Cyber Security Exam 2


Published on

1. Explain the difference between a side channel and a covert channel. Discuss the claim that every side channel can be converted to a covert channel and vice versa.
2. Explain the difference between intrusion prevention and intrusion detection systems. Discuss the implications of
the base-rate fallacy for intrusion prevention.
3. Consider the concept of “continuous” enforcement in UCON. Discuss how this concept might be implemented in
practice. Develop your answer in context of specific application contexts.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Cyber Security Exam 2

  1. 1. Submitted By: Prosunjit Biswas (@01232785) 1. Difference between Covert Channel & Side Channel:In the simplest definition, ‘A communication channel is covert if it is neither designed nor intended totransfer information at all’ [1]. A more compelling definition appears as – ‘Given a security model M andits interpretation I(M) in an operating system and any potential communication between twosubjects I(Sh) and I(Si) of ((M) is covert only if the communication between the subjects Sh and Si of themodel of M is illegal in M’ [2]. On the other hand, “Side channel leaks S Subjects implementation-specific characteristics to S i d i recover the secret parameters involved in d e e the computation and specific to given C C implementation.”[3] Figure 1. shows the h h a …….. : a position of covert channel and side n convert n channel n channel in a system. n e Projection Model e l l Fig 1: Side channel & Covert channel. Environment Side Effect (Heat, Sound, Power etc)i) Covert channel is created inside a protection model where either that channel was not identified or not intended for communication where as side channel stays outside the protection model based on the side effect of the model with the environment (ex: electromagnetic emission).ii) Covert channel may require cooperating sender and receiver where as side channel do not require sender.Conversion between Covert channel and Side channel: As shown in figure 1b, we can convert side- channel into covert channel and vice versa. M We see that for model M1, C1 is side channel o Information Leaking d because it stays outside the model but if we C1 Side channel for M1 / Covert channel for M2 e build another protection model M2 including l Protection M1, then C1 becomes the Covert channel for M Model (M1) M2 by leaking information from a subject in M1 2 to other subject outside m1. Thus by changingthe protection model from M1 to M2 we can convert between side channel into covert channel. Similarly,we can do the opposite.Fig 1b: Conversion between side & Covert ChannelReferences:[1] B.W. Lampson, "A Noto on the Confinement Problem," Communications ACM 16 (1973). 613-615.[2] C. Tsai and V. D. Gligor, "A Bandwidth Computation Model for Covert Storage Channels and its Applications," IEEE Symposium on Security and Privacy, 1988.[3] F.-X. Standaert. Introduction to side-channel attacks. In I. M. Verbauwhede, Secure Integrated Circuit.2009 I have not taken any help on this examination from anybody and have not given any help to anybody.
  2. 2. 2. Intrusion Detection & Intrusion Prevention System: Although both Intrusion Detection System (IDS) and Intrusion Prevention System (IPS) analyze the traffic and work based on different predefined rules, there are fundamental differences on how data they work and on action they can take. Figure 2. Shows the scope of both system in some great details. Fig 2: Breakdown of Intrusion Detection and Intrusion Prevention System Differences: i) IPS works with real traffic which means that the traffic, if allowed, is feed to real devices where as IDS works with the copy of the data, in the sense that even if we have IDS setup to update firewall with blocking rules, the initial attack packet has already gone through. ii) IDS is a passive device only used for loging/reporting purpose where as IPS acts as an active device which can terminate network connection or user sessions based on the need of IPS system.Implications of Base-rate fallacy on IPS:Similar to the base-rate fallacy in IDS, IPS effectiveness depends on how we can improve false alarmrate. If we use an IPS with high false alarm rate, eventually it will hurt system performance badly byfiltering / stopping legitimate traffic. So, the impact of base rate fallacy on IPS is much more critical thanits impact on IDS.Reference:[1] S. Axelsson. The base-rate fallacy and its implications for the difficulty of intrusion detection. In Proceedings ofthe 6th ACM Conference on Cornpurer and Communications Securiry,1999.[2] “IDS vs IPS”, available at :[3] “IDS vs IPS”, available at : I have not taken any help on this examination from anybody and have not given any help to anybody.
  3. 3. 3. Continuous enforcement ensures that the control on a resource stays even after access to that resource is given to a user. Thus, it is required to monitor consumption of the resource or subsequent request for consumption so that it does not violate the policy under which access was granted. In the following model, I am not considering how the resource is consumed which is very inflexible to monitor in real situation. This model tries to provide continuous enforcement where continuous requests for a resource are made and each request has some side effect in the system. Fig. 3a. gives a general model for continuous enforcement while fig. 3b is specialized model for video streaming service provider. I S n GS e s r r t Customere Customer a Mutable System States a status: {New,r v Balance, n Attributes base on n reliable,v i Trust, t attributes t Unreliable,i c History trustworthy} /c e Se D t e r G n Condition e 1.Prefer r yR Application a trustworthy Enforcem ent / a 1.Sufficiente Level Policy m Customer, Access Control Balance ? Sq t 2. Prefer 2. More cond. ? tu n R customer with re / e more balance as D q Update M utable Attributes based Per mt e u Update balance, history etc. based Per Request Processing i n e Request Processing n y s g General Enforcem ent System(each t Enforcement System for Online video Service request goes through this Stream Provider system ) Fig 3a: General Model for continuous Enforcement Fig. 3b: Continuous enforcement model for video streaming service Provider. Here we assume that each request is going through the enforcement model. The model has mutable attributes which define the current state (and all possible states) for the system. The condition enforcement diamond in fig 3a. ensures that any violation of system policy will be detected and any further service request will be ignored in such violation cases. For a specific application, I have considered a video streaming service provider where each customer should have some balance, some trust worthiness, and/or balance history to get service. Possible state / status for a customer are new, reliable, unreliable etc. A future request will be allowed or denied based on which state the customer is currently in as well as on the policy of the system some of which are enumerated in figure 3b. References: [1] Jaehong Park and Ravi Sandhu. The UCON_ABC Usage Control Model, ACM Transactions on Information and System Security, Volume 7, Number 1, February 2004, pages 128-174. [2] Jaehong Park, Ravi Sandhu and Yuan Cheng, ACON: Activity-Centric Access Control for Social Computing. In Proceedings 5th International Conference on Availability, Reliability and Security (ARES) I have not taken any help on this examination from anybody and have not given any help to anybody.
  4. 4. 4. The Good Part and Bad Part:In this paper the authors have nicely identified the scope of their work by identifying the fact thatalthough there exists de-facto standard for confidentiality and integrity for online banking, there is nostandard scheme for authentication and non-repudiation. Then they presented two solutions for achievingauthentication and non-repudiation. While they have engineered fairly technical solutions, the way theyhave presented them is not quite comprehensible and the article would have required more technicalrepresentation and technical analysis of their claim. For example, their approach for certificate-basedsolution should be more distinct in the sense what already exists and what they are proposing. The authorsshould have also shown attack scenarios that are possible in existing approached but not possible whentheir proposed solution is deployed.Something I have learned from the paper:In order to protect man-in-the-middle (MITM) attack, this paper has proposed a short time passwordscheme based on hardware generated token. Eventually, they have transferred the defense against secretkey tampering on an offline hardwired device (smart card) which is interesting to learn. I have also cometo know about the security concern and measurements for online banking ( for both online & offline )from this and other papers I have read for answering the question.Weakness of the paper:The authors have identified and provided solution for issues like authentication, confidentiality, Integrityand non-repudiation. But today there exists more sophisticated attack than MITM or SSL certificatetempering among which MITB (Man-in-the-Browser) is worth to mention. So, they did not cover thesetypes of client browser specific attacks (ex: XSS, XSRF and many others) although they have brought upthis issues in another paper[4]. It is also reported that [3] a special, dedicated hardware device like smartcard and card reader(additionally other equipments) for online banking may potentially hurt customerexperiences caused by the limited portability of the hardware device.References:[1] Read the paper: Hiltgen, A., Kramp, T. and Weigold, T., “Secure Internet banking authentication.” IEEESecurity & Privacy, vol.4, no.2, pp.21-29, March-April 2006.[2] Shoji Sakurai, Shinobu Ushirozawa, "Input Method against Trojan Horse and Replay Attack "InformationTheory and Information Security (ICmS), pp.3S4-3S9, Jan 2010.[3] A. Vapen and N. Shahmehri. “Security levels for web authentication using mobile phones.” PrimeLife/IFIPSummer School Post-proceedings, Springer, 2011 (In Press).[4] Oppliger, R.; Rytz, R.; Holderegger, T.; “Internet Banking: Client-Side Attacks and Protection Mechanisms.”Computer (IEEE), 2009, Vol. 42 , No. 6, pp. 27-33. I have not taken any help on this examination from anybody and have not given any help to anybody.