Showing papers on "Vulnerability (computing) published in 2015"

Vital Systems Security: Reflexive Biopolitics and the Government of Emergency

Abstract: This article describes the historical emergence of vital systems security, analyzing it as a significant mutation in biopolitical modernity. The story begins in the early 20th century, when planners and policy-makers recognized the increasing dependence of collective life on interlinked systems such as transportation, electricity, and water. Over the following decades, new security mechanisms were invented to mitigate the vulnerability of these vital systems. While these techniques were initially developed as part of Cold War preparedness for nuclear war, they eventually migrated to domains beyond national security to address a range of anticipated emergencies, such as large-scale natural disasters, pandemic disease outbreaks, and disruptions of critical infrastructure. In these various contexts, vital systems security operates as a form of reflexive biopolitics, managing risks that have arisen as the result of modernization processes. This analysis sheds new light on current discussions of the government...

Food security and sustainability: can one exist without the other?

Abstract: Objective To position the concept of sustainability within the context of food security. Design An overview of the interrelationships between food security and sustainability based on a non-systematic literature review and informed discussions based principally on a quasi-historical approach from meetings and reports. Setting International and global food security and nutrition. Results The Rome Declaration on World Food Security in 1996 defined its three basic dimensions as: availability, accessibility and utilization, with a focus on nutritional well-being. It also stressed the importance of sustainable management of natural resources and the elimination of unsustainable patterns of food consumption and production. In 2009, at the World Summit on Food Security, the concept of stability/vulnerability was added as the short-term time indicator of the ability of food systems to withstand shocks, whether natural or man-made, as part of the Five Rome Principles for Sustainable Global Food Security. More recently, intergovernmental processes have emphasized the importance of sustainability to preserve the environment, natural resources and agro-ecosystems (and thus the overlying social system), as well as the importance of food security as part of sustainability and vice versa. Conclusions Sustainability should be considered as part of the long-term time dimension in the assessment of food security. From such a perspective the concept of sustainable diets can play a key role as a goal and a way of maintaining nutritional well-being and health, while ensuring the sustainability for future food security. Without integrating sustainability as an explicit (fifth?) dimension of food security, today’s policies and programmes could become the very cause of increased food insecurity in the future.

Point-and-shoot: rapid quantitative detection methods for on-site food fraud analysis – moving out of the laboratory and into the food supply chain

Abstract: Major food adulteration and contamination events occur with alarming regularity and are known to be episodic, with the question being not if but when another large-scale food safety/integrity incident will occur. Indeed, the challenges of maintaining food security are now internationally recognised. The ever increasing scale and complexity of food supply networks can lead to them becoming significantly more vulnerable to fraud and contamination, and potentially dysfunctional. This can make the task of deciding which analytical methods are more suitable to collect and analyse (bio)chemical data within complex food supply chains, at targeted points of vulnerability, that much more challenging. It is evident that those working within and associated with the food industry are seeking rapid, user-friendly methods to detect food fraud and contamination, and rapid/high-throughput screening methods for the analysis of food in general. In addition to being robust and reproducible, these methods should be portable and ideally handheld and/or remote sensor devices, that can be taken to or be positioned on/at-line at points of vulnerability along complex food supply networks and require a minimum amount of background training to acquire information rich data rapidly (ergo point-and-shoot). Here we briefly discuss a range of spectrometry and spectroscopy based approaches, many of which are commercially available, as well as other methods currently under development. We discuss a future perspective of how this range of detection methods in the growing sensor portfolio, along with developments in computational and information sciences such as predictive computing and the Internet of Things, will together form systems- and technology-based approaches that significantly reduce the areas of vulnerability to food crime within food supply chains. As food fraud is a problem of systems and therefore requires systems level solutions and thinking.

Fast and vulnerable: a story of telematic failures

Abstract: Modern automobiles are complex distributed systems in which virtually all functionality--from acceleration and braking to lighting and HVAC -- is mediated by computerized controllers The interconnected nature of these systems raises obvious security concerns and prior work has demonstrated that a vulnerability in any single component may provide the means to compromise the system as a whole Thus, the addition of new components, and especially new components with external networking capability, creates risks that must be carefully considered In this paper we examine a popular aftermarket telematics control unit (TCU) which connects to a vehicle via the standard OBD-II port We show that these devices can be discovered, targeted, and compromised by a remote attacker and we demonstrate that such a compromise allows arbitrary remote control of the vehicle This problem is particularly challenging because, since this is aftermarket equipment, it cannot be well addressed by automobile manufacturers themselves

Secrecy Wireless Information and Power Transfer: Challenges and Opportunities

Abstract: Wireless information and power transfer (WIPT) enables more sustainable and resilient communications owing to the fact that it avoids frequent battery charging and replacement. However, it also suffers from possible information interception due to the open nature of wireless channels. Compared to traditional secure communications, secrecy wireless information and power transfer (SWIPT) carries several distinct characteristics. On one hand, wireless power transfer may increase the vulnerability of eavesdropping, since a power receiver, as a potential eavesdropper, usually has a shorter access distance than an information receiver. On the other hand, wireless power transfer can be exploited to enhance wireless security. This article reviews the security issues in various SWIPT scenarios, with an emphasis on revealing the corresponding challenges and opportunities for implementing SWIPT. Furthermore, we provide a survey on a variety of physical layer security techniques to improve secrecy performance. In particular, we propose to use massive multiple-input multiple-output (MIMO) techniques to enhance power transfer efficiency and secure information transmission simultaneously. Finally, we discuss several potential research directions to further enhance the security in SWIPT systems.

Current state of research on cross-site scripting (XSS) – a systematic literature review

Abstract: Context: Cross-site scripting (XSS) is a security vulnerability that affects web applications. It occurs due to improper or lack of sanitization of user inputs. The security vulnerability caused many problems for users and server applications. Objective: To conduct a systematic literature review on the studies done on XSS vulnerabilities and attacks. Method: We followed the standard guidelines for systematic literature review as documented by Barbara Kitchenham and reviewed a total of 115 studies related to cross-site scripting from various journals and conference proceedings. Results: Research on XSS is still very active with publications across many conference proceedings and journals. Attack prevention and vulnerability detection are the areas focused on by most of the studies. Dynamic analysis techniques form the majority among the solutions proposed by the various studies. The type of XSS addressed the most is reflected XSS. Conclusion: XSS still remains a big problem for web applications, despite the bulk of solutions provided so far. There is no single solution that can effectively mitigate XSS attacks. More research is needed in the area of vulnerability removal from the source code of the applications before deployment.

A Survey of Industrial Control System Testbeds

Abstract: Conducting security tests such as vulnerability discovery within Industrial Control Systems (ICS) help reduce their vulnerability to cyber attacks. Unfortunately, the extreme availability requirements on ICS in operation make it difficult to conduct security tests in practice. For this reason, researchers and practitioners turn to testbeds that mimic real ICS. This study surveys ICS testbeds that have been proposed for scientific research. A total of 30 testbeds are identified. Most of these aim to facilitate vulnerability analysis, education and tests of defense mechanisms. Testbed components are typically implemented as simulation models. Testbed fidelity is rarely addressed, and at best briefly discussed.

SCLPV: Secure Certificateless Public Verification for Cloud-Based Cyber-Physical-Social Systems Against Malicious Auditors

Abstract: Cyber-physical-social system (CPSS) allows individuals to share personal information collected from not only cyberspace but also physical space. This has resulted in generating numerous data at a user’s local storage. However, it is very expensive for users to store large data sets, and it also causes problems in data management. Therefore, it is of critical importance to outsource the data to cloud servers, which provides users an easy, cost-effective, and flexible way to manage data, whereas users lose control on their data once outsourcing their data to cloud servers, which poses challenges on integrity of outsourced data. Many schemes have been proposed to allow a third-party auditor to verify data integrity using the public keys of users. Most of these schemes bear a strong assumption: the auditors are honest and reliable, and thereby are vulnerability in the case that auditors are malicious. Moreover, in most of these schemes, an auditor needs to manage users certificates to choose the correct public keys for verification. In this paper, we propose a secure certificateless public integrity verification scheme (SCLPV). The SCLPV is the first work that simultaneously supports certificateless public verification and resistance against malicious auditors to verify the integrity of outsourced data in CPSS. A formal security proof proves the correctness and security of our scheme. In addition, an elaborate performance analysis demonstrates that the SCLPV is efficient and practical. Compared with the only existing certificateless public verification scheme (CLPV), the SCLPV provides stronger security guarantees in terms of remedying the security vulnerability of the CLPV and resistance against malicious auditors. In comparison with the best of integrity verification scheme achieving resistance against malicious auditors, the communication cost between the auditor and the cloud server of the SCLPV is independent of the size of the processed data, meanwhile, the auditor in the SCLPV does not need to manage certificates.

Lucky 13 Strikes Back

Abstract: In this work we show how the Lucky 13 attack can be resurrected in the cloud by gaining access to a virtual machine co-located with the target. Our version of the attack exploits distinguishable cache access times enabled by VM deduplication to detect dummy function calls that only happen in case of an incorrectly CBC-padded TLS packet. Thereby, we gain back a new covert channel not considered in the original paper that enables the Lucky 13 attack. In fact, the new side channel is significantly more accurate, thus yielding a much more effective attack. We briefly survey prominent cryptographic libraries for this vulnerability. The attack currently succeeds to compromise PolarSSL, GnuTLS and CyaSSL on deduplication enabled platforms while the Lucky 13 patches in OpenSSL, Mozilla NSS and MatrixSSL are immune to this vulnerability. We conclude that, any program that follows secret data dependent execution flow is exploitable by side-channel attacks as shown in (but not limited to) our version of the Lucky 13 attack.

Taxonomy of attacks on industrial control protocols

Abstract: Industrial control systems (ICS) are highly distributed information systems used to control and monitor critical infrastructures such as nuclear plants, power generation and distribution plants, Oil and Gas and many other facilities. The main architecture principles of ICS are; real time response, high availability and reliability. For these specific purposes, several protocols has been designed to ensure the control and supervision operations. Modbus and DNP3 are the most used protocols in the ICS world due to their compliance with real time needs. With the increasing of the connectivity to the internet world for business reasons, ICS adopted Internet based technologies and most of communication protocols are redesigned to work over IP. This openness exposed the ICS components as well as communication protocols to cyber-attacks with a higher risk than attacks on traditional IT systems. In order to facilitate the risk assessment of cyber-attacks on ICS protocols we propose a taxonomy model of different identified attacks on Modbus and DNP3.the model is based on the threat origin, threat type, attack type, attack scenario, vulnerability type and the impact of the attack. We populate this Taxonomy model with identified attacks on Modbus and DNP3 from previous academic and industrial works.

The (in)security of Topology Discovery in Software Defined Networks

Abstract: Topology Discovery is an essential service in Software Defined Networks (SDN). Most SDN controllers use a de-facto standard topology discovery mechanism based on Open-Flow to identify active links in the network. This paper discusses the security, or rather lack thereof, of the current SDN topology discovery mechanism, and its vulnerability to link spoofing attacks. The feasibility and impact of the attacks are verified and demonstrated via experiments. The paper presents and evaluates a countermeasure based on HMAC authentication.

Information Disclosure and the Diffusion of Information Security Attacks

Abstract: With the nearly instantaneous dissemination of information in the modern era, policies regarding the disclosure of sensitive information have become the focus of significant discussion in several contexts. The fundamental debate centers on trade-offs inherent in disclosing information that society needs, but that can also be used for nefarious purposes. Using information security as a research context, our empirical study examines the adoption of software vulnerabilities by a population of attackers. We compare attacks based on software vulnerabilities disclosed through full-disclosure and limited-disclosure mechanisms. We find that full disclosure accelerates the diffusion of attacks, increases the penetration of attacks within the target population, and increases the risk of first attack after the vulnerability is reported. Interestingly, the effect of full disclosure is greater during periods when there are more overall vulnerabilities reported, indicating that attackers may strategically focus on busy periods when the effort of security professionals is spread across many vulnerabilities. Although the aggregate volume of attacks remains unaffected by full disclosure, attacks occur earlier in the life cycle of the vulnerability. Building off our theoretical insights, we discuss the implications of our findings in more general contexts.

Optimal Keyless Algorithm for Security

Abstract: In Modern era, every business is dependent on the Internet. The Network is growing so quickly that now at this stage no one can ever imagine anything without use of internet. But at the same time security over network is very important because of the vulnerability of data to eavesdropping. To protect the data from eavesdropping, it must be appropriately encrypted before sending over the network. There are two types of algorithms, keyed and keyless, exist to protect data. The keyed algorithms are efficient but to avoid the overhead of key generation and key management, keyless algorithms are getting popularity now days. The proposed algorithm “Optimal Keyless Algorithm for Security” represents a new way of using data itself to create a protective shield. The algorithm provides security at both character level as well as bit level. The number of rounds and the number of shifts applied at bit level are made data dependent to increase the security level, is a major advantage of the algorithm. The system is proposed with the motive to provide highest security level with minimum execution time in terms of encryption and decryption. This paper presents simulation results of proposed algorithm and its comparison with the commonly used JS keyless algorithm. General Terms Security, Cryptography, Key, Keyless, Encryption, Decryption

How Secure Are Printed Circuit Boards Against Trojan Attacks

Abstract: Hardware Trojan attacks at the integrated circuit (IC) level have been studied extensively in recent times. Researchers have analyzed the impact of these attacks and explored possible countermeasures for ICs. However, vulnerability with respect to hardware Trojan attacks at higher levels of system abstraction, e.g., at printed circuit board (PCB) level, have not been reported earlier. Previous studies have covered security of PCBs against piracy and various post-fabrication tampering attacks. JTAG (Joint Test Access Group) and other field programmability features, e.g., probe pins, unused sockets and USB have been extensively exploited by hackers to gain access to internal features of the designs as well as snooping of secret key, collection of test responses, and manipulating JTAG test pins. One instance demonstrated that Xbox can be hacked by disabling the Digital Rights Management (DRM) policy using JTAG. The emerging business model of PCB design and fabrication that favors extensive outsourcing and integration of untrusted components/entities in the PCB life-cycle to lower manufacturing cost, makes hardware Trojan attacks in PCBs highly feasible.

Anomaly detection and privacy preservation in cloud-centric Internet of Things

Abstract: Internet of Things (IoT) concept provides a number of opportunities to improve our daily lives while also creating a potential risk of increasing the vulnerability of personal information to security and privacy breaches. Data collected from IoT is usually offloaded to the Cloud which may further leave data prone to a variety of attacks if security and privacy issues are not handled properly. Anomaly detection has been one of the widely adopted security measures in wired and wireless networks. However, it is not straight forward to apply most of the anomaly detection techniques to IoT and cloud. One of the main challenges is deriving outlier features from the vast volume of data pumped from IoT to the cloud. Other challenges include the large number of sources generating data, heterogenous connectivity and traffic patterns of IoT devices, cloud services being offered at geographically remote places and causing IoT data to be stored in different countries with different legislations. This paper, for the first time, presents the challenges and opportunities in anomaly detection for IoT and cloud. It first introduces the prominent features and application fields of IoT and Cloud, then discusses security and privacy risks to personal information and finally focuses on solutions from anomaly detection perspective.

Network under joint node and link attacks: vulnerability assessment methods and analysis

Abstract: Critical infrastructures such as communication networks, electrical grids, and transportation systems are highly vulnerable to natural disasters and malicious attacks. Even failures of few nodes or links may have a profound impact on large parts of the system. Traditionally, network vulnerability assessment methods separate the studies of node vulnerability and link vulnerability, and thus ignore joint node and link attack schemes that may cause grave damage to the network. To this end, we introduce a new assessment method, called $\beta$ -disruptor, that unifies both link and node vulnerability assessment. The new assessment method is formulated as an optimization problem in which we aim to identify a minimum-cost set of mixed links and nodes whose removal would severely disrupt the network connectivity. We prove the NP-completeness of the problem and propose an $O(\sqrt{\log n})$ bicriteria approximation algorithm for the $\beta$ -disruptor problem. This new theoretical guarantee improves the best approximation results for both link and node vulnerability assessment in literature. We further enhance the proposed algorithm by embedding it into a special combination of simulated annealing and variable neighborhood search method. The results of our extensive simulation-based experiments on synthetic and real networks show the feasibility and efficiency of our proposed vulnerability assessment methods.

Game of information security investment

Abstract: We model an interconnected firm's security investment against two attack types.A high network vulnerability spurs firms to invest less in information security.Liability and security information sharing can motivate firm to invest in security.Both incentives can improve firms' security level and decrease firms' total costs.Both incentives can be extended to the case of three or more firms. The level of firms' information security investment has recently become a critical issue in the management of IT infrastructure. Prior studies have not considered attack types and firms interconnection simultaneously when investigating the optimisation of such investment. Using game theory, we demonstrate that the optimal security investment level of an interconnected firm against targeted attacks is different from that against opportunistic attacks. Our model shows that not all information security risks are worth fighting against. As the potential loss increases, it is unadvisable to increase the security investment proportionately. Firms should increase investments with intrinsic vulnerability when facing target attacks, but focus on those systems that fall into the midrange of intrinsic vulnerability when facing opportunistic attacks. Firms are unwilling to invest in security and often offload reliability problems onto others when the trusted interdependence relationship becomes tighter in the absence of economic incentives. Thus we also discuss two economic incentives to motivate firms: liability and security information sharing. We find that if the rules are set properly, both economic incentives are effective to not only internalise the negative externality and improve a firm's security level, but also reduce the total expected cost. We show that firms' optimal investments of liability always increase with the increasing number of firms, but the optimal investments on security information sharing increase only when the number of firms is large enough. These insights draw attention to many trade-offs firms often face and the importance of accurate assessment of firms' security environment. Future research directions are discussed based on the limitations and possible extensions of this study.

Uncertainty in Regional-Scale Assessments of Non-Point Source Pollutants

Abstract: Assessments of non-point source pollution, with mathematical models designed to produce multicolored maps, are now being used in the decision management arena. This has been possible primarily because of the marriage of solute transport models to geographic information systems that add a geo-referenced dimension to transport models. Albert Einstein said that “everything must be made as simple as possible, but not simpler.” The utility of relatively simple vulnerability maps, which have been produced at regional scales with geographic information system technology, is undermined by significant uncertainties related to model and data errors. In this chapter, the three most commonly used methods for characterizing simulation uncertainties are discussed: sensitivity analysis, first-order analysis, and Monte Carlo analysis. Examples of each method are presented. Contamination of both surface water and groundwater resources is a global environmental concern. Non-point sources (NPS) of contamination, with all the implications of scale and variability (both spatial and temporal), pose, potentially, even greater environmental problems than those from point sources due to long-term stresses imposed across thousands of hectare s (Loague et al., 1996). The increasing availability of geographic information system (GIS) software to those involved in the technical support of land use decisions has resulted in the generation of multicolored management maps for regional targeting and risk

Attribute-Based Safety Risk Assessment. I: Analysis at the Fundamental Level

Abstract: Quantifying safety risks and performing comparative analyses is an emerging research field. Unfortunately, current risk assessment strategies are problematic because they require every new infrastructure feature and construction method to be individually evaluated using laborious research processes. To enhance the current construction safety management methods, an attribute-based risk identification and analysis method is presented that helps designers and preconstruction planners identify and model safety risk independently of specific activities or building components. The inspiration for this new risk management technique was derived from the Human Genome Project, which implies that while there are billions of people around the world, their vulnerability towards specific kinds of disease can be explained by a limited number of genes. This concept for attribute-based risk assessment was adapted by testing the hypothesis that injuries and fatalities in construction result from a finite number of ...

An overview of insider attacks in cloud computing

Abstract: Cloud computing offers the potential for significant cost reductions and increased agility for users. However, security concerns continue to be raised as a potential barrier to uptake for private, community and public clouds. A report from the European Network and Information Security Agency on the Priorities for Research on Current and Emerging Network Technologies highlighted trusted cloud models as one of its top priorities for further research. More recently-September 2012-Carnegie Mellon University's computer emergency response team have released a paper describing insider threats to cloud computing as a direction for new research. Further, a project completed at the University of Warwick in 2010 investigated security aspects of cloud computing and in particular the potential for cascade effects. This research involved a detailed modelling of the threat and vulnerability landscape, including the incentives and motivations that might drive attackers. One of the conclusions is that insider threats potentially pose the most significant source of risk. This paper presents the progress made on furthering this research by investigating what attacks are available to insiders together with the damage and implications of such attacks. Copyright © 2014 John Wiley & Sons, Ltd.

Cracking App Isolation on Apple: Unauthorized Cross-App Resource Access on MAC OS~X and iOS

Abstract: On modern operating systems, applications under the same user are separated from each other, for the purpose of protecting them against malware and compromised programs. Given the complexity of today's OSes, less clear is whether such isolation is effective against different kind of cross-app resource access attacks (called XARA in our research). To better understand the problem, on the less-studied Apple platforms, we conducted a systematic security analysis on MAC OS~X and iOS. Our research leads to the discovery of a series of high-impact security weaknesses, which enable a sandboxed malicious app, approved by the Apple Stores, to gain unauthorized access to other apps' sensitive data. More specifically, we found that the inter-app interaction services, including the keychain, WebSocket and NSConnection on OS~X and URL Scheme on the MAC OS and iOS, can all be exploited by the malware to steal such confidential information as the passwords for iCloud, email and bank, and the secret token of Evernote. Further, the design of the app sandbox on OS~X was found to be vulnerable, exposing an app's private directory to the sandboxed malware that hijacks its Apple Bundle ID. As a result, sensitive user data, like the notes and user contacts under Evernote and photos under WeChat, have all been disclosed. Fundamentally, these problems are caused by the lack of app-to-app and app-to-OS authentications. To better understand their impacts, we developed a scanner that automatically analyzes the binaries of MAC OS and iOS apps to determine whether proper protection is missing in their code. Running it on hundreds of binaries, we confirmed the pervasiveness of the weaknesses among high-impact Apple apps. Since the issues may not be easily fixed, we built a simple program that detects exploit attempts on OS~X, helping protect vulnerable apps before the problems can be fully addressed.

Computer system for distributed discovery of vulnerabilities in applications

Abstract: In one aspect, the disclosure provides: A method comprising: inviting a distributed plurality of researchers to participate in one or more computer vulnerability research projects directed to identifying computer vulnerabilities of one or more networks and/or computers that are owned or operated by a third party; assessing reputation and skills of one or more of the researchers, and accepting a subset of the researchers who have a positive reputation and sufficient skills to perform the investigations of the computer vulnerabilities; assigning a particular computer vulnerability research project, relating to a particular network under test, to a particular researcher from among the subset of the researchers; using a computer that is logically interposed between the particular researcher and the particular network under test, monitoring communications between the particular researcher and the particular network under test, wherein the communications relate to attempting to identify a candidate security vulnerability of the particular network under test; validating a report of the candidate security vulnerability of the particular network under test that is received from the particular researcher; determining and providing an award to the particular researcher in response to successfully validating the report of the candidate security vulnerability of the particular network under test that is received from the particular researcher.

A Car Hacking Experiment: When Connectivity Meets Vulnerability

Abstract: Interconnected vehicles are a growing commodity providing remote access to onboard systems for monitoring and controlling the state of the vehicle. Such features are built to facilitate and strengthen the owner's knowledge about its car but at the same time they impact its safety and security. Vehicles are not ready to be fully connected as various attacks are currently possible against their control systems. In this paper, we analyse possible attack scenarios on a recently released all-electric car and investigate their impact on real life driving scenarios. We leverage our findings to change the behaviour of safety critical components of the vehicle in order to achieve autonomous driving using an Open Vehicle Monitoring System. Furthermore, to demonstrate the potential of our setup, we developed a novel mobile application able to control such vehicle systems remotely through the Internet. We challenge the current state-of-the-art technology in today's vehicles and provide a vulnerability analysis on modern embedded systems.