Showing papers on "Vulnerability (computing) published in 2000"

State of the Practice of Intrusion Detection Technologies

Abstract: : Attacks on the nation's computer infrastructures are a serious problem. Over the past 12 years, the growing number of computer security incidents on the Internet has reflected the growth of the Internet itself. Because most deployed computer systems are vulnerable to attack, intrusion detection (ID) is a rapidly developing field. Intrusion detection is an important technology business sector as well as an active area of research. Vendors make many claims for their products in the commercial marketplace so separating hype from reality can be a major challenge. A goal of this report is to provide an unbiased assessment of publicly available ID technology. We hope this will help those who purchase and use ID technology to gain a realistic understanding of its capabilities and limitations. The report raises issues that we believe are important for ID system (IDS) developers to address as they formulate product strategies. The report also points out relevant issues for the research community as they formulate research directions and allocate funds.

Buffer overflows: attacks and defenses for the vulnerability of the decade

Abstract: Buffer overflows have been the most common form of security vulnerability for the last ten years. Moreover, buffer overflow vulnerabilities dominate the area of remote network penetration vulnerabilities, where an anonymous Internet user seeks to gain partial or total control of a host. If buffer overflow vulnerabilities could be effectively eliminated, a very large portion of the most serious security threats would also be eliminated. We survey the various types of buffer overflow vulnerabilities and attacks and survey the various defensive measures that mitigate buffer overflow vulnerabilities, including our own StackGuard method. We then consider which combinations of techniques can eliminate the problem of buffer overflow vulnerabilities, while preserving the functionality and performance of existing systems.

Vulnerability assessment and authentication of a computer by a local scanner

Abstract: Providing a user with assurance that a computer is secure based on a vulnerability assessment completed by a browser-compatible scanner operating on the computer. If the scanner finds a vulnerability, the scanner can inform the user that the machine is or may be compromised, or repair the vulnerability. For example, the scanner may be able to repair the vulnerability of the workstation. In the alternative, the scanner can provide the scan results to a network server. If the vulnerability assessment shows that the workstation is compromised, or if the possibility of remote compromise is high, the network server can decline to provide network services to the workstation.

The strategic power infrastructure defense (SPID) system. A conceptual design

Abstract: A power system can become vulnerable for various reasons, these sources of vulnerability are either internal or external to the infrastructure that comprises the power system. Threats from vulnerability sources that are internal to the civil infrastructure may be reduced by decreasing the probability and severity of occurrence through the improved engineering of related systems. On the other hand, threats from vulnerability sources that are external to the infrastructure may be reduced by decreasing the severity of occurrence. To prevent or reduce catastrophic failures and cascading sequences of events caused by the various sources of vulnerability, the Advanced Power Technologies Consortium is researching ways to revolutionize defense strategies and technologies that will significantly reduce the vulnerability of the power infrastructure. Our vision is a wide-area, intelligent, adaptive protection and control system that empowers future grids by providing critical and extensive information in real time, assessing system vulnerability quickly, and performing timely self-healing and adaptive reconfiguration actions based on system-wide analysis. The proposed system is referred to as the strategic power infrastructure defense (SPID) system. The article discusses the conceptual design of the SPID system and the associated technical challenges. The fundamentally important concept is that the SPID system provides self-healing and adaptive reconfiguration capabilities for power grids based on wide-area system vulnerability assessment. Some experts believe that if 0.4% of the load had been shed for 30 minutes, the widespread power outage in the Western United States on 10 August 1996 could have been avoided. The SPID is intended to identify such load-shedding actions in real time based on proposed vulnerability assessment and protection/control systems.

SubDomain: Parsimonious Server Security

Abstract: Internet security incidents have shown that while network cryptography tools like SSL are valuable to Internet service, the hard problem is to protect the server itself from attack. The host security problem is important because attackers know to attack the weakest link, which is vulnerable servers. The problem is hard because securing a server requires securing every piece of software on the server that the attacker can access, which can be a very large set of software for a sophisticated server. Sophisticated security architectures that protect against this class of problem exist, but because they are either complex, expensive, or incompatible with existing application software, most Internet server operators have not chosen to use them.This paper presents SubDomain: an OS extension designed to provide sufficient security to prevent vulnerability rot in Internet server platforms, and yet simple enough to minimize the performance, administrative, and implementation costs. SubDomain does this by providing a least privilege mechanism for programs rather than for users. By orienting itself to programs rather than users, SubDomain simplifies the security administrator's task of securing the server.This paper describes the problem space of securing Internet servers, and presents the SubDomain solution to this problem. We describe the design, implementation, and operation of SubDomain, and provide working examples and performance metrics for services such as HTTP, SMTP, POP, and DNS protected with SubDomain.

Infrastructure Risk Analysis of Municipal Water Distribution System

Abstract: The purpose of this paper is to present an application of the infrastructure risk analysis model to a small municipality. The paper begins by decomposing the water system along the dimensions of function, component, structure, state, and vulnerability, while considering other perspectives such as political, temporal, threat, and economic. Component vulnerability is subjectively assessed in terms of exposure and access. Based on vulnerability analysis and expert opinion, a willfull water contamination attack scenario is developed and then modeled using an event tree. Expected and extreme risk are then measured using exceedence probability. Lastly, alternatives are generated and the results are presented in a multiobjective framework. The methodological framework presented can easily be applied to other critical infrastructure elements and networks.

Trusted and anonymous system and method for sharing threat data to industry assets

Abstract: A system and method serves to anonymously share information about security incidents and vulnerability in corporate and national information infrastructures. The method and system provides for submitting information and categorizing the corresponding data in a secure manner in which the submitting party's anonymity is ensured. A secure facility such as a data center is established that provides for authenticated and, where appropriate, anonymous input, ensuring availability of information associated with threats to industry assets and the available resolutions or solutions. The information may be shared securely through, for example, the World Wide Web, between authorized organizations.

Cyber attacks against supply chain management systems: A short note

Abstract: Supply chain management (SCM) is increasingly dependent on electronic systems. At the same time, the vulnerability of these systems to attack from malicious individuals or groups is growing. This paper examines some of the forms such attacks can take, and their relevance to the supply function. Provides examples of attacks. Concludes that companies should consider the security aspects of electronic commerce before developing their systems.

Protecting the Nation's Critical Infrastructure: The Vulnerability of U.S. Water Supply Systems

Abstract: Terrorism in the United States was not considered a serious threat until the second half of the 1990s. However, recent attacks both at home and abroad have forced government planners to consider the possibility that critical elements of the U.S. infrastructure might in fact be vulnerable to terrorism. The potential for chemical or biological contamination of water supply systems exists along with the possibility that such systems might be sabotaged. This article reviews the threat of biological and chemical compounds in relation to the characteristics of water supply systems. Vulnerability of such systems to terrorist attacks is examined, as well as possible physical and chemical countermeasures that could be applied. A case study is presented of an accidental contamination event that illustrates the difficulty of tracking such events in a drinking water system. It can be concluded that municipal water supplies are vulnerable. However, appropriate physical planning of such systems, including contingency back-up with separate water lines for emergencies, coupled with proactive monitoring, will significantly increase security in the face of possible terrorist attacks.

On the trail of intrusions into information systems

Abstract: The importance of information system security, particularly as it applies to the Internet, is obvious Each day the news media report yet another security breach-sometimes a localized single crime or prank at others, a denial-of-service attack affecting millions of people As electronic commerce becomes increasingly pervasive, the subject can only become more critical One of the more interesting techniques for enhancing information system security is detecting that an intrusion has taken place Although intrusion-detection systems have been a part of the information security landscape for over 25 years, their proper role in the overall security picture is often misunderstood They are not preventative security measures Most often, they are used as active security mechanisms in conjunction with other (passive) information assurance processes like firewalls, smart cards, and virtual private networks In practice, an intrusion-detection system (IDS) attempts to detect attacks or attack preparations by monitoring either the traffic on a computer network or the application or operating system activities within a computer Once such behavior is detected, the IDS may alert a security administrator or it may invoke an automated response (such as closing down external communication paths or initiating a mechanism to trace the source of an attack) If an IDS detects attack behavior soon enough, it might be able to invoke a response to thwart the attack

System and method for assessing the security posture of a network using goal oriented fuzzy logic decision rules

Abstract: A method and data processing system assesses the security vulnerability of a network. A system object model database is created and supports the information data requirements of disparate network vulnerability analysis programs. Only the required data from the system object model database representing the network is imported to the programs, which then analyze the network to produce data results from each program. These data results are stored in a common system model database and within the data fact base. Goal oriented fuzzy logic decision rules are applied to determine the vulnerability posture of the network.

From car bombs to logic bombs: The growing threat from information terrorism

Abstract: The vulnerability of the critical infrastructure has led to increasing concern that it will be the target of terrorist attacks. This article explores definitional aspects of information terrorism and identifies two groups likely to find information terrorism attractive: conventional terrorist groups and information culture groups. As computer sophisticated youth move into the ranks of conventional terrorist groups, the groups will increase their reliance on computer technology, and information terrorism will be incorporated into a hybrid tactical repertoire. Information culture groups, however, confine their attacks to cyberspace. In contrast to the powerful group dynamics of the traditional underground terrorist group, networked groups, particularly information culture terrorists, may only be in contact electronically, and are subject to a radically different group psychology, virtual group dynamics, that significantly affects their decision making and risk taking, and has dangerous security implications.

Intrusion-detection for incident-response, using a military battlefield-intelligence process

Abstract: A network device is considered compromised when one of its security mechanisms is defeated by an attacker. For many networks, an attacker can compromise many devices before being discovered. However, investigating devices for compromise is costly and time-consuming, making it difficult to investigate all, or even most, of a network's devices. Further, investigation can yield false-negative results. This paper describes an intrusion–detection (ID) technique for incident-response. During an attack, the attacker reveals information about himself and about network vulnerabilities. This information can be used to identify the network's likely compromised devices (LCDs). Knowledge of LCDs is useful when limited resources allow only some of the network's devices to be investigated. During an on-going attack, knowledge of LCDs is also useful for tactical planning. The ID technique is based on the US military's battlefield-intelligence process. Models are constructed of the network, as the battlespace. Also, models are constructed of the attacker’s capabilities, intentions, and courses-of-action. The Economics of Crime, a theory which explains criminal behavior, is used to model the attacker's courses-of-action. The models of the network and the attacker are used to identify the devices most likely to be compromised.

Strategic intelligence and networked business

Abstract: The chances of firms achieving, or being subjected to, strategic surprise have escalated with the growth of internetworking technologies and the opportunities these afford for various forms of information warfare (IW) and net terrorism. The more a business depends on sophisticated information systems, the greater its vulnerability to stealth attack. Defensive IW will soon become a necessary cost of doing business. In practical terms, this means identifying mission-critical information assets, conducting threat assessments, implementing information systems security procedures and developing strategic intelligence and counter-intelligence capability.

Distributed Intrusion Detection for Computer Systems Using Communicating Agents

Abstract: This paper appeared in the Proceedings of the 2000 Command and Control Research and Technology Symposium (CCRTS), Monterey, CA, June 11-13, 2000, and won the award for “Best Paper”.

Culture of chaos: Indigenous women and vulnerability in an Australian rural reserve

Abstract: Biographical and ethnographic approaches are used in this thesis to describe the endemic nature of violence experienced by Indigenous women in a Deed of Grant in Trust community. The work, influenced by Paolo Friere's participatory action research model, emphasises that people have a right to participate in the production of knowledge that directly affects their lives. Consequently, the thesis evolved as a reciprocal arrangement with women who operate a safety house and advocacy service for women and children as they struggle for justice and social change.In exchange for assistance with a broad range of community development initiatives including staging events, producing submissions and general correspondence, staff development programs, reports and whatever else needed to be written, the researcher was given a vivid description of the community, its problems and its strengths.The work documents the political, social and economic activities that a small group of Cherbourg women utilise to bring about change and assert their right to live without violence. It describes their membership of an oppressed group, as sole parents largely dependent on the maternal economy and the matriarchs. It narrates the stories of women experiencing violence in various situations especially that induced by alcohol and in the competition for men. It also demonstrates how the absence of male role models creates negative developmental pathways for children and leads sons into early contact with the criminal justice system.

Developing a distributed system for infrastructure protection

Abstract: Your business increasingly relies on computer-controlled systems vulnerable to intrusion and destruction. The recent distributed denial of service attacks against e-commerce companies showed that this vulnerability extends beyond your own corporate networks: the very infrastructure of the Internet is at risk. When infoterrorists use the networks' high connectivity and low security to launch attacks against critical information infrastructure systems, they can not only disrupt global e-commerce and communications, but can also adversely affect other critical infrastructure services such as energy, transportation, health care, finance, and water supply. How can organizations protect these systems from infoterrorism? They must leverage modern information technologies to create an infrastructure protection process that can operate quickly and seamlessly. We propose a six-stage protection process that involves intelligence gathering, analysis, interdiction, detection, response, and recovery. To implement this process, we've designed an underlying Web-like architecture that will serve as a platform for the decentralized monitoring and management of critical infrastructures.

Threat Modeling and Risk Assessment

Abstract: Threat modeling is the first step in any security solution. It’s a way to start making sense of the vulnerability landscape. What are the real threats against the system? If you don’t know that, how do you know what kind of countermeasures to employ?

Thoughts on information operation detection as a nonlinear, mixed-signal identification problem: a control systems view

Abstract: Information operations (IO) are characterized by both the wide range of target/defended system dynamics as well as by the increased complexity of interaction of system components. This paper presents two related notions: 1) higher-level, relatively slow decision support systems can benefit from treating feedback control properties of relatively fast system processes; and 2) IO is a category of decision support systems that requires explicit treatment of the attack detection problem as a mixed-signal identification problem. Such a view of large-scale systems is a control system view since the fundamental characteristic of control system science is the study of feedback loops. The paper asserts that the IO vulnerability/survivability assessment problem is a "system of systems" problem containing feedback loops, discusses detecting IO attacks as a mixed-signal system identification problem, reviews several current design environments which support a "system of systems" approach, and discusses ideas on a testbed framework for conducting experiments to achieve online detection and reaction to IO attacks.

Trapping and Tracking Hackers: Collective Security for Survival in the Internet Age

Abstract: Problems arise because these tools are too often expected to provide broader coverage than their designs permit. The limitations of "prevention" tools are that (1) there is typically a large gap in time between the identification of the vulnerability and the availability of the solution, and (2) partial and faulty deployment resulting in gaps in coverage. Tools for response to individual attacks typically have significant false negative rates (e.g., tunneling through firewalls) or high false positive rates (intrusion detection systems). With these tools, there is also a gap between the onset of new types of attack and when signatures/rules become available to handle them.

Securing DNS and BIND

Abstract: Decreasing the vulnerability of your DNS server is largely a matter of staying current and private.

Seismic Risk Evaluation

Abstract: This paper reports the main results of the EC-ProjectSERGISAI The project developed a computer prototypewhere a methodology for seismic risk assessment hasbeen implemented Standard procedural codes,Geographic Information Systems and ArtificialIntelligence Techniques compose the prototype, whichpermits a seismic risk assessment to be carried outthrough the necessary steps Risk is expressed interms of expected damage, given by the combination ofhazard and vulnerability Two parallel paths have beenfollowed with respect to the hazard factor: theprobabilistic and the deterministic approach Thefirst provides the hazard analysis based on historicaldata, propagation models, and known seismic sourcesThe deterministic approach provides the input forscenarios, by selecting a specific ground motion With respect to the vulnerability factor, severalsystems have been taken into account apart frombuildings, which are usually considered in this typeof analysis Defining vulnerability as a measure ofhow prone a system is to be damaged in the event of anearthquake, an attempt has been made to move from theassessment of individual objects to the evaluation ofthe performance of urban and regional areas Anotherstep towards an approach which can better serve civilprotection and land use planning agencies has beenmade by adapting the analysis to the followinggeographical levels: local, sub-regional and regionalBoth the hazard and the vulnerability factors havebeen treated in the most suitable way for each one, interms of level of detail, kind of parameters and unitsof measure In this paper are shown some resultsobtained in two test areas: Toscana in Italy, for theregional level, the Garfagnana sub-area in Toscana,for the sub-regional level, and a part of the city ofBarcelona, Spain, for the local level

Intrusion Detection System Requirements. A Capabilities Description in Terms of the Network Monitoring and Assessment Module of CSAP21

Abstract: : This paper presents the intrusion detection and vulnerability scanning capabilities that the authors consider necessary for the U.S. Air Force computer network. These capabilities are described as requirements for the Network Monitoring and Assessment (NMA) module of the Computer Security Assistance Program for the Twenty-First Century (CSAP21) architecture. The advantage of this approach is that it provides a global and comprehensive context in which to describe intrusion detection system (IDS) requirements. The authors have adapted and organized requirements derived from a number of sources, including intrusion monitoring practitioners.

Defection detection: using activity profiles to predict ISP customer vulnerability

Abstract: !# $! % #&' #() * + , -.!/ 0 1 .!# 2(3 # 4!# *5 7698 + 5. : #(;! < = 0 ) / 0 + )>@? A BDCFE B= #&' = $! 7 G5. 1(3 # D!2 *!/H JI (K! . $!# . : L 5. 8 2 +!/ + . + M8N! .! 8 < $O :PG 15. Q #&' ; $ 2 5. *8 F R (3 F + SEUTV * * * VO.5 . :(3 $!/ 5 D (V -. ; #&' K! ' 4 5 )P; F U Q $ + F G -. # HW 8X (3 * SO 5 $ K N + < Y(ZI0H N!N6 [, 0 U 5 . 5. \ . . :(3 # :]#[ < U (^ 5. *8 F ^ * = 7 -. _(3 + $P; . RPK ` E_aK-'!# + . * _8 F ^ . 5' *b *8 . cM8N!# . . * :!# * 7 .!/ "! '!# 1!# 7 Y 0 R $! O= H * * . 7 +! * * K(Z G! . 7 .!/ "!:d<5'! Y eI@? A BKCFO0 .! $ N * s5 ‰; * + !# 0 JIŠ '!/ . EX‹G-. s #&' ˆ $! R! "-Œ + * Y eI 5. !# * .!# O) 5. * . s -'!# I $! N 5 + Ž! ' 5 $ !# 7(3 !# 5 4 Ž!\ !# eI (U!# . . $!/ + .  5. 8 +!# * -. Œ8N!# '! 8 < $O_(Z *8 "!/ *  * H #H‘ * . ;8N!/ ` . R ! 8 '!# * . = :(3 < 5 $ , 5 *8 D 0 D .-'!# . ˆ "!# * %(Z U 5 *8 U!# $d<5. Y + L! . 9 < * VE ‹GN! . $!# * sPG + 5. Q-. 4 * . Q $ . M’ “ ” •"–W— –J˜F•"™š (3 F + SE7 , ›e 5 7 -'!# Q "!/ + ! _8 0 R -'!/ # "!# R• ˜ œ"˜F.– (Z 8N!/ + 4!# *5 Gž3 Ÿ#ž3 $žWŸ ¡ ¢*£ 5 ‰/ * + 5 ! R '!/ . KP; IN + < (¤I 5 *8 G 05 + "! ˆ (Z * VE: 1 + 7 -.!# 2 Q(3 $!/ 5 : $!# 5 7 < "! H * + R 5. "-M! 2 ! 5 4!# ' * 0 . . 1 -. 1 5 *8 %8 F + * YI9 -.! ˆ * % 8 * "!# .+ 2 *!/ ¤!# . O P;-. "!# R "!/H Y * .! YI\5 $ 9(Z U $ . (3 F + SE ?e 7 c0 2 F + MPK 4 + * 4 *8 1 '!# F`0 # *5. . * # ¤ ¥2 ! . R -. = .5 + z 8 "!/ + * =(Z ^ * . 5 . ; #&' E^?J 1A FH * ¦i0O_PK 9 9 *5 4 # 1 F $!# 95. 7 #&' 1(Z *8 * + U! 0 Y eI7 + * E=?J NA F + § O PK ; F + U!# ! . $!# * P;-. F UPK U Fc "!# _(3 $!/ 5 _(Z *8 ̈ -. U &. + _ : 5. + , "!# H $! S8 0 ; , U 5. 8 % (Z * VEG?J LA F + L]7PG 9 9 !# "- "-'!# + . * 4PG N(@!# $ ¦ + Ž 8 + 8 < + ! ! .! YI 9 #(2 + 4 '!# 5 ˆ(Z 9! ? A B© * .5 +!# *  (R!M(3 FP 8 + … 5 *8 ;!# ' N * 5' %P; -…!4 + 5. * \ #(z(35 -. 5. ; -'!/ ; . 9 , Q! . $ … ˆ + ; . * . # $E 2. BACKGROUND # + ¥2 F $O*a_‹)«:‹2‰ ^ 0 F . q 0 + G .5 + O -'! z!U 5 *8 '!# K #('!# *5 ^6;8 * 1 +! YH‘5. Q 5 *8 VP;-. U '! IQ!)8 * < I (3 K % *! 7! = ; -. _?e < $Ez?‘ q 5. . q8 0 < z .! $ * * "!# . \ 05. R *5 *8 0 YIL 5. . F + * (Z E # + ¥2 F 4 # 4! !# JI #(% 5 . + Ž . +! O^ -. N (VP;-. "-N ' ,5. -. ; 05.84 F D #( (Z %-. *5 D # $ $!# F8 * < -VE # + ¥2 F 7 *8 QP; Y -¦!\-. 4 #(; -. F 4? A B= 1(Z 78N!# ` H -'!/ *O' 5' 7 -. 2 + . 5 Iˆ$!$

Comprehensive Analysis of the Security Risk of Information System

Abstract: Based on SSE-CMM, by using layer analysis, we give the evaluation method of the information systems，the risk factor and the estimation method of disaster loss.

Development of a Model for Determining the Impact of Password Authentication Practices on Information Security

Abstract: This research focuses on the development of a model for evaluating the human impact that password authentication issues are having on the security of information systems. Through observational analysis, organizational policy, and retrospective analysis, researchers created a model for predicting the vulnerability that a particular set of conditions will have on the likelihood of error in an information system. The methodology for the experiment and analysis of the results are presented. The findings indicate that human error associated with password authentication can be significantly reduced through the use of passwords which are comprised of meaningful data for the user and which meet the information technology community requirement for strength of password. The details of this study are provided as well as the human factors implications in information security.

Contribution Of Space Technologies To FloodManagement: The Example Of The MOSYMProject

Abstract: In order to improve prevention activities related to floods in Romania, a project called MOSYM has been started, aiming at developing a dedicated hydrological information system. In the frame of this project, a method for the development of risk maps will be adapted to the Romanian context and validated on a test river basin. In order to assess the vulnerability of the considered area, this method requires among other data to get information about land use/land cover. This type of information can be generally retrieved from existing documents or collected during field trips. This paper presents an alternative and more extensive approach which consists in deriving land use/land cover information from high resolution satellite imagery. A specific methodology is designed for this purpose in order to put the emphasis on the identification of urban areas which are of major importance for the development of risk maps.

Distributed weakness in virtual private networks

Abstract: The use of virtual private networks is increasing rapidly primarily due to security concerns. As the result of analyzing actual corporate VPN strategies, we identify a common vulnerability we name "distributed weakness in VPNs". Specifically we describe a simple routing attack that can be launched against VPN tunnel endpoints with significant implications. We close with a solution to protect against exploitation of this vulnerability.

Adapting to Survive: Lessons Learned from an Investigation into the Effects of Contextual Change on Information Systems

Abstract: In an effort to create shareholder value in the new frontier opened by a world but volatile economy, organizations have long ago realized that processes, structure and control procedures have to be reconstructed anew. It follows that information systems should be approached not as static artifacts but as dynamic entities able to model the ever-changing organization. In this paper we report of a case study investigating the effects of privatization on the systems of an industrial organization. Our findings illustrate the vulnerability of information systems in turbulent environments, provide insight into the causes of misfit due to contextual change, and establish flexibility as a success variable of contemporary information systems.