Cryptanalysis of a summation generator with 2 bits of memory.

Shepherd, Simon J., Mex-Pereira, Jorge C.

January 2002

No / The conventional summation generator (SG) has been broken in the past using a number of different methods. Recently, a modified SG was proposed by Lee and Moon to increase the resistance of such generators against these attacks. However, this paper shows that even the modified generator is still vulnerable to correlation attacks.

Cryptanalysis

Correlation attack

Keystream generator

Exploring Extensions Of Traditional Honeypot Systems And Testing The Impact On Attack Profiling

McGrew, Robert Wesley

10 December 2005

This thesis explores possibilities for extending the features of honeypot systems to decrease the chance of an attacker discovering that they have compromised a honeypot. It is proposed that by extending the period of time that an attacker spends on a honeypot oblivious to its status, more information relevant to profiling the attacker can be gained. Honeypots are computer systems that are deployed in a way that attackers can easily compromise them. These systems, which contain no production data, are useful both as early warning systems for attacks on production systems, and for studying the tools, techniques, and motives of attackers. Current honeypot systems mitigate the risks of running a honeypot by restricting out-bound traffic in a way that might be obvious to an attacker. The extensions proposed for honeypots will be tested in a controlled laboratory environment.

Redirection

Profiling

Attack

Honeypots

Security

Thwarting Electromagnetic Fault Injection Attack Utilizing Timing Attack Countermeasure

Ghodrati, Marjan

23 January 2018

The extent of embedded systems' role in modern life has continuously increased over the years. Moreover, embedded systems are assuming highly critical functions with security requirements more than ever before. Electromagnetic fault injection (EMFI) is an efficient class of physical attacks that can compromise the immunity of secure cryptographic algorithms. Despite successful EMFI attacks, the effects of electromagnetic injection on a processor are not well understood. This includes lack of solid knowledge about how EMFI affects the circuit and deviates it from proper functionality. Also, effects of EM glitches on the global networks of a chip such as power, clock and reset network are not known. We believe to properly model EMFI and develop effective countermeasures, a deeper understanding of the EM effect on a chip is needed. In this thesis, we present a bottom-up analysis of EMFI effects on a RISC microprocessor. We study these effects at three levels: at the wire-level, at the chip-network level, and at the gate-level considering parameters such as EM-injection location and timing. We conclude that EMFI induces local timing errors implying current timing attack detection and prevention techniques can be adapted to overcome EMFI. To further validate our hypothesis, we integrate a configurable timing sensor into our microprocessor to evaluate its effectiveness against EMFI. / Master of Science

Electromagnetic Fault Injection

Countermeasure

Attack

Fault Injection Attacks on RSA and CSIDH

Chiu, TingHung

16 May 2024

Fault injection attacks are a powerful technique that intentionally induces faults during computations to leak secret information. This thesis studies the fault injection attack techniques. The thesis first categorizes various fault attack methods by fault model and fault analysis and gives examples of the various fault attacks on symmetric key cryptosystems and public key cryptosystems. The thesis then demonstrates fault injection attacks on RSA-CRT and constant time CSIDH. The fault attack consists of two main components: fault modeling, which examines methods for injecting faults in a target device, and fault analysis, which analyzes the resulting faulty outputs to deduce secrets in each cryptosystem. The thesis aims to provide a comprehensive survey on fault attack research, directions for further study on securing real-world cryptosystems against fault injection attacks, testing fault injection attacks with RSA-CRT, and demonstrate and evaluate fault injection attacks on constant time CSIDH. / Master of Science / Fault injection attacks are attacks where the attackers intentionally induce the fault in the device during the operation to obtain or recover secret information. The induced fault will impact the operation and cause the faulty output, providing the information to attackers. Many cryptographic algorithms and devices have been proven vulnerable to fault injection attacks. Cryptography is essential nowadays, as it is used to secure and protect confidential data. If the cryptosystem is broken, many system today will be compromised. Thus, this thesis focus on the fault injection attacks on the cryptosystems. This thesis introduces the background of fault injection attacks, categorizes them into different types, and provides examples of the attacks on cryptosystems. The thesis studies how the attacks work, including how the attack induces the fault in the device and how the attack analyzes the fault output they obtained. Specifically, I examine how these attacks affect two commonly used encryption methods: symmetric key cryptography and public key cryptography. Additionally, I implement the fault injection attack on RSA-CRT and emph{Commutative Supersingular Isogeny Diffie-Hellman}~(CSIDH). This research aims to understand the potential attack method on different cryptosystems and can explore mitigation or protection in the future.

Fault Injection Attack

RSA

CSIDH

Durability of nano-modified fly ash concrete to external sulfate attack under different environmental conditions

Rahman, Md. Mahbubur

January 2014

There are still research gaps regarding the effects of key parameters such as water-to-cementitious materials ratio (w/cm), type of binder and pore structure characteristics on the response of concrete to special forms of sulfate attack: physical salt attack (PSA) and thaumasite sulfate attack (TSA). Hence, this study aims at developing an innovative type of concrete: nano-modified fly ash concrete, incorporating various dosages of nano-silica (NS) or nano-alumina (NA) and fly ash, and explores its efficiency in resisting various forms of sulfate attack.

Durability

Nanoparticles

Fly ash

Physical salt attack

Conventional sulfate attack

Thaumasite sulfate attack

The Performance Cost of Security

Bowen, Lucy R

01 June 2019

Historically, performance has been the most important feature when optimizing computer hardware. Modern processors are so highly optimized that every cycle of computation time matters. However, this practice of optimizing for performance at all costs has been called into question by new microarchitectural attacks, e.g. Meltdown and Spectre. Microarchitectural attacks exploit the effects of microarchitectural components or optimizations in order to leak data to an attacker. These attacks have caused processor manufacturers to introduce performance impacting mitigations in both software and silicon. To investigate the performance impact of the various mitigations, a test suite of forty-seven different tests was created. This suite was run on a series of virtual machines that tested both Ubuntu 16 and Ubuntu 18. These tests investigated the performance change across version updates and the performance impact of CPU core number vs. default microarchitectural mitigations. The testing proved that the performance impact of the microarchitectural mitigations is non-trivial, as the percent difference in performance can be as high as 200%.

Security

Microarchitecture Attack

Cache Attack

Timing Attack

Meltdown

Spectre

Information Security

Risk Analysis

Systems Architecture

A security architecture for protecting dynamic components of mobile agents

Yao, Ming

January 2004

New techniques,languages and paradigms have facilitated the creation of distributed applications in several areas. Perhaps the most promising paradigm is the one that incorporates the mobile agent concept. A mobile agent in a large scale network can be viewed as a software program that travels through a heterogeneous network, crossing various security domains and executing autonomously in its destination. Mobile agent technology extends the traditional network communication model by including mobile processes, which can autonomously migrate to new remote servers. This basic idea results in numerous benefits including flexible, dynamic customisation of the behavior of clients and servers and robust interaction over unreliable networks. In spite of its advantages, widespread adoption of the mobile agent paradigm is being delayed due to various security concerns. Currently available mechanisms for reducing the security risks of this technology do not e±ciently cover all the existing threats. Due to the characteristics of the mobile agent paradigm and the threats to which it is exposed, security mechanisms must be designed to protect both agent hosting servers and agents. Protection to agent-hosting servers' security is a reasonably well researched issue, and many viable mechanisms have been developed to address it. Protecting agents is technically more challenging and solutions to do so are far less developed. The primary added complication is that, as an agent traverses multiple servers that are trusted to different degrees, the agent's owner has no control over the behaviors of the agent-hosting servers. Consequently the hosting servers can subvert the computation of the passing agent. Since it is infeasible to enforce the remote servers to enact the security policy that may prevent the server from corrupting agent's data, cryptographic mechanisms defined by the agent's owner may be one of the feasible solutions to protect agent's data.Hence the focus of this thesis is the development and deployment of cryptographic mechanisms for securing mobile agents in an open environment. Firstly, requirements for securing mobile agents' data are presented. For a sound mobile agent application, the data in an agent that is collected from each visiting server must be provided integrity. In some applications where servers intend to keep anonymous and will reveal their identities only under certain cir- cumstances, privacy is also necessitated. Aimed at these properties, four new schemes are designed to achieve different security levels: two schemes direct at preserving integrity for the agent's data, the other two focus on attaining data privacy. There are four new security techniques designed to support these new schemes. The first one is joint keys to discourage two servers from colluding to forge a victim server's signature. The second one is recoverable key commitment to enable detection of any illegal operation of hosting servers on an agent's data. The third one is conditionally anonymous digital signature schemes, utilising anonymous public-key certificates, to allow any server to digitally sign a document without leaking its identity. The fourth one is servers' pseudonyms that are analogues of identities, to enable servers to be recognised as legitimate servers while their identities remain unknown to anyone. Pseudonyms can be deanonymised with the assistance of authorities. Apart from these new techniques, other mechanisms such as hash chaining relationship and mandatory verification process are adopted in the new schemes. To enable the inter-operability of these mechanisms, a security architecture is therefore developed to integrate compatible techniques to provide a generic solution for securing an agent's data. The architecture can be used independently of the particular mobile agent application under consideration. It can be used for guiding and supporting developers in the analysis of security issues during the design and implementation of services and applications based on mobile agents technology.

Mobile agents

offer integrity

offer privacy

forward integrity

security architecture

modification attack

insertion attack

colluding servers attack

truncation attack

stemming attack

interleaving attack

hash chaining relationship

recoverable key commitment

joint keys.

StrideLang : Creation of a Domain-Specific Threat Modeling Language using STRIDE, DREAD and MAL / StrideLang : Skapandet av ett Domän-Specifikt Hotmodellerings-Språk med STRIDE, DREAD och MAL

Cerovic, Lazar

January 2022

Cybersecurity is still one of the main challenges of the digital era for organizations and individuals alike. Threat modeling is an important tool for building systems that are reliable and secure. The research question for this study is to create a domain specific language (DSL) with the Meta Attack Language (MAL), STRIDE and DREAD. One of the main challenges is to choose a DSL that is suitable for threat modeling. The purpose of the study is to provide people with threat modeling with additional tools that can be used in attack simulations. MAL is a meta language used for creating DSL that can be used for attack simulations. An example of a MAL project that usually serves as a template for other DSL is coreLang, which models the general IT infrastructure. STRIDE is a model used in threat modeling to enumerate and categorization of cyberthreats. DREAD is a model used for risk assessment that scores each threat by a value between one and ten. The proposed method for answering the research question is the Design Research Science Method (DRSM), which is often used for creating artifacts. Evaluation of the results is done with tests written in Java using the Junit framework. The result of the study is the creation of strideLang that maps attack steps in coreLang (MAL implementation of the general IT infrastructure DSL) to STRIDE and DREAD models. The primary source of error in the investigation is the risk assessment with DREAD, which can be somewhat inaccurate depending on what specific DSL is used. It would have been valuable if the study incorporated feedback from domain experts specifically with risk assessment. The nature of the STRIDE and DREAD models is that the models are very subjective in practice. However, this study does provide insights in how a DSL can be created based on DREAD and STRIDE. Future work might investigate a different DSL, incorporate tools such as SecuriCAD and compare different threat models. / Cybersäkerhet är fortfarande en av de främsta utmaningarna i den digitala eran för såväl organisationer som individer. Hotmodellering är ett viktigt verktyg för att bygga tillförlitliga och säkra system. Huvudmålet för denna studie är att skapa ett domänspecifikt språk (DSL) med Meta Attack Language (MAL), STRIDE och DREAD. En av de främsta utmaningarna för att nå målet med studien är att hitta ett domänspecifikt språk som är lämpligt för denna typ av hotmodellering. Syftet med studien är att förse personer som arbetar med hotmodellering med ytterligare verktyg för att kunna använda i sina attacksimuleringar. MAL är ett metaspråk som används för att skapa domän-specifika språk och utföra attacksimuleringar. Ett exempel på ett MAL projekt som oftast används som en mall för att skapa nya domänspecifika och modellerar den generella IT infrastrukturen. STRIDE modellen används för att lista och kategorisera digitala hot. DREAD brukar användas tillsammans med STRIDE och används för att risk bedöma digitala hot genom att betygsätta hoten med ett värde mellan ett och tio. Den valda metoden för att lösa forskningsfrågan är Design Research Science Method (DSRM), som används oftast i samband med skapandet av artefakter. Evaluering av resultatet gjordes med tester skrivna i Java med ramverket JUnit. Studien resulterade med skapande av strideLang som mappar attack steg i coreLang till STRIDE och DREAD modellerna. Den främsta felkällan i denna studie är riskbedömningen med DREAD eftersom noggrannheten på riskbedömningen kan variera från specifika domän i IT infrastrukturen. Det hade varit värdefullt om studien integrera domänexperters bedömning i studien främst för DREAD bedömningen. STRIDE och DREAD modellerna är subjektiva vilket betyder att olika experter kan komma till olika slutsatser för samma hot. Däremot så kan studien förse med intressanta insikter om hur ett domän-specifikt språk kan skapas baserat på DREAD och STRIDE modellerna. Framtida studier kan undersöka en mer specifik domän inom IT infrastrukturen, integrera verktyg som SecuriCAD och jämföra olika modeller som används inom hotmodelleringen

Meta attack language

Domain specific language

Attack graphs

Threat modeling

STRIDE

DREAD

Attack simulation

Cyber defence

Meta attack language

Domänspecifika språk

Attack grafer

Hotmodellering

STRIDE

DREAD

Attack simulering

Cyberförsvar

Computer Sciences

Datavetenskap (datalogi)

Denial-of-service attack : A realistic implementation of a DoS attack / Denial-of-service attack : En realistisk implementering

Skog Andersen, Jonas, Alderhally, Ammar

January 2015

This report describes some of the most well known denial of service attacks (DoS-attacks). This will be done in the first part of the report, the second part describes an implementation of a DoS-attack. The main purpose of its first part is to closer examine common DoS-attacks, the purpose of such attacks, the protection methods that can be deployed to mitigate these attacks and the ways that are used to measure these attacks. The second part describes a implementation of a practical attack implemented using HTTP POST requests to overwhelm a web server, so called HTTP POST attack. The attack was carried out using different number of attack nodes, up to the default maximum limit for Apache web server. The attack succeeded after several attempts with different parameters. As a result of the experiments we learnt that a successful HTTP POST attack needs to take between 15% and 100% of the maximum permitted clients to make an impact on the server’s response time. The server that was attacked had no defence mechanism to protect itself against DoS-attacks. One important thing to note is that this attack is carried out in a protected environment so as not to affect the external environment.

DOS

DDOS

Attack

Denial of Service

Distributed denial of service attack

HTTP POST

HTTP POST attack

Computer Sciences

Datavetenskap (datalogi)

Évaluation dynamique de risque et calcul de réponses basés sur des modèles d’attaques bayésiens / Dynamic risk assessment and response computation using Bayesian attack models

Aguessy, François-Xavier

22 September 2016

Les systèmes d'information sont une cible de plus en plus attractive pour les attaquants. Dans cette thèse de doctorat, nous construisons une méthodologie complète d'analyse statique et dynamique de risque prenant en compte la connaissance à priori d'un système avec les événements dynamiques, afin de proposer des réponses permettant d'empêcher les attaques futures. Tout d'abord, nous étudions comment corriger les attaques potentielles qui peuvent arriver dans un système, en s'appuyant sur les graphes d'attaque logiques. Nous proposons une méthodologie de remédiation corrigeant les chemins d'attaque les plus significatifs. Les remédiations candidates sont classées en fonction de leur coût opérationnel et leur impact sur le système. Les graphes d'attaques ne peuvent pas être directement utilisés pour l'évaluation dynamique de risque. Nous étendons donc ce modèle pour construire des modèles d'analyse dynamique de risque basés sur des réseaux bayésiens. Le modèle hybride d'évaluation de risque se divise en deux modèles complémentaires: (1) Les modèles de corrélation de risque, permettant d'analyser les attaques en cours et fournir les probabilités de compromission des états du système, (2) les modèles d'évaluation du risque futur, permettant évaluer les attaques futures les plus probables. Nous analysons la sensibilité des paramètres probabilistes du modèle et en validons les résultats à partir de graphes d'attaque topologiques / Information systems constitute an increasingly attractive target for attackers. Given the number and complexity of attacks, security teams need to focus their actions, in order to select the most appropriate security controls. Because of the threat posed by advanced multi-step attacks, it is difficult for security operators to fully cover all vulnerabilities when deploying countermeasures. In this PhD thesis, we build a complete framework for static and dynamic risk assessment including prior knowledge on the information system and dynamic events, proposing responses to prevent future attacks. First, we study how to remediate the potential attacks that can happen in a system, using logical attack graphs. We build a remediation methodology to prevent the most relevant attack paths extracted from a logical attack graph. In order to help an operator to choose between several remediation candidates, we rank them according to a cost of remediation combining operational and impact costs. Then, we study the dynamic attacks that can occur in a system. Attack graphs are not directly suited for dynamic risk assessment. Thus, we extend this mode to build dynamic risk assessment models to evaluate the attacks that are the most likely. The hybrid model is subdivided in two complementary models: (1) the first ones analysing ongoing attacks and provide the hosts' compromise probabilities, and (2) the second ones assessing the most likely future attacks. We study the sensitivity of their probabilistic parameters. Finally, we validate the accuracy and usage of both models in the domain of cybersecurity, by building them from a topological attack graph

Graphes d'attaque

Évaluation dynamique de risque

Modélisation d'attaques

Modèles d’attaques bayésiens

Attack graph

Dynamic risk assessment

Attack modelling

Bayesian attack model