A secure mobile phone-based interactive logon in Windows

Bodriagov, Oleksandr

January 2010

Password-based logon schemes have many security weaknesses. Smart card and biometric based authentication solutions are available as a replacement for standard password-based schemes for security sensitive environments. However, the cost of deployment and maintenance of these systems is quite high. On the other hand, mobile network operators have a huge base of deployed smart cards that can be reused to provide authentication in other areas significantly reducing costs. This master’s thesis presents a study of how the workstation identity management can be made more secure and user-friendly by using a mobile phone in the Windows workstation logon process. Two workstation logon schemes that utilize both the mobile phone and the UICC inside of the phone are proposed as a result of this study. The first scheme emulates a smart card reader and a smart card in order to interoperate with the Windows smart card framework to provide PKI-based logon. The mobile phone with the UICC card emulates a smart card that communicates with the emulated smart card reader via protected Bluetooth channel. The proposed scheme reuses the Windows smart card infrastructure as much as possible, both in terms of software and hardware. Therefore, a seamless integration with Active Directory and Window server is achieved. This scheme can work with any authentication scheme used with real smart cards. It can be used not only for the logon but also for all other functions typically done with smart cards (e.g. signing of documents, e-mails). In the second scheme, the mobile phone with the UICC serves as a token for generating OTP values based on a shared secret key and the time parameter. In order to design Windows logon architectures based on mobile phones, a study of relevant technologies, components, and their security aspects has been conducted.Existing phone-based authentication schemes have been thoroughly studied both from the usability and from the security points of view. This has been done to understand possible alternatives for different aspects of the architectures that were designed. The thesis analyzed how new authentication schemes in general and those that work with mobile phones in particular could be integrated into the Windows logon system. A conclusion is made that it is impossible to make a generic architecture that would easily support all existing and possible future mobile phone authentication schemes for the Windows logon. Windows is already a highly customizable environment and can support virtually any authentication scheme for the logon, though a considerable amount of modifications may be required to implement a particular scheme.

ntnudaim

Information security

Security in SOA-Based Healthcare Systems

Sassoon, Richard

January 2009

Healthcare organizations need to handle many kinds of information and integrate different support systems, which may be accessed from external corporations. Service Oriented Architecture (SOA) provides the means to achieve a common platform to deploy services that can be used across the organization and its boundaries, but introduces new security concerns that need to be evaluated in order to implement a secure system, while still suffering from standard threats. Web Services are the common way to implement SOA applications, having several standards related to security (such as XML Encryption, XML Signature and WS-Security). Still, other security mechanisms such as input validation and SSL/TLS need to be thought of as well. A penetration test based on recognized methodologies and guidelines, such as the NIST Technical Guide to Information Security Testing and Assessment, OWASP Testing Guide and SIFT Web Services Security Testing Framework, was performed on a case study system. A proof of concept application making use of a set of middleware (web) services, the MPOWER platform, was audited in order to expose vulnerabilities. After conducting the penetration test on the system, 10 out of 15 scenarios presented security issues. The vulnerabilities found were described, demonstrating several risks from misusing, or not implementing at all, security mechanisms. As a consequence, countermeasures and recommendations were proposed in an attempt to improve the overall security of SOA-based (healthcare) systems. The results of the assessment show us how important is to validate the security of a system before putting it into production environment. We also come to the conclusion that security testing should be an inherent part of a secure software development life cycle. Moreover, not only healthcare systems may benefit from this study, and also not only SOA-based ones.

ntnudaim

Information security

An Investigation of Spam Filter Optimaltiy : based on Signal Detection Theory

Singh, Kuldeep

January 2009

Unsolicited bulk email, commonly known as spam, represents a significant problem on the Internet. The seriousness of the situation is reflected by the fact that approximately 97% of the total e-mail traffic currently (2009) is spam. To fight this problem, various anti-spam methods have been proposed and are implemented to filter out spam before it gets delivered to recipients, but none of these methods are entirely satisfactory. This thesis analyzes the properties of spam filters from the viewpoint of Signal Detection Theory (SDT). The Bayesian approach of Signal Detection Theory provides a basis for determining the tuning of spam filters from the particular user's point of view and helps in determining the utility which the spam filter provides to the user.

ntnudaim

Information security

Secure Context-Aware Mobile SIP User Agent

Merha, Bemnet Tesfaye

January 2009

Context awareness is an important aspect of pervasive and ubiquitous computing. By utilizing contextual information gathered from the environment, applications can adapt to the user’s specific situation. In this thesis, user context is used to automatically discover multimedia devices and services that can be used by a mobile Session Initiation Protocol (SIP) user agent. The location of the user is captured using various sensing technologies to allow users of our SIP user agent to interact with network attached projectors, speakers, and cameras in a home and office environment. In order to determine the location of the user, we have developed and evaluated a context aggregation framework that gathers and analyzes contextual information from various sources such as passive infrared sensors, infrared beacons, light intensity, and temperature sensors. Once the location of the user is determined, the Service Location Protocol (SLP) is used to search for services. For this purpose, we have implemented a mobile SLP user agent and integrated it with an existing SIP user agent. The resulting mobile SIP user agent is able to dynamically utilize multimedia devices around it without requiring the user to do any manual configuration. This thesis also addressed the challenge of building trust relationship between the user agent and the multimedia services. We propose a mechanism which enables the user agent authenticate service advertisements before starting to redirect media streams. The measurements we have performed indicate that the proposed context aggregation framework provides more accurate location determination when additional sensors are incorporated. Furthermore, the performance measurements indicate that the delay incurred by introducing context awareness to the SIP user agent is acceptable for a small deployment such as home and office environment. In order to realize large scale deployments, future investigations are recommended to further improve the performance of the framework. Keywords: SIP, context-awareness, service discovery, trust establishment

ntnudaim

Information security

Multiple Escrow Agents in VoIP

Azfar, Abdullah

January 2010

Using a Key escrow agent in conjunction with Voice over IP (VoIP) communication ensures that law enforcements agencies (LEAs) can retrieve the session key used to encrypt data between two users in a VoIP session. However, the use of a single escrow agent has some drawbacks. A fraudulent request by an evil employee from the LEA can lead to improper disclosure of a session key. After the escrow agent reveals the key this evil person could fabricate data according to his/her needs and encrypt it again (using the correct session key). In this situation the persons involved in the communication session can be accused of crimes that he or she or they never committed. The problems with a single escrow agent becomes even more critical as a failure of the escrow agent can delay or even make it impossible to reveal the session key, thus the escrow agent might not be able to comply with a lawful court order or comply with their escrow agreement in the case of data being released according to this agreement (for example for disaster recovery).This thesis project focused on improving the accessibility and reliability of escrow agents, while providing good security. One such method is based on dividing the session key into m chunks and escrowing the chunks with m escrow agents. Using threshold cryptography the key can be regenerated by gathering any n-out-of-m chunks. The value of m and n may differ according to the role of the user. For a highly sophisticated session, the user might define a higher value for m and n for improved, availability, reliability, and security. For a less confidential or less important session (call), the value of m and n might be smaller. The thesis examines the increased availability and increased reliability made possible by using multiple escrow agents.

ntnudaim

Information security

State-of-the-art Study and Design of a Small Footprint Version of the COOS Plugin Framework

Khan, Kashif Nizam

January 2010

GSM and UMTS technologies have already gained a huge market penetrationresulting in millions of customers. Machine-to-Machine (M2M) Communicationis promising to be the next big technology that is going to hit themass market with numerous essential services. Telemetry systems, whichwere thought once as the domain of big industrial companies, are now beingavailable to larger and wider customers because of the advances in M2Mcommunication. Thanks to mobile technologies, millions of small handhelddevices are now available in the mass market which can be used to communicatereal time information to the customers. Telenor Objects (a smallbusiness unit of Telenor Group) has defined a new Connected Object Operatingsystem (COOS) which aims to provide a common platform for thedevices to communicate real time data and to provide value added servicesto the customers. COOS is a modular and flexible platform, and includes aplugin framework offered to device and service developers for easy connectingservices and devices to the platform. The current version of COOS pluginframework is based on Java Standard Edition and OSGI, with some supportfor development on J2ME. This thesis research work aims to provide a briefoverview of the Connected Object concept and the COOS platform architecture.The main goal of this thesis is to design a small footprint version ofthe COOS plugin framework for Windows-based handheld devices. It willalso provide a state-of- the art study on mobile device programming focusingon Windows-based services. This thesis research can serve as a startingdocument to provide a full functioning plugin framework for Windows-baseddevices and services.

ntnudaim

Information security

Model Driven Development of Web Application with SPACE Method and Tool-suit

Rehana, Jinat

January 2010

Enterprise level software development using traditional software engineeringapproaches with third-generation programming languages is becoming morechallenging and cumbersome task with the increased complexity of products,shortened development cycles and heightened expectations of quality. MDD(Model Driven Development) has been counting as an exciting and magicaldevelopment approach in the software industry from several years. The ideabehind MDD is the separation of business logic of a system from its implementationdetails expressing problem domain using models. This separation andmodeling of problem domain simplify the process of system design as well asincrease the longevity of products as new technologies can be adopted easily.With appropriate tool support, MDD shortens the software development lifecycle drastically by automating a significant portion of development steps.MDA (Model Driven Architecture) is a framework launched by OMG (ObjectManagement Group) to support MDD. SPACE is an engineering methodfor rapid creation of services, developed at NTNU (Norwegian University ofScience and Technology) which follows MDA framework. Arctis and Ramsesare tool suits, also developed at NTNU to support SPACE method. Severalsolutions have been developed on Arctis tool suit covering several domainslike mobile services, embedded systems, home automation, trust managementand web services.This thesis presents a case study on the web application domain with Arctis,where the underlying technologies are AJAX (asynchronous JavaScriptand XML), GWT (Google Web Toolkit) framework and Java Servlet. Inorder to do that, this thesis contributes building up some reusable buildingblocks with Arctis tool suit. This thesis also describes a use case scenario touse those building blocks. This thesis work tries to implement the specifiedsystem and evaluates the resulting work.

ntnudaim

Information security

Malware Detection Through Call Graphs

Kinable, Joris

January 2010

Each day, anti-virus companies receive large quantities of potentially harmful executables. Many of the malicious samples among these executables are variations of earlier encountered malware, created by their authors to evade pattern-based detection. Consequently, robust detection approaches are required, capable of recognizing similar samples automatically.In this thesis, malware detection through call graphs is studied. In a call graph, the functions of a binary executable are represented as vertices, and the calls between those functions as edges. By representing malware samples as call graphs, it is possible to derive and detect structural similarities between multiple samples. The latter can be used to implement generic malware detection schemes, which can proactively detect existing versions of the malware, as well as future releases with similar characteristics.To compare call graphs mutually, we compute pairwise graph similarity scores via graphmatchings which minimize an objective function known as the Graph Edit Distance. Finding exact graph matchings is intractable for large call graph instances. Hence we investigate several efficient approximation algorithms. Next, to facilitate the discovery of similar malware samples, we employ several clustering algorithms, including variations on k-medoids clustering and DBSCAN clustering algorithms. Clustering experiments are conducted on a collection of real malware samples, and the results are evaluated against manual classifications provided by virus analysts from F-Secure Corporation. Experiments show that it is indeed possible to accurately detect malware families using the DBSCAN clustering algorithm. Based on our results, we anticipate that in the future it is possible to use call graphs to analyse the emergence of new malware families, and ultimately to automate implementinggeneric protection schemes for malware families.

ntnudaim

Information security

Security Analysis of Future Internet Architectures

Ballester Lafuente, Carlos

January 2010

During the last decades, Internet has evolved from host-centric toinformation-centric in the sense that it is information and data what matters,regardless of where it is located. Meanwhile, Internet's architecturestill remains the same as it was in its origins and still focuses on host-tohostcommunication, putting too much emphasis on the "where" ratherthan putting it on the "what".Original Internet's architecture also introduces several security aws suchas DoS and DDoS, spoong and spam, and other non-security relatedproblems such as availability or location dependence related issues. Inorder to address these issues, several new architectures and protocols havebeen proposed. Some of them aim at redesigning totally the architecture ofInternet from scratch, while others aim at improving it without redesigningit totally.The aim of this Master Thesis is to analyze these new protocols and architecturesfrom a security point of view in order to determine whether thesecurity claims made are true or not. The security analysis is made basedon RFCs, technical papers and project deliverables. The results obtainedhave uncovered some security issues in several of the new protocols andarchitectures and have provided some insight into further improving them.

ntnudaim

Information security

Energy Efficiency of Streaming over Mobile Ad-hoc Networks

Pattabiraman, Prashanth

January 2010

Hand held mobile devices are widely used today primarily due to their rich functionality and the ease of portability. However, the battery life of these devices is very limited and deploying resource hungry applications such as streaming on these mobile devices is a challenging task. It is extremely important to maximize the efficient use of the contained resources on these devices especially when they participate in a mobile ad hoc network. The optimization can occur in any layer of the OSI stack, however, this thesis work focuses only on the routing protocols used in the network layer. In this thesis work we have been able to evaluate the Energy Efficiency of the four most widely used MANET routing protocols (AODV, OLSR, DSDV and DSR) in terms of their energy consumption and performance. The initial phase of the work was carried out using the Network Simulator 2(NS2) tool and later the observations were done on a real world MANET testbed. The influence of several external factors on the performance and energy consumption are also taken into consideration while performing the simulations and experiments. The results obtained from our observations provide both qualitative and quantitative analysis of the routing protocols. Furthermore, it also highlights how the behaviour of the protocols are sometimes highly unpredictable, yielding results that we may not expect.

ntnudaim

Information security