CS计算机代考程序代写 scheme database deep learning IOS android distributed system fuzzing AI algorithm 11. Emerging Security Issues

11. Emerging Security Issues

Emerging Security Issues

CITS3004
Alvaro Monsalve

1

1. Cloud Computing CITS5503
2. Internet Of Things (IoT) CITS5506
3. Software Defined Networks
4. Vehicle security
5. Mobile security

Agenda

2

1. What is a cloud?

Client – Server Model

IBM says

“Cloud computing, often referred
to as simply “the cloud,” is the
delivery of on-demand computing
resources — everything from
applications to data centers — over
the internet on a pay-for-use basis.”

What is a cloud?

• Consumer
• Provider
• Carrier
• Auditor
• Broker

5

The Cloud

NIST the cloud architecture

• Public
– General public
– Over the Internet
– Via a Web service interface on Pay-as-you-go
– Large pools of scalable resources

• Private
– Hosted within an organization’s infrastructure and premises
– Users are in some form of relationship with cloud owner
– Via a Web service interface
– Behind the organization’s firewall

• Hybrid
– Combines resources of both public and private clouds. 6

Cloud Models

7

Cloud Models

Cloud users normally “trust” cloud service providers
with their data like they trust banks with their money

– Greg Papadopoulos, Sun Microsystems-

8

Cloud Security

• Access Control:
– Compromised user accounts
– Cloud providers spends on ’Strong’ Access Control Regimes:

• Amazon Identity and Access Management (IAM):
– Multiple Users-Role model for one Amazon account.

• Azure Security Center:
– Cloud Security State
– Security Policy-driven monitoring
– Firewalls, malwares
– Threat intelligence and expertise insights into events

• Rackspace:
– RSA Cloud Authentication Service, Auth
– Single Sign-On: Once user is authenticated, they can create/delete containers and

objects
9

Cloud Security –
Access Control

• Multifactor
Authentication
(MFA)

• Centralised Access
Control Policies

• Single Sign-On
• LDAP directory

10

Cloud Security –
Access Control

• Hypervisor:
– Virtual Machine Manager
– Runs guest operating systems that act as servers
– Piggybacks on a kernel program
– Runs on the core physical machine

• Security of the hypervisor involves the security of:
– Underlying kernel program
– Underlying physical machine,
– The physical server
– Individual virtual operating systems
– Anchoring virtual machines.

11

Cloud Security of Data
and Applications

12

Hypervisor Types

Type 1 Type 2

13

Hypervisor Vulnerabilities

• Paper “SubVirt: Implementing malware with virtual
machines,”[*] demonstrated
– the use of a type of malware, named virtual machine-based

rootkit (VMBR),
– Install a virtual machine monitor underneath an existing

operating system and
– Hoist the original operating system into a virtual machine
– Demonstrated a malware program that started to act as its own

hypervisor under Windows
[*] 2006, Samuel T. King, Peter M. Chen, Yi-Min Wang, Chad Verbowski, Helen J. Wang, and Jacob R. Lorch

• Host Security:
– Through hosts such as workstations, a user gains access to

the virtual machine system,
– Two problems are encountered here:

• Escape-to-hypervisor vulnerabilities—that allow intruders to
penetrate the virtual machine from the host

• Escape-to-host vulnerabilities—that allow vulnerabilities in the
virtual machine to move to the hosts

14

Cloud Security of Data
and Applications

• Many of the existing security controls can be enforced to
enhance the security of the cloud
– See lectures in weeks 7 ~ 9

• But should also consider the new attack surface arising from
the new networking design
– i.e., how we manage, process and transfer data and controls

15

Cloud Security

• Service-Level Agreements (SLAs):
– Security depends on the used tier of service:

• IaaS: security responsibilities are shared between the provider
(physical, environmental, and virtualization security) and the
client (applications, operating system, and others).

• SaaS: the provider is responsible for almost every aspect of
security.

16

Cloud Security SLAs

• Clouds are either public, community, or hybrids
• Businesses that deal with personal data must comply:

– The Federal Information Security Management Act of 2002
(FISMA)

– The Health Insurance Portability and Accountability Act of 1996
(HIPAA)

– Data Protection Directive
– The Payment Card Industry Data Security Standards (PCI DSS)

17

Cloud Security Compliance

• Other Concerns with the cloud security
– Hacked interfaces and APIs
– Exploited system vulnerabilities
– Malicious insider
– Service abuse
– DoS attack
– Sovereignty

18

Cloud Security

• Example of a Research Question
– There are multiple cloud users using the cloud resources

for different purposes.
– Different cloud users have different security requirements.
– What is the best way to optimise the security of the cloud?

19

Cloud Security Research

It is a Smart Environment that is made up of an interconnection
of sensing and actuating devices providing the ability to share
information across platforms through a unified framework,
developing a common operating picture for enabling innovative
applications. This smart environment is achieved by seamless
ubiquitous sensing, data analytics, and information
representation with cloud computing as the unifying framework

P. Guillermin and P. Friess

20

2. Internet of Things

P. Guillemin and P. Friess in their paper “Internet of things strategic research roadmap,” as part of the Cluster of European Research Projects

21

Internet of Things

• Diversity Challenges:
– Devices
– Service
– Protocols

• Governance questions:
– Who owns the data?
– Where is the data of your device going to?
– What is the data going to be used for?
– What happened with combined data of your device and a passing car?
– What about your medical data?

22

IoT Challenges

• Channel-based Security:
– Overhead of establishing a secure channel (authentication rounds)
– Maintain channel state until is closed
– No data delivery guarantee

• Insufficient Authentication/authorization
– Use of weak and simple passwords, i.e. admin123.

23

IoT Security

• Lack of Transport Encryption:
– No encryption on the transferred data

• Insecure Web/Mobile Interface:
– Use of bridging communication protocols
– Device management schemes

• Management Vulnerability:
– High heterogeneity and complexity
– Lack of scalable management schemes

24

IoT Security

• Computational Constraints
– Constrained devices
– Low-power devices
– Running unsecure communication protocols

• Trust Relationships:
– Are IoT new entities (new ontologies)?
– How to endow identity, connectivity, intelligence, and agency
– Questions of social, ethical and legal nature with security impact

• DoS attacks
• Etc…

25

IoT Security

• Some Research Questions
– How to assess the shifting attack surface when IoT devices

move?
• Mobile IoT devices will connect to alternative connections points

(access points or peer devices).

– How to provide resiliency in an open environment?
• E.g., field deployment of IoT sensors for agricultural use

26

IoT Security Research

• Software Defined Networking
– Existing network allow the routers to make decisions on its own

based on what it can observe
– Often leads to a greedy decisions, which could not be optimal as

a whole network operation
– To address this issue, we can create a centralised control by

separating the controls from individual routers
– The routers now only have to forward packets based on the

rules provided by the controller
• i.e., do not have to make decisions on its own

27

3. SDN

28

SDN Architecture
(Smart Grid Example)

Kim, J. and Filali, F. and Ko, Y.; “Trends and Potentials of the Smart Grid Infrastructure: From ICT Sub-System to SDN-Enabled Smart Grid Architecture”, Journal of Applied Sciences, pp 706-727, 2015

• Switches are deny by default
• Flows are the rules that allow traffic to be forwarded
• Legacy control plane vulnerabilities are removed
• MAC table spoofing and BPDU spoofing are no longer possible
• Provide network owner with device and conversation visibility
• Control over

– what devices can connect,
– where those devices can connect
– what conversations each device can have

29

SDN Security Advantages

• Threat vectors arising from SDN
1. Forged or faked traffic flows
2. Attacks on vulnerabilities in switches
3. Attacks on control plane communications
4. Attacks on and vulnerabilities in controllers
5. Lack of mechanisms to ensure trust between the controller

and management applications
6. Attacks on and vulnerabilities in administrative stations
7. Lack of trusted resources for forensics and remediation

30

SDN Security

Kreutz, Diego, Fernando Ramos, and Paulo Verissimo. “Towards secure and dependable software-defined networks.” Proceedings of the second ACM SIGCOMM workshop on Hot topics in
software defined networking. ACM, 2013.

31

SDN Security

Kreutz, Diego, Fernando Ramos, and Paulo Verissimo. “Towards secure and dependable software-defined networks.” Proceedings of the second ACM SIGCOMM workshop on Hot topics in
software defined networking. ACM, 2013.

• We have to provide security for the new attack
surface of the SDN

• But we can also utilise SDN functionalities to
implement new security features
– E.g., moving target defense

• Flow redirection

32

SDN Security

• Example Research Question
– How to filter malicious applications from the application

layer?
– Multiple SDN controllers can be used for network

managements. How to identify malicious SDN controller
and revoke its control on the data plane?

– How to securely communicate from the data plane to the
control plane?

33

SDN Security

• Formulate the Shuffle Assignment Problem (SAP) [1]
• Solve by optimally reconfiguring the network topology to maximise

the network security

• develop a heuristic algorithm to address the scalability issue with a
near-optimal solution

• Design an online MTD mechanism

MTD using SDN

What do we mean by maximise security?

[1] J. Hong, S. Yoon, H. Lim, D. Kim, “Optimal Network Reconfiguration for Software Defined Networks using Shuffle-based Online MTD”, IEEE 36th Symposium on Reliable
Distributed Systems 2017

Toy Example

Public
Cloud

App
server 3

App
server 1

An Attacker

Web
server 3 App

server 2

Private
Cloud

SDN Controller Programmable
Switch

Database
server

Enterprise
Data Center

Web
server 1 Web

server 2

SDN Controller

Programmable
Switch

Linux-
based OS

Windows-
based OS

FreeBSD-
based OS

Key
Enterprise Network

Toy Example

Linux

Windows

FreeBSD

Key
WS1

WS3

AS1

AS2

WS2

AS3

Attacker

DS

Attacker -> WS1 -> AS1 -> AS2 -> Target
Attacker -> WS1 -> WS2 -> AS3 -> Target
Attacker -> WS2 -> AS3 -> Target
Attacker -> WS3 -> AS3 -> Target

Compromising any one of variants (Linux or Windows) can lead to the target

Things to consider:
How many
variants can we
have?

target

Shuffle in SDN

Have to compromise both variants as well!
In Cloud SDN we can change the routing table without too much overhead.
This approach does not need preinstalled OSes or reassignment of the Oses
(similarly, variants of any types).

Things to consider:
How to go from
scenario 1 to
scenario 2?

WS1

WS3

AS1

AS2

WS2

AS3

Attacker

DS

Shuffle in SDN

WS1

WS3

AS1

AS2

WS2

AS3

Attacker

DS

1. For each node connected to another node with the same variant, try
connecting to other node with different variant where allowed

2. Try step 1 for all combinations of nodes.

We will consider either removing or reconnecting in this method.

Problems with bruteforce

• Solving the shuffle assignment problem has an exponential
computational complexity.

• So the bruteforce method is impractical!
• To improve this scalability problem of SAP, they proposed a heuristic

algorithm, which provides a practical approach with near-optimal
solutions.

Heuristic algorithm

• Steps are as follows:
1. Identify all bad segment of edges, which are sequences of nodes connected

with a single variant.

2. For all identified bad segment of edges, reassign an edge to a node that has a
different variant.

3. Repeat until all bad segment of edges are removed or the threshold limit has
been reached.

Heuristic algorithm

WS1

WS3

AS1

AS2

WS2

AS3

Attacker

DS

• We have 2 bad segment of edges.

We reconnect each bad segment of edges (some reconnections are violation to the
network, in which case the reconnection is ignored).

Other option is to remove the edge and check for connectivity. However, this was
not considered.

Online MTD mechanism

• There are multiple network reconfiguration scenarios that yields
the same security properties when solving SAP (i.e., different
network scenarios with the same Expected Path Variant).

• We collect those network scenarios, and the network is
continuously changed to any of those scenarios as a defense
mechanism (attack events (reactive) or timely manner (proactive)).
– This defeats the static nature of networks exposed to the attackers.

• They also consider topological distance between our selected
network scenarios, because when shuffled, similar network
scenario yields similar attack scenarios.

Online MTD mechanism

Initial Network
A set of
DNRSesSolve SAP

(Heuristic)

Select k-set of
DNRSes

Calculate
Topological

Distance

Network
Reconfiguration Randomly

select
a DNRS

Select Counter-
measure DNRS

No

Yes

Deploy
Countermeasure

SAP

Active Mode

Reactive Mode

Attack
Detected?

Topological Distance
Metric

WS1

WS3

AS1

AS2

WS2

AS3

Attacker

DS

WS1

WS3

AS1

AS2

WS2

AS3

Attacker

DS

WS1

WS3

AS1

AS2

WS2

AS3

Attacker

DS

• New attack vectors
– In conjunction to the existing ones, which need to

evaluated for their effects on the system/network

• New capabilities
– Provide functionalities to implement new security

solutions

45

Emerging Networks Research

• Smart vehicles can connect to the internet and/or
communicate with nearby vehicles
– Autonomous/self driving cars
– Surrounding awareness and safety
– Directions and navigations
– Cabin control
– Etc…

46

4. Vehicle Security

• However, in-Vehicle Network is not very secure.
– In-vehicle lacks security features
– No authentication of nodes in the in-vehicle network
– Remote car control/hacking

• https://youtu.be/zurrQiETDHA

47

Vehicle Security

Lee, H. and Jeong, S. and Kim, H.; “OTIDS: A Novel Intrusion Detection System for In-vehicle Network by using Remote Frame”, in Proc. of PST 2017

• Controller Area Network (CAN) security
– Smart vehicles use CAN for communicating controls
– Different IDs are assigned to different controls
– Values associated with each ID defines the action of the

control
– Different vehicles have different IDs and action values

48

Vehicle Security

• Attackers can send malicious control CAN packets
– No/Lack of authentication/permission check

• Does not check the source of the message
• Vulnerable to fuzzing attacks

– No integrity check at the network level
• Allows any new node to be connected to the CAN bus
• Vulnerable to impersonation or replay attacks

– So many different ways to insert malicious packets…
49

Vehicle Security

• Computer vision aids autonomous/self driving cars to make decisions on
the road

• Machine Learning is used to correctly identify objects on the road,
including road signs. E.g., a stop sign.

• Attackers can add noise to the image processing step (perturbation).

50

Vehicle Security

N. Akhtar and A. Mian, “Threat of Adversarial Attacks on Deep Learning in Computer Vision: A Survey,” in IEEE Access, vol. 6, pp. 14410-14430, 2018.
doi: 10.1109/ACCESS.2018.2807385

These images are
misclassified!

• Some Research Questions:
– How to secure the communication between untrusted

agents (vehicles)?
• Centralised or Decentralised Solutions

– How to sense the environment?
• Sensor development: Lidar, Cameras
• AI recognition technologies

51

Vehicle Security Research

• Mobile devices are used widely
– Around 6.37 billion number of mobile phones being used 20211

– 56% IOS, 43% IOS, 1% Others2 in the USA
– 3.48 million android apps
– 2.2 million IOS apps

• Do we provide sufficient security to mobile devices?

52

5. Mobile Platform

1https://www.statista.com/statistics/330695/forecast-of-mobile-phone-users-worldwide/
2https://www.bankmycell.com/blog/how-many-phones-are-in-the-world

53

Mobile Security

McAfee Mobile Threat Report 2021. url: https://www.mcafee.com/content/dam/global/infographics/McAfeeMobileThreatReport2021.pdf

• Success in market translates to being a larger target
– More and more vulnerabilities are found1

• Attacks through the App Store and Google Play

• More and more issues are found as time passes.

54

Mobile Security

1http://www.foxnews.com/tech/2016/08/25/apple-issues-iphone-security-update-after-spyware-discovery.html

55

Mobile Security

@AndroidMalware on Facebook

• A variety of issues, including:
– Trojans

• Distributed via SMS or links on popular social media sites
– Billing Fraud

• Unwanted Subscriptions
– Malvertising

• Including SMS
• Covid 2020 SMS Worm

– Malicious Code
• Inserted during update when scrutiny is lessened
• Access to services and messaging controls
• Android/Etinu on Google Play: Steal SMS after Update

56

Mobile Security

• Issues (continued):
– Secure data storage

• Example: Starbucks mobile app stored usernames, email addresses,
and passwords in clear text1

– Unintended data leakage
• Example: Angry Birds game collected personal data, which was

skimmed by both other businesses and US government through NSA2

– Weak server-side controls
• Example: several instances of servers assuming only access will be

through mobile apps

57

Mobile Security

1https://www.computerworld.com/article/2487743/security0/evan-schuman–starbucks-caught-storing-mobile-passwords-in-clear-text.html
2http://www.bbc.com/news/world-us-canada-25922569

• Issues (continued):
– Broken cryptography

• Example: MD5 and SHA1 still used by some apps even though shown
to be insecure

– Security decisions based on untrusted inputs
• Example: 2012 incident with Skype app, allowed attackers to dial on

remote phones using a link embedded in email messages
• Mitigation: any input data to app must should include checks on

source of data and the format/contents of the data itself.
– Many Others…

58

Mobile Security

• Some Research Questions:
– How to train user on the threads of fraudulent messages

• Diverse technologies, languages, and ecosystems.
– How to prevent the collection of personal data?

• Access Control
• Policies

59

Mobile Security Research

• Cybersecurity is an evolving area of study/research
• Can we every build a system without any

vulnerabilities?
– How do we prove it?

60

Summary

• Course review
– Course overview
– Exam preparation
– Example questions

61

Next Week

• Cisco SDN Networking
https://www.cisco.com/c/en_au/solutions/software-defined-networking/overview.html

62

Additional Items

https://www.cisco.com/c/en_au/solutions/software-defined-networking/overview.html