future of security

CIT 380: Securing Computer Systems Slide #1

CIT 380: Securing Computer Systems

Future of Security


Topics

1. Future Threats

2. Security in Hardware

3. Software Security

4. Economics of Security

5. Security and Usability

6. Privacy


Increasing Attack Sophistication


More Data Breaches


Threats: MalwareChinese honeypot project collected malware

– 2000-4000 samples/day from botnetsFor samples seen the first time,

– 5 of 9 anti-virus detected 70% or less.– 1 anti-virus (Kaspersky) detected 92%

For samples 30 days old,– No anti-virus detected more than 94%

Botnet activities– 28% spreading to new victims– 25% DDOS– 10% information theft– 14% self-update


Threats: Virtual Attacks• Second Life denial of service attack Nov 19

– Rings multiplied when interacted with.– Heavy database load resulted in DoS attack.

Threats: Virtual Attacks

• Third attack since September 2006.

• Incident response faster than in prior attacks.



Threats: Offline ImpactDavis-Besse nuclear power plant

Slammer infected Plant Process Computer and Safety Parameter Display System (Jan 2003.)

Analog backups unaffected.Infected contractor’s network, then moved through T1

line that bypassed plant firewall.Seattle 911 system

Slammer disabled computer systems.Dispatchers reverted to manual systems.

2003 BlackoutBlaster infected First Energy systems.


Threats: Spear Phishing

• Context-aware phishing attacks

• Establish credibility by knowledge of data– Use personal data from social networks.– Use stolen data from Monster.com, TJMaxx.– IU study, 72% responded to targeted attack, only

16% responded to msg from a random IU user.

Threats: Spear Phishing

• Create an opportunity– DoS user account with too many failed logins.– Contact user to help them “fix” the problem.



Threats: Vishing

Voice Phishing– Send e-mail with phone number. Call into

software voice mail system which uses recordings of real bank’s voice mail system.

• Free PBX software makes this easy to do.

• E-mails are targeted, including customer’s name.

Threats: Vishing

– Call victims directly using VOIP for cheap, anonymous international calls.

• Caller-ID spoofing.

• Attacker often knows CC number, wants 3-digit.



Underground Economy

Specialization and division of labor– Botherd (Botnet manager/renter)– Developer– Phishers and Spammers– Cashers and Confirmers

Marketplaces– $500 for CC number + PIN– $80-300 for personal info (SSN, etc.)– Millions of CCs, bank accounts, IDs traded.


Hardware Security: Biometrics

Biometrics will become more common.– Laptop fingerprint readers to login.– USB drive fingerprint readers to access.– Voice print / eye scan used to login.– Disney: fingerprint-based TicketTag system– Fingerprints used to check nightclub goers.


Hardware Security Features1. Memory Curtaining

Hardware-enforced memory protection to prevent programs from accessing each others’ memory, including OS.

2. Secure I/OSecure path from keyboard to application that cannot be snooped on by keyloggers or spyware.

3. Sealed Storage1. Generates keys based on program + hardware.2. Only that program on that computer can access data.

4. Remote AttestationHardware generation of certificate attesting to identity of software that currently runs on PC.


Problems with Remote Attestation

Core Problem– If third parties know what software you’re

using, they can refuse to interact with you if you’re running software they don’t want.

Examples– Web sites could force you to run IE.– Of a specific version vulnerable to their

adware.– Vendor lock-in: prevent interoperability of IM

clients or Samba with Windows servers.


Software Security

The problem with security: Bad design, code.

Trinity of Trouble will expand– Connectivity: business critical processes will use

wireless networking.– Complexity: software will continue to get larger.– Extensibility: more mobile code will be used,

and SOA will be used for extensibility on server side.


Economics of Security

The problem with security: Bad incentives.– Systems are especially prone to failure when

security person doesn’t experience cost of failure.

– Security problems are an externality.– Security techniques can distort markets (DRM.)– Hidden costs of ownership

• $99 MS Windows + $99 Antivirus, firewall, etc.


Security IncentivesBanks

– In US, banks liable for ATM fraud.• There is relatively little ATM fraud in US.

– In UK, customers liable for ATM fraud.• Banks ignored security since customer complaints

were assumed to be lies or mistakes.Medical Records

– Medical providers dislike security because it requires time and limits sharing.

– Patients want their medical records private.

Security IncentivesHome Users

– Should you pay for antivirus software when the virus likely won’t damage your data but instead attack someone else?



Security as Externality

Externality: Cost or benefit of an economic transfer that someone who is not a party to the transaction bears, e.g. air pollution, vaccination.

Security attacks often result in externalities.– Backscatter from DDOS attacks.– Botnet that does little damage to zombie PC can

do extensive damage to its targets.


Network Externality

Network externality: the more users a network has, the more valuable it is.– Compatibility is more important

than security in building a market.

– Excessive security (DRM) can allow dominant player to lock in users.

Problem: How to migrate to more secure network protocols?


Security and Markets: Asymmetric Information

The Market for Lemons– Ex: Used Car Market

• 50 good used cars worth $3000.

• 50 lemons worth $1000 each.

• Sellers know the difference, buyers do not.

• What will price will the market bear?

– Software market suffers from info asymmetry.


Security and Markets: Insurance

Computer security rarely applies insurance.– Different organizations IT risk is correlated

with other organizations. A Microsoft Windows virus is like a major hurricane, affecting many networks at once.

– Software vendors aren’t responsible for risk of vulnerabilities in their software. Who would insure them if they were?


Security and Markets: DRM

Security technologies can distort markets.– Infinite supply of digital goods drives price to 0.– Copyright grants limited monopolies to prevent.– DRM gives owners complete market control.

• Eliminate resale.

• Eliminate transfer to other media.

• Eliminate any use owner dislikes.


Economics of Privacy

Tech increases ability to discriminate prices.– Data mining can be used to individuals’

willingness to pay.– Features can be disabled easily to create a range

of product prices to extract the most money.– Complex, changing prices for airlines,

software.

Economics of Privacy

Data breach law gives incentive for privacy.– Stock prices fall after data breaches revealed.



Security and Usability

The problem with security: Bad interfaces.– Semantic attacks such as phishing depend on

difference between how user perceives communication and the actual effect of the communication.

– How can we bridge the gap between user’s mental model and the model of how systems actually work?


Security and Usability

passpet

• http://passpet.org/


Figure 2. Passpet


Future of Privacy: Tracking

The problem with privacy: Computers.

Portable computing devices => tracking– Cell phone: current location, path travelled– RFID tags

Ubiquitous video cameras => tracking– Average Londoner has picture taken 300/day


Future of Privacy: Wholesale Surveillance

Don’t look at a suspicious person, look at everyone.– NSA phone/email surveillance; Echelon– Satellite photography– Cameras + OCR track license plates in London.– Auto toll-pay systems and cell phones track cars.– Credit card and Paypal purchases

Quantity has a Quality all its own– Changes balance between police power and rights of the

people.– Past compromises: random license plates instead of

owner’s name.


References1. Ross Anderson and Tyler Moore, “Economics of Security,” Science, Oct 27, 2006.2. Team Cymru, “The Underground Economy: Priceless,” USENIX,

http://www.usenix.org/publications/login/2006-12/openpdfs/cymru.pdf, 2006.3. Jason Franklin and Vern Paxson, “An Inquiry into the Nature and Causes of the Wealth

of Internet Miscreants,” ACM CCS, http://www.cs.cmu.edu/~jfrankli/acmccs07/ccs07_franklin_eCrime.pdf, 2007.

4. Robert Lemos, “Second life plagued by 'grey goo' attack,” The Register http://www.theregister.co.uk/2006/11/24/secondlife_greygoo_attack/, Nov 24, 2006.

5. Gary McGraw and Greg Hoglund, Exploiting Software: How to Break Code, Addison-Wesley, 2004.

6. Peter Neumann, (moderator), Risks Digest, http://catless.ncl.ac.uk/Risks/7. Bruce Schneier, Beyond Fear, Copernicus Books, 2003.8. Bruce Schneier, “Future of Privacy,”

http://www.schneier.com/blog/archives/2006/03/the_future_of_p.html, 2006.9. Seth Schoen, “Trusted Computing: Promise and Risk,”

http://www.eff.org/Infrastructure/trusted_computing/20031001_tc.php, 2003.10. Jon Schwartz, “Phishing attacks now using phone calls,” USA Today, Nov 26, 2006.11. Ken Thompson, “Reflections on Trusting Trust”, Communication of the ACM, Vol. 27, No. 8,

August 1984, pp. 761-763 (http://www.acm.org/classics/sep95/)12. Jianwei Zhuge et. al., “Characterizing the IRC-based Botnet Phenomenon,”

http://honeyblog.org/junkyard/reports/botnet-china-TR.pdf, 2007.

future of security

Documents