Graduate

Security Research

Wireless Router Malware Propagation & Epidemics

Researchers:
Steven Myers, Hao Hu, Vittoria Colizza, and Alessandro Vespignani

Description:
In densely populated urban areas WiFi routers form a tightly interconnected proximity network that can be exploited as a substrate for the spreading of malware able to launch massive fraudulent attack and affect entire urban areas WiFi networks. In this project we consider several scenarios for the deployment of malware that spreads solely over the wireless channel of major urban areas in the US. We developed an epidemiological model that takes into consideration prevalent security flaws on these routers. The spread of such a contagion is simulated on real-world data for geo-referenced wireless routers. We uncovered a major weakness of WiFi networks in that most of the simulated scenarios show tens of thousands of routers infected in as little time as two weeks, with the majority of the infections occurring in the first 24 to 48 hours. We indicate possible containment and prevention measure to limit the eventual harm of such an attack.

Trawler Phishing

Researchers:
Steven Myers and Sid Stamm

Description:
We introduce a new phishing attack that is resistant to most, if not all, current anti-phishing technologies. The attack works by skimming usernames, passwords and other form-data from websites that use insecure channels or, the commonly deployed, SSL secure-posts. The attack works by using an injection attack via malware placed on a home router. Given currently deployed home security technologies, this attack is undetectable and is likely to be highly profitable for phishers. We constructed a simple and effective implementation of the attack on standard home routers, thus demonstrating its realizability and potential. We then explain efficient countermeasures to discourage or prevent the attack and other script injection attacks. The countermeasures are based on obfuscation and cryptographic hashing, and take advantage of the fact that web scripts are delivered and interpreted on demand. These countermeasures have the benefit of being deployed server-side, moving computational effort to the client, and permitting site caching. Further, the counter-measures do not require the modification of browsers or Internet standards, making them practical for immediate deployment.

The Insider Threat

Researchers:
Xiaofeng Wang and L. Jean Camp

Description:
How can you distinguish between legitimate insiders and malicious actors on your network? What is the primary source of the networked insider threat: a malicious outsider who is masquerading as an insider; a malicious insider; or an insider who has inadvertently empowered a malicious outsider?

Economics of Security

Researchers:
L. Jean Camp

Description:
When should a firm invest in a security technology? The answer to this question depends upon the economic as well as the technical characteristics of the security technology. Research at IU builds on previous work on vulnerabilities and network economics to examine a range of technologies with fundamentally different economic characteristics: patching of vulnerabilities, IPv6 adoption, and proof work.

Net Trust

Researchers:
L. Jean Camp

Description:
Net Trust is a highly distributed, user-centered, usable trust management architecture resistant to spoofing, sybil attacks, and web scripting. Net Trust fills the gap created by the widespread failure to adopt effective server-to-client authentication mechanisms. Instead of evaluating risk based on unverifiable server-supplied claims (e.g., trust seals or company logos), Net Trust rests upon data sources outside of the target server’s control: behavior of user-selected peer networks and trusted third-parties. Net Trust explicitly leverages the end user as sources of unreliable information, and combines flows of unreliable information to produce reliable information. Net Trust becomes more reliable as the size of the network increases. Net Trust identifies threats using locally-stored individual history, social network history, and third party advisors. Net Trust then responds to threat detection with notification, sometimes prevention through a blocked connection, and potentially remediation or remediation instruction as the indicated threat level increases.

Privacy in Home-Based Ubicomp

Researchers:
L. Jean Camp, Kay Connelly, and Lesa Huber

Description:
Ubiquitous computing, or ubicomp, integrates technology into our everyday environments. Ubicomp fundamentally alters privacy by creating continuous detailed data flows. The privacy challenge is particularly acute in the case of home-based health care where vulnerable populations risk enforced technological intimacy. The promise of ubicomp is also particularly great in the area of home-based health case with the aging of the population. The combination of a vulnerable population, embedded computing, and inadequate privacy regimes may lead to a digital perfect storm. The ubicomp transformation has the ability to lead us to an Orwellian society where people will no longer be aware when they are interacting with the network and creating data records. The potential negative implications of this are clear, and frightening. However, ubicomp has immense potential to improve lives, including the lives of vulnerable individuals who can leverage the abilities of ubicomp to reach or maintain personal independence and autonomy. The difference is how well security and privacy are embedded in design.

Context and Location Aware Access Control

Researchers:
Raquel Hill and Jalal Al-Muhtadi (King Saud University)

Description:
Pervasive computing promises to revolutionize computing, empower mobile users, and enhance mobility, customizability and adaptability of computing environments. Intrinsic to the notion of such environments is the capturing of location and context information. Context awareness and validation enables significant functionality to pervasive computing applications, users, resources and the ways they interact. Much of this functionality depends on validating context information and using it for granting access to data or resources. In this project we propose an encryption and access control framework that uses both context and identity to determine whether an entity or a group of entities may access protected services, data, devices, and other resources. We assume that the resources are context-sensitive, thus requiring the requesting entity to be under a specific context before it is able to access the resource or decrypt the information. Our approach is unique in the way that we decouple context from identity, which adds extra security, facilitates value-added services, and enables efficient key management for group communication.

Access Control for Electronic Voting

Researchers:
Raquel Hill and Juan Gilbert (Auburn University)

Description:
As with most aspects of our society, the voting process has moved from analog to digital. What began in 1850 with an electrochemical vote recorder for legislative roll calls has evolved into systems like PRIME III, a multi-modal voting machine that enables individuals with disabilities to independently cast their votes. In addition to the inherent vulnerabilities in the voting process, the use of computing technology has introduced new ways by which the voting process can be compromised. With the possibility of electronic voting systems becoming more common place, much attention has focused on the evaluation of the security of such systems. These evaluations have shown that the access control and other computer security mechanisms that protect against unauthorized use of electronic voting systems are easily circumvented.

In this project we will use the PRIME III electronic voting platform. First, we hope to understand the access control requirements for electronic voting systems. We plan to map the actions and responsibilities of poll workers and election officials to specific access privileges in the electronic voting system. We also plan to leverage the access control and cryptographic functionality of the IBM 4764 cryptographic co-processor to provide confidentiality and ensure protected access to election ballots and vote count totals.

Characterizing Trusted State

Researchers:
Raquel Hill

Description:
Given the proliferation of malware and software bugs, that often leave our computing systems in a compromised state, we are often making a leap of faith that the computing application or system will perform as expected. Traditional assessment mechanisms like recommendation, reputation, and referral are used to determine whether to trust an entity. These mechanisms may be effective when used in social interactions between humans or maybe even technology assisted interactions with a centralized system. These mechanisms, often manually executed, are far less effective when used to assess the trust of a distributed entity. To be effective, your assessment mechanism must determine whether you are communicating with the appropriate entity, whether that entity’s software will behave as expected, and whether the underlying communication infrastructure is functioning properly. The problem of assessing trust is further complicated by the proliferation of malware, faulty software, and various other security attacks (i.e. spoofing, phishing/imposter systems, etc).

In this project, we will characterize trusted criteria for distributed computing elements. In addition, we will explore the use of trusted computing hardware, such as the Trusted Platform Module (TPM), for measuring and attesting this trusted state.