems and Networks (DSN), 2014 44th Annual IEEE/IFIP International Conference on, pp.136, 147, 23-26 June 2014 doi: 10.1109/DSN.2014.26 We mitigate malicious software threats to industrial control systems, not by bolstering perimeter security, but rather by using application-specific configurable hardware to monitor and possibly override software operations in real time at the lowest (I/O pin) level of a system-on-chip platform containing a micro controller augmented with configurable logic. The process specifications, stability-preserving backup controller, and switchover logic are specified and formally verified as C code commonly used in control systems, but synthesized into hardware to resist software reconfiguration attacks. In addition, a copy of the production controller task is optionally implemented in an on-chip, isolated soft processor, connected to a model of the physical process, and accelerated to preview what the controller will attempt to do in the near future. This prediction provides greater assurance that the backup controller can be invoked before the physical process becomes unstable. Adding trusted, application-tailored, software-invisible, autonomic hardware is well-supported in a commercial system-on-chip platform.
    Keywords: industrial control; security of data; software engineering; system-on-chip; trusted computing; application-level autonomic hardware; application-tailored hardware; industrial control systems; malicious software threats; perimeter security; software attacks;s oftware reconfiguration attacks; software-invisible hardware; system-on-chip platform; trusted hardware; Hardware; Kernel; Monitoring; Process control; Production; Security ;formal analysis ;hardware root-of-trust; industrial control system security; software threats (ID#:14-3103)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6903574&isnumber=6903544
  • Rahman, M.A.; Al-Shaer, E.; Kavasseri, R.G., "Security Threat Analytics and Countermeasure Synthesis for Power System State Estimation," Dependable Systems and Networks (DSN), 2014 44th Annual IEEE/IFIP International Conference on, pp.156, 167, 23-26 June 2014. doi: 10.1109/DSN.2014.29 State estimation plays a critically important role in ensuring the secure and reliable operation of the power grid. However, recent works have shown that the widely used weighted least squares (WLS) estimator, which uses several system wide measurements, is vulnerable to cyber attacks wherein an adversary can alter certain measurements to corrupt the estimator's solution, but evade the estimator's existing bad data detection algorithms and thus remain invisible to the system operator. Realistically, such a stealthy attack in its most general form has several constraints, particularly in terms of an adversary's knowledge and resources for achieving a desired attack outcome. In this light, we present a formal framework to systematically investigate the feasibility of stealthy attacks considering constraints of the adversary. In addition, unlike prior works, our approach allows the modeling of attacks on topology mappings, where an adversary can drastically strengthen stealthy attacks by intentionally introducing topology errors. Moreover, we show that this framework allows an operator to synthesize cost-effective countermeasures based on given resource constraints and security requirements in order to resist stealthy attacks. The proposed approach is illustrated on standard IEEE test cases.
    Keywords: energy management systems; least squares approximations; power grids; power system state estimation; security of data; topology; IEEE test cases; WLS estimator; countermeasure synthesis; data detection algorithms; power grid; power system state estimation; security threat analytics; stealthy cyber attacks; topology errors; topology mappings; weighted least square estimator; Equations; Mathematical model; Power measurement; Security State estimation; Topology; Transmission line measurements; False Data Injection Attack; Formal Method; Power Grid; State Estimation (ID#:14-3104)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6903576&isnumber=6903544
  • Mustafa, H.; Wenyuan Xu; Sadeghi, A.R.; Schulz, S., "You Can Call but You Can't Hide: Detecting Caller ID Spoofing Attacks," Dependable Systems and Networks (DSN), 2014 44th Annual IEEE/IFIP International Conference on, pp.168,179, 23-26 June 2014. doi: 10.1109/DSN.2014.102 Caller ID (caller identification) is a service provided by telephone carriers to transmit the phone number and/or the name of a caller to a callee. Today, most people trust the caller ID information, and it is increasingly used to authenticate customers (e.g., by banks or credit card companies). However, with the proliferation of smartphones and VoIP, it is easy to spoof caller ID by installing corresponding Apps on smartphones or by using fake ID providers. As telephone networks are fragmented between enterprises and countries, no mechanism is available today to easily detect such spoofing attacks. This vulnerability has already been exploited with crucial consequences such as faking caller IDs to emergency services (e.g., 9-1-1) or to commit fraud. In this paper, we propose an end-to-end caller ID verification mechanism CallerDec that works with existing combinations of landlines, cellular and VoIP networks. CallerDec can be deployed at the liberty of users, without any modification to the existing infrastructures. We implemented our scheme as an App for Android-based phones and validated the effectiveness of our solution in detecting spoofing attacks in various scenarios.
    Keywords: Android (operating system); Internet telephony; authorisation; mobile radio; smart phones; Android-based phones; CallerDec; VoIP networks; caller ID information; caller ID spoofing attacks; caller identification; cellular networks; customer authentication; emergency services; end-to-end caller ID verification mechanism; fake ID providers; landlines; smartphones; telephone networks; Authentication; Credit cards; Emergency services; Protocols; Smart phones; Timing; Caller ID Spoofing ; End-user Security (ID#:14-3105)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6903577&isnumber=6903544
  • Chenxiong Qian; Xiapu Luo; Yuru Shao; Chan, A.T.S., "On Tracking Information Flows through JNI in Android Applications," Dependable Systems and Networks (DSN), 2014 44th Annual IEEE/IFIP International Conference on, pp. 180, 191, 23-26 June 2014. doi: 10.1109/DSN.2014.30 Android provides native development kit through JNI for developing high-performance applications (or simply apps). Although recent years have witnessed a considerable increase in the number of apps employing native libraries, only a few systems can examine them. However, none of them scrutinizes the interactions through JNI in them. In this paper, we conduct a systematic study on tracking information flows through JNI in apps. More precisely, we first perform a large-scale examination on apps using JNI and report interesting observations. Then, we identify scenarios where information flows uncaught by existing systems can result in information leakage. Based on these insights, we propose and implement NDroid, an efficient dynamic taint analysis system for checking information flows through JNI. The evaluation through real apps shows NDroid can effectively identify information leaks through JNI with low performance overheads.
    Keywords: Android (operating system); Java; Android applications; JNI; Java Native Interface; NDroid systems; high-performance applications; information flow tracking; Androids; Context; Engines; Games; Humanoid robots ;Java; Libraries (ID#:14-3106)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6903578&isnumber=6903544
  • Kharraz, A.; Kirda, E.; Robertson, W.; Balzarotti, D.; Francillon, A., "Optical Delusions: A Study of Malicious QR Codes in the Wild," Dependable Systems and Networks (DSN), 2014 44th Annual IEEE/IFIP International Conference on, pp.192,203, 23-26 June 2014. doi: 10.1109/DSN.2014.103 QR codes, a form of 2D barcode, allow easy interaction between mobile devices and websites or printed material by removing the burden of manually typing a URL or contact information. QR codes are increasingly popular and are likely to be adopted by malware authors and cyber-criminals as well. In fact, while a link can "look" suspicious, malicious and benign QR codes cannot be distinguished by simply looking at them. However, despite public discussions about increasing use of QR codes for malicious purposes, the prevalence of malicious QR codes and the kinds of threats they pose are still unclear. In this paper, we examine attacks on the Internet that rely on QR codes. Using a crawler, we performed a large-scale experiment by analyzing QR codes across 14 million unique web pages over a ten-month period. Our results show that QR code technology is already used by attackers, for example to distribute malware or to lead users to phishing sites. However, the relatively few malicious QR codes we found in our experiments suggest that, on a global scale, the frequency of these attacks is not alarmingly high and users are rarely exposed to the threats distributed via QR codes while surfing the web.
    Keywords: Internet; Web sites; computer crime; invasive software ;telecommunication security;2D barcode; Internet; URL; Web crawler; Web sites; contact information; malicious QR code; mobile device; optical delusion; phishing sites; Crawlers; Malware; Mobile communication; Servers; Smart phones; Web pages; Mobile devices; malicious QR codes; malware; phishing (ID#:14-3107)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6903579&isnumber=6903544
  • Quan Jia; Huangxin Wang; Fleck, D.; Fei Li; Stavrou, A.; Powell, W., "Catch Me If You Can: A Cloud-Enabled DDoS Defense," Dependable Systems and Networks (DSN), 2014 44th Annual IEEE/IFIP International Conference on, pp.264,275, 23-26 June 2014. doi: 10.1109/DSN.2014.35 We introduce a cloud-enabled defense mechanism for Internet services against network and computational Distributed Denial-of-Service (DDoS) attacks. Our approach performs selective server replication and intelligent client re-assignment, turning victim servers into moving targets for attack isolation. We introduce a novel system architecture that leverages a "shuffling" mechanism to compute the optimal re-assignment strategy for clients on attacked servers, effectively separating benign clients from even sophisticated adversaries that persistently follow the moving targets. We introduce a family of algorithms to optimize the runtime client-to-server re-assignment plans and minimize the number of shuffles to achieve attack mitigation. The proposed shuffling-based moving target mechanism enables effective attack containment using fewer resources than attack dilution strategies using pure server expansion. Our simulations and proof-of-concept prototype using Amazon EC2 [1] demonstrate that we can successfully mitigate large-scale DDoS attacks in a small number of shuffles, each of which incurs a few seconds of user-perceived latency.
    Keywords: client-server systems; cloud computing; computer network security; Amazon EC2; Internet services; attack dilution strategies ;attack mitigation; client-to-server reassignment plans; cloud computing; cloud-enabled DDoS defense; computational distributed denial-of-service attacks; intelligent client reassignment; large-scale DDoS attacks; moving target mechanism; moving targets; network attacks; optimal reassignment strategy; shuffling mechanism; system architecture; turning victim servers; Cloud computing; Computer architecture; Computer crime; IP networks; Servers; Web and internet services; Cloud; DDoS; Moving Target Defense; Shuffling (ID#:14-3108)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6903585&isnumber=6903544
  • Wei Zhang; Sheng Xiao; Yaping Lin; Ting Zhou; Siwang Zhou, "Secure Ranked Multi-keyword Search for Multiple Data Owners in Cloud Computing," Dependable Systems and Networks (DSN), 2014 44th Annual IEEE/IFIP International Conference on, pp.276,286, 23-26 June 2014. doi: 10.1109/DSN.2014.36 With the advent of cloud computing, it becomes increasingly popular for data owners to outsource their data to public cloud servers while allowing data users to retrieve these data. For privacy concerns, secure searches over encrypted cloud data motivated several researches under the single owner model. However, most cloud servers in practice do not just serve one owner, instead, they support multiple owners to share the benefits brought by cloud servers. In this paper, we propose schemes to deal with secure ranked multi-keyword search in a multi-owner model. To enable cloud servers to perform secure search without knowing the actual data of both keywords and trapdoors, we systematically construct a novel secure search protocol. To rank the search results and preserve the privacy of relevance scores between keywords and files, we propose a novel Additive Order and Privacy Preserving Function family. Extensive experiments on real-world datasets confirm the efficacy and efficiency of our proposed schemes.
    Keywords: cloud computing; data privacy; information retrieval; additive order function; cloud computing; data outsourcing; data owners; keywords; multi-owner model; privacy concerns; privacy preserving function; public cloud servers; ranked multi-keyword search security; relevance scores; secure search protocol; single owner model; trapdoors; Cloud computing; Data privacy; Encryption; Keyword search; Privacy; Servers; cloud computing; multiple data owners; privacy and additive order preserving; secure ranked keyword search (ID#:14-3109)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6903586&isnumber=6903544
  • Xiaojing Liao; Uluagac, S.; Beyah, R.A., "S-MATCH: Verifiable Privacy-Preserving Profile Matching for Mobile Social Services," Dependable Systems and Networks (DSN), 2014 44th Annual IEEE/IFIP International Conference on, pp.287, 298, 23-26 June 2014. doi: 10.1109/DSN.2014.37 Mobile social services utilize profile matching to help users find friends with similar social attributes (e.g., interests, location, background). However, privacy concerns often hinder users from enabling this functionality. In this paper, we introduce S-MATCH, a novel framework for privacy-preserving profile matching based on property-preserving encryption (PPE). First, we illustrate that PPE should not be considered secure when directly used on social attribute data due to its key-sharing problem and information leakage problem. Then, we address the aforementioned problems of applying PPE to social network data and develop an efficient and verifiable privacy-preserving profile matching scheme. We implement both the client and server portions of S-MATCH and evaluate its performance under three real-world social network datasets. The results show that S-MATCH can achieve at least one order of magnitude better computational performance than the techniques that use homomorphic encryption.
    Keywords: cryptography; data privacy; mobile computing; social networking (online); PPE; S-MATCH; homomorphic encryption; information leakage problem; key-sharing problem; mobile social services; privacy concerns; profile matching; property-preserving encryption; social attributes; social network data; verifiable privacy-preserving profile matching; Encryption; Entropy; Mobile communication; Servers; Social network services; privacy; profile matching; property-preserving encryption; symmetric encryption (ID#:14-3110)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6903587&isnumber=6903544
  • Jiesheng Wei; Thomas, A.; Guanpeng Li; Pattabiraman, K., "Quantifying the Accuracy of High-Level Fault Injection Techniques for Hardware Faults," Dependable Systems and Networks (DSN), 2014 44th Annual IEEE/IFIP International Conference on, pp.375,382, 23-26 June 2014. doi: 10.1109/DSN.2014.2 Hardware errors are on the rise with reducing feature sizes, however tolerating them in hardware is expensive. Researchers have explored software-based techniques for building error resilient applications. Many of these techniques leverage application-specific resilience characteristics to keep overheads low. Understanding application-specific resilience characteristics requires software fault-injection mechanisms that are both accurate and capable of operating at a high-level of abstraction to allow developers to reason about error resilience. In this paper, we quantify the accuracy of high-level software fault injection mechanisms vis-a-vis those that operate at the assembly or machine code levels. To represent high-level injection mechanisms, we built a fault injector tool based on the LLVM compiler, called LLFI. LLFI performs fault injection at the LLVM intermediate code level of the application, which is close to the source code. We quantitatively evaluate the accuracy of LLFI with respect to assembly level fault injection, and understand the reasons for the differences.
    Keywords: program compilers; program testing; software fault tolerance; system recovery; LLFI; LLVM compiler; error resilience; fault injector tool; hardware faults; software fault-injection mechanisms; software testing; Accuracy; Assembly; Benchmark testing; Computer crashes; Hardware; Registers; Software; Fault injection; LLVM; PIN; comparison (ID#:14-3111)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6903595&isnumber=6903544
  • Hong, J.B.; Dong Seong Kim, "Scalable Security Models for Assessing Effectiveness of Moving Target Defenses," Dependable Systems and Networks (DSN), 2014 44th Annual IEEE/IFIP International Conference on, pp.515,526, 23-26 June 2014. doi: 10.1109/DSN.2014.54 Moving Target Defense (MTD) changes the attack surface of a system that confuses intruders to thwart attacks. Various MTD techniques are developed to enhance the security of a networked system, but the effectiveness of these techniques is not well assessed. Security models (e.g., Attack Graphs (AGs)) provide formal methods of assessing security, but modeling the MTD techniques in security models has not been studied. In this paper, we incorporate the MTD techniques in security modeling and analysis using a scalable security model, namely Hierarchical Attack Representation Models (HARMs), to assess the effectiveness of the MTD techniques. In addition, we use importance measures (IMs) for scalable security analysis and deploying the MTD techniques in an effective manner. The performance comparison between the HARM and the AG is given. Also, we compare the performance of using the IMs and the exhaustive search method in simulations.
    Keywords: graph theory; security of data; HARMs; IMs; MTD; attack graphs; effectiveness assessment; exhaustive search method; hierarchical attack representation models; importance measures; moving target defenses; networked system security; scalable security models; security assessment; Analytical models; Computational modeling; Diversity methods; Internet; Linux; Measurement; Security; Attack Representation Model; Importance Measures; Moving Target Defense; Security Analysis; Security Modeling Techniques (ID#:14-3112)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6903607&isnumber=6903544
  • Mason, S.; Gashi, I.; Lugini, L.; Marasco, E.; Cukic, B., "Interoperability between Fingerprint Biometric Systems: An Empirical Study," Dependable Systems and Networks (DSN), 2014 44th Annual IEEE/IFIP International Conference on, pp.586,597, 23-26 June 2014. doi: 10.1109/DSN.2014.60 Fingerprints are likely the most widely used biometric in commercial as well as law enforcement applications. With the expected rapid growth of fingerprint authentication in mobile devices their importance justifies increased demands for dependability. An increasing number of new sensors, applications and a diverse user population also intensify concerns about the interoperability in fingerprint authentication. In most applications, fingerprints captured for user enrollment with one device may need to be "matched" with fingerprints captured with another device. We have performed a large-scale study with 494 participants whose fingerprints were captured with 4 different industry-standard optical fingerprint devices. We used two different image quality algorithms to evaluate fingerprint images, and then used three different matching algorithms to calculate match scores. In this paper we present a comprehensive analysis of dependability and interoperability attributes of fingerprint authentication and make empirically-supported recommendations on their deployment strategies.
    Keywords: fingerprint identification; image matching; message authentication; dependability attribute; fingerprint authentication; fingerprint biometric system; image quality algorithm ;industry-standard optical fingerprint device; interoperability attribute; matching algorithm; mobile device; biometric systems; design diversity; empirical assessment; experimental results; interoperability (ID#:14-3113)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6903613&isnumber=6903544
  • Hong, J.B.; Dong Seong Kim; Haqiq, A., "What Vulnerability Do We Need to Patch First?," Dependable Systems and Networks (DSN), 2014 44th Annual IEEE/IFIP International Conference, pp.684,689, 23-26 June 2014. doi: 10.1109/DSN.2014.68 Computing a prioritized set of vulnerabilities to patch is important for system administrators to determine the order of vulnerabilities to be patched that are more critical to the network security. One way to assess and analyze security to find vulnerabilities to be patched is to use attack representation models (ARMs). However, security solutions using ARMs are optimized for only the current state of the networked system. Therefore, the ARM must reanalyze the network security, causing multiple iterations of the same task to obtain the prioritized set of vulnerabilities to patch. To address this problem, we propose to use importance measures to rank network hosts and vulnerabilities, then combine these measures to prioritize the order of vulnerabilities to be patched. We show that nearly equivalent prioritized set of vulnerabilities can be computed in comparison to an exhaustive search method in various network scenarios, while the performance of computing the set is dramatically improved, while equivalent solutions are computed in various network scenarios.
    Keywords: security of data; ARM; attack representation models; importance measures; network hosts; network security; networked system; prioritized set; security solutions; system administrators; vulnerability patch; Analytical models; Computational modeling; Equations; Mathematical model; Measurement; Scalability; Security; Attack Representation Model; Network Centrality; Security Analysis; Security Management; Security Metrics; Vulnerability Patch (ID#:14-3114)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6903625&isnumber=6903544
  • Parvania, M.; Koutsandria, G.; Muthukumary, V.; Peisert, S.; McParland, C.; Scaglione, A., "Hybrid Control Network Intrusion Detection Systems for Automated Power Distribution Systems," Dependable Systems and Networks (DSN), 2014 44th Annual IEEE/IFIP International Conference on pp.774,779, 23-26 June 2014. doi: 10.1109/DSN.2014.81 In this paper, we describe our novel use of network intrusion detection systems (NIDS) for protecting automated distribution systems (ADS) against certain types of cyber attacks in a new way. The novelty consists of using the hybrid control environment rules and model as the baseline for what is normal and what is an anomaly, tailoring the security policies to the physical operation of the system. NIDS sensors in our architecture continuously analyze traffic in the communication medium that comes from embedded controllers, checking if the data and commands exchanged conform to the expected structure of the controllers interactions, and evolution of the system's physical state. Considering its importance in future ADSs, we chose the fault location, isolation and service restoration (FLISR) process as our distribution automation case study for the NIDS deployment. To test our scheme, we emulated the FLISR process using real programmable logic controllers (PLCs) that interact with a simulated physical infrastructure. We used this test bed to examine the capability of our NIDS approach in several attack scenarios. The experimental analysis reveals that our approach is capable of detecting various attacks scenarios including the attacks initiated within the trusted perimeter of the automation network by attackers that have complete knowledge about the communication information exchanged.
    Keywords: {computer crime; control engineering computing; embedded systems; fault location; power distribution control; power distribution faults; power distribution protection; power engineering computing; power system security; programmable controllers; DS; FLISR process; NIDS sensors; PLC; automated power distribution systems protection; automation network; communication information exchange; communication medium traffic; controllers interactions;cyber attacks; distribution automation; embedded controllers; fault location isolation and service restoration; hybrid control environment rules; hybrid control network intrusion detection systems; physical infrastructure; real programmable logic controllers; security policies; system physical operation; system physical state evolution; trusted perimeter; Circuit breakers; Circuit faults; IP networks; intrusion detection; Monitoring; Protocols; Power distribution systems; distribution automation; intrusion detection systems; network security (ID#:14-3115)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6903640&isnumber=6903544
  • Gibson, T.; Ciraci, S.; Sharma, P.; Allwardt, C.; Rice, M.; Akyol, B., "An Integrated Security Framework for GOSS Power Grid Analytics Platform," Dependable Systems and Networks (DSN), 2014 44th Annual IEEE/IFIP International Conference on, pp.786,791, 23-26 June 2014. doi: 10.1109/DSN.2014.106 In power grid operations, security is an essential component for any middleware platform. Security protects data against unwanted access as well as cyber attacks. GridOpticsTM Software System (GOSS) is an open source power grid analytics platform that facilitates ease of access between applications and data sources and promotes development of advanced analytical applications. GOSS contains an API that abstracts many of the difficulties in connecting to various heterogeneous data sources. A number of applications and data sources have already been implemented to demonstrate functionality and ease of use. A security framework has been implemented which leverages widely accepted, robust Java TM security tools in a way such that they can be interchanged as needed. This framework supports the complex fine-grained, access control rules identified for the diverse data sources already in GOSS. Performance and reliability are also important considerations in any power grid architecture. An evaluation is done to determine the overhead cost caused by security within GOSS and ensure minimal impact to performance.
    Keywords: Java; application program interfaces; authorisation; middleware; power grids; power system analysis computing; public domain software; API; GOSS power grid analytics platform; GridOptics software system; Java security tools; complex fine-grained access control rules; cyber attacks;I ntegrated security framework; middleware platform; open source power grid analytics platform; power grid architecture; power grid operations; Authentication; Authorization; Organizations; Phasor measurement units; Power grids; jaas; middleware; pmu; power grid; security; smartgrid (ID#:14-3116)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6903642&isnumber=6903544
  • Zhiyuan Teo; Kutsenko, V.; Birman, K.; van Renesse, R., "Ironstack: Performance, Stability and Security for Power Grid Data Networks," Dependable Systems and Networks (DSN), 2014 44th Annual IEEE/IFIP International Conference on, pp.792, 797, 23-26 June 2014. doi: 10.1109/DSN.2014.83 Operators of the nationwide power grid use proprietary data networks to monitor and manage their power distribution systems. These purpose-built, wide area communication networks connect a complex array of equipment ranging from PMUs and synchrophasers to SCADA systems. Collectively, these equipment form part of an intricate feedback system that ensures the stability of the power grid. In support of this mission, the operational requirements of these networks mandates high performance, reliability, and security. We designed Iron Stack, a system to address these concerns. By using cutting-edge software defined networking technology, Iron Stack is able to use multiple network paths to improve communications bandwidth and latency, provide seamless failure recovery, and ensure signals security. Additionally, Iron Stack is incrementally deployable and backward-compatible with existing switching infrastructure.
    Keywords: SCADA systems; computer network performance evaluation; computer network security; feedback; power distribution; power grids; IronStack; PMU; SCADA systems; communication bandwidth; communication latency; cutting-edge software defined networking technology; failure recovery; feedback system; power distribution systems; power grid data network security; power grid data network stability; proprietary data networks; switching infrastructure; synchrophasers; wide area communication networks; Bandwidth; Power grids; Process control; Redundancy; Security; Software; Switches; SDNs; high-assurance computing; network performance; security; software-defined networking (ID#:14-3117)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6903643&isnumber=6903544

Note:

Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to SoS.Project (at) SecureDataBank.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.