Contact |
Andy Ellis, Akamai
The reality of conducting business on the Internet is
that at some point, someone out there will decide to attack you. The
reasons and methodologies may vary, from virtual sit-ins conducted by “hacktivists” to
distributed packet floods powered by thousands of virus-infected
systems. Defensive strategies have to be able to handle the
diversity of traffic; learn some of the thinking behind the defensive
strategy of the leading global service provider for accelerating content
and business process online. This presentation will also provide a DDOS
perspective as seen by Akamai.
Matthew Blaze,
Description
The Sad State of Evolution of Interface to User Security with a Focus on the Web Browser Eric Greenberg,
More than 10 years after widespread adoption, fundamental user interface issues still haven't been solved in the browser interface and not only is the user at a loss for what to do, but so are us fellow geeks. We will consider the progression, or lack thereof, of fundamental security interface design approaches put into place over a decade ago. Modes of attack, the user's perspective, and the challenges technology and humans present will be addressed.
Optimizations to Support Secure AP Transitions in 802.11 WLANs Jesse Walker ,
This talk will briefly summarize the work being done in 802.11k, 802.11r, and 802.11w. 802.11w extends 802.11i to protect internal 802.11 management frames. 802.11k defines new management frames to allow a mobile device to more intelligently learn about its environment and select a next access point meeting its needs. 802.11r optimizes the 802.11e and 802.11i needed when a device transitions from one access point to a new one. Together these new capabilities will improve the performance of AP-to-AP transitions without undercutting security, thereby increasing the usability of applications like Voice over Wi-Fi.
Michael Wasielewski,
As today’s Internet becomes more and more congested with host nodes, and the ever expanding reach of technology demands that new devices be connected together through the World Wide Web, the need to migrate from the current standards to more expansive, flexible, and secure protocols is undeniable. To that end, the Internet community around the world has begun to test and implement a new version of the Internet Protocol, known as IPv6 to replace the aging IPv4 protocol. This new protocol addresses many of the most prevalent issues by redesigning the entire protocol suite that runs the internet. However, when migrating from one technology to another, it is always necessary to compare the new technology to the old to ensure that it fixes the more glaring holes while at the same time not opening up equally glaring holes in other areas. IPv6 and it’s related protocol suites fixes many issues, including host address shortages, inefficient use of header bandwidth, and lack of authentication for control packets. While fixing these methods of attack, the protocol does not offer support for some other attacks and as always leads to the possibility of new attacks. This paper begins by outlining the difference in the old and new protocol suites, identifies the weaknesses of IPv4, and introduces the IPv6 protocol. Next, the paper focuses on the routing protocols of each suite, ARP for IPv4 and NDP for IPv6. Here, the paper discusses security issues for both and offers an analysis of the security measures that exist embedded in the protocol. Finally, the paper offers a look at a possible solution once the internet community can agree on Public Key Infrastructure standards, or possibly a corporate solution for partial security. Overall, total security can never be realized prior to deployment in the wild. The analysis done here looks at prior attack methodologies. This allows for a better analysis since instead of simply trying the exact same attack, the process identifies conceptual weakness, which is much easier to migrate to a new protocol. We find that in replacing ARP and various ICMP responsibilities, NDP does indeed fix some of the well known attacks. However, NDP does not present adequate security solutions for conceptually similar attacks against itself. The protocol is presented with a few hurdles, and many proposed solutions require various corporate or world wide architectures that simply do not exist at this time and can be complicated to implement or maintain. The new routing discovery protocol is justified in its creation and attempts to thwart the existing attacks, but, on a theoretical level, the security seems to be just as lax as its predecessor. The interdependency between existing insecure protocols such as Neighbor Discovery and Domain Name System (DNS) leads to a system in which one vulnerability opens the entire system to the prospect of being compromised. Some solutions have been proposed to accommodate and minimize the risks associated with some of the flaws, but at this time no one solution is all encompassing to the existing known threats and new threats yet to be discovered are always looming on the horizon.
Proactive EAP-based handover key management for mobile wireless users Madjid Nakhjiri,
Using EAP framework in Combining the access control and link security management using AAA infrastructure is gaining more and more popularity in wireless environments. However, the current EAP framework seems to lack the agility required for high performance and secure handovers in a wireless access environment. This paper intends to describe an EAP-based key derivation architecture and signaling procedure that enables the peer and wireless edge devices to quickly and safely attain the keying material required to establish a new link following a handover and without referring to the AAA server. This work is part of a larger specification activity in IETF HOAKEY team.
A Security Framework for Mobile Wireless IP Networks Parviz Yegani,
This talk will give an overview of a common security framework in mobile wireless IP networks such as cdma2000 HRPD networks, WiMAX NWG networks, ITU NGN, etc. Security and authentication for both radio access and IP network access are considered. The framework is based on the Extensible Authentication Protocol (EAP) which allows mutual authentication between the access terminal and the network in a very flexible manner. Depending on the usage scenario and deployment preferences various EAP methods are used with the right mix of user credentials such as certificates and pre-shard secret keys.
Richard Bejtlich
,
You've just discovered that one or more of your systems has been compromised. Now what? This tutorial will answer that question from a network-centric approach. It is based on the author's experience handling multiple systematic, long-term compromises at a variety of enterprises. The majority of the course will approach the incident response (IR) problem from the network perspective; host-based forensics will not be a priority. Attendees will first learn the basic steps needed to facilitate incident response prior to any compromise. Thoughts on the sorts of threats likely to be faced, common intrusion scenarios, and ways to be aware of intruder activities will be discussed. Next attendees will hear of various means by which incidents are discovered, all based on real life intrusions. The course will cover how to perform first response actions from the network perspective, and how to make the "pursue and prosecute" or "recover and remediate" decision. Attendees will learn how to eject determined, patient, and stealthy intruders from the enterprise, and how to verify the effectiveness of ongoing defensive measures. Topics Include:
State of information sharing between classified and unclassified networks Adele Friedel,
The critical information infrastructure has been a top priority across industry, and most prominently, the federal government. Given the War on Terrorism, ongoing security threats, and the considerable effort to overhaul and modernize the federal governments IT infrastructure, network security is at the top of the list. Technology is emerging that addresses one of the most critical issues facing the industry today: the ability to share information on disparate networks with varying levels of classification from one workstation. To tackle the security vs. usability issue, the need for a high-level of security, confidentiality, efficiency and speed is as critical as ever for our Nation’s security.
Federal Standards and Guidelines Developed by NIST Stuart Katzke, Patricia Toth, and Ron Ross,
I will speak about the suite of federal standards and guideline we/NIST developed to assist federal agencies meet their FISMA responsibilities, including discussion about the technical challenges we had to overcome. The presentation will focus on our Risk Management Framework, a process anyone organization can use to select, document, implement, and assess security controls for a system; and to authorize processing for the system (called Certification &Accreditation in the government). Although the suite of documents applies to federal agencies, there is no reason why the documents can't be voluntarily adopted or adapted by the commercial sector. I will cover why I believe this is likely to be so in my presentation. I am attaching a copy of a paper I did for another conference about our work to help you decide if you think your attendees will be interested in this type of presentation. I can tell you form our experiences that we have received numerous invitations to speak about this topic all over the US and internationally, and several international governments are looking at some form of adoption of these documents.
Impact of NSTISSP-11 on the current certification climate for products and technology Keith Beatty,
Since July 2002, all commercial off-the-shelf (COT) information assurance-enabled IT products to be used on the systems specified in the National Security Telecommunications and Information Systems Security Policy Number 11 (NSTISSP-11), must be evaluated and validated in accordance with the criteria, schemes, or programs specified. This paper will briefly review of the past two decades of certification efforts, examine the impact of NSTISSP-11 on the current certification climate for products and technology, and speculate on the continuing evolution of certification efforts with respect to shifts in the current paradigm.
MITHRIL: Adaptable Security for Survivability in Collaborative Computing Sites Von Welch, Jim Basney, and Himanshu Khurana ,
Collaborative scientific sites such as the NSF supercomputing centers and the open DOE labs have large distributed user communities spread both geographically and administratively across the nation and the world. The distributed nature of these users means that the systems from which these users connect to the center are outside of the control of the center. This implies that traditional perimeter security approaches will not be effective. The centers, with their visibility as well as high-performance resources (computing, network bandwidth, etc.) are prime targets for malicious attacks. These facts in combination mean that such sites are constantly under attack, often through the compromise of user credentials on systems outside the direct control of the site, and not uncommonly successfully. Since these sites provide a critical service to the scientific and engineering communities, it is important to ensure that availability of service despite the presence of security attacks and failures; i.e., ensure survivability. Survivability of a site requires tools and techniques that avoid, detect, and respond to attacks while still maintaining the usability of site resources for its user community. In isolation these tools and techniques have been studied for a long time but combining them in a suite of automated coordination and control systems for computational systems has only begun recently. The requirements of collaborative scientific sites go one step further in that they need access to inexpensive, advanced, reliable tools because (1) the sites have limited resources, and (2) they run production systems. The Mithril project at NCSA, is in response to NCSA’s need for such a survivability system. In the Mithril project we are working on the design, development, and integration for a suite of open-source tools that provide survivability and are integrated with a policy-driven command and control console. This effort requires an assessment of risks to collaborative sites, designing an architecture for survivability, and developing and integrating components of the architecture. Our risk assessment strategy is to look at the history of successful attacks on collaborative sites, analyze trends of attacks on all kinds of enterprise systems, and identify a subset that are of immediate concern and have significant impact on the services provide by that site. In designing an architecture we are developing models of our distributed computing systems, understanding the security policies of the sites, studying approaches for ensuring survivability, and then verifying candidate approaches against identified risks. For development and integration of components we have undertaken an extensive survey of available tools that are suitable for our architecture and have found a few promising ones. We have also identified technology gaps and have begun developing tools so that when integrated with COTS components we will be able to implement our proposed architecture. At the same time, we are also composing a test-bed in which we will test our prototype against simulated attacks initially, with migration to NCSA’s production network and exposure to actual tasks being the ultimate goal. In this talk we will give an overview of the project and discuss our proposed architecture in detail. We will also provide an overview of the available tools that we have found to be promising as well as outline the tools using in developing the Mithril system.
William Arbaugh (University of Maryland), Jesse Walker (Intel Corporation), and Meiyuan Zhao (Intel Corporation)
Mesh networks are emerging as a promising technology for reducing network deployment costs by removing cabling, and by increasing the performance and availability of wireless networks by introducing redundant paths. IEEE 802.11 Task Group s is developing a standard for mesh networks based on IEEE 802.11. This paper begins by providing a summary of the 802.11s mesh network architecture. Then it identifies security issues created by this architecture. These issues go far beyond ordinary link security. Indeed, the proliferation of roles defined by the architecture lead to access control and security bootstrap issues. The paper concludes by enumerating a set of mesh security requirements that can be used to help propose resolutions to these issues.
Investigating the Impact of Real-World Factors on Internet Worm Propagation Xiaoyan Hong,
The propagation of Internet worms has a devastating effect on the normal operations of the Internet. While various analytical modeling and empirical analysis have been conducted to study the propagation nature of various Internet worms, the effects of various real-world factors on worm propagation are still not fully understood. In this work, we study the following three major factors on the propagation of Internet worms: IP address distribution, worm scanning methods, and wireless media. IP address distribution. While relatively dense, the current IPv4 address space still has a large portion of unallocated addresses. When a worm scans for victims, its success rate is affected by whether or not a scanned address is allocated. Studying this may potentially help design a more worm-resistant IP address allocation policy. In addition, it also warrants further study to know how worms may propagate in the much larger IPv6 address space. Worm scanning methods. Internet worms can scan in many different ways. It can be random, local preference, hitlist-based, permutation, topological, or some combination of these. It can be based on either TCP or UDP, or even piggybacked onto other networking traffic. A systematic, comprehensive analysis that compares their propagation speeds and trends in an Internet-like networking environment is severely needed. Wireless media. Every day many nodes are connected to the Internet through wireless media using WLAN, WiFi, upcoming Mesh networking, Bluetooth PAN or 3G cellular technologies. Little is known regarding the speed and style Internet worms may propagate through these wireless media to those users. Various networking choices (e.g., a single large subnet vs. dispersed subnetworks) or access control techniques (MAC address filtering vs password protection) may or may not affect the behavior of worm propagation. User mobility could have both a positive and negative impact on the worm spread. To the best of our knowledge, no work has been performed in this area. Therefore, we set out to investigate the impact on Internet worms by all three of the above factors. Furthermore, we would like to propose that we present our discoveries in the forthcoming International Conference on Network Security 2006.
Andrew Lee,
Engineers are usually concerned with how things work, or how to make something work. I.e. they are problem solvers rather than problem creators. This is antithetical to the world of the antagonist, who attempts to break systems. The thinking is so opposite that the engineer is usually the worst person to decide how to create software that will not break.
Bill Burr ,
Although it is easy to see the promise of PKI as unfulfilled, PKI remains easily the best, strongest, and most readily scalable network user authentication technology. We can and should make it happen.
Status of 802.11 Mesh and Security Donald Eastlake III ,
IEEE 802.11 (Wi-Fi) has become the dominant wireless local area networking technology with over 100,000,000 chip sets being shipped annually. But until recently it was plagued with serious security problems and there is continuing security work underway. As you would expect with a popular standard, 802.11 is being extended in several dimensions including an effort to standardize some 802.11 types of 802.11 mesh communications which has further security implications.
Donald Eastlake III,
Is XML ushering in a new age of universal, secure, inter-application and web communication? Or do its complexity, instability, and lack of a unique general canonical form doom this heavenly vision?
How can we make products/deployments more secure? Eric Cole,
The presentation will talk about why we have so many bugs in software. Including causes such as IT departments making bad security decisions. What role could official formal security play and would it help?
SAML Comparison to Kerberos to Support a Centralized Authoritative Source for Authentication Hank Simon,
We have implemented a SAML prototype to leverage our LDAP domain as the central authoritative store for authentication for access to information. We addressed ten enterprise issues, and mitigated 5 common risks of a SAML implementation. SAML has different characteristics compared to Kerberos, with benefits and gaps to both technologies, and significant compatibilities. This paper addresses some of the complexities of implementation, limitations of the technologies, and suggestions for moving forward towards a long term goal of single sign on within the organization and across the firewall extending to partners and vendors.
Scott Rose,
This talk will cover the efforts to deploy DNSSEC in the gov domain. Focus will be on DNSSEC as part of of the FISMA guidelines. For more information, go to https://www-x.antd.nist.gov/dnssec or http://www.dnssec-deployment.org/
Stuart Katzke,
The Federal Information Security Management Act (FISMA) of 2002 places significant requirements on Federal agencies for the protection of information and information systems; and places significant requirements on the National Institute of Standards and Technology (NIST) to assist the Federal agencies comply with FISMA. In response to this important legislation, NIST is leading the development of key information system security standards and guidelines as part of its FISMA Implementation Project. This high priority project includes the development of security categorization standards; standards and guidelines for the specification, selection, and testing of security controls for information systems; and guidelines for the certification review and accreditation of information systems. Dr. Katzke (Prefers to be called “Stu”) will discuss the FISMA risk management framework and the many standards and guidelines being developed by NIST to help federal agencies comply with FISMA requirements. In addition, Stu will discuss why he believes NIST’s FISMA suite of documents should be of interest to the commercial sector.
Harmen van der Linde,
MPLS security is focused on three network infrastructure areas; core network, service edge network, and MPLS network interconnections. Each area has a distinct set of potential security threats MPLS security mechanisms need to protect against. MPLS security mechanisms apply both to MPLS packet forwarding as well as MPLS control data exchange and processing. Security threats can be divided into Denial of Service (DoS) attacks where MPLS network resources become unavailable to authorized users and intrusion attacks where MPLS network resources become available to unauthorized users. In addition, unintended configuration mistakes could potentially lead to MPLS network unavailability or unauthorized MPLS network access as well.
Trusted Computing: Towards Safe Computing Environments Tom Hardjono,
Trusted computing represents the next evolution of computing systems towards trusted platforms. In this presentation we discuss the philosophy of trust underlying trusted computing, and describe the issues and challenges in developing a safe computing environment. We describe the need for trusted cryptographic hardware as the starting-point (root) of trust in trusted platforms, and briefly the describe the TPM hardware as an important building block towards the creation of safe computing environments. We also discuss the need for the next generation of infrastructure support for trusted computing systems.
Firewall Traversal: Security and Scalability David McGrew
,
IP firewall traversal for media sessions such as voice and video continues to be problematic. While the MIDCOM architecture is attractive in many ways, it brings with it significant security requirements. We describe extensions to that architecture that provide strong authentication and authorization, and which are suitable for use in cross-domain scenarios. We also describe methods for reducing or eliminating the topological awareness needed by a MIDCOM firewall controller, and methods for using authenticated firewall traversal in conjunction with the Interactive Connectivity Establishment (ICE) based NAT traversal. We highlight the advantages of these approaches by comparing them to existing methods.
PKI: It's not that hard. Why don't we have it? Charlie Kaufman,
Standards have existed for use of PKI for many years. There is S/MIME for email and both SSLv3 and IPsec for session based encryption. They are all use a common X.509 / PKIX certificate format. Software to use PKI is even deployed on most systems. Yet the world has declined to turn it on. Why? This talk looks at some of the reasons, and how to make them go away.
Why isn't DNS security deployed, and would we be safer if it was? Charlie Kaufman,
The original vision for DNS security was simple yet grand: secure DNS and list public keys in it. DNS is a naming service that scales to the Internet. Listing public keys in it would answer the thorny distribution and revocation problems that plague other PKIs. There are few enough implementations of DNS that with modest effort it could get deployed easily. It hasn't turned out that way. Deployment has been held up by politics and the goals have been scaled back. Is it still worth doing? That depends on what you think of the alternatives. The need is greater than ever!
Availablity and Security Tradeoffs Arun Sood,
Redundancy is a key driver to achieve reliability, fault tolerance and system availability. In Self Cleansing Intrusion Tolerance (SCIT) we explore the use of redundancy for security. Our approach results in reduced exposure windows. In previous papers we have applied SCIT for enhanced security of firewalls, web servers, and DNS servers. In this presentation we will discuss the trade-off between security and availability. Specifically, we will analyze computer clusters that have spare processing capability and use this to achieve high availability. We show that this spare capacity can be used to achieve to reduce the exposure window and hence increase cluster security.
Stuart Schechter,
I will describe a mechanism that enables sites to assume the management of a key browser security feature: HTTPS. Users need no longer request HTTPS, verify the presence of HTTPS, or even know which sites require HTTPS. Rather, with the help of DNSSEC, a site can securely and automatically activate a web browser\'s HTTPS mode before a connection to the site is initiated. This same approach can also better secure clients for other applications, such as email.
3GPP2 Network Firewall Configuration and Control Michael Paddon,
The 3GPP2 Network Firewall Configuration and Control (NFCC) feature is designed to manage packet filters which act to minimize the ingress of unsolicited packets onto the CDMA air interface. This reduces exposure to unnecessary consumption of bandwidth, undesirable consumption of device resources such as battery life, malicious traffic and billing issues. Authorized entities (typically handsets) may dynamically use NFCC to configure packet filter policy, and completely automated operation is possible such that applications need not be NFCC aware. NFCC is built on the IETF NSIS next generation signaling protocol and is one of the first applications of this technology. This presentation provides an overview of the NFCC rationale and architecture.
|
|
© 2006 ISOCORE CORP. ALL RIGHTS RESERVED Sitewide Privacy Statement | Contact the Webmaster