Visible to the public Measurement of Security Weaknesses, 2014

SoS Newsletter- Advanced Book Block

SoS Logo

Measurement of Security Weaknesses, 2014


Attackers need only find one or a few exploitable vulnerabilities to mount a successful attack while defenders must shore up as many weaknesses as practicable. The research presented here covers a range of weaknesses and approaches for identifying and securing against attacks. Many articles focus on key systems, both public and private.  The common thread is for measuring those weaknesses.  The work was presented in 2014.


Hemanidhi, A.; Chimmanee, S.; Sanguansat, P., "Network Risk Evaluation From Security Metric Of Vulnerability Detection Tools," TENCON 2014 - 2014 IEEE Region 10 Conference, pp. 1, 6, 22-25 Oct. 2014. doi: 10.1109/TENCON.2014.7022358
Abstract: Network Security is always a major concern in any organizations. To ensure that the organization network is well prevented from attackers, vulnerability assessment and penetration testing are implemented regularly. However, it is a highly time-consuming procedure to audit and analysis these testing results depending on administrator's expertise. Thus, security professionals prefer proactive-automatic vulnerability detection tools to identify vulnerabilities before they are exploited by an adversary. Although these vulnerability detection tools show that they are very useful for security professionals to audit and analysis much faster and more accurate, they have some important weaknesses as well. They only identify surface vulnerabilities and are unable to address the overall risk level of the scanned network. Also, they often use different standard for network risk level classification which habitually related to some organizations or vendors. Thus, these vulnerability detection tools are likely to, more or less, classify risk evaluation biasedly. This article presents a generic idea of “Network Risk Metric” as an unbiased risk evaluation from several vulnerability detection tools. In this paper, NetClarity (hardware-based), Nessus (software-based), and Retina (software-based) are implemented on two networks from an IT department of the Royal Thai Army (RTA). The proposed metric is applied for evaluating overall network risk from these three vulnerability detection tools. The result is a more accurate risk evaluation for each network.
Keywords: business data processing; computer crime; computer network performance evaluation; computer network security; T department; Nessus; NetClarity; RTA; Retina; Royal Thai Army; attackers; hardware-based; network risk evaluation; network risk level classification; network risk metric; network security; organization network; proactive-automatic vulnerability detection tools; security metric; security professionals; software-based; unbiased risk evaluation; vulnerabilities identification; vulnerability assessment; vulnerability penetration testing; Equations; Measurement; Retina; Security; Servers; Software; Standards organizations; Network Security; Risk Evaluation; Security Metrics; Vulnerability Detection (ID#: 15-5381)


Kotenko, I.; Doynikova, E., "Security Evaluation for Cyber Situational Awareness," High Performance Computing and Communications, 2014 IEEE 6th Intl Symp on Cyberspace Safety and Security, 2014 IEEE 11th Intl Conf on Embedded Software and Syst (HPCC,CSS,ICESS), 2014 IEEE Intl Conf on, pp. 1197, 1204, 20-22 Aug. 2014. doi: 10.1109/HPCC.2014.196
Abstract: The paper considers techniques for measurement and calculation of security metrics taking into account attack graphs and service dependencies. The techniques are based on several assessment levels (topological, attack graph level, attacker level, events level and system level) and important aspects (zero-day attacks, cost-efficiency characteristics). It allows understanding the current security situation, including defining the vulnerable characteristics and weaknesses of the system under protection, dangerous events, current and possible cyber attack parameters, attacker intentions, integral cyber situation metrics and necessary countermeasures.
Keywords: firewalls; attack countermeasures; attack graph level; attack graphs; attacker intentions; attacker level; cost-efficiency characteristics; cyber attack parameters; cyber situational awareness; dangerous events; event level; integral cyber situation metrics; security evaluation; security metric calculation; security metric measurement; service dependencies; system level; system weaknesses; topological assessment level; vulnerable characteristics; zero-day attacks; Business; Conferences; High performance computing; Integrated circuits; Measurement; Probabilistic logic; Security; attack graphs; cyber situational awareness; network security; risk assessment; security metrics; service dependencies (ID#: 15-5382)


Axelrod, C.W., "Reducing Software Assurance Risks For Security-Critical And Safety-Critical Systems," Systems, Applications and Technology Conference (LISAT), 2014 IEEE Long Island, pp. 1, 6, 2-2 May 2014. doi: 10.1109/LISAT.2014.6845212
Abstract: According to the Office of the Assistant Secretary of Defense for Research and Engineering (ASD(R&E)), the US Department of Defense (DoD) recognizes that there is a “persistent lack of a consistent approach ... for the certification of software assurance tools, testing and methodologies” [1]. As a result, the ASD(R&E) is seeking “to address vulnerabilities and weaknesses to cyber threats of the software that operates ... routine applications and critical kinetic systems ...” The mitigation of these risks has been recognized as a significant issue to be addressed in both the public and private sectors. In this paper we examine deficiencies in various software-assurance approaches and suggest ways in which they can be improved. We take a broad look at current approaches, identify their inherent weaknesses and propose approaches that serve to reduce risks. Some technical, economic and governance issues are: (1) Development of software-assurance technical standards (2) Management of software-assurance standards (3) Evaluation of tools, techniques, and metrics (4) Determination of update frequency for tools, techniques (5) Focus on most pressing threats to software systems (6) Suggestions as to risk-reducing research areas (7) Establishment of models of the economics of software-assurance solutions, and testing and certifying software We show that, in order to improve current software assurance policy and practices, particularly with respect to security, there has to be a major overhaul in how software is developed, especially with respect to the requirements and testing phases of the SDLC (Software Development Lifecycle). We also suggest that the current preventative approaches are inadequate and that greater reliance should be placed upon avoidance and deterrence. We also recommend that those developing and operating security-critical and safety-critical systems exchange best-ofbreed software assurance methods to prevent the vulnerability of components leading to compromise of entire systems of systems. The recent catastrophic loss of a Malaysia Airlines airplane is then presented as an example of possible compromises of physical and logical security of on-board communications and management and control systems.
Keywords: program testing; safety-critical software; software development management; software metrics; ASD(R&E);Assistant Secretary of Defense for Research and Engineering; Malaysia Airlines airplane; SDLC; US Department of Defense; US DoD; component vulnerability prevention; control systems; critical kinetic systems; cyber threats; economic issues; governance issues; logical security; management systems; on-board communications; physical security; private sectors; public sectors; risk mitigation; safety-critical systems; security-critical systems; software assurance risk reduction; software assurance tool certification; software development; software development lifecycle; software methodologies; software metric evaluation; software requirements; software system threats; software technique evaluation; software testing; software tool evaluation; software-assurance standard management; software-assurance technical standard development; technical issues; update frequency determination; Measurement; Organizations; Security; Software systems; Standards; Testing; cyber threats; cyber-physical systems; governance; risk; safety-critical systems; security-critical systems; software assurance; technical standards; vulnerabilities; weaknesses (ID#: 15-5383)


Guri, M.; Kedma, G.; Zadov, B.; Elovici, Y., "Trusted Detection of Sensitive Activities on Mobile Phones Using Power Consumption Measurements," Intelligence and Security Informatics Conference (JISIC), 2014 IEEE Joint, pp. 145, 151, 24-26 Sept. 2014. doi: 10.1109/JISIC.2014.30
Abstract: The unprecedented popularity of modern mobile phones has made them a lucrative target for skillful and motivated offenders. A typical mobile phone is packed with sensors, which can be turned on silently by a malicious program, providing invaluable information to the attacker. Detecting such hidden activities through software monitors can be blindfolded and bypassed by rootkits and by anti-forensic methods applied by the malicious program. Moreover, detecting power consumption by software running on the mobile phone is susceptible to similar evasive techniques. Consequently, software based detection of hidden malicious activities, particularly the silent activation of sensors, cannot be considered as trusted. In this paper we present a method which detects hidden activities using external measurement of power consumption. The classification model is acquired using machine-learning multi-label classification algorithms. Our method overcomes the inherent weaknesses of software-based monitors, and provides a trusted solution. We describe the measurement setup, and provide detailed evaluation results of the algorithms used. The results obtained so far support the feasibility of our method.
Keywords: learning (artificial intelligence);smart phones; telecommunication security; trusted computing; machine learning multilabel classification algorithms; malicious program; mobile phones; power consumption measurements; sensitive activities; software monitors; trusted detection; Battery charge measurement; Global Positioning System; IEEE 802.11 Standards; Mobile handsets; Monitoring; Power demand; Power measurement; Machine learning; Mobile phone security; Multi-label classification; Trusted measurement (ID#: 15-5384)


Makhdoom, I.; Afzal, M.; Rashid, I., "A Novel Code Attestation Scheme Against Sybil Attack In Wireless Sensor Networks," Software Engineering Conference (NSEC), 2014 National, pp. 1, 6, 11-12 Nov. 2014. doi: 10.1109/NSEC.2014.6998232
Abstract: Wireless Sensor Networks (WSN) due to their distributed nature are vulnerable to various external and insider attacks. Classic cryptographic measures do protect against external attacks to some extent but they fail to defend against insider attacks involving node compromise. A compromised node can be used to launch various attacks of which Sybil Attack is the most prominent. In this paper we carry out a detailed review and analysis of various defenses proposed against Sybil Attack. We identify their strengths and weaknesses and also propose a novel One Way Code Attestation Protocol (OWCAP) for wireless sensors networks, which is an economical and a secure code attestation scheme that protects not only against Sybil Attack but also against majority of the insider attacks.
Keywords: cryptographic protocols; telecommunication security; wireless sensor networks; OWCAP; Sybil attack; WSN; cryptographic measurement; external attacks; insider attacks; novel code attestation scheme; one way code attestation protocol; wireless sensor networks; Cryptography; Heating; Wireless sensor networks; Sybil Attack; code attestation scheme; embedded systems security; insider attacks; trust and security issues in sensor networks; wireless sensor networks (ID#: 15-5385)


Garvey, P.R.; Patel, S.H., "Analytical Frameworks to Assess the Effectiveness and Economic-Returns of Cybersecurity Investments," Military Communications Conference (MILCOM), 2014 IEEE, pp. 136, 145, 6-8 Oct. 2014. doi: 10.1109/MILCOM.2014.29
Abstract: Critical considerations in engineering today's systems are securing the collection, access, and dissemination of the information they contain. Advanced computing technologies, ubiquitous environments, and sophisticated networks enable globally distributed information access to an uncountable number of consumers - and adversaries. Assuring the integrity of today's missions, and the highly networked systems they depend on, requires economic decisions in rapidly changing technology and cyber threat environments. Knowing that countermeasures effective against today's threats can be ineffective tomorrow, decision-makers need agile ways to assess the efficacies of investments in cyber security on assuring mission outcomes. Analytical methods in cyber security economics need to be flexible in their information demands. Some investment decisions may necessitate methods that use in-depth knowledge about a mission's information systems and networks, vulnerabilities, and adversary abilities to exploit weaknesses. Other investment decisions may necessitate methods that use only a high-level understanding of these dimensions. The sophistication of methods to conduct economic-benefit tradeoffs of mission assuring investments must calibrate to the range of knowledge environments present within an organization. This paper presents a family of analytical frameworks to assess and measure the effectiveness of cyber security and the economic-benefit tradeoffs of competing cyber security investments. These frameworks demonstrate ways to think through and shape an analysis of the economic-benefit returns on cyber security investments - rather than being viewed as rigid model structures.
Keywords: authorisation; socio-economic effects; cyber security economics; cyber threat environment; cybersecurity investment; economic-benefit returns; economic-benefit tradeoff; economic-returns; globally distributed information; Accuracy; Computer security; Economics; Investment; Measurement; Organizations; Portfolios; cyber mission assurance; cybersecurity; cybersecurity economics; cybersecurity risk; economic-benefit tradeoffs; mission effectiveness (ID#: 15-5386)


Eldib, H.; Chao Wang; Taha, M.; Schaumont, P., "QMS: Evaluating The Side-Channel Resistance Of Masked Software From Source Code," Design Automation Conference (DAC), 2014 51st ACM/EDAC/IEEE, pp. 1, 6, 1-5 June 2014.  Doi: (not provided)
Abstract: Many commercial systems in the embedded space have shown weakness against power analysis based side-channel attacks in recent years. Designing countermeasures to defend against such attacks is both labor intensive and error prone. Furthermore, there is a lack of formal methods for quantifying the actual strength of a counter-measure implementation. Security design errors may therefore go undetected until the side-channel leakage is physically measured and evaluated. We show a better solution based on static analysis of C source code. We introduce the new notion of Quantitative Masking Strength (QMS) to estimate the amount of information leakage from software through side channels. The QMS can be automatically computed from the source code of a countermeasure implementation. Our experiments, based on side-channel measurement on real devices, show that the QMS accurately quantifies the side-channel resistance of the software implementation.
Keywords: object-oriented methods; program diagnostics; security of data; C source code; QMS; counter-measure implementation; information leakage; masked software; power analysis based side-channel attacks; quantitative masking strength; security design; side-channel resistance; static analysis; Benchmark testing; Cryptography; Random variables; Resistance; Software; Software measurement; SMT solver; Side channel attack; countermeasure; differential power analysis; quantitative masking strength (ID#: 15-5387)


Sanger, J.; Pernul, G., "Visualizing Transaction Context in Trust and Reputation Systems," Availability, Reliability and Security (ARES), 2014 Ninth International Conference on, pp. 94, 103, 8-12 Sept. 2014. doi: 10.1109/ARES.2014.19
Abstract: Transaction context is an important aspect that should be taken into account for reputation-based trust assessment, because referrals are bound to the situation-specific context in which they were created. The non-consideration of transaction context may cause several threats such as the value imbalance problem. Exploiting this weakness, a seller can build high reputation by selling cheap products while cheating on the expensive ones. In the recent years, multiple approaches have been introduced that address this challenge. All of them chose metrics leading to numerical reputation values. These values, however, are non-transparent and quite hard to understand for the end-user. In this work, in contrast, we combine reputation assessment and visual analytics to provide an interactive visualization of multivariate reputation data. We thereby allow the user to analyze the data sets and draw conclusions by himself. In this way, we enhance transparency, involve the user in the evaluation process and as a consequence increase the users' trust in the reputation system.
Keywords: data analysis; data visualisation; trusted computing; data set analysis; interactive visualization; multivariate reputation data; numerical reputation values; reputation system; reputation-based trust assessment; situation-specific context; transaction context visualization; trust system; value imbalance problem; visual analytics; Biological system modeling; Context; Context modeling; Data visualization; Electronic commerce; Measurement; Visual analytics; context; context-awareness; parallel coordinates; reputation; transaction context; trust; visual analytics; visualization (ID#: 15-5388)


Bissessar, D.; Adams, C.; Dong Liu, "Using Biometric Key Commitments To Prevent Unauthorized Lending Of Cryptographic Credentials," Privacy, Security and Trust (PST), 2014 Twelfth Annual International Conference on, pp.75,83, 23-24 July 2014. doi: 10.1109/PST.2014.6890926
Abstract: We present a technique that uses privacy enhancing technologies and biometrics to prevent the unauthorized lending of credentials. Current credential schemes suffer the weakness that issued credentials can be transferred between users. Our technique ensures the biometric identity of the individual executing the Issue and Show protocols of an existing credential system in a manner analogous to the enrollment and verification steps in traditional biometric systems. During Issue we create Pedersen commitments on biometrically derived keys obtained from fuzzy extractors. This issue-time commitment is sealed into the issued credential. During Show a verification-time commitment is generated. Correspondence of keys is verified using a zero-knowledge proof of knowledge. The proposed approach preserves the security of the underlying credential system, protects the privacy of the biometric, and generalizes to multiple biometric modalities. We illustrate the usage of our technique by showing how it can be incorporated into digital credentials and anonymous credentials.
Keywords: cryptography; data privacy; Pedersen commitments; anonymous credentials; biometric identity; biometric key commitments; biometric modalities; credential schemes; credential system; cryptographic credentials; digital credentials; fuzzy extractors; issue protocol; issue-time commitment; privacy enhancing technologies; show protocol; Data mining ;Encryption; Measurement; Privacy; Protocols; anonymous credentials; biometrics; digital credentials; fuzzy extractors; non-transferability; privacy enhancing technologies (ID#: 15-5389)


Sevcik, L.; Uhrin, D.; Frnda, J.; Uhrina, M.; Chmelikova, Z.; Voznak, M., "The Impact of Encryption on Video Transmission in IP Network," Telecommunications Forum Telfor (TELFOR), 2014 22nd, pp. 123, 126, 25-27 Nov. 2014.  doi: 10.1109/TELFOR.2014.7034372
Abstract: One of the weaknesses of the original Internet Protocol is that it lacks any sort of general purpose mechanism for ensuring the authenticity and privacy of data as it is passed over IP network. With the increased use of the Internet for critical applications, security enhancements were needed for IP. The aim of this paper is to investigate an impact of encryption on video transmission in IP network. In the paper, we describe IPsec tunnel using ESP and AH header providing confidentiality in terms of safety, integrity and non-repudiation (using HMAC-SHA1 and 3DES encryption for confidentiality and AES in CBC mode). The other goal was to assess how an OpenVPN affects the transmitted video. We compare results of both measurements in order to express the impact of packet loss on the transmitted video.
Keywords: IP networks; Internet; computer network security; cryptographic protocols; video streaming;3DES encryption; AES; CBC mode;HMAC-SHA1 encryption; IP network; IPsec tunnel; Internet Protocol; OpenVPN; packet loss; security enhancements; video transmission; Encryption; IP networks; Packet loss; Streaming media; Transform coding; Video recording;3DES;AES256;IPsec;SSIM;video quality (ID#: 15-5390)


Sochor, T., "Overview Of E-Mail SPAM Elimination And Its Efficiency," Research Challenges in Information Science (RCIS), 2014 IEEE Eighth International Conference on, pp. 1, 11, 28-30 May 2014. doi: 10.1109/RCIS.2014.6861043
Abstract: Permanently changing nature of SPAM (hereinafter only in the sense of unsolicited e-mail messages thus intentionally neglecting other SPAM types) causes that it is almost impossible to find any single mechanism protecting against SPAM for long-term periods. Multi-layer protection is usually applied to SPAM elimination therefore. Especially blacklisting and greylisting have been proven to be extremely useful because they can eliminate significant part of SPAM messages even before their delivery. The article gives an overview of existing SPAM elimination methods, motivates and describes multilayer anti-SPAM mechanisms and analyses the behavior and the efficiency of the key components of a multilayer system. Weaknesses of the analyzed methods (especially blacklisting and greylisting) are mentioned, too, and recommendations formulated, both based on the author's own measurements.
Keywords: collaborative filtering; security of data; unsolicited e-mail; SPAM messages; blacklisting; e-mail SPAM elimination efficiency; greylisting; multilayer antiSPAM mechanisms; multilayer protection; unsolicited e-mail messages; Bayes methods; Educational institutions; IP networks; Market research; Servers; Unsolicited electronic mail; SMTP; SPAM; content search for SPAM; electronic mail; greylisting; lacklisting; unsolicited e-mail messages; unsolicited e-mail message blacklisting (ID#: 15-5391)


Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.