Previous work has shown that distributed authorization systems that fail to sample a consistent snapshot of the underlying system during policy evaluation are vulnerable to a number of attacks. Unfortuantely, the consistency enforcement solutions presented in previous work were designed for systems in which only CA-certified evidence is used during the decision-making process, all of which is available to the decision-making node at runtime. In this article, we generalize previous results and present light-weight mechanisms through which consistency constraints can be enforced in proof systems in which the full details of a proof may be unavailable to the querier due to information release policies, and the existence of certificate authorities for certifying evidence is unlikely; these types of distributed proof systems are likely candidates for use in pervasive computing and sensor network environments. We present modifications to one such distributed proof system that enable three types of consistency constraints to be enforced while still respecting the same confidentiality and integrity policies as the original proof system. We then discuss how these techniques can be adapted and applied to other, less restrictive, distributed proof systems. Further, we detail a performance analysis that illustrates the modest overheads of our consistency enforcement schemes.
{"title":"On the consistency of distributed proofs with hidden subtrees","authors":"Adam J. Lee, Kazuhiro Minami, M. Winslett","doi":"10.1145/1805974.1805981","DOIUrl":"https://doi.org/10.1145/1805974.1805981","url":null,"abstract":"Previous work has shown that distributed authorization systems that fail to sample a consistent snapshot of the underlying system during policy evaluation are vulnerable to a number of attacks. Unfortuantely, the consistency enforcement solutions presented in previous work were designed for systems in which only CA-certified evidence is used during the decision-making process, all of which is available to the decision-making node at runtime. In this article, we generalize previous results and present light-weight mechanisms through which consistency constraints can be enforced in proof systems in which the full details of a proof may be unavailable to the querier due to information release policies, and the existence of certificate authorities for certifying evidence is unlikely; these types of distributed proof systems are likely candidates for use in pervasive computing and sensor network environments. We present modifications to one such distributed proof system that enable three types of consistency constraints to be enforced while still respecting the same confidentiality and integrity policies as the original proof system. We then discuss how these techniques can be adapted and applied to other, less restrictive, distributed proof systems. Further, we detail a performance analysis that illustrates the modest overheads of our consistency enforcement schemes.","PeriodicalId":50912,"journal":{"name":"ACM Transactions on Information and System Security","volume":"17 1","pages":"25:1-25:32"},"PeriodicalIF":0.0,"publicationDate":"2010-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"80169079","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
This issue of TISSEC consists of three articles that elaborate research results originally contributed to the 12th European Symposium on Research in Computer Security (ESORICS’07) held in Dresden, Germany, September 24–26, 2007. The conference series of ESORICS has become the European research event in computer security. The symposium started in 1990 and has been organized on alternate years in different European countries. Since 2002, it has taken place annually. The contributions to ESORICS present theory, mechanisms, applications, or practical experience on all traditional or emerging topics relevant for security in computing systems. The three articles of this special issue have been selected from 39 papers presented during the symposium out of 164 submissions. The articles examplarily demonstrate the scope of ESORICS, dealing with an advanced formal model for state-dependent access control, sophisticated language-based security for information-flow control, and security and privacy in databases employing cryptography. A common theme of the articles is to enable programmers and system administrators to reliably control the flow of information in complex computing environments. Becker and Nanz consider state-modifying authorization policies where actually granted access requests can have effects on the current state of the access control system. They show how to efficiently organize state updates in a well-structured architecture, and they provide both thorough semantics based on Transaction Logic and a sound and complete proof system for analyzing the actual achievements of state-modifying authorization policies. Barthe, Rezk, Russo, and Sabelfeld enhance language-based informationflow security by inspecting the subtle impact of the concept of multithreading for low-level programs as used, for example, in mobile code scenarios. In particular, they deal with the control of the timing behavior of an execution as exhibited by a security-aware scheduler. They achieve this goal by presenting a security-preserving compilation to be employed as part of the overall approach to proof carrying code. Ciriani, De Capitani di Vimercati, Foresti, Jajodia, Paraboschi, and Samarati contribute to security on the application level. More specifically, for enforcing confidentiality constraints in the context of data outsourcing, they study how to break sensitive associations among composed data by fragmentation and to encrypt the resulting fragments such that processing of the fragmented and encrypted data still remains sufficiently efficient. We would like to thank all the authors for following our invitation to contribute to this special issue and all the reviewers for their insightful and helpful comments. We are also grateful to Michael Reiter, former Editor-in-Chief,
这期TISSEC由三篇文章组成,这些文章详细阐述了最初为2007年9月24日至26日在德国德累斯顿举行的第12届欧洲计算机安全研究研讨会(ESORICS ' 07)贡献的研究成果。ESORICS系列会议已成为欧洲计算机安全领域的研究盛会。该研讨会始于1990年,在不同的欧洲国家隔年举办一次。自2002年以来,每年举行一次。对ESORICS的贡献展示了与计算系统安全相关的所有传统或新兴主题的理论、机制、应用或实践经验。本期特刊的三篇文章是从本次研讨会上提交的164篇论文中的39篇论文中挑选出来的。这两篇文章举例说明了ESORICS的范围,讨论了用于依赖状态的访问控制的高级形式化模型、用于信息流控制的复杂的基于语言的安全性,以及使用加密技术的数据库中的安全性和隐私性。这些文章的一个共同主题是使程序员和系统管理员能够可靠地控制复杂计算环境中的信息流。Becker和Nanz考虑了状态修改授权策略,其中实际授予的访问请求可能对访问控制系统的当前状态产生影响。它们展示了如何在结构良好的体系结构中有效地组织状态更新,并提供了基于事务逻辑的完整语义和用于分析状态修改授权策略实际成果的健全完整的证明系统。Barthe、Rezk、Russo和Sabelfeld通过研究多线程概念对低级程序(例如在移动代码场景中)的微妙影响,增强了基于语言的信息流安全性。特别是,它们处理由安全感知调度器显示的执行计时行为的控制。他们通过提供一种安全保护编译来实现这一目标,该编译将被用作携带证明代码的总体方法的一部分。Ciriani、De Capitani di Vimercati、Foresti、Jajodia、Paraboschi和Samarati对应用程序级别的安全性做出了贡献。更具体地说,为了在数据外包的背景下加强机密性约束,他们研究了如何通过碎片来打破组合数据之间的敏感关联,并对产生的碎片进行加密,从而使碎片化和加密数据的处理仍然足够有效。我们要感谢所有的作者接受我们的邀请为本期特刊撰稿,感谢所有的审稿人提出的有见地和有益的意见。我们还要感谢前主编Michael Reiter,
{"title":"Editorial ESORICS 2007","authors":"J. Biskup, Javier López","doi":"10.1145/1805974.1805975","DOIUrl":"https://doi.org/10.1145/1805974.1805975","url":null,"abstract":"This issue of TISSEC consists of three articles that elaborate research results originally contributed to the 12th European Symposium on Research in Computer Security (ESORICS’07) held in Dresden, Germany, September 24–26, 2007. The conference series of ESORICS has become the European research event in computer security. The symposium started in 1990 and has been organized on alternate years in different European countries. Since 2002, it has taken place annually. The contributions to ESORICS present theory, mechanisms, applications, or practical experience on all traditional or emerging topics relevant for security in computing systems. The three articles of this special issue have been selected from 39 papers presented during the symposium out of 164 submissions. The articles examplarily demonstrate the scope of ESORICS, dealing with an advanced formal model for state-dependent access control, sophisticated language-based security for information-flow control, and security and privacy in databases employing cryptography. A common theme of the articles is to enable programmers and system administrators to reliably control the flow of information in complex computing environments. Becker and Nanz consider state-modifying authorization policies where actually granted access requests can have effects on the current state of the access control system. They show how to efficiently organize state updates in a well-structured architecture, and they provide both thorough semantics based on Transaction Logic and a sound and complete proof system for analyzing the actual achievements of state-modifying authorization policies. Barthe, Rezk, Russo, and Sabelfeld enhance language-based informationflow security by inspecting the subtle impact of the concept of multithreading for low-level programs as used, for example, in mobile code scenarios. In particular, they deal with the control of the timing behavior of an execution as exhibited by a security-aware scheduler. They achieve this goal by presenting a security-preserving compilation to be employed as part of the overall approach to proof carrying code. Ciriani, De Capitani di Vimercati, Foresti, Jajodia, Paraboschi, and Samarati contribute to security on the application level. More specifically, for enforcing confidentiality constraints in the context of data outsourcing, they study how to break sensitive associations among composed data by fragmentation and to encrypt the resulting fragments such that processing of the fragmented and encrypted data still remains sufficiently efficient. We would like to thank all the authors for following our invitation to contribute to this special issue and all the reviewers for their insightful and helpful comments. We are also grateful to Michael Reiter, former Editor-in-Chief,","PeriodicalId":50912,"journal":{"name":"ACM Transactions on Information and System Security","volume":"51 1","pages":"19:1-19:2"},"PeriodicalIF":0.0,"publicationDate":"2010-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"84478687","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Although access control is currently a key component of any computational system, it is only recently that mechanisms to guard against unauthorized access to streaming data have started to be investigated. To cope with this lack, in this article, we propose a general framework to protect streaming data, which is, as much as possible, independent from the target stream engine. Differently from RDBMSs, up to now a standard query language for data streams has not yet emerged and this makes the development of a general solution to access control enforcement more difficult. The framework we propose in this article is based on an expressive role-based access control model proposed by us. It exploits a query rewriting mechanism, which rewrites user queries in such a way that they do not return tuples/attributes that should not be accessed according to the specified access control policies. Furthermore, the framework contains a deployment module able to translate the rewritten query in such a way that it can be executed by different stream engines, therefore, overcoming the lack of standardization. In the article, besides presenting all the components of our framework, we prove the correctness and completeness of the query rewriting algorithm, and we present some experiments that show the feasibility of the developed techniques.
{"title":"A framework to enforce access control over data streams","authors":"B. Carminati, E. Ferrari, Jianneng Cao, K. Tan","doi":"10.1145/1805974.1805984","DOIUrl":"https://doi.org/10.1145/1805974.1805984","url":null,"abstract":"Although access control is currently a key component of any computational system, it is only recently that mechanisms to guard against unauthorized access to streaming data have started to be investigated. To cope with this lack, in this article, we propose a general framework to protect streaming data, which is, as much as possible, independent from the target stream engine. Differently from RDBMSs, up to now a standard query language for data streams has not yet emerged and this makes the development of a general solution to access control enforcement more difficult. The framework we propose in this article is based on an expressive role-based access control model proposed by us. It exploits a query rewriting mechanism, which rewrites user queries in such a way that they do not return tuples/attributes that should not be accessed according to the specified access control policies. Furthermore, the framework contains a deployment module able to translate the rewritten query in such a way that it can be executed by different stream engines, therefore, overcoming the lack of standardization. In the article, besides presenting all the components of our framework, we prove the correctness and completeness of the query rewriting algorithm, and we present some experiments that show the feasibility of the developed techniques.","PeriodicalId":50912,"journal":{"name":"ACM Transactions on Information and System Security","volume":"57 1","pages":"28:1-28:31"},"PeriodicalIF":0.0,"publicationDate":"2010-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"88883836","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The enforcement of access control policies using cryptography has received considerable attention in recent years and the security of such enforcement schemes is increasingly well understood. Recent work in the area has considered the efficient enforcement of temporal and geo-spatial access control policies, and asymptotic results for the time and space complexity of efficient enforcement schemes have been obtained. However, for practical purposes, it is useful to have explicit bounds for the complexity of enforcement schemes.� In this article we consider interval-based access control policies, of which temporal and geo-spatial access control policies are special cases. We define enforcement schemes for interval-based access control policies for which it is possible, in almost all cases, to obtain exact values for the schemes' complexity, thereby subsuming a substantial body of work in the literature. Moreover, our enforcement schemes are more practical than existing schemes, in the sense that they operate in the same way as standard cryptographic enforcement schemes, unlike other efficient schemes in the literature. The main difference between our approach and earlier work is that we develop techniques that are specific to the cryptographic enforcement of interval-based access control policies, rather than applying generic techniques that give rise to complex constructions and asymptotic bounds.
{"title":"Practical and efficient cryptographic enforcement of interval-based access control policies","authors":"J. Crampton","doi":"10.1145/1952982.1952996","DOIUrl":"https://doi.org/10.1145/1952982.1952996","url":null,"abstract":"The enforcement of access control policies using cryptography has received considerable attention in recent years and the security of such enforcement schemes is increasingly well understood. Recent work in the area has considered the efficient enforcement of temporal and geo-spatial access control policies, and asymptotic results for the time and space complexity of efficient enforcement schemes have been obtained. However, for practical purposes, it is useful to have explicit bounds for the complexity of enforcement schemes.\u0000 In this article we consider interval-based access control policies, of which temporal and geo-spatial access control policies are special cases. We define enforcement schemes for interval-based access control policies for which it is possible, in almost all cases, to obtain exact values for the schemes' complexity, thereby subsuming a substantial body of work in the literature. Moreover, our enforcement schemes are more practical than existing schemes, in the sense that they operate in the same way as standard cryptographic enforcement schemes, unlike other efficient schemes in the literature. The main difference between our approach and earlier work is that we develop techniques that are specific to the cryptographic enforcement of interval-based access control policies, rather than applying generic techniques that give rise to complex constructions and asymptotic bounds.","PeriodicalId":50912,"journal":{"name":"ACM Transactions on Information and System Security","volume":"131 1","pages":"14:1-14:30"},"PeriodicalIF":0.0,"publicationDate":"2010-05-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"79178688","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Mix-networks, a family of anonymous messaging protocols, have been engineered to withstand a wide range of theoretical internal and external adversaries. An undetectable insider threat—voluntary partial trace disclosures by server administrators—remains a troubling source of vulnerability. An administrator's cooperation could be the resulting coercion, bribery, or a simple change of interests. While eliminating this insider threat is impossible, it is feasible to deter such unauthorized disclosures by bundling them with additional penalties. We abstract these costs with collateral keys, which grant access to customizable resources. This article introduces the notion of trace-deterring mix-networks, which encode collateral keys for every server-node into every end-to-end message trace. The network reveals no keying material when the input-to-output transitions of individual servers remain secret. Two permutation strategies for encoding key information into traces, mix-and-flip and all-or-nothing, are presented. We analyze their trade-offs with respect to computational efficiency, anonymity sets, and colluding message senders. Our techniques have sufficiently low overhead for deployment in large-scale elections, thereby providing a sort of publicly verifiable privacy guarantee.
{"title":"Deterring voluntary trace disclosure in re-encryption mix-networks","authors":"Xiaofeng Wang, P. Golle, M. Jakobsson, Alex Tsow","doi":"10.1145/1698750.1698758","DOIUrl":"https://doi.org/10.1145/1698750.1698758","url":null,"abstract":"Mix-networks, a family of anonymous messaging protocols, have been engineered to withstand a wide range of theoretical internal and external adversaries. An undetectable insider threat—voluntary partial trace disclosures by server administrators—remains a troubling source of vulnerability. An administrator's cooperation could be the resulting coercion, bribery, or a simple change of interests. While eliminating this insider threat is impossible, it is feasible to deter such unauthorized disclosures by bundling them with additional penalties. We abstract these costs with collateral keys, which grant access to customizable resources. This article introduces the notion of trace-deterring mix-networks, which encode collateral keys for every server-node into every end-to-end message trace. The network reveals no keying material when the input-to-output transitions of individual servers remain secret. Two permutation strategies for encoding key information into traces, mix-and-flip and all-or-nothing, are presented. We analyze their trade-offs with respect to computational efficiency, anonymity sets, and colluding message senders. Our techniques have sufficiently low overhead for deployment in large-scale elections, thereby providing a sort of publicly verifiable privacy guarantee.","PeriodicalId":50912,"journal":{"name":"ACM Transactions on Information and System Security","volume":"7 1","pages":"18:1-18:24"},"PeriodicalIF":0.0,"publicationDate":"2010-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"75034094","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
In this paper we propose a new voting protocol with desirable security properties. The voting stage of the protocol can be performed by humans without computers; it provides every voter with the means to verify that all the votes were counted correctly (universal verifiability) while preserving ballot secrecy. The protocol has "everlasting privacy": even a computationally unbounded adversary gains no information about specific votes from observing the protocol's output. Unlike previous protocols with these properties, this protocol distributes trust between two authorities: a single corrupt authority will not cause voter privacy to be breached. Finally, the protocol is receipt-free: a voter cannot prove how she voted even she wants to do so. We formally prove the security of the protocol in the Universal Composability framework, based on number-theoretic assumptions.
{"title":"Split-ballot voting: everlasting privacy with distributed trust","authors":"T. Moran, M. Naor","doi":"10.1145/1315245.1315277","DOIUrl":"https://doi.org/10.1145/1315245.1315277","url":null,"abstract":"In this paper we propose a new voting protocol with desirable security properties. The voting stage of the protocol can be performed by humans without computers; it provides every voter with the means to verify that all the votes were counted correctly (universal verifiability) while preserving ballot secrecy. The protocol has \"everlasting privacy\": even a computationally unbounded adversary gains no information about specific votes from observing the protocol's output. Unlike previous protocols with these properties, this protocol distributes trust between two authorities: a single corrupt authority will not cause voter privacy to be breached. Finally, the protocol is receipt-free: a voter cannot prove how she voted even she wants to do so. We formally prove the security of the protocol in the Universal Composability framework, based on number-theoretic assumptions.","PeriodicalId":50912,"journal":{"name":"ACM Transactions on Information and System Security","volume":"1 1","pages":"16:1-16:43"},"PeriodicalIF":0.0,"publicationDate":"2010-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"79905219","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
SQL injection attacks are one of the top-most threats for applications written for the Web. These attacks are launched through specially crafted user inputs, on Web applications that use low-level string operations to construct SQL queries. In this work, we exhibit a novel and powerful scheme for automatically transforming Web applications to render them safe against all SQL injection attacks.� A characteristic diagnostic feature of SQL injection attacks is that they change the intended structure of queries issued. Our technique for detecting SQL injection is to dynamically mine the programmer-intended query structure on any input, and detect attacks by comparing it against the structure of the actual query issued. We propose a simple and novel mechanism, called Candid, for mining programmer intended queries by dynamically evaluating runs over benign candidate inputs. This mechanism is theoretically well founded and is based on inferring intended queries by considering the symbolic query computed on a program run. Our approach has been implemented in a tool called Candid that retrofits Web applications written in Java to defend them against SQL injection attacks. We have also implemented Candid by modifying a Java Virtual Machine, which safeguards applications without requiring retrofitting. We report extensive experimental results that show that our approach performs remarkably well in practice.
{"title":"CANDID: Dynamic candidate evaluations for automatic prevention of SQL injection attacks","authors":"Prithvi Bisht, P. Madhusudan, V. Venkatakrishnan","doi":"10.1145/1698750.1698754","DOIUrl":"https://doi.org/10.1145/1698750.1698754","url":null,"abstract":"SQL injection attacks are one of the top-most threats for applications written for the Web. These attacks are launched through specially crafted user inputs, on Web applications that use low-level string operations to construct SQL queries. In this work, we exhibit a novel and powerful scheme for automatically transforming Web applications to render them safe against all SQL injection attacks.\u0000 A characteristic diagnostic feature of SQL injection attacks is that they change the intended structure of queries issued. Our technique for detecting SQL injection is to dynamically mine the programmer-intended query structure on any input, and detect attacks by comparing it against the structure of the actual query issued. We propose a simple and novel mechanism, called Candid, for mining programmer intended queries by dynamically evaluating runs over benign candidate inputs. This mechanism is theoretically well founded and is based on inferring intended queries by considering the symbolic query computed on a program run. Our approach has been implemented in a tool called Candid that retrofits Web applications written in Java to defend them against SQL injection attacks. We have also implemented Candid by modifying a Java Virtual Machine, which safeguards applications without requiring retrofitting. We report extensive experimental results that show that our approach performs remarkably well in practice.","PeriodicalId":50912,"journal":{"name":"ACM Transactions on Information and System Security","volume":"19 1","pages":"14:1-14:39"},"PeriodicalIF":0.0,"publicationDate":"2010-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"87837413","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Anna Lysyanskaya, R. Tamassia, Nikos Triandopoulos
We consider the problem of authenticating a stream of packets transmitted over a network controlled by an adversary who may perform arbitrary attacks on the stream: He may drop or modify chosen packets, rearrange the order of the packets in any way, and inject new, random, or specially crafted packets into the stream. In contrast, prior work on the multicast authentication problem has focused on a less powerful adversarial network model or has examined a considerably more restrictive setting with specific timing or structural assumptions about the network.� We model the ability of the network to modify a stream of n packets with two parameters: the survival rate α (0 <α≤ 1) denoting the fraction of the packets that are guaranteed to reach any particular receiver unmodified and the flood rate β (β ≥ 1) indicating the factor by which the size of the received stream at any particular receiver may exceed the size of the transmitted stream. Combining error-correcting codes with standard cryptographic primitives, our approach gives almost the same security guarantees as if each packet were individually signed, but requires only one signature operation for the entire stream and adds to each transmitted packet only a small amount of authentication information, proportional to β/α2. We prove the security and correctness of our scheme and analyze its performance in terms of communication overhead and computational effort at the sender and the receiver. Our results demonstrate how list decoding can be transformed into unambiguous decoding in the public-key model and the bounded computational model for the underlying communication channel. Overall, our technique provides an authenticated error-correcting code of independent interest that may be useful in other settings.
{"title":"Authenticated error-correcting codes with applications to multicast authentication","authors":"Anna Lysyanskaya, R. Tamassia, Nikos Triandopoulos","doi":"10.1145/1698750.1698757","DOIUrl":"https://doi.org/10.1145/1698750.1698757","url":null,"abstract":"We consider the problem of authenticating a stream of packets transmitted over a network controlled by an adversary who may perform arbitrary attacks on the stream: He may drop or modify chosen packets, rearrange the order of the packets in any way, and inject new, random, or specially crafted packets into the stream. In contrast, prior work on the multicast authentication problem has focused on a less powerful adversarial network model or has examined a considerably more restrictive setting with specific timing or structural assumptions about the network.\u0000 We model the ability of the network to modify a stream of n packets with two parameters: the survival rate α (0 <α≤ 1) denoting the fraction of the packets that are guaranteed to reach any particular receiver unmodified and the flood rate β (β ≥ 1) indicating the factor by which the size of the received stream at any particular receiver may exceed the size of the transmitted stream. Combining error-correcting codes with standard cryptographic primitives, our approach gives almost the same security guarantees as if each packet were individually signed, but requires only one signature operation for the entire stream and adds to each transmitted packet only a small amount of authentication information, proportional to β/α2. We prove the security and correctness of our scheme and analyze its performance in terms of communication overhead and computational effort at the sender and the receiver. Our results demonstrate how list decoding can be transformed into unambiguous decoding in the public-key model and the bounded computational model for the underlying communication channel. Overall, our technique provides an authenticated error-correcting code of independent interest that may be useful in other settings.","PeriodicalId":50912,"journal":{"name":"ACM Transactions on Information and System Security","volume":"35 1","pages":"17:1-17:34"},"PeriodicalIF":0.0,"publicationDate":"2010-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"90748305","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
An alarming trend in recent malware incidents is that they are armed with stealthy techniques to detect, evade, and subvert malware detection facilities of the victim. On the defensive side, a fundamental limitation of traditional host-based antimalware systems is that they run inside the very hosts they are protecting (“in-the-box”), making them vulnerable to counter detection and subversion by malware. To address this limitation, recent solutions based on virtual machine (VM) technologies advocate placing the malware detection facilities outside of the protected VM (“out-of-the-box”). However, they gain tamper resistance at the cost of losing the internal semantic view of the host, which is enjoyed by “in-the-box” approaches. This poses a technical challenge known as the semantic gap.� In this article, we present the design, implementation, and evaluation of VMwatcher—an “out-of-the-box” approach that overcomes the semantic gap challenge. A new technique called guest view casting is developed to reconstruct internal semantic views (e.g., files, processes, and kernel modules) of a VM nonintrusively from the outside. More specifically, the new technique casts semantic definitions of guest OS data structures and functions on virtual machine monitor (VMM)-level VM states, so that the semantic view can be reconstructed. Furthermore, we extend guest view casting to reconstruct details of system call events (e.g., the process that makes the system call as well as the system call number, parameters, and return value) in the VM, enriching the semantic view. With the semantic gap effectively narrowed, we identify three unique malware detection and monitoring capabilities: (i) view comparison-based malware detection and its demonstration in rootkit detection; (ii) “out-of-the-box” deployment of off-the-shelf anti malware software with improved detection accuracy and tamper-resistance; and (iii) nonintrusive system call monitoring for malware and intrusion behavior observation. We have implemented a proof-of-concept VMwatcher prototype on a number of VMM platforms. Our evaluation experiments with real-world malware, including elusive kernel-level rootkits, demonstrate VMwatcher's practicality and effectiveness.
{"title":"Stealthy malware detection and monitoring through VMM-based “out-of-the-box” semantic view reconstruction","authors":"Xuxian Jiang, Xinyuan Wang, Dongyan Xu","doi":"10.1145/1698750.1698752","DOIUrl":"https://doi.org/10.1145/1698750.1698752","url":null,"abstract":"An alarming trend in recent malware incidents is that they are armed with stealthy techniques to detect, evade, and subvert malware detection facilities of the victim. On the defensive side, a fundamental limitation of traditional host-based antimalware systems is that they run inside the very hosts they are protecting (“in-the-box”), making them vulnerable to counter detection and subversion by malware. To address this limitation, recent solutions based on virtual machine (VM) technologies advocate placing the malware detection facilities outside of the protected VM (“out-of-the-box”). However, they gain tamper resistance at the cost of losing the internal semantic view of the host, which is enjoyed by “in-the-box” approaches. This poses a technical challenge known as the semantic gap.\u0000 In this article, we present the design, implementation, and evaluation of VMwatcher—an “out-of-the-box” approach that overcomes the semantic gap challenge. A new technique called guest view casting is developed to reconstruct internal semantic views (e.g., files, processes, and kernel modules) of a VM nonintrusively from the outside. More specifically, the new technique casts semantic definitions of guest OS data structures and functions on virtual machine monitor (VMM)-level VM states, so that the semantic view can be reconstructed. Furthermore, we extend guest view casting to reconstruct details of system call events (e.g., the process that makes the system call as well as the system call number, parameters, and return value) in the VM, enriching the semantic view. With the semantic gap effectively narrowed, we identify three unique malware detection and monitoring capabilities: (i) view comparison-based malware detection and its demonstration in rootkit detection; (ii) “out-of-the-box” deployment of off-the-shelf anti malware software with improved detection accuracy and tamper-resistance; and (iii) nonintrusive system call monitoring for malware and intrusion behavior observation. We have implemented a proof-of-concept VMwatcher prototype on a number of VMM platforms. Our evaluation experiments with real-world malware, including elusive kernel-level rootkits, demonstrate VMwatcher's practicality and effectiveness.","PeriodicalId":50912,"journal":{"name":"ACM Transactions on Information and System Security","volume":"231 1","pages":"12:1-12:28"},"PeriodicalIF":0.0,"publicationDate":"2010-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"76013083","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Nicholas Hopper, Eugene Y. Vasserman, Eric Chan-Tin
Low-latency anonymity systems such as Tor, AN.ON, Crowds, and Anonymizer.com aim to provide anonymous connections that are both untraceable by "local" adversaries who control only a few machines, and have low enough delay to support anonymous use of network services like web browsing and remote login. One consequence of these goals is that these services leak some information about the network latency between the sender and one or more nodes in the system. This paper reports on three experiments that partially measure the extent to which such leakage can compromise anonymity. First, using a public dataset of pairwise round-trip times (RTTs) between 2000 Internet hosts, we estimate that on average, knowing the network location of host A and the RTT to host B leaks 3.64 bits of information about the network location of B. Second, we describe an attack that allows a pair of colluding web sites to predict, based on local timing information and with no additional resources, whether two connections from the same Tor exit node are using the same circuit with 17% equal error rate. Finally, we describe an attack that allows a malicious website, with access to a network coordinate system and one corrupted Tor router, to recover roughly 6.8 bits of network location per hour.
{"title":"How much anonymity does network latency leak?","authors":"Nicholas Hopper, Eugene Y. Vasserman, Eric Chan-Tin","doi":"10.1145/1315245.1315257","DOIUrl":"https://doi.org/10.1145/1315245.1315257","url":null,"abstract":"Low-latency anonymity systems such as Tor, AN.ON, Crowds, and Anonymizer.com aim to provide anonymous connections that are both untraceable by \"local\" adversaries who control only a few machines, and have low enough delay to support anonymous use of network services like web browsing and remote login. One consequence of these goals is that these services leak some information about the network latency between the sender and one or more nodes in the system. This paper reports on three experiments that partially measure the extent to which such leakage can compromise anonymity. First, using a public dataset of pairwise round-trip times (RTTs) between 2000 Internet hosts, we estimate that on average, knowing the network location of host A and the RTT to host B leaks 3.64 bits of information about the network location of B. Second, we describe an attack that allows a pair of colluding web sites to predict, based on local timing information and with no additional resources, whether two connections from the same Tor exit node are using the same circuit with 17% equal error rate. Finally, we describe an attack that allows a malicious website, with access to a network coordinate system and one corrupted Tor router, to recover roughly 6.8 bits of network location per hour.","PeriodicalId":50912,"journal":{"name":"ACM Transactions on Information and System Security","volume":"176 4 1","pages":"13:1-13:28"},"PeriodicalIF":0.0,"publicationDate":"2010-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"77024416","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: