TUF: Secure Software Updates Justin Cappos NYU Poly Computer Science and Engineering.

Slides:



Advertisements
Similar presentations
TUF: Securing Software Update Systems on GENI Justin Cappos Department of Computer Science and Engineering University of Washington.
Advertisements

Web Defacement Anh Nguyen May 6 th, Organization Introduction How Hackers Deface Web Pages Solutions to Web Defacement Conclusions 2.
CSCI 530L Vulnerability Assessment. Process of identifying vulnerabilities that exist in a computer system Has many similarities to risk assessment Four.
LogMeIn.com By: Casey Davidson. What is it? Free Web-based VNC Client Remotely control any PC or Mac from anywhere in the world No network configuring.
Security and Risk Management. Who Am I Matthew Strahan from Content Security Principal Security Consultant I look young, but I’ve been doing this for.
Linux Operations and Administration
1 DNSSEC at ESnet ESCC/Internet2 Joint Techs Workshop July 19, 2006 R. Kevin Oberman Network Engineer Lawrence Berkeley National Laboratory.
MOBILE DEVICE SECURITY. WHAT IS MOBILE DEVICE SECURITY? Mobile Devices  Smartphones  Laptops  Tablets  USB Memory  Portable Media Player  Handheld.
Brad Baker CS526 May 7 th, /7/ Project goals 2. Test Environment 3. The Problem 4. Some Solutions 5. ModSecurity Overview 6. ModSecurity.
Web Browser Security Prepared By Mohammed EL-Batta Mohammed Soubih Supervised By Eng. Eman alajrami Explain Date 10. may University of Palestine.
Ethical Hacking Defeating Wireless Security. 2 Contact Sam Bowne Sam Bowne Computer Networking and Information Technology Computer Networking and Information.
An Introduction to Internet Explorer DLL Vulnerability and Damage Analysis Bo Sun, Dawei Su {sun,
Lecture 16 Page 1 Advanced Network Security Perimeter Defense in Networks: Virtual Private Networks Advanced Network Security Peter Reiher August, 2014.
Virtual Workspaces Kate Keahey Argonne National Laboratory.
Intrusion Detection on a Shoestring Budget Shane Williams UT Austin Graduate School of Library and Information Science Oct. 18, 2000 SANS Network Security.
Computer Security Risks for Control Systems at CERN Denise Heagerty, CERN Computer Security Officer, 12 Feb 2003.
CERN - European Organization for Nuclear Research Beyond ACB – VPN’s FOCUS June 13 th, 2002 Frédéric Hemmer & Denise Heagerty- IT Division.
Ian Gable University of Victoria 1 Deploying HEP Applications Using Xen and Globus Virtual Workspaces A. Agarwal, A. Charbonneau, R. Desmarais, R. Enge,
Lecture 19 Page 1 CS 236 Online Securing Your System CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Dyalog’08. Conga, SSL and WebServices Morten Kromberg Dyalog’08 - Elsinore.
GVF CyberSecurity Task Force Rakesh Bharania Chair, GVF Security Task Force Network Consulting Engineer, Cisco Tactical Operations 2015 Update on Activities.
Keeping Updated Ensuring hospital IT systems support ePortfolio.
Testing Exploits and Malware in an isolated environment Luca Allodi – Fabio Massacci – Vadim Kotov
©2012 Check Point Software Technologies Ltd. [PROTECTED] — All rights reserved. Securing Your Data in Endpoint and Mobile Environments Frank Suijten Security.
Twesige Richard.  Advanced RISC Machines.  Set of instruction set architectures related to programing registers, CPU’s also I/O devices.  RISC acronym.
Securing a Host Computer BY STEPHEN GOSNER. Definition of a Host  Host  In networking, a host is any device that has an IP address.  Hosts include.
Lecture 10 Page 1 CS 236 Online SSL and TLS SSL – Secure Socket Layer TLS – Transport Layer Security The common standards for securing network applications.
TUF: Secure Software Updates Justin Cappos NYU Poly Computer Science and Engineering.
CS201 Tech-Talk Two: Cryptography Michael Hsu CSULA.
The Hacking Suite For Governmental Interception. Today’s topic: RCS installation vectors.
Network and Server Basics. Learning Objectives After viewing this presentation, you will be able to: Understand the benefits of a client/server network.
1 Internet data security (HTTPS and SSL) Ruiwu Chen.
SmallMail, protect your from nosey Big Brothers Peter Roozemaal
Gaining Educational Users for GENI
ClickOnce Deployment (One-click Deployment)
INTRODUCTION CHARLES MUIRURI
UNM Encryption Services in Development
Chapter 40 Internet Security.
Mark Ryan Professor of Computer Security 25 November 2009
Web Applications Security Cryptography 1
Security of Digital Signatures
Penetration Testing: Concepts,Attacks and Defence Stratagies
Manuel Brugnoli, Elisa Heymann UAB
What are they? The Package Repository Client is a set of Tcl scripts that are capable of locating, downloading, and installing packages for both Tcl and.
Done By: Ashlee Lizarraga Ricky Usher Jacinto Roches Eli Gomez
Hardware security: The use of a Trusted Platform Module
Software Security Testing
Outline What does the OS protect? Authentication for operating systems
Putting It All Together
Putting It All Together
Module 8: Securing Network Traffic by Using IPSec and Certificates
GDP and SOTA Arthur Taylor May 10th, 2017 | Status and Next Steps
Introduction to Computers
Outline What does the OS protect? Authentication for operating systems
Using SSL – Secure Socket Layer
Introducing Umbraco Latch
Ways to Secure CMS Websites. The most widely used Content Management Systems are Wordpress, Joomla and Drupal as per statistics. The highest CMS platforms.
VCE Dumps
Security, Cryptography, and Magic
Nessus Vulnerability Scanning
Figure 6-4: Installation and Patching
Module 01 ETICS Overview ETICS Online Tutorials
The main cause for that are the famous phishing attacks, in which the attacker directs users to a fake web page identical to another one and steals the.
Module 8: Securing Network Traffic by Using IPSec and Certificates
Sai Krishna Deepak Maram, CS 6410
Network Security 4/21/2019 Raj Rajarajan.
ClickOnce Deployment (One-click Deployment)
The new EDAMIS and its security
The Hacking Suite For Governmental Interception
CS101 Security.
Presentation transcript:

TUF: Secure Software Updates Justin Cappos NYU Poly Computer Science and Engineering

Introduction You need to update software Software update systems are widely insecure [Bellissimo HotSec 06, Cappos CCS 08, Samuel login 09, Samuel CCS 10] You don’t want to think about security

Is there a practical risk? Trivial to become an official mirror [Cappos 08] Often can even target specific nodes [Samuel login 09] Example attack that is fixed in modern package managers due to our work Find existing exploit code for an old version of a package that isn't installed Change the package metadata so the old version of the package is installed with any update After the computer does an update, remotely exploit it A knowledgeable attacker can root any system on PlanetLab today!

But security is simple, right? Just use HTTPS Common errors in how certificates are handled Online data becomes single point of weakness Four CAs hacked since June!!!... and add signatures to the software updates Attackers can perform a replay attack... and add version numbers to the software updates Attackers can launch freeze attacks

But security is simple, right? (cont.) and add a quorum of keys signature system for the root of trust, add signing by different compartmentalized key types, use online keys only to provide freeze attack protection and bound their trust window, etc. [Thandy software updater for Tor] We still found 8 design or implementation flaws The median Windows machine has ~24 updaters [Secunia]

Why is it hard to secure software update systems? Cannot have everyone build their own Complicated to implement correctly There are lots of them in mature systems The median Windows machine has ~24 updaters [Secunia] There are lots of existing legacy software update systems Easy for an attacker to interpose on traffic GENI -> MITM Hard to protect from within the network Outgoing encrypted connection Cannot simply mandate one updater Updaters need to do application specific actions

Our approach for new systems

How do I integrate with TUF? If you don't have a software updater, we'll provide it You set up a 'repository' (or borrow ours) Generate keys Run a script to push a new release Your clients will automatically update (Well integrated into Python code, but works anywhere)

How do I integrate an existing updater with TUF? If you implemented a software updater Import TUF and use it to communicate / verify signatures Almost a drop in replacement for HTTPS or HTTP libs You set up a 'repository' (or borrow ours) Generate keys Run a script to push a new release Your clients will automatically update (Well integrated into Python code, but works anywhere)

Our approach for legacy systems Intercept traffic

Project roadmap Build an artifact early, add security mechanisms gradually Portability of the client library is key Many pairs of eyes uncover bugs more easily Work with projects inside of GENI Raven, PrimoGENI, PlanetLab, etc. Work with outside projects nmap, Firefox, etc. Focus on supporting the developer / repository interface(s) used by GENI devels

TUF Conclusion Software update systems are extremely vulnerable Building a secure software update system is very hard We have the solution! We will: Securing legacy systems by exploiting their insecurity Working with different communities to ensure quality

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.