Protection against malicious JavaScript using hybrid flow-sensitive information flow monitoring

Sayed, Bassam

02 March 2016

Modern web applications use several third-party JavaScript libraries to achieve higher levels of engagement. The third-party libraries range from utility libraries such as jQuery to libraries that provide services such as Google Analytics and context- sensitive advertisement. These third-party libraries have access to most (if not all) the elements of the displayed webpage. This allows malicious third-party libraries to perform attacks that steal information from the end-user or perform an action without the end-user consent. These types of attacks are the stealthiest and the hardest to defend against, because they are agnostic to the browser type and platform of the end-user and at the same time they rely on web standards when performing the attacks. Such kind of attacks can perform actions using the victim’s browser without her permission. The nature of such actions can range from posting an embarrassing message on the victim’s behalf over her social network account, to performing online biding using the victim’s account. This poses the need to develop effective mechanisms for protecting against client-side web attacks that mainly target the end-user. In the proposed research, we address the above challenges from information flow monitoring perspective by developing a framework that restricts the flow of information on the client-side to legitimate channels. The proposed model tracks sensitive information flow in the JavaScript code and prevents information leakage from happening. The main component of the framework is a hybrid flow-sensitive security monitor that controls, at runtime, the dissemination of information flow and its inlining. The security monitor is hybrid as it combines both static analysis and runtime monitoring of the running JavaScript program. We provide the soundness proof of the model with respect to termination-insensitive non-interference security policy and develop a new security benchmark to establish experimentally its effectiveness in detecting and preventing illicit information flow. When applied to the context of client-side web-based attacks, the proposed model provides a more secure browsing environment for the end-user. / Graduate

Information Flow Control

Security Monitors

JavaScript

Client-side Web Security

Browser Security

Client-side web attacks

Systematic Analysis and Methodologies for Hardware Security

Moein, Samer

18 December 2015

With the increase in globalization of Integrated Circuit (IC) design and production, hardware trojans have become a serious threat to manufacturers as well as consumers. These trojans could be intensionally or accidentally embedded in ICs to make a system vulnerable to hardware attacks. The implementation of critical applications using ICs makes the effect of trojans an even more serious problem. Moreover, the presence of untrusted foundries and designs cannot be eliminated since the need for ICs is growing exponentially and the use of third party software tools to design the circuits is now common. In addition if a trusted foundry for fabrication has to be developed, it involves a huge investment. Therefore, hardware trojan detection techniques are essential. Very Large Scale Integration (VLSI) system designers must now consider the security of a system against internal and external hardware attacks. Many hardware attacks rely on system vulnerabilities. Moreover, an attacker may rely on deprocessing and reverse engineering to study the internal structure of a system to reveal the system functionality in order to steal secret keys or copy the system. Thus hardware security is a major challenge for the hardware industry. Many hardware attack mitigation techniques have been proposed to help system designers build secure systems that can resist hardware attacks during the design stage, while others protect the system against attacks during operation. In this dissertation, the idea of quantifying hardware attacks, hardware trojans, and hardware trojan detection techniques is introduced. We analyze and classify hardware attacks into risk levels based on three dimensions Accessibility/Resources/Time (ART). We propose a methodology and algorithms to aid the attacker/defender to select/predict the hardware attacks that could use/threaten the system based on the attacker/defender capabilities. Because many of these attacks depends on hardware trojans embedded in the system, we propose a comprehensive hardware trojan classification based on hardware trojan attributes divided into eight categories. An adjacency matrix is generated based on the internal relationship between the attributes within a category and external relationship between attributes in different categories. We propose a methodology to generate a trojan life-cycle based on attributes determined by an attacker/defender to build/investigate a trojan. Trojan identification and severity are studied to provide a systematic way to compare trojans. Trojan detection identification and coverage is also studied to provide a systematic way to compare detection techniques and measure their e effectiveness related to trojan severity. We classify hardware attack mitigation techniques based on the hardware attack risk levels. Finally, we match these techniques to the attacks the could countermeasure to help defenders select appropriate techniques to protect their systems against potential hardware attacks. / Graduate / 0544 / 0984 / samerm@uvic.ca

Hardware Attack Mitigation

Hardware Attacks

Hardware Security

Hardware Trojan Detection

Hardware Trojans

3D-ART Schema

Collaborative intrusion prevention

Chung, Pak Ho

02 June 2010

Intrusion Prevention Systems (IPSs) have long been proposed as a defense against attacks that propagate too fast for any manual response to be useful. While purely-network-based IPSs have the advantage of being easy to install and manage, research have shown that this class of systems are vulnerable to evasion [70, 65], and can be tricked into filtering normal traffic and create more harm than good [12, 13]. Based on these researches, we believe information about how the attacked hosts process the malicious input is essential to an effective and reliable IPS. In existing IPSs, honeypots are usually used to collect such information. The collected information will then be analyzed to generate countermeasures against the observed attack. Unfortunately, techniques that allow the honeypots in a network to be identified ([5, 71]) can render these IPSs useless. In particular, attacks can be designed to avoid targeting the identified honeypots. As a result, the IPSs will have no information about the attacks, and thus no countermeasure will ever be generated. The use of honeypots is also creating other practical issues which limit the usefulness/feasibility of many host-based IPSs. We propose to solve these problems by duplicating the detection and analysis capability on every protected system; i.e., turning every host into a honeypot. / text

Intrusion Prevention Systems

IPS

Honeypots

Network-based

Host-based

Attacks

Networks

Protected systems

Rupture, loss, and the performance of masculinity at the World Trade Center : a post-9

Carr, Geoffrey Paul.

10 April 2008

No description available.

World Trade Center (New York, N.Y.)

September 11 Terrorist Attacks, 2001

Fusing intelligence with law enforcement information : an analytic imperative

Thornlow, Christopher C.

03 1900

CHDS State/Local / The tragedy of 11 September 2001 revealed two major shortcomings: the US military and the Department of Defense's inability to respond quickly to and defend against the threat posed by foreign terrorists to the United States, and the inability of the Intelligence and Law Enforcement Communities to fuse and analyze foreign threat intelligence with domestic law enforcement information in a timely fashion to provide adequate indications and warning of such an attack. The United States Northern Command Intelligence Directorate (J2) has the primary mission in providing accurate, timely, and relevant indications and warnings of potential threats to the Commander, USNORTHCOM. The USNORTHCOM J2 must be able to use all intelligence sources, including law enforcement information, to better understand the potential threats and capabilities arrayed against it. This enables the USNORTHCOM J2 to provide the Commander, USNORTHCOM an all-source, fused analytic assessment of potential threats as the command carries out its mission to "deter, prevent, and defeat threats and aggression aimed at the United States," and thus fulfilling the command's role as the Department of Defense's primary lead command in homeland defense and homeland security. / Lieutenant Commander (LCDR) - Navy - Terrorism Analysis Branch Chief, US Northern Command (Northcom) NORAD - Intelligence Directorate

Intelligence service

United States

Law enforcement

September 11 Terrorist Attacks, 2001

Terrorism

Prevention

National security

Cyber attacks & coercion in the digital era. : A qualitative case analysis of the North Korean cyber attack on Sony Pictures.

Holm, Linnéa

January 2017

The 2014 cyber attack on Sony Pictures Entertainment is an example of a disruptive event where a nation state utilized cyber tools in order to coerce a target into changing their course of action. Cyber attacks, something that might be perceived as a looming futuristic threat, became reality for Sony and its employees under the course of a few months in late 2014. The coercer’s attempt to change the behavior of the company eventually failed and North Korea who was attributed as coercer was imposed with new sanctions. This paper takes on the task of evaluating the Sony case against both the traditional theory of coercion and specific factors of cyber coercion in order to determine how the failure can be explained. The findings implicate that the failure can be explained by the traditional theory but needs to be complemented with the specifics of cyber coercion due to the difficulties in assessing the credibility of cyber attacks. Further studies are advised in the area of cyber coercion and a comparative approach would do particularly well in assessing causal explanations in a more comprehensive way.

Cyber Attacks

Sony

North Korea

Cyber Coercion

Coercive Diplomacy

Political Science

Statsvetenskap

The use of Big Data Analytics to protect Critical Information Infrastructures from Cyber-attacks

Oseku-Afful, Thomas

January 2016

Unfortunately, cyber-attacks, which are the consequence of our increasing dependence on digital technology, is a phenomenon that we have to live with today. As technology becomes more advanced and complex, so have the types of malware that are used in these cyber-attacks. Currently, targeted cyber-attacks directed at CIIs such as financial institutions and telecom companies are on the rise. A particular group of malware known as APTs, which are used for targeted attacks, are very difficult to detect and prevent due to their sophisticated and stealthy nature. These malwares are able to attack and wreak havoc (in the targeted system) within a matter of seconds; this is very worrying because traditional cyber security defence systems cannot handle these attacks. The solution, as proposed by some in the industry, is the use of BDA systems. However, whilst it appears that BDA has achieved greater success at large companies, little is known about success at smaller companies. Also, there is scarcity of research addressing how BDA is deployed for the purpose of detecting and preventing cyber-attacks on CII. This research examines and discusses the effectiveness of the use of BDA for detecting cyber-attacks and also describes how such a system is deployed. To establish the effectiveness of using a BDA, a survey by questionnaire was conducted. The target audience of the survey were large corporations that were likely to use such systems for cyber security. The research concludes that a BDA system is indeed a powerful and effective tool, and currently the best method for protecting CIIs against the range of stealthy cyber-attacks. Also, a description of how such a system is deployed is abstracted into a model of meaningful practice.

Big data

big data analytics

CII

CI

APTs

cyber-attacks

cyber-security

Examining the Impact of Microarchitectural Attacks on Microkernels : a study of Meltdown and Spectre

Grimsdal, Gunnar, Lundgren, Patrik

January 2019

Most of today's widely used operating systems are based on a monolithic design and have a very large code size which complicates verification of security-critical applications. One approach to solving this problem is to use a microkernel, i.e., a small kernel which only implements the bare necessities. A system usinga microkernel can be constructed using the operating-system framework Genode, which provides security features and a strict process hierarchy. However, these systems may still be vulnerable to microarchitectural attacks, which can bypassan operating system's security features, exploiting vulnerable hardware. This thesis aims to investigate whether microkernels are vulnerable to the microarchitectural attacks Meltdown and Spectre version 1 in the context of Genode. Furthermore, the thesis analyzes the execution cost of mitigating Spectre version 1 in a Genode's remote procedure call. The result shows how Genode does not mitigate the Meltdown attack, which will be confirmed by demonstrating a working Meltdown attack on Genode+Linux. We also determine that microkernels are vulnerable to Spectre by demonstrating a working attack against two microkernels. However, we show that the cost of mitigating this Spectre attack is small, with a cost of < 3 slowdown for remote procedure calls in Genode.

Genode

Meltdown

Spectre

Nova

Okl4

microarchitectural attacks

microkernel

Computer Engineering

Datorteknik

Caractérisation sécuritaire des OxRRAM / Secure characterization of OxRAM technology

Krakovinsky, Alexis

15 December 2017

Depuis les premières mémoires à semi-conducteurs, les mémoires intégrées sur les circuits électroniques ont beaucoup évolué. Celles-ci deviennent de plus en plus petites sans pour autant conserver moins de données. Cependant, la technologie mémoire non-volatile la plus répandue, la Flash, fait face à des problèmes de miniaturisation et de consommation. Plusieurs solutions alternatives ont donc émergé pour remplacer la Flash, ou pour être intégrées dans les objets connectés. Dans quelques années, des milliards d’appareils échangeront des données parfois personnelles qui ont donc besoin d’être sécurisées. La technologie Flash a déjà été l’objet de nombreuses études, permettant de la rendre sécurisée. Néanmoins, rien n’a été fait en ce qui concerne les technologies mémoires émergentes. Cette thèse propose donc d’évaluer le caractère sécuritaire d’une de ces technologies, particulièrement prometteuse par ses performances : l’OxRRAM. Le premier chapitre de ce manuscrit fera l’état de l’art des différents types de mémoires existant ainsi que des moyens utilisés pour évaluer la sécurité d’une technologie mémoire.Cela a permis de réaliser une première approche d’attaque sur un circuit embarquant de l’OxRRAM, mais les résultats montrent que des études plus fines sont nécessaires pour parvenir à comprendre de quoi il en retourne. Les chapitres 3 et 4 montrent les différentes vulnérabilités obtenues dans des cellules mémoires OxRRAM grâce à différent types d’attaques LASER.La source de ces vulnérabilités a également été identifiée, ce qui a permis par la suite de proposer des premières pistes de contre-mesures afin de protéger les circuits devant embarquer ce type de mémoires. / The first semi-conductor memories appeared in the 1960s. Since then,memories that are embedded on integrated circuits have evolved significantly. An important downsizing of these memories has been performed and they are still able to store more and more data. However, Flash technology-which is the most spread NVM technology nowadays - is facing scaling and power consumption issues. Numerous alternative solutions have emerged (emerging technologies) to replace Flash or to be integrated in smart objects, whose one of the main features is low power consumption. In the years to come, billions of devices connected to each other will exchange personal data that need to be secured. Flash technology has already been the subject of many studies, allowing it to be considered secured. Nevertheless, nothing has been performed yet on emerging NVM.This thesis proposes an evaluation of the secure character of one of these technologies, whose performances are promising: OxRAM. The first chapter of this manuscript deals with the state of the art of the different kind of existing memory technologies. It lists the different means that can be used to assess the security of a memory technology. This allowed to experiment attacks on an integrated circuit which embeds OxRAM. However, the results showed that more accurate studies are necessary to understand the observed effects. Chapters 3 and 4 will then demonstrate the vulnerabilities noticed on OxRAM memory cells through different LASER attacks. The source of these vulnerabilities has also been investigated, which allowed to propose tracks for countermeasures in order to protect integrated circuits that are to embed such memories.

OxRRAM

Laser

Attaques thermiques

Simulations

Microcontrôleur

Effet photoélectrique

OxRAM

Laser

Thermal Attacks

Simulations

Microcontroller

Photoelectric effect

Comparison of Liberty Alliance and OpenID regarding their ability to protect the confidentiality, integrity and availability of the users’ information : a study based on the analysis of resistance to common attacks

de Souza, Jaqueline

January 2010

It is essential to solve the problem due to password fatigue in order to increase the security of the transactions on the Web and secure the users’ account and information. Web Single Sign-On is one of the techniques that have been created to solve these issues. Unfortunately, this method creates new opportunities for hackers. The Liberty Alliance and OpenID are two of the most known Web Single Sign-On frameworks. This work intends to review the strengths and the weaknesses of both regarding their ability to protect the confidentiality, integrity and availability of the users’ information, by studying their aptitude to prevent some of the most dangerous attacks on the web. The analysis of the results shows that Liberty Alliance has created a strong infrastructure in order to mitigate those attacks. Consequently, this framework protects the confidentiality, integrity and availability of the users’ information more efficiently than OpenID. On the other hand, this latter shows significant weaknesses that compromises the confidentiality, integrity and availability of the users’ information.

WebSSO

OpenID

Liberty Alliance

information security

attacks

Computer Sciences

Datavetenskap (datalogi)