{"title":"On the Safety and Efficiency of Firewall Policy Deployment","authors":"Charles C. Zhang, M. Winslett, Carl A. Gunter","doi":"10.1109/SP.2007.32","DOIUrl":"https://doi.org/10.1109/SP.2007.32","url":null,"abstract":"Firewall policy management is challenging and error-prone. While ample research has led to tools for policy specification, correctness analysis, and optimization, few researchers have paid attention to firewall policy deployment: the process where a management tool edits a firewall's configuration to make it run the policies specified in the tool. In this paper, we provide the first formal definition and theoretical analysis of safety in firewall policy deployment. We show that naive deployment approaches can easily create a temporary security hole by permitting illegal traffic, or interrupt service by rejecting legal traffic during the deployment. We define safe and most-efficient deployments, and introduce the shuffling theorem as a formal basis for constructing deployment algorithms and proving their safety. We present efficient algorithms for constructing most-efficient deployments in popular policy editing languages. We show that in certain widely- installed policy editing languages, a safe deployment is not always possible. We also show how to leverage existing diff algorithms to guarantee a safe, most- efficient, and monotonic deployment in other editing languages.","PeriodicalId":131863,"journal":{"name":"2007 IEEE Symposium on Security and Privacy (SP '07)","volume":"120 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2007-05-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124475893","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Accurate Real-time Identification of IP Prefix Hijacking","authors":"Xin Hu, Z. Morley Mao","doi":"10.1109/SP.2007.7","DOIUrl":"https://doi.org/10.1109/SP.2007.7","url":null,"abstract":"We present novel and practical techniques to accurately detect IP prefix hijacking attacks in real time to facilitate mitigation. Attacks may hijack victim's address space to disrupt network services or perpetrate malicious activities such as spamming and DoS attacks without disclosing identity. We propose novel ways to significantly improve the detection accuracy by combining analysis of passively collected BGP routing updates with data plane fingerprints of suspicious prefixes. The key insight is to use data plane information in the form of edge network fingerprinting to disambiguate suspect IP hijacking incidences based on routing anomaly detection. Conflicts in data plane fingerprints provide much more definitive evidence of successful IP prefix hijacking. Utilizing multiple real-time BGP feeds, we demonstrate the ability of our system to distinguish between legitimate routing changes and actual attacks. Strong correlation with addresses that originate spam emails from a spam honeypot confirms the accuracy of our techniques.","PeriodicalId":131863,"journal":{"name":"2007 IEEE Symposium on Security and Privacy (SP '07)","volume":"44 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2007-05-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115956882","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Improving the Robustness of Private Information Retrieval","authors":"Ian Goldberg","doi":"10.1109/SP.2007.23","DOIUrl":"https://doi.org/10.1109/SP.2007.23","url":null,"abstract":"Since 1995, much work has been done creating protocols for private information retrieval (PIR). Many variants of the basic PIR model have been proposed, including such modifications as computational vs. information-theoretic privacy protection, correctness in the face of servers that fail to respond or that respond incorrectly, and protection of sensitive data against the database servers themselves. In this paper, we improve on the robustness of PIR in a number of ways. First, we present a Byzantine-robust PIR protocol which provides information-theoretic privacy protection against coalitions of up to all but one of the responding servers, improving the previous result by a factor of 3. In addition, our protocol allows for more of the responding servers to return incorrect information while still enabling the user to compute the correct result. We then extend our protocol so that queries have information-theoretic protection if a limited number of servers collude, as before, but still retain computational protection if they all collude. We also extend the protocol to provide information-theoretic protection to the contents of the database against collusions of limited numbers of the database servers, at no additional communication cost or increase in the number of servers. All of our protocols retrieve a block of data with communication cost only O(lscr) times the size of the block, where lscr is the number of servers. Finally, we discuss our implementation of these protocols, and measure their performance in order to determine their practicality.","PeriodicalId":131863,"journal":{"name":"2007 IEEE Symposium on Security and Privacy (SP '07)","volume":"41 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2007-05-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130055194","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Wei Yu, Xinwen Fu, Steve Graham, D. Xuan, Wei Zhao
{"title":"DSSS-Based Flow Marking Technique for Invisible Traceback","authors":"Wei Yu, Xinwen Fu, Steve Graham, D. Xuan, Wei Zhao","doi":"10.1109/SP.2007.14","DOIUrl":"https://doi.org/10.1109/SP.2007.14","url":null,"abstract":"Law enforcement agencies need the ability to conduct electronic surveillance to combat crime, terrorism, or other malicious activities exploiting the Internet. However, the proliferation of anonymous communication systems on the Internet has posed significant challenges to providing such traceback capability. In this paper, we develop a new class of flow marking technique for invisible traceback based on direct sequence spread spectrum (DSSS), utilizing a pseudo-noise (PN) code. By interfering with a sender's traffic and marginally varying its rate, an investigator can embed a secret spread spectrum signal into the sender's traffic. The embedded signal is carried along with the traffic from the sender to the receiver, so the investigator can recognize the corresponding communication relationship, tracing the messages despite the use of anonymous networks. The secret PN code makes it difficult for others to detect the presence of such embedded signals, so the traceback, while available to investigators is, effectively invisible. We demonstrate a practical flow marking system which requires no training, and can achieve both high detection and low false positive rates. Using a combination of analytical modeling, simulations, and experiments on Tor (a popular Internet anonymous communication system), we demonstrate the effectiveness of the DSSS-basedflow marking technique.","PeriodicalId":131863,"journal":{"name":"2007 IEEE Symposium on Security and Privacy (SP '07)","volume":"2014 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2007-05-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128024183","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"On the Optimal Communication Complexity of Multiphase Protocols for Perfect Communication","authors":"Kannan Srinathan, N. Prasad, C. Pandu Rangan","doi":"10.1109/SP.2007.31","DOIUrl":"https://doi.org/10.1109/SP.2007.31","url":null,"abstract":"In the perfectly secure message transmission (PSMT) problem, two synchronized non-faulty players (or processors), the Sender S and the Receiver R are connected by n wires (each of which facilitates 2-way communication); S has a message, represented by a sequence oft elements from a finite field, that he wishes to send to R; after exchanging messages in phases R should correctly obtain S 's message, while an adversary listening on and actively controlling any set of t (or less) wires should have no information about S 's message. Similarly, in the problem of perfect reliable message transmission (PRMT), the receiver R should correctly obtain S's message, in spite of the adversary actively controlling any set oft (or less) wires.","PeriodicalId":131863,"journal":{"name":"2007 IEEE Symposium on Security and Privacy (SP '07)","volume":"39 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2007-05-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121579541","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Jonathan M. McCune, Bryan Parno, A. Perrig, M. Reiter, Arvind Seshadri
{"title":"Minimal TCB Code Execution","authors":"Jonathan M. McCune, Bryan Parno, A. Perrig, M. Reiter, Arvind Seshadri","doi":"10.1109/SP.2007.27","DOIUrl":"https://doi.org/10.1109/SP.2007.27","url":null,"abstract":"We propose an architecture that allows code to execute in complete isolation from other software while trusting only a tiny software base that is orders of magnitude smaller than even minimalist virtual machine monitors. Our technique also enables more meaningful attestation than previous proposals, since only measurements of the security-sensitive portions of an application need to be included. We achieve these guarantees by leveraging hardware support provided by commodity processors from AMD and Intel that are shipping today.","PeriodicalId":131863,"journal":{"name":"2007 IEEE Symposium on Security and Privacy (SP '07)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2007-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126015087","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Stuart E. Schechter, Rachna Dhamija, Andy Ozment, Ian S. Fischer
{"title":"The Emperor's New Security Indicators","authors":"Stuart E. Schechter, Rachna Dhamija, Andy Ozment, Ian S. Fischer","doi":"10.1109/SP.2007.35","DOIUrl":"https://doi.org/10.1109/SP.2007.35","url":null,"abstract":"We evaluate Website authentication measures that are designed to protect users from man-in-the-middle, 'phishing', and other site forgery attacks. We asked 67 bank customers to conduct common online banking tasks. Each time they logged in, we presented increasingly alarming clues that their connection was insecure. First, we removed HTTPS indicators. Next, we removed the participant's site-authentication image--the customer-selected image that many Websites now expect their users to verify before entering their passwords. Finally, we replaced the bank's password-entry page with a warning page. After each clue, we determined whether participants entered their passwords or withheld them. We also investigate how a study's design affects participant behavior: we asked some participants to play a role and others to use their own accounts and passwords. We also presented some participants with security-focused instructions. We confirm prior findings that users ignore HTTPS indicators: no participants withheld their passwords when these indicators were removed. We present the first empirical investigation of site-authentication images, and we find them to be ineffective: even when we removed them, 23 of the 25 (92%) participants who used their own accounts entered their passwords. We also contribute the first empirical evidence that role playing affects participants' security behavior: role-playing participants behaved significantly less securely than those using their own passwords.","PeriodicalId":131863,"journal":{"name":"2007 IEEE Symposium on Security and Privacy (SP '07)","volume":"42 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2007-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125122431","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
