Mist2012 panel discussion-ruo ando

360 views
309 views

Published on

this file is used in MIST 2012 (4th International Workshop on Managing Insider Security Threats).

Published in: Career
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
360
On SlideShare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
2
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Mist2012 panel discussion-ruo ando

  1. 1. MIST 2012Panel Discussion: “Key Challenges in Defending Against Insider Threats” Ruo Ando National Institute of Information and Communication Technology Tokyo, Japan
  2. 2. Outline: insider threat and data leakageInformation leakage is one of the most serious damagescaused by insider threat. In this talk, I will introduce somekey issues about ex-post countermeasures of informationleakage①First, "Data lives forever" problem is introduced. Once sensitiveinformation is leaked over Internet, we have no effectivecountermeasures to nullify it. Some topics such as advanced secretsharing and right to be forgotten will be noted.②Second, I will talk briefly about "Data sovereignty" to provide a logicaland technical basis for tracking spread information. PDP (provable datapossession) could be one of solutions.Finally, I will present some actual cases about these problems.
  3. 3. Insider Threats and Information leakage LostTape 14% Incidents by Breach Type Stolen document 14% Attacks from outside by hacking is motivated for botNet, FaaS etc. Data Leakage is one of the main purpose of insider attack. Besides, this kind of threat causes retroactive disclosure. Disposal Document 14% 2012/11 http://www.datalossdb.org Data lives forever:Once sensitive data is released to network,Social Engineering it circulates forever.And APT is sometimesSo hard to be preventedTechnically. Information leak: retroactive disclosure Sensitive data could retrieved and retroactivated as offense.
  4. 4. Can retroactivation as offense be mitigated ? Is ex-post countermeasure possible ? Is it unstoppable even if we adopt domain seizure in Amazon EC2 ? DLP can protect sensitive data sent from SNS ? 2012/08 Top threats to enterprise securityDropbox Confirms IDC’s surveyUser Email Leaks   2008 2010– Adds Additional Trojans, Virtuses, other malware 54 78 Protection Spyware 48 74 Hackers 41 67 Employees exposing information 52 66 Equipment misconfiguration 41 61 Application Vulnerabilities 44 59 Spam 39 58 Data stolen by trusted party 38 53 Is it possible to prevent Insider sabotage 34 49 Uploading sensitive files ?
  5. 5. Japan’s case: information leakage via P2P networks 2008/03/22 National Bank of 2009/04/02: Tokyo Japan leaks Rinkai Hospital –Confidential insider information a list of 598 inpatients information 2005/06 Documents of nuclear power plant of Mitsubishi was leaked. 2010/10/30 Metropolitan Police 2009/01/08: National Information- Department taking charge of Technology Promotion Agency - a international terrorism splits a database of Ministry of Internal Affiars confidential list over P2P and National Patent Office networks
  6. 6. Data Sovereignty in Cloud computing era A Position Paper on Data Data Sovereignty :- Sovereignty: The Importance of Geolocating Data in the Cloudthe coupling of stored data authenticity Zachary N. J. Peterson, Mark and geographical location in the cloud Gondree, and Robert Beverly. USENIX HotCloud 2011 However, as Cloud computing environment has become international, securing data sovereignty is harder and harder. Giuseppe Ateniese, Randal C. Technology of geolocation could be Burns, Reza Curtmola, Joseph Herring, Lea Kissner, Zachary cheated. PDP (Provable Data Possession) N. J. Peterson, Dawn could be one of the solutions Xiaodong Song: Provable data for this problem. possession at untrusted stores. ACM CCS 2007
  7. 7. "Data lives forever" problem• Wiki LeaksWikiLeaks is an international organization that publishes submissions ofotherwise unavailable documents from anonymous sources and leaks.On July 25, 2010, WikiLeaks released to The Guardian, The New YorkTimes, and Der Spiegel over 92,000 documentsrelated to the war inAfghanistan between 2004 and the end of 2009.• “Right to forget and delete”European Commission sets out strategy to strengthen EU data protectionrules Nov 2010. “Controlling your information, having access to your data,being able to modify or delete it – these are essential rights that have to beguaranteed in todays digital world. “
  8. 8. P2P security VANISH: self destructing dataRoxana Geambasu, Tadayoshi Kohno, Amit Levy, Henry M. Levy. Vanish:Increasing Data Privacy with Self-Destructing Data. In Proceedings of theUSENIX Security Symposium, Montreal, Canada, August 2009.Technology: Secret sharing protocol and DHTIn vanish system, shared file is disappeared from network in a fixed interval.Bob sends {C,L} to Alice. VANISH is implemented for Vuse DHT. {C,L} Data, timeout Data, timeout KN RANDOM INDEXES (L) K2 RANDOM INDEXES (L) K1 C=Ek(data) data=Dk(C)
  9. 9. P2P security UNVANISH: reconstructing dataDefeating Vanish with Low-Cost Sybil Attacks Against Large DHTsScott Wolchok, Owen S. Hofmann, Nadia Heninger, Edward W. Felten, J.Alex Halderman, Christopher J. Rossbach, Brent Waters, and EmmettWitchel, Network and IT Security Conference: NDSS 2010UNVANISH mounts sybil nodes into DHT to replicate Ek hash toreconstruct data. {C,L} UNVANISH Data, timeout Data, timeout KN RANDOM INDEXES (L) K2 RANDOM INDEXES (L) K1 C=Ek(data) data=Dk(C)
  10. 10. Example: Propagation speed over DHT network d if f 1 000000 1 00000 1 0000 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 nod e 12000000 10000000 8000000 6000000 4000000 2000000Bit Torrent traffic rate of all internet 0 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26estimates① “55%” - CableLabsAbout an half of upstream traffic of CATV.② “35%” - CacheLogic“LIVEWIRE - File-sharing network thrives After 5 hours,beneath the Radar” Δ ( increasing) become③ “60%” - documents in www.sans.edu stable In first 4 hours, we can“It is estimated that more than 60%of the traffic on obtainthe internet is peer-to-peer.” more than 4000000 peers!

×