Computer Science Open Research Questions Adversary models –Define/Formalize adversary models Need to incorporate characteristics of new technologies and.

Slides:

Advertisements

Similar presentations

Security in Mobile Ad Hoc Networks

Advertisements

Distributed Systems Major Design Issues Presented by: Christopher Hector CS8320 – Advanced Operating Systems Spring 2007 – Section 2.6 Presentation Dr.

A Cooperative Approach to Support Software Deployment Using the Software Dock by R. Hall, D. Heimbigner, A. Wolf Sachin Chouksey Ebru Dincel.

CSE 6590 Department of Computer Science & Engineering York University 1 Introduction to Wireless Ad-hoc Networking 5/4/2015 2:17 PM.

Randomized Failover Intrusion Tolerant Systems (RFITS) Ranga Ramanujan Noel Schmidt Architecture Technology Corporation Odyssey Research Associates DARPA.

Presented by: Thabet Kacem Spring Outline Contributions Introduction Proposed Approach Related Work Reconception of ADLs XTEAM Tool Chain Discussion.

Secure Real Time Embedded Systems Sherif Khattab and Daniel Mossé University of Pittsburgh Computer Science Department.

Automated Analysis and Code Generation for Domain-Specific Models George Edwards Center for Systems and Software Engineering University of Southern California.

02/12/00 E-Business Architecture

An Authentication Service Based on Trust and Clustering in Wireless Ad Hoc Networks: Description and Security Evaluation Edith C.H. Ngai and Michael R.

Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.

©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.

Security Considerations in Adaptive Middleware Security and Mobile Agents Ajanta – Mobile Agent’s research project papers (

An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.

Chapter 13 Embedded Systems

1 Security and Privacy in Sensor Networks: Research Challenges Radha Poovendran University of Washington

UNCLASSIFIED Secure Indirect Routing and An Autonomous Enterprise Intrusion Defense System Applied to Mobile ad hoc Networks J. Leland Langston, Raytheon.

Security in Wireless Sensor Networks Perrig, Stankovic, Wagner Jason Buckingham CSCI 7143: Secure Sensor Networks August 31, 2004.

Establishing Pairwise Keys in Distributed Sensor Networks Donggang Liu, Peng Ning Jason Buckingham CSCI 7143: Secure Sensor Networks October 12, 2004.

1 FM Overview of Adaptation. 2 FM RAPIDware: Component-Based Design of Adaptive and Dependable Middleware Project Investigators: Philip McKinley, Kurt.

Lecture 11 Intrusion Detection (cont)

INTRUSION DETECTION SYSTEMS Tristan Walters Rayce West.

N. GSU Slide 1 Chapter 04 Cloud Computing Systems N. Xiong Georgia State University.

©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 11 Slide 1 Architectural Design.

Software Dependability CIS 376 Bruce R. Maxim UM-Dearborn.

Issues and Ideas in Software Reliability for FCS Joe Loyall BBN Technologies.

SEC835 Database and Web application security Information Security Architecture.

A Vehicular Ad Hoc Networks Intrusion Detection System Based on BUSNet.

1 Autonomic Computing An Introduction Guenter Kickinger.

1 IS 8950 Managing Network Infrastructure and Operations.

INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION.

University of California, San Diego Computer Science and Engineering Concurrent Systems Architecture Group Agile Objects: Component-based Inherent Survivability.

Cluster Reliability Project ISIS Vanderbilt University.

Intrusion Detection Prepared by: Mohammed Hussein Supervised by: Dr. Lo’ai Tawalbeh NYIT- winter 2007.

Other Quality Attributes Other Important Quality attributes Variability: a special form of modifiability. The ability of a system and its supporting artifacts.

An Analysis of Location-Hiding Using Overlay Networks Ju Wang and Andrew A. Chien Department of Computer Science and Engineering, University of California.

2 nd Annual review Florence 15 th November 2013 Railway security demonstrator.

Advanced Computer Networks Topic 2: Characterization of Distributed Systems.

“Trusted Passages”: Meeting Trust Needs of Distributed Applications Mustaque Ahamad, Greg Eisenhauer, Jiantao Kong, Wenke Lee, Bryan Payne and Karsten.

1 Diversifying Sensors to Improve Network Resilience Wenliang (Kevin) Du Electrical Engineering & Computer Science Syracuse University.

Copyright 1999 G.v. Bochmann ELG 7186B ch.1 1 Course Notes ELG 7186C Formal Methods for the Development of Real-Time System Applications Gregor v. Bochmann.

High-integrity Sensor Networks Mani Srivastava UCLA.

Security in Mobile Ad Hoc Networks: Challenges and Solutions (IEEE Wireless Communications 2004) Hao Yang, et al. October 10 th, 2006 Jinkyu Lee.

Axel Jantsch 1 Networks on Chip Axel Jantsch 1 Shashi Kumar 1, Juha-Pekka Soininen 2, Martti Forsell 2, Mikael Millberg 1, Johnny Öberg 1, Kari Tiensurjä.

Slide 1 Security Engineering. Slide 2 Objectives l To introduce issues that must be considered in the specification and design of secure software l To.

What’s Ahead for Embedded Software? (Wed) Gilsoo Kim

SensorWare: Distributed Services for Sensor Networks Rockwell Science Center and UCLA.

Virtualized Execution Realizing Network Infrastructures Enhancing Reliability Application Communities PI Meeting Arlington, VA July 10, 2007.

MITRE 7 April 2009 CS 5214 Presenter: Phu-Gui Feng Performance Analysis of Distributed IDS Protocols for Mobile GCS Dr. Jin-Hee Cho, Dr. Ing-Ray Chen MITRE.

Adversary Models in Wireless Networks: Research Challenges Radha Poovendran Network Security Lab (NSL) University of Washington.

Presentation subtitle: 20pt Arial Regular, green R223 | G255 | B102 Recommended maximum length: 2 lines Confidentiality/date line: 13pt Arial Regular,

Risk-Aware Mitigation for MANET Routing Attacks Submitted by Sk. Khajavali.

Database Laboratory Regular Seminar TaeHoon Kim Article.

CSCE 548 Secure Software Development Risk-Based Security Testing

Rekayasa Perangkat Lunak Part-10

Rekayasa Perangkat Lunak

Some Issues in MANET, Wireless & Cellular Security/Privacy

Outline Introduction Characteristics of intrusion detection systems

Location Cloaking for Location Safety Protection of Ad Hoc Networks

Security Engineering.

Securing Cloud-Native Applications Jason Schmitt CEO

Rekayasa Perangkat Lunak

Panda Adaptive Defense Platform and Services

Languages and Software Engineering

CS385T Software Engineering Dr.Doaa Sami

Automated Analysis and Code Generation for Domain-Specific Models

Software Security.

Co-designed Virtual Machines for Reliable Computer Systems

Luca Simoncini PDCC, Pisa and University of Pisa, Pisa, Italy

Presentation transcript:

Computer Science Open Research Questions Adversary models –Define/Formalize adversary models Need to incorporate characteristics of new technologies and applications Need to consider the threats to the defense mechanisms –Define performance/security metrics –Develop process/methodology for developing adversary models

Computer Science Languages and Software Engineering (1) Embedded constraints affect security –Quantify capabilities, limit scope, target 8-bit & larger –beyond sensor nodes --> deeply embedded systems –Issues: critical, non-recoverable, special netw., no sys admin Design for security (not retrofit)  formalize Need for metrics & models (some differ for embedded) –e.g. higher reliability probability for safety crit. affects security Need for diversity (e.g., via dynamic adaptation) –Self-modifying apps (e.g., via dyn. Transformation of pgm) –Self-protecting/self-checking apps? –Dynamic updates (in 24/7 operation) –Classification in terms of threat models

Computer Science Languages and Software Engineering (2) Need to limit overhead, retain predictability, low cost Incorporate real-time requirements –Hard timing constraints limit security options –may undermine existing network protocols, add overhead… –Interface b/w RT and non-RT components problematic –Embedded clients + server need protection of both Need hardware assistance

Computer Science Software Security Can light-weight, effective, semantics-based, compiler-level reasoning systems to characterize program behavior, mal-ware, etc be built? Can effective hybrid reasoning systems be built by combining static analysis and runtime monitoring systems? Can evaluation contexts be characterized to simplify and reduce efforts in reasoning about software artifacts? How can binaries be reasoned about without too many false alarms? Can binaries be instrumented to discover security threats and to degrade gracefully in the event of a security fault? How to characterize threats, vulnerabilities,…? How to build provably correct core components of OS against specific threat definitions? Code integrity to leverage to achieve system security. Secure and scalable software update on deployed systems. Tool support for code obfuscation.

Computer Science Hardware Security (1) Problems Interactions/problems across all levels Types of attacks: –HW-layer attacks –Upper-layer attacks with HW solutions (to reduce cost) What adversary/threat models for HW? –New ones like those on FPGA What channels possibly under attacks in HW? –bus, power/current, timing, keystrokes, … Types of attacks from another perspective: –Malicious observation/privacy attacks (e.g., digital rights management) –Malicious tempering/integrity attacks

Computer Science Hardware Security (2) Approaches What defending HW features like obfuscation/ randomization, encryption, authentication, …? –solutions at HW layer  HW-layer attacks –solutions at HW layer  upper-layer attacks Software solutions vs. hardware solutions What types of protection at the upper layer (e.g., soft guards) may (not) be sufficient against certain types of HW-layer attacks? –solutions at upper layers  HW-level attacks Classification of solutions in terms of threat models How to develop holistic/hybrid solutions across layers? How effective are solutions in addressing/alleviating the problems (e.g., metrics)? How to address cost constraints (e.g., in time, space, power, …)?

Computer Science Security of Embedded Networks (1) How to provide efficient, secure and reliable distributed services in embedded networks? –Challenges: faults, dynamic population, mobility, resource constraints, node compromises, real-time requirement How to detect and recover from attacks? –Self-healing Strong security v.s. probabilistic and adaptive security How to provide secure and reliable architecture and interaction between embedded networks? –System of systems (or hybrid embedded networks?) –Decentralized v.s. centralized views How to achieve survivability and intrusion resilience? How to protect collected data? –Resource constraints

Computer Science Security of Embedded Networks (2) How to provide secure initialization? –Quickly and securely “pair” groups of sensors (scalability, usability) How to make tradeoff between performance, security, and fault tolerance? –E.g., degrade/relax security services? –Metrics? New vulnerabilities? Degrees of security? How to reason about design principles? How to accommodate different vulnerability stages and emerging properties, and prevent unwanted side effects when systems evolve? Whither RFID/Sensor hybrid? How to protect network topology (even from the insiders)? How to keep node behavior (movements) private? What are the best way to provide diversity in embedded networks? –Analysis techniques, metrics, management issues, … How to detect attacks/anomalies in embedded networks? –Sensor networks, MANET, mesh networks, … Database of threat models?