11. Emerging Security Issues
Emerging Security Issues
CITS3004
Alvaro Monsalve
1
1. Cloud Computing CITS5503
2. Internet Of Things (IoT) CITS5506
3. Software Defined Networks
4. Vehicle security
5. Mobile security
Agenda
2
1. What is a cloud?
Client – Server Model
IBM says
“Cloud computing, often referred
to as simply “the cloud,” is the
delivery of on-demand computing
resources — everything from
applications to data centers — over
the internet on a pay-for-use basis.”
What is a cloud?
• Consumer
• Provider
• Carrier
• Auditor
• Broker
5
The Cloud
NIST the cloud architecture
• Public
– General public
– Over the Internet
– Via a Web service interface on Pay-as-you-go
– Large pools of scalable resources
• Private
– Hosted within an organization’s infrastructure and premises
– Users are in some form of relationship with cloud owner
– Via a Web service interface
– Behind the organization’s firewall
• Hybrid
– Combines resources of both public and private clouds. 6
Cloud Models
7
Cloud Models
Cloud users normally “trust” cloud service providers
with their data like they trust banks with their money
– Greg Papadopoulos, Sun Microsystems-
8
Cloud Security
• Access Control:
– Compromised user accounts
– Cloud providers spends on ’Strong’ Access Control Regimes:
• Amazon Identity and Access Management (IAM):
– Multiple Users-Role model for one Amazon account.
• Azure Security Center:
– Cloud Security State
– Security Policy-driven monitoring
– Firewalls, malwares
– Threat intelligence and expertise insights into events
• Rackspace:
– RSA Cloud Authentication Service, Auth
– Single Sign-On: Once user is authenticated, they can create/delete containers and
objects
9
Cloud Security –
Access Control
• Multifactor
Authentication
(MFA)
• Centralised Access
Control Policies
• Single Sign-On
• LDAP directory
10
Cloud Security –
Access Control
• Hypervisor:
– Virtual Machine Manager
– Runs guest operating systems that act as servers
– Piggybacks on a kernel program
– Runs on the core physical machine
• Security of the hypervisor involves the security of:
– Underlying kernel program
– Underlying physical machine,
– The physical server
– Individual virtual operating systems
– Anchoring virtual machines.
11
Cloud Security of Data
and Applications
12
Hypervisor Types
Type 1 Type 2
13
Hypervisor Vulnerabilities
• Paper “SubVirt: Implementing malware with virtual
machines,”[*] demonstrated
– the use of a type of malware, named virtual machine-based
rootkit (VMBR),
– Install a virtual machine monitor underneath an existing
operating system and
– Hoist the original operating system into a virtual machine
– Demonstrated a malware program that started to act as its own
hypervisor under Windows
[*] 2006, Samuel T. King, Peter M. Chen, Yi-Min Wang, Chad Verbowski, Helen J. Wang, and Jacob R. Lorch
• Host Security:
– Through hosts such as workstations, a user gains access to
the virtual machine system,
– Two problems are encountered here:
• Escape-to-hypervisor vulnerabilities—that allow intruders to
penetrate the virtual machine from the host
• Escape-to-host vulnerabilities—that allow vulnerabilities in the
virtual machine to move to the hosts
14
Cloud Security of Data
and Applications
• Many of the existing security controls can be enforced to
enhance the security of the cloud
– See lectures in weeks 7 ~ 9
• But should also consider the new attack surface arising from
the new networking design
– i.e., how we manage, process and transfer data and controls
15
Cloud Security
• Service-Level Agreements (SLAs):
– Security depends on the used tier of service:
• IaaS: security responsibilities are shared between the provider
(physical, environmental, and virtualization security) and the
client (applications, operating system, and others).
• SaaS: the provider is responsible for almost every aspect of
security.
16
Cloud Security SLAs
• Clouds are either public, community, or hybrids
• Businesses that deal with personal data must comply:
– The Federal Information Security Management Act of 2002
(FISMA)
– The Health Insurance Portability and Accountability Act of 1996
(HIPAA)
– Data Protection Directive
– The Payment Card Industry Data Security Standards (PCI DSS)
17
Cloud Security Compliance
• Other Concerns with the cloud security
– Hacked interfaces and APIs
– Exploited system vulnerabilities
– Malicious insider
– Service abuse
– DoS attack
– Sovereignty
18
Cloud Security
• Example of a Research Question
– There are multiple cloud users using the cloud resources
for different purposes.
– Different cloud users have different security requirements.
– What is the best way to optimise the security of the cloud?
19
Cloud Security Research
It is a Smart Environment that is made up of an interconnection
of sensing and actuating devices providing the ability to share
information across platforms through a unified framework,
developing a common operating picture for enabling innovative
applications. This smart environment is achieved by seamless
ubiquitous sensing, data analytics, and information
representation with cloud computing as the unifying framework
P. Guillermin and P. Friess
20
2. Internet of Things
P. Guillemin and P. Friess in their paper “Internet of things strategic research roadmap,” as part of the Cluster of European Research Projects
21
Internet of Things
• Diversity Challenges:
– Devices
– Service
– Protocols
• Governance questions:
– Who owns the data?
– Where is the data of your device going to?
– What is the data going to be used for?
– What happened with combined data of your device and a passing car?
– What about your medical data?
22
IoT Challenges
• Channel-based Security:
– Overhead of establishing a secure channel (authentication rounds)
– Maintain channel state until is closed
– No data delivery guarantee
• Insufficient Authentication/authorization
– Use of weak and simple passwords, i.e. admin123.
23
IoT Security
• Lack of Transport Encryption:
– No encryption on the transferred data
• Insecure Web/Mobile Interface:
– Use of bridging communication protocols
– Device management schemes
• Management Vulnerability:
– High heterogeneity and complexity
– Lack of scalable management schemes
24
IoT Security
• Computational Constraints
– Constrained devices
– Low-power devices
– Running unsecure communication protocols
• Trust Relationships:
– Are IoT new entities (new ontologies)?
– How to endow identity, connectivity, intelligence, and agency
– Questions of social, ethical and legal nature with security impact
• DoS attacks
• Etc…
25
IoT Security
• Some Research Questions
– How to assess the shifting attack surface when IoT devices
move?
• Mobile IoT devices will connect to alternative connections points
(access points or peer devices).
– How to provide resiliency in an open environment?
• E.g., field deployment of IoT sensors for agricultural use
26
IoT Security Research
• Software Defined Networking
– Existing network allow the routers to make decisions on its own
based on what it can observe
– Often leads to a greedy decisions, which could not be optimal as
a whole network operation
– To address this issue, we can create a centralised control by
separating the controls from individual routers
– The routers now only have to forward packets based on the
rules provided by the controller
• i.e., do not have to make decisions on its own
27
3. SDN
28
SDN Architecture
(Smart Grid Example)
Kim, J. and Filali, F. and Ko, Y.; “Trends and Potentials of the Smart Grid Infrastructure: From ICT Sub-System to SDN-Enabled Smart Grid Architecture”, Journal of Applied Sciences, pp 706-727, 2015
• Switches are deny by default
• Flows are the rules that allow traffic to be forwarded
• Legacy control plane vulnerabilities are removed
• MAC table spoofing and BPDU spoofing are no longer possible
• Provide network owner with device and conversation visibility
• Control over
– what devices can connect,
– where those devices can connect
– what conversations each device can have
29
SDN Security Advantages
• Threat vectors arising from SDN
1. Forged or faked traffic flows
2. Attacks on vulnerabilities in switches
3. Attacks on control plane communications
4. Attacks on and vulnerabilities in controllers
5. Lack of mechanisms to ensure trust between the controller
and management applications
6. Attacks on and vulnerabilities in administrative stations
7. Lack of trusted resources for forensics and remediation
30
SDN Security
Kreutz, Diego, Fernando Ramos, and Paulo Verissimo. “Towards secure and dependable software-defined networks.” Proceedings of the second ACM SIGCOMM workshop on Hot topics in
software defined networking. ACM, 2013.
31
SDN Security
Kreutz, Diego, Fernando Ramos, and Paulo Verissimo. “Towards secure and dependable software-defined networks.” Proceedings of the second ACM SIGCOMM workshop on Hot topics in
software defined networking. ACM, 2013.
• We have to provide security for the new attack
surface of the SDN
• But we can also utilise SDN functionalities to
implement new security features
– E.g., moving target defense
• Flow redirection
32
SDN Security
• Example Research Question
– How to filter malicious applications from the application
layer?
– Multiple SDN controllers can be used for network
managements. How to identify malicious SDN controller
and revoke its control on the data plane?
– How to securely communicate from the data plane to the
control plane?
33
SDN Security
• Formulate the Shuffle Assignment Problem (SAP) [1]
• Solve by optimally reconfiguring the network topology to maximise
the network security
• develop a heuristic algorithm to address the scalability issue with a
near-optimal solution
• Design an online MTD mechanism
MTD using SDN
What do we mean by maximise security?
[1] J. Hong, S. Yoon, H. Lim, D. Kim, “Optimal Network Reconfiguration for Software Defined Networks using Shuffle-based Online MTD”, IEEE 36th Symposium on Reliable
Distributed Systems 2017
Toy Example
Public
Cloud
App
server 3
App
server 1
An Attacker
Web
server 3 App
server 2
Private
Cloud
SDN Controller Programmable
Switch
Database
server
Enterprise
Data Center
Web
server 1 Web
server 2
SDN Controller
Programmable
Switch
Linux-
based OS
Windows-
based OS
FreeBSD-
based OS
Key
Enterprise Network
Toy Example
Linux
Windows
FreeBSD
Key
WS1
WS3
AS1
AS2
WS2
AS3
Attacker
DS
Attacker -> WS1 -> AS1 -> AS2 -> Target
Attacker -> WS1 -> WS2 -> AS3 -> Target
Attacker -> WS2 -> AS3 -> Target
Attacker -> WS3 -> AS3 -> Target
…
Compromising any one of variants (Linux or Windows) can lead to the target
Things to consider:
How many
variants can we
have?
target
Shuffle in SDN
Have to compromise both variants as well!
In Cloud SDN we can change the routing table without too much overhead.
This approach does not need preinstalled OSes or reassignment of the Oses
(similarly, variants of any types).
Things to consider:
How to go from
scenario 1 to
scenario 2?
WS1
WS3
AS1
AS2
WS2
AS3
Attacker
DS
Shuffle in SDN
WS1
WS3
AS1
AS2
WS2
AS3
Attacker
DS
1. For each node connected to another node with the same variant, try
connecting to other node with different variant where allowed
2. Try step 1 for all combinations of nodes.
We will consider either removing or reconnecting in this method.
Problems with bruteforce
• Solving the shuffle assignment problem has an exponential
computational complexity.
• So the bruteforce method is impractical!
• To improve this scalability problem of SAP, they proposed a heuristic
algorithm, which provides a practical approach with near-optimal
solutions.
Heuristic algorithm
• Steps are as follows:
1. Identify all bad segment of edges, which are sequences of nodes connected
with a single variant.
2. For all identified bad segment of edges, reassign an edge to a node that has a
different variant.
3. Repeat until all bad segment of edges are removed or the threshold limit has
been reached.
Heuristic algorithm
WS1
WS3
AS1
AS2
WS2
AS3
Attacker
DS
• We have 2 bad segment of edges.
We reconnect each bad segment of edges (some reconnections are violation to the
network, in which case the reconnection is ignored).
Other option is to remove the edge and check for connectivity. However, this was
not considered.
Online MTD mechanism
• There are multiple network reconfiguration scenarios that yields
the same security properties when solving SAP (i.e., different
network scenarios with the same Expected Path Variant).
• We collect those network scenarios, and the network is
continuously changed to any of those scenarios as a defense
mechanism (attack events (reactive) or timely manner (proactive)).
– This defeats the static nature of networks exposed to the attackers.
• They also consider topological distance between our selected
network scenarios, because when shuffled, similar network
scenario yields similar attack scenarios.
Online MTD mechanism
Initial Network
A set of
DNRSesSolve SAP
(Heuristic)
Select k-set of
DNRSes
Calculate
Topological
Distance
Network
Reconfiguration Randomly
select
a DNRS
Select Counter-
measure DNRS
No
Yes
Deploy
Countermeasure
SAP
Active Mode
Reactive Mode
Attack
Detected?
Topological Distance
Metric
WS1
WS3
AS1
AS2
WS2
AS3
Attacker
DS
WS1
WS3
AS1
AS2
WS2
AS3
Attacker
DS
WS1
WS3
AS1
AS2
WS2
AS3
Attacker
DS
• New attack vectors
– In conjunction to the existing ones, which need to
evaluated for their effects on the system/network
• New capabilities
– Provide functionalities to implement new security
solutions
45
Emerging Networks Research
• Smart vehicles can connect to the internet and/or
communicate with nearby vehicles
– Autonomous/self driving cars
– Surrounding awareness and safety
– Directions and navigations
– Cabin control
– Etc…
46
4. Vehicle Security
• However, in-Vehicle Network is not very secure.
– In-vehicle lacks security features
– No authentication of nodes in the in-vehicle network
– Remote car control/hacking
• https://youtu.be/zurrQiETDHA
47
Vehicle Security
Lee, H. and Jeong, S. and Kim, H.; “OTIDS: A Novel Intrusion Detection System for In-vehicle Network by using Remote Frame”, in Proc. of PST 2017
• Controller Area Network (CAN) security
– Smart vehicles use CAN for communicating controls
– Different IDs are assigned to different controls
– Values associated with each ID defines the action of the
control
– Different vehicles have different IDs and action values
48
Vehicle Security
• Attackers can send malicious control CAN packets
– No/Lack of authentication/permission check
• Does not check the source of the message
• Vulnerable to fuzzing attacks
– No integrity check at the network level
• Allows any new node to be connected to the CAN bus
• Vulnerable to impersonation or replay attacks
– So many different ways to insert malicious packets…
49
Vehicle Security
• Computer vision aids autonomous/self driving cars to make decisions on
the road
• Machine Learning is used to correctly identify objects on the road,
including road signs. E.g., a stop sign.
• Attackers can add noise to the image processing step (perturbation).
50
Vehicle Security
N. Akhtar and A. Mian, “Threat of Adversarial Attacks on Deep Learning in Computer Vision: A Survey,” in IEEE Access, vol. 6, pp. 14410-14430, 2018.
doi: 10.1109/ACCESS.2018.2807385
These images are
misclassified!
• Some Research Questions:
– How to secure the communication between untrusted
agents (vehicles)?
• Centralised or Decentralised Solutions
– How to sense the environment?
• Sensor development: Lidar, Cameras
• AI recognition technologies
51
Vehicle Security Research
• Mobile devices are used widely
– Around 6.37 billion number of mobile phones being used 20211
– 56% IOS, 43% IOS, 1% Others2 in the USA
– 3.48 million android apps
– 2.2 million IOS apps
• Do we provide sufficient security to mobile devices?
52
5. Mobile Platform
1https://www.statista.com/statistics/330695/forecast-of-mobile-phone-users-worldwide/
2https://www.bankmycell.com/blog/how-many-phones-are-in-the-world
53
Mobile Security
McAfee Mobile Threat Report 2021. url: https://www.mcafee.com/content/dam/global/infographics/McAfeeMobileThreatReport2021.pdf
• Success in market translates to being a larger target
– More and more vulnerabilities are found1
• Attacks through the App Store and Google Play
• More and more issues are found as time passes.
54
Mobile Security
1http://www.foxnews.com/tech/2016/08/25/apple-issues-iphone-security-update-after-spyware-discovery.html
55
Mobile Security
@AndroidMalware on Facebook
• A variety of issues, including:
– Trojans
• Distributed via SMS or links on popular social media sites
– Billing Fraud
• Unwanted Subscriptions
– Malvertising
• Including SMS
• Covid 2020 SMS Worm
– Malicious Code
• Inserted during update when scrutiny is lessened
• Access to services and messaging controls
• Android/Etinu on Google Play: Steal SMS after Update
56
Mobile Security
• Issues (continued):
– Secure data storage
• Example: Starbucks mobile app stored usernames, email addresses,
and passwords in clear text1
– Unintended data leakage
• Example: Angry Birds game collected personal data, which was
skimmed by both other businesses and US government through NSA2
– Weak server-side controls
• Example: several instances of servers assuming only access will be
through mobile apps
57
Mobile Security
1https://www.computerworld.com/article/2487743/security0/evan-schuman–starbucks-caught-storing-mobile-passwords-in-clear-text.html
2http://www.bbc.com/news/world-us-canada-25922569
• Issues (continued):
– Broken cryptography
• Example: MD5 and SHA1 still used by some apps even though shown
to be insecure
– Security decisions based on untrusted inputs
• Example: 2012 incident with Skype app, allowed attackers to dial on
remote phones using a link embedded in email messages
• Mitigation: any input data to app must should include checks on
source of data and the format/contents of the data itself.
– Many Others…
58
Mobile Security
• Some Research Questions:
– How to train user on the threads of fraudulent messages
• Diverse technologies, languages, and ecosystems.
– How to prevent the collection of personal data?
• Access Control
• Policies
59
Mobile Security Research
• Cybersecurity is an evolving area of study/research
• Can we every build a system without any
vulnerabilities?
– How do we prove it?
60
Summary
• Course review
– Course overview
– Exam preparation
– Example questions
61
Next Week
• Cisco SDN Networking
https://www.cisco.com/c/en_au/solutions/software-defined-networking/overview.html
62
Additional Items
https://www.cisco.com/c/en_au/solutions/software-defined-networking/overview.html