Illinois Science of Security (SoS) Lablet

Paulo Esteves-Verissimo, University of Luxembourg
April 28, 2017, 4:00 p.m., B02 Coordinated Science Laboratory

slides | video

Abstract: Computing and communications infrastructures have become commodities which societies largely depend on, transacting huge quantities of data and exhibiting pervasive interconnections, sometimes in critical conditions. However, the actual magnitude that security and dependability risks may assume, is often misperceived. The information society has been assuming risk behaviours, without the adequate protection. Many stakeholders, not only end-users but vendors, service providers, public administrations and — what may be surprising — even governments, seem to ignore those risks, in different ways.

Yet, as will be shown in the talk, the problem should be obvious from the symptoms that have lately seen the light. Threats are everyday more powerful, massive or targeted attacks and advanced persistent threats entered the situational awareness agenda of nations. However, systems remain flaky, sometimes seemingly intentionally, vulnerabilities persist, and partial and/or specific fixes imperfectly mend what are sometimes global problems. Grand challenges deserve grand solutions, and so the talk will conclude along two lines of discussion, as a contribution to the debate on science of cybersecurity: effective strategies for cybersecurity are in dire need; advanced research breaking with traditional paradigms is required.

Bio: Paulo Esteves-Veríssimo is a Professor and FNR PEARL Chair at the University of Luxembourg Faculty of Science, Technology and Communication (FSTC), since fall 2014, and head of the CritiX lab (Critical and Extreme Security and Dependability) at SnT, the Interdisciplinary Centre for Security, Reliability and Trust at the same University (http://wwwen.uni.lu/snt). He is adjunct Professor of the ECE Dept., Carnegie Mellon University. Previously, he has been a Professor of the Univ. of Lisbon, member of the Board of the same university and Director of LaSIGE (http://lasige.di.fc.ul.pt). Veríssimo is Fellow of the IEEE and Fellow of the ACM, and he is associate editor of the IEEE Transactions on Computers. He is currently Chair of the IFIP WG 10.4 on Dependable Computing and Fault-Tolerance and vice-Chair of the Steering Committee of the IEEE/IFIP DSN conference. He is currently interested in secure and dependable distributed architectures, middleware and algorithms for: resilience of large-scale systems and critical infrastructures, privacy and integrity of highly sensitive data, and adaptability and safety of real-time networked embedded systems. He is author of over 180 peer-refereed publications and co-author of 5 books.

Peter Popov, City, University of London
March 23, 2017, 2:00 p.m., 141 Coordinated Science Laboratory

slides

Abstract: This talk will present an approach to modelling the effect of cyber-attacks on reliability of software used in industrial control applications. The model is based on the view that successful cyber-attacks introduce failure regions, which are not present in non-compromised software. The model is then extended to cover a fault tolerant architecture such as the 1-out-of-2 software, popular to build industrial protection systems. The model is used to study the effectiveness of software maintenance policies such as patching and “cleansing” under different adversary models ranging from independent attacks on the channels to sophisticated synchronized attacks on the channels. The studies demonstrate that the effect of attacks on reliability of diverse software is significantly affected by the adversary model. Under synchroniz ed attacks system reliability may be more than an order of magnitude worse than under independent attacks on the channels. These findings, although not surprising, highlight the importance of using an adequate adversary model in the assessment of the effectiveness of cyber-security controls.

Bio: Peter Popov is Reader in the Centre for Software Reliability, City, University of London, United Kingdom. He joined the Centre in 1997 after a career in industry and in Bulgarian Academy of Sciences. He was a visiting scientist at LAAS, Toulouse, France and at the University of Illinois at Urbana-Champaign and currently at Duke University.

Nathaniel Gleicher, Illumio
January 17, 2017, 4:00 p.m., B02 Coordinated Science Laboratory

video

Abstract: Since the Secret Service began protecting the President full time in 1906, only 7 attackers have reached the President. From a cybersecurity defender’s perspective, the President is the ultimate high-value asset – incredibly important, but impossible to lock away in a sealed vault. But despite the similarity, the cybersecurity industry’s record is nowhere close to the Secret Service’s record. This talk will focus on what cybersecurity experts can learn from the Secret Service’s approach.

Bio: Nathaniel Gleicher is trained as a computer scientist and a lawyer, and works at the intersection of technology, policy, and law. He is currently the Head of Cybersecurity Strategy at Illumio, where he heads the company’s thought leadership and public engagement and oversees its cybersecurity technology strategy. Nathaniel is a regular speaker at leading industry events, and his writing has appeared in industry publications, the popular press, and academic journals.

Prior to Illumio, Nathaniel investigated and prosecuted domestic and international cybercrime at the U.S. Department of Justice, advised the South Korean Government on technology policy, and served as Director for Cybersecurity Policy on the National Security Council at the White House. He has also taught computer programming, designed and developed custom e-commerce and database solutions, and built and secured computer networks. Nathaniel received a B.S. in computer science from the University of Chicago, and a J.D. from Yale Law School.

Franziska Roesner, University of Washington
October 18, 2016, 2:00 p.m., B02 Coordinated Science Laboratory

slides | video

Abstract: As our world becomes more computerized and interconnected, computer security and privacy will continue to increase in importance. My work focuses on investigating computer security and privacy challenges for end users of existing and emerging technologies, and designing and building new systems that better match user expectations. This talk will describe two case studies. First, I will discuss our work on studying the web tracking ecosystem, including a longitudinal study from 1996-2016 and the design of a new defense. I will then describe user-driven access control, a model for granting permissions to applications in modern operating systems that works by extracting permission information from natural user actions. Our recent work enables user-driven access control even for unmodified operating systems. Finally, I will briefly describe our ongoing work on security for emerging augmented reality platforms and security for journalist-source communications.

Bio: Franziska (Franzi) Roesner is an Assistant Professor in Computer Science and Engineering at the University of Washington, where she co-directs the Security and Privacy Research Lab. Her research focuses on understanding and improving computer security and privacy for end users of existing and emerging technologies, including the web, smartphones, and emerging augmented reality and IoT platforms. Her work on application permissions in modern operating systems received the Best Practical Paper Award at the IEEE Symposium on Security and Privacy, her early work on security and privacy for augmented reality was featured on the cover of the Communications of the ACM magazine, and her defense for tracking by social media widgets on the web was incorporated into the Electronic Frontier Foundation’s Privacy Badger tool. She received her PhD from the University of Washington in 2014 and her BS from the University of Texas at Austin in 2008.

Nadia Heninger, University of Pennsylvania
October 6, 2016, 4:00 p.m., B02 Coordinated Science Laboratory

slides

Abstract: To comply with 1990s-era US export restrictions on cryptography, early versions of SSL/TLS supported reduced-strength ciphersuites that were restricted to 40-bit symmetric keys and 512-bit RSA and Diffie-Hellman public values.  Although the relevant export restrictions have not been in effect since 2000, modern implementations often maintain support for these cipher suites along with old protocol versions.

In this talk, I will discuss recent attacks against TLS (FREAK, Logjam, and DROWN) demonstrating how server-side support for these insecure ciphersuites harms the security of users with modern TLS clients.  These attacks exploit a combination of clever cryptanalysis, advances in computing power since the 1990s, previously undiscovered protocol flaws, and implementation vulnerabilities.

Bio: Nadia Heninger is an assistant professor in the Computer and Information Science department at the University of Pennsylvania. Her research focuses on security, applied cryptography, and algorithms. Previously, she was an NSF Mathematical Sciences Postdoctoral Fellow at UC San Diego and a visiting researcher at Microsoft Research New England. She received her Ph.D. in computer science in 2011 from Princeton and a B.S. in electrical engineering and computer science in 2004 from UC Berkeley.

Patrick Traynor, University of Florida 
April 12, 2016, 4:00 p.m., B02 Coordinated Science Laboratory

slides | video

Abstract: Telephones remain a trusted platform for bootstrapping and conducting some of our most sensitive exchanges. From banking to taxes, wide swathes of industry and government rely on telephony as a secure fall-back when attempting to confirm the veracity of a transaction. In spite of this, authentication is poorly managed between disparate telephony systems, and in the general case it is impossible to be certain of the identity of the entity at the other end of a call. In this talk, we will investigate the rise of three classes of attacks that are the direct result of such poorly placed trust. I begin with an investigation of the ways in which phone numbers are being used as strong authenticators for Internet-based systems (i.e., phone verified account fraud). I will then discuss how associating call origins with specific users is difficult even for providers (i.e., simboxing). Lastly, I show how the lack of secure metadata leads to attacks on users (i.e., Caller-ID spoofing). We discuss how our research group is attempting to solve each of these problems, and the challenges that remain ahead.

Bio: Patrick Traynor is an Associate Professor in the Department of Computer and Information Science and Engineering (CISE) at the University of Florida. His research focuses on the security of mobile systems, with a concentration on telecommunications infrastructure and mobile devices. His research has uncovered critical vulnerabilities in cellular networks, made the first characterization of mobile malware in provider networks and offers a robust approach to detecting and combatting Caller-ID scams. He is also interested in Internet security and the systems challenges of applied cryptography. He received a CAREER Award from the National Science Foundation in 2010 and was named a Sloan Fellow in 2014.

Professor Traynor earned his Ph.D. and M.S. in Computer Science and Engineering from the Pennsylvania State University in 2008 and 2004, respectively, and my B.S. in Computer Science from the University of Richmond in 2002. After promotion and tenure in the School of Computer Science at Georgia Tech, he joined the University of Florida in 2014 as part of the UFRising Preeminence Hiring Program. He is the co-director of the Florida Institute for Cybersecurity (FICS) and am also a co-founder of Pindrop Security.

J. Alex Halderman, University of Michigan
February 9, 2016, 4:00 p.m., B02 Coordinated Science Lab
Slides | Video

Abstract: Diffie-Hellman key exchange is a cornerstone of modern cryptography at the core of protocols like HTTPS and SSH.  Last year, collaborators and I discovered that Diffie-Hellman, as used in practice, is significantly less secure than widely believed. With the number field sieve algorithms, computing a single discrete log in prime fields is more difficult than factoring an RSA modulus of the same size. However, an adversary who performs a large precomputation for a prime $p$ can then quickly calculate arbitrary discrete logs in groups modulo that prime, amortizing the cost over all targets that share this parameter. Although this fact is well known among mathematical cryptographers, it seems to have been lost among practitioners.

Using these observations, we developed Logjam, an attack on TLS in which a man-in-the-middle can downgrade a connection to 512-bit “export-grade” Diffie-Hellman. After a week-long precomputation for a specified 512-bit group, we can compute arbitrary discrete logs in that group in about a minute. We found that 82% of vulnerable servers use a single 512-bit group, allowing us to compromise connections to 7% of Alexa Top Million HTTPS sites. In response, major browsers have been changed to reject short groups.

In the more widespread case of 1024-bit Diffie-Hellman, we estimate that discrete log computations are plausible given nation-state resources, and a close reading of published NSA leaks shows that the agency’s attacks on VPNs are consistent with having achieved such a break. A small number of fixed or standardized groups are used by millions of servers, and we estimate that performing precomputation for a single 1024-bit group would allow passive eavesdropping on about 18% of popular HTTPS sites, and a second group would allow decryption of traffic to about 66% of IPsec VPNs and 26% of SSH servers. We conclude that the security community should prioritize moving to stronger key exchange methods.

Bio: J. Alex Halderman is an Associate Professor of Computer Science and Engineering at the University of Michigan and Director of Michigan’s Center for Computer Security and Society. His interests include computer and network security, Internet security measurement, censorship resistance, and electronic voting, as well as the interaction of technology with law and international affairs. Named one of Popular Science’s “Brilliant 10” for 2015, his recent projects include ZMap, Let’s Encrypt, and the Telex censorship resistance system.

Neils Provos, Google, Inc.
November 13, 2015, 10:00 a.m., B02 Coordinated Science Lab

Abstract: Security continues to be a challenging problem. After decades of research, we’re still struggling with vulnerabilities, human and machine, and their exploitation. Solving security requires looking at the problem holistically, and explicitly including the human component. In this talk, I’ll be discussing some of the security challenges we encounter at Google: from Unwanted Software, across encrypting HTTP everywhere, to strong authentication. The focus will be on what we found works in practice, and some of the lessons we have learned.

Bio:  Niels Provos is a Distinguished Engineer in Google’s Infrastructure Security group where he is responsible for security engineering. His interests span a wide range of security topics including malware and cloud security. He received a Ph.D. from the University of Michigan in 2003. When not working with computers, he forges steel into swords.

Paul Barford, University of Wisconsin, Madison
October 16, 2015, 10:00 a.m., B02 Coordinated Science Lab

Video

Abstract:  The diversity of entities and complexity of mechanisms involved in the delivery of online display and video advertisements lead to a variety of opportunities for fraudsters.  Recent reports by estimate online fraud in the hundreds of millions of dollars annually.  In this talk, I will provide an overview of the online ad eco-system.  I will describe the methods that are commonly used to commit ad fraud, and the basic approaches to detecting and mitigating fraud.  I will also describe a new type of ad fraud that we call domain laundering, which is quite subtle and takes advantage of the limitations in standard methods for ad placement attribution.  I will provide an overview of the mechanisms used to facilitate domain laundering along with case studies on three different instances of domain laundering that we have identified and diagnosed.  I will conclude with a discussion on approaches for enhanced identification and mitigation of online ad fraud including domain laundering.

Bio:  Paul Barford a professor of Computer Sciences at the University of Wisconsin-Madison.  He is also the Chief Scientist at comScore, Inc.  His Research interests are in computer networking and communications, large data analytics, and Internet security.  He was the founder of Nemean Networks (acquired By Qualys in ‘10) and co-founder of MdotLabs (acquired By comScore in ‘14).   He has published over 100 research papers and has served on numerous national and international panels, editorial boards, organizing committees, and program committees. He has an NSF CAREER award, several best paper awards and is a Distinguished Member of the ACM and a Senior Member of the IEEE.

Patrick McDaniel, The Pennsylvania State University
September 24, 10:00 a.m., B02 Coordinated Science Lab
Slides

Abstract: The introduction of smart phones in 2008 forever changed the way users interact with data and computation. These platforms and the network and cloud services supporting them have led to a renaissance of mobile computing. At the same time, changes in the nature of personal computing heightens concerns about security and privacy.   Such concerns prompted an ongoing area of scientific study exploring smartphone and application security. Through these efforts, the technical community has become increasingly aware that applications can (and in many cases have) work against the user’s best interests and house new forms of malware.

This talk explores the genesis and evolution of academic research efforts in evaluating smartphone application security over the first seven years of its existence. A retrospective view of how the community’s understanding of application security has changed over the years is provided, with a focus on the scientific questions asked and the methods used. We highlight a range of analysis techniques that extract software structures and behaviors from smartphone applications, and describe several studies that identified important security and privacy concerns. The talk concludes by considering the realities of current mobile apps and markets and identifies challenges in preventing misuse of smartphones.

Bio: Patrick McDaniel is a Professor in the Computer Science and Engineering Department at The Pennsylvania State University, co-director of the Systems and Internet Infrastructure Security Laboratory, IEEE Fellow, and Chair of the IEEE Technical Committee for Security and Privacy. Dr. McDaniel is also the program manager and lead scientist for the newly created Cyber-Security Collaborative Research Alliance. Patrick’s research efforts centrally focus on network, telecommunications, systems security, language-based security, and technical public policy. Patrick was the editor-in-chief of the ACM Journal Transactions on Internet Technology (TOIT), and served as associate editor of the journals ACM Transactions on Information and System Security, IEEE Transactions on Computers, and IEEE Transactions on Software Engineering. Patrick was awarded the National Science Foundation CAREER Award and has chaired several top conferences in security including, among others, the 2007 and 2008 IEEE Symposium on Security and Privacy and the 2005 USENIX Security Symposium. Prior to pursuing his Ph.D. at the University of Michigan, Patrick was a software architect and project manager in the telecommunications industry.