The rise in popularity of Internet of Things (IoT) devices has opened doors for privacy and security breaches in Cyber-Physical systems like smart homes, smart vehicles, and smart grids that affect our daily existence. IoT systems are also a source of big data that gets shared via the cloud. IoT systems in a smart home environment have sensitive access control issues since they are deployed in a personal space. The collected data can also be of a highly personal nature. Therefore, it is critical to building access control models that govern who, under what circumstances, can access which sensed data or actuate a physical system. Traditional access control mechanisms are not expressive enough to handle such complex access control needs, warranting the incorporation of new methodologies for privacy and security. In this paper, we propose the creation of the PALS system, that builds upon existing work in an attribute-based access control model, captures physical context collected from sensed data (attributes) and performs dynamic reasoning over these attributes and context-driven policies using Semantic Web technologies to execute access control decisions. Reasoning over user context, details of the information collected by the cloud service provider, and device type our mechanism generates as a consequent access control decisions. Our system’s access control decisions are supplemented by another sub-system that detects intrusions into smart home systems based on both network and behavioral data. The combined approach serves to determine indicators that a smart home system is under attack, as well as limit what data breach such attacks can achieve.
Design and Implementation of an Attribute Based Access Controller using OpenStack Services
Sharad Dixit, Graduate Student, UMBC
10:30am Monday, 24 September 2018, ITE346
With the advent of cloud computing, industries began a paradigm shift from the traditional way of computing towards cloud computing as it fulfilled organizations present requirements such as on-demand resource allocation, lower capital expenditure, scalability and flexibility but with that it brought a variety of security and user data breach issues. To solve the issues of user data and security breach, organizations have started to implement hybrid cloud where underlying cloud infrastructure is set by the organization and is accessible from anywhere around the world because of the distinguishable security edges provided by it. However, most of the cloud platforms provide a Role Based Access Controller which does not adequate for complex organizational structures. A novel mechanism is proposed using OpenStack services and semantic web technologies to develop a module which evaluates user’s and project’s multi-varied attributes and run them against access policy rules defined by an organization before granting the access to the user. Henceforth, an organization can deploy our module to obtain a robust and trustworthy access control based on multiple attributes of a user and the project the user has requested in a hybrid cloud platform like OpenStack.
Attribute Based Encryption for Secure Access to Cloud Based EHR Systems
Medical organizations find it challenging to adopt cloud-based electronic medical records services, due to the risk of data breaches and the resulting compromise of patient data. Existing authorization models follow a patient centric approach for EHR management where the responsibility of authorizing data access is handled at the patients’ end. This however creates a significant overhead for the patient who has to authorize every access of their health record. This is not practical given the multiple personnel involved in providing care and that at times the patient may not be in a state to provide this authorization. Hence there is a need of developing a proper authorization delegation mechanism for safe, secure and easy cloud-based EHR management. We have developed a novel, centralized, attribute based authorization mechanism that uses Attribute Based Encryption (ABE) and allows for delegated secure access of patient records. This mechanism transfers the service management overhead from the patient to the medical organization and allows easy delegation of cloud-based EHR’s access authority to the medical providers. In this paper, we describe this novel ABE approach as well as the prototype system that we have created to illustrate it.
Agniva Banerjee, UMBC
11:00-12:00 Monday, 2 April 2018
Agniva Banerjee, and Karuna Pande Joshi, Link Before You Share: Managing Privacy Policies through Blockchain, 4th International Workshop on Privacy and Security of Big Data (PSBD 2017), in conjunction with 2017 IEEE International Conference on Big Data, 4 December 2017.
M.S. Thesis Defense
Internal Penetration Test of a Simulated Automotive Ethernet Environment
Kenneth Owen Truex
11:15 Tuesday, 21 November 2017, ITE325, UMBC
The capabilities of modern day automobiles have far exceeded what Robert Bosch GmbH could have imagined when it proposed the Controller Area Network (CAN) bus back in 1986. Over time, drivers wanted more functionality, comfort, and safety in their automobiles — creating a burden for automotive manufacturers. With these driver demands came many innovations to the in-vehicle network core protocol. Modern automobiles that have a video based infotainment system or any type of camera assisted functionality such as an Advanced Driver Assistance System (ADAS) use ethernet as their network backbone. This is because the original CAN specification only allowed for up to 8 bytes of data per message on a bus rated at 1 Mbps. This is far less than the requirements of more advanced video-based automotive systems. The ethernet protocol allows for 1500 bytes of data per packet on a network rated for up to 100 Mbps. This led the automotive industry to adopt ethernet as the core protocol, overcoming most of the limitations posed by the CAN protocol. By adopting ethernet as the protocol for automotive networks, certain attack vectors are now available for black hat hackers to exploit in order to put the vehicle in an unsafe condition. I will create a simulated automotive ethernet environment using the CANoe network simulation platform by Vector GmbH. Then, a penetration test will be conducted on the simulated environment in order to discover attacks that pose a threat to automotive ethernet networks. These attacks will strictly follow a comprehensive threat model in order to narrowly focus the attack surface. If exploited successfully, these attacks will cover all three sides of the Confidentiality, Integrity, Availability (CIA) triad.
I will then propose a new and innovative mitigation strategy that can be implemented on current industry standard ECUs and run successfully under strict time and resource limitations. This new strategy can help to limit the attack surface that exists on modern day automobiles and help to protect the vehicle and its occupants from malicious adversaries.
Committee: Drs. Anupam Joshi (chair), Richard Forno, Charles Nicholas, Nilanjan Banerjee
Cybersecurity Challenges to American Local Governments
In this paper we examine data from the first ever nationwide survey of cybersecurity among American local governments. We are particularly interested in understanding the threats to local government cybersecurity, their level of preparedness to address the threats, the barriers these governments encounter when deploying cybersecurity, the policies, tools and practices that they employ to improve cybersecurity and, finally, the extent of awareness of and support for high levels of cybersecurity within their organizations. We found that local governments are under fairly constant cyberattack and are periodically breached. They are not especially well prepared to prevent cyberattacks or to recover when breached. The principal barriers to local cybersecurity are financial and organizations. Although a number of policies, tools and practices to improve cybersecurity, few local governments are making wide use of them. Last, local governments suffer from too little awareness of and support for cybersecurity within their organizations.
Link before you Share: Managing Privacy Policies through Blockchain
11:00am Monday, 16 October 2017
Penetration Testing a Simulated Automotive Ethernet Environment
11:00am Monday, 9 October 2017, ITE 346
The capabilities of modern day automobiles have far exceeded what Robert Bosch GmbH could have imagined when it proposed the Controller Area Network (CAN) bus back in 1986. Over time, drivers wanted more functionality, comfort, and safety in their automobiles creating a burden for automotive manufacturers. With these driver demands came many innovations to the in-vehicle network core protocol. Modern automobiles that have a video based infotainment system or any type of camera assisted functionality such as an Advanced Driver Assistance System (ADAS) use ethernet as their network backbone. This is because the original CAN specification only allowed for up to eight bytes of data per message on a bus rated at 1 Mbps. This is far less than the requirements of more advanced video-based automotive systems. The ethernet protocol allows for 1500 bytes of data per packet on a network rated for up to 100 Mbps. This led the automotive industry to adopt ethernet as the core protocol, overcoming most of the limitations posed by the CAN protocol. By adopting ethernet as the protocol for automotive networks, certain attack vectors are now available for black hat hackers to exploit in order to put the vehicle in an unsafe condition. This thesis will create a simulated automotive ethernet environment using the CANoe network simulation platform created by Vector. Then, a penetration test will be conducted on the simulated environment in order to discover attacks that pose a threat to automotive ethernet networks. These attacks will be from the perspective of an attacker will full access to the vehicle under test, and will cover all three sides of the Confidentiality, Integrity, Availability (CIA) triad. In conclusion, this thesis will propose several ethernet specific defense mechanisms that can be implemented in an automotive taxonomy to reduce the attack surface and allow for a safer end user experience.
Attacks on Smart Cards, RFIDs and Embedded Systems
Prof. Keith Mayes
Royal Holloway University of London
10-11:00am Tuesday, 10 October 2017, ITE 325, UMBC
Smart Cards and RFIDs exist with a range of capabilities and are used in their billions throughout the world. The simpler devices have poor security, however, for many years, high-end smart cards have successfully been used in a range of systems such as banking, passports, mobile communication, satellite TV etc. Fundamental to their success is a specialist design to offer remarkable resistance to a wide range of attacks, including physical, side-channel and fault. This talk describes a range of known attacks and the countermeasures that are employed to defeat them.
Prof. Keith Mayes is the Head of the School of Mathematics and Information Security at Royal Holloway University of London. He received his BSc (Hons) in Electronic Engineering in 1983 from the University of Bath, and his PhD degree in Digital Image Processing in 1987. He is an active researcher/author with 100+ publications in numerous conferences, books and journals. His interests include the design of secure protocols, communications architectures and security tokens as well as associated attacks/countermeasures. He is a Fellow of the Institution of Engineering and Technology, a Founder Associate Member of the Institute of Information Security Professionals, a Member of the Licensing Executives Society and a member of the editorial board of the Journal of Theoretical and Applied Electronic Commerce Research (JTAER).
The DC-Area Anonymity, Privacy, and Security Seminar (DCAPS) is a seminar for research on computer and communications anonymity, privacy, and security in the D.C. area. DCAPS meets to promote collaboration and improve awareness of work in the community. Seminars occur three times a year. It meets at different locations and has been hosted in the past by George Mason University, Georgetown University, George Washington University, University of Maryland, College park and UMBC. DCAPS meetings are free and open to anybody interested. To join the seminar mailing list, contact the organizer, Aaron Johnson, at aaron.m.johnson AT nrl.navy.mil.
Prajit Kumar Das, Anupam Joshi and Tim Finin, App behavioral analysis using system calls, MobiSec: Security, Privacy, and Digital Forensics of Mobile Systems and Networks, IEEE Conference on Computer Communications Workshops, May 2017.
System calls provide an interface to the services made available by an operating system. As a result, any functionality provided by a software application eventually reduces to a set of fixed system calls. Since system calls have been used in literature, to analyze program behavior we made an assumption that analyzing the patterns in calls made by a mobile application would provide us insight into its behavior. In this paper, we present our preliminary study conducted with 534 mobile applications and the system calls made by them. Due to a rising trend of mobile applications providing multiple functionalities, our study concluded, mapping system calls to functional behavior of a mobile application was not straightforward. We use Weka tool and manually annotated application behavior classes and system call features in our experiments to show that using such features achieves mediocre F1-measure at best, for app behavior classification. Thus leading to the conclusion that system calls were not sufficient features for app behavior classification.
Context-Dependent Privacy and Security Management on Mobile Devices
Prajit Das, UMBC
10:00am Tuesday, 27 February, 2017
Security and privacy of mobile devices is a challenging research domain. A prominent aspect of this research focuses on discovering software vulnerabilities for mobile operating systems and mobile apps. The other aspect of research focuses on user privacy and using feedback, generates privacy profiles for controlling data privacy. Profile based or role-based security can be restrictive as they require prior definition of such roles or profiles. As a result, it is better to use attribute-based access control and let the attributes define granularity of policy definition. This problem may thus be defined as, a security and privacy personalization problem. A critical issue in the process of capturing personalized policy is one of creating a system that is adaptive and knows when user’s preferences have been captured. Presented in this work you will learn about Mithril, a framework for capturing user access control policies that are fine-grained, context-sensitive and are represented using Semantic Web technologies and thereby manages access control decisions for user data on mobile devices. Violation metric has been used in this work as a measure to determine system state. A hierarchical context ontology has been used to define fine-grained access control policies and simplifying the process of policy modification for a user. A secondary goal of this research was to determine behavioral traits of mobile applications with a goal to detect outlier applications. Some preliminary research on this topic will also be discussed.