Ebook: Aspects of Network and Information Security

An Advanced Study Institute (ASI) “Network Security and Intrusion Detection” was held in Nork, Yerevan, Armenia, October 01–12, 2005. The goal of the ASI was to bring together lecturers of international standing to provide instruction on methods, techniques and applications to deal with the issues of Cyber Security. Participants (post graduate) from NATO, Partner and Mediterranean Dialogue countries had an opportunity to learn and exchange ideas with internationally renowned scientists in the domain as well as students from other countries, developing awareness about methods, solutions and on-going research for Critical Infrastructure Protection, Intrusion Prevention and Threat Assessment globally. This publication is the Proceedings of the Institute.

An ASI is a high-level tutorial activity, one of many types of funded group support mechanisms established by the NATO Science Committee in support of the dissemination of knowledge and the formation of international scientific contacts. The NATO Science Committee was approved at a meeting of the Heads of Government of the Alliance in December 1957, subsequent to the 1956 recommendation of “ThreeWiseMen” – Foreign Ministers Lange (Norway), Martino (Italy) and Pearson (Canada) on Non-Military Cooperation in NATO. The NATO Science Committee established the NATO Science Programme in 1958 to encourage and support scientific collaboration between individual scientists and to foster scientific development in its member states. In 1999, following the end of the Cold War, the Science Programme was transformed so that support is now devoted to collaboration between Partner-country and NATO-country scientists or to contributing towards research support in Partner countries. Since 2004, the Science Programme was further modified to focus exclusively on NATO Priority Research Topics (i.e. Defense Against Terrorism or Countering Other Threats to Security) and also preferably on a Partner country priority area.

This ASI was conceived as a result of discussions that occurred during the NATO ASI # 979583 between the two co-directors (Dr. Elisa Shahbazian and Prof. Evgueni Haroutunian). The topic of Network Security is one of the currently most critical topics, and both in Canada and in Armenia there are many Universities where various aspects of this topic are being investigated. Being on the Board of Directors of the Canadian University/Industry Network Centre of Excellence on Mathematics of Information Technology and Complex Systems (MITACS), Dr. Shahbazian was confident that many prominent Canadian experts in the domain would be very enthusiastic to lecture in the ASI as well as being able to involve high calibre experts from other NATO countries, while Prof. Haroutunian was confident that he could involve many prominent experts in the domain from former soviet republics and Eastern Europe.

Network security is concerned with creating a secure inter-connected network that is designed so that on the one hand users cannot perform actions that they are not allowed to perform, but on the other hand can perform the actions that they are allowed to. Network security not only involves specifying and implementing a security policy that describes access control, but also implementing an Intrusion Detection System (IDS) as a tool for detecting attempted attacks or intrusions by crackers or automated attack tools and identifying security breaches such as incoming shellcode, viruses, worms, malware and trojan horses transmitted via a computer system or network. Intrusion detection is traditionally achieved by examining network communications, identifying heuristics and patterns of common attacks, and taking action to alert network and system managers.

An intrusion-prevention system is a system which when combined with intrusion monitoring and detection via an application layer firewall may terminate connections. Thus, an intrusion prevention system exercises access control in order to protect computers from exploitation by inspecting network traffic (for signs of intrusions) at a deeper level and can make decisions based not only on IP address or ports but also on application content and may also act at the host level to deny potentially malicious activity.

Today's computer infrastructure is exposed to several kinds of security threats ranging from virus attacks, unauthorised data access, sniffing and password cracking. Understanding network vulnerabilities in order to protect networks from external and internal threats is vital to the world's economy and should be given the highest priority. Computer and network security involves many important and complicated issues and this gathering of scientists will help not only in raising awareness but also in teaching participants the state-of-the-art of security techniques.

Topics in the following three main areas were discussed during the ASI:

I. Network Security

II. Information Security

III. Coding

The theme of the Institute was scientific communication and exchange of ideas among academic and industrial groups having a common interest in understanding the issues and development of approaches of cyber security.

The technical program was conceived to emphasise the methods and theory in the first week and simulation and applications in the second week. The program included a presentation discussing European Union grant opportunities in Europe for multi-national teams and the ASI ended with a Plenary Discussion on Cyber Security Research: Future Developments and International Collaboration. Already during the ASI four groups of participants from various countries started discussions of potential collaborations, namely:

1. Armenia, Switzerland, Italy

2. Armenia, Canada

3. Armenia, US

4. Russia, Canada

The Armenia-Canada collaboration was successfully put in place supported by a NATO Strategic Grant # ESP CLG 982237 in April 2006.

Sixty-four lecturers, co-authors and students from Armenia, Austria, Belgium, Canada, Czech Republic, Estonia, Germany, Hungary, Italy, Russia, Switzerland, Turkey, UK and USA participated at the ASI. All lecturers were internationally very highly regarded experts in their domains. Unfortunately, due to the fact that the ASI was in October, some other very prominent experts from these and other countries (Greece, Kyrgyz republic, Italy, Russia, Turkey, etc.), who initially expressed much interest and provided abstracts of their lectures, regretfully informed at the last minute that they were unable to participate due to teaching commitments. Some of the participants had to also miss a few days from the full 2 weeks of the ASI from the start or the end due to their teaching schedules. At the same time, the fact that the ASI was in October and in Yerevan was very favourable in terms of attracting very large number of Armenian students. Twenty-four Armenian students participated (students and University staff) who attended all days of the ASI, while an additional 36 Armenian students signed in and participated in the ASI partially. These were considered as “visitors” and were not reported as students, however, they gained a very valuable opportunity to meet internationally renowned experts and hear their presentations in various aspects of cyber security.

The distinguished faculty of lecturers was assembled and the technical program was organized with the assistance of the Organizing Committee composed of Dr. Elisa Shahbazian (Canada) and Prof. Evgueni Haroutunian (Armenia), Prof. Evangelos Kranakis (Canada) and Gregory Kabatiansky (Russia).

The value to be gained from any ASI depends on the faculty – the lecturers who devote so much of their time and talents to make an Institute successful. As the reader of these proceedings will see, this ASI was particularly honored with an exceptional group of lecturers to whom the organizers and participants offer their deep appreciation.

We are grateful to a number of organizations for providing the financial assistance that made the Institute possible. Foremost is the NATO Security Through Science Programme which provided the most significant portion of the financial support for the Institute. In addition, the following sources made significant contributions: The Mathematics of Information Technology and Complex systems (MITACS) Network Centre of Excellence, Lockheed Martin Canada and Bell University Laboratories of Canada.

We would like to thank the management and the staff of hotel Regineh http: www.hotelregineh.am for ensuring that all the requirements of the ASI were fulfilled and for a truly enjoyable and memorable two weeks in Yerevan. We would like to thank the Institute for Informatics and Automation Problems of National Academy of Sciences of the Republic of Armenia, for allocating personnel to greet the participants at the airport and to facilitate their arrival/departure to/from the hotel. We would like to thank Anna Galstyan, our local interpreter and receptionist, whose competence and warm friendliness made all the attendees feel welcomed at the ASI and comfortable in Armenia.We would also like to thank Armen Malkhasyan and Karine Gasparian for their dedicated efforts to address various local resource requirements, such as ordering conference bags and stationary, communication, transportation and entertainment requirements of the ASI participants, so that the Organizing Committee was able to fully concentrate on the technical program issues.

A very special acknowledgement goes to Ani Shahbazian who developed and maintained the ASI website as well as undertook the very challenging task of first performing the English Language editing of all the lecturers' manuscripts and then re-formatting all lectures after the technical editing was complete, producing a camera-ready document to IOS Press Publishers. Thank you for your long hours and hard work.

And, finally, all of our thanks go to the people of Armenia, who certainly displayed, in every way, their warmth and hospitality.

Evangelos Kranakis, Ottawa Canada

Evgueni Haroutunian, Yerevan Armenia

Elisa Shahbazian, Montreal, Canada

October 2007

The safeguarding of critical infrastructures, such as nuclear power plants, electrical power grids, etc, is of primary concern in the aftermath of the 9/11 events in New York. Critical infrastructures are multi-faceted and highly complex collections of technologies that are interlinked and supported through network infrastructures. In such structures, network faults can be triggered by component weaknesses and bad design, but also through malicious actions. These can lead to a cascade of escalating faults, because of cross-infrastructure dependencies, resulting in total system failure.

In this article we are concerned with extreme attacks, that is malicious attacks in which the damage caused is maximal, with no regard to consequences or monetary gain. These attacks target single points of failure, or more generally critical points of failure, and include physical attacks.

We overview the current state of research on the protection of critical infrastructures and propose architectures that will support security and survivability in the presence of extreme threats.

Most successful attacks that occur today against computer networks are targeted against the computers connected to the network, but not against the routers. At the BlackHat 2005 conference it was shown that potential attacks against routers are far from hypothetical. Current TCP/IP protocols (even including IPSEC) do not have the resilience to deal with routers taken over by the adversary.

We survey the research done in the area of how to communicate reliably and/or privately in the presence of different types of adversaries, for example a malicious (Byzantine) adversary. In this research, the network is viewed as an abstract entity (a graph, directed graph, hypergraph, etc.); this allows for an abstract understanding of the problem. However, in real networks, more vulnerabilities may be added. In the case of the Internet, it is known that the use of a nameserver (DNS) introduces additional vulnerabilities and further weakens the resistance of the network against denial of service attacks. We focus on an abstract viewpoint and do not focus on details, such as when a DNS is involved. Evidently, some of the theory is broad enough to be applied in such settings as the Internet.

If the adversary can control all nodes (routers) in the network, no solution exists. The nodes that can be attacked by the adversary can be described using a threshold, or by what is called an adversary structure. The type of networks studied are pointto-point or broadcast/multicast.

Security and privacy have become such important commodities in the information and globalization era that it would be extremely beneficial to comprehensively explore possibilities for providing (near-) perfect performance in these fields. A method based on quantum phenomena and the laws and limitations of quantum information processing and communication was recently developped with the aim of providing so-called unconditional security in sensitive cryptographic tasks. During the last 20 years, quantum cryptography has made remarkable –even previously unimaginable– progress. The goal of this paper is to present a brief introduction to the principles, methods and achievements of quantum cryptography and to discuss its recent advances and the challenges it poses, especially in the area of quantum network security.

Existing approaches to software security and reliability have proven inadequate in offering a good tradeoff between assurance, reliability, availability, and performance. We argue that reactive protection mechanisms need to be added to our panoply of defenses. Furthermore, we argue that such mechanisms need to be much more invasive than previously envisioned. We discuss our approach to such mechanisms by introducing the concept of self-healing software. We describe the principles behind self-healing software systems and showcase the concepts by giving an overview the Worm Vaccine architecture.

The development of new protection mechanisms for reliable and secure electronic commerce is a very important current in scientific investigation. This paper describes the software environment for the multi-agent simulation of defense mechanisms against Distributed Denial of Service (DDoS) attacks developed by the authors. The agent-based approach suggested for the modeling and simulation of defense mechanisms against DDoS attacks is considered. According to this approach, the cybernetic opposition of malefactors and security systems is represented by the interaction between two different teams of software agents - the malefactors' team and the defense team. The main components of the software environment are outlined. One of the numerous experiments on protection against DDoS attacks is described in detail. The developed environment is based on OMNeT++ INET Framework.

In this paper we survey some of the most important formalisms that have been used to specify and analyze secure protocols. A number of notable examples are described. Very little is assumed in the way of background on security, only a certain willingness to engage a formal point of view and some intuitions about logic and proof.

Most current systems that detect malicious code rely on syntactic signatures. More precisely, these systems use a set of byte strings that characterize known malware instances. Unfortunately, this approach is not able to identify previously unknown malicious code for which no signature exists. The problem gets exacerbated when the malware is polymorphic or metamorphic. In this case, different instances of the same malicious code have a different syntactic representation.

In this chapter, we introduce techniques to characterize the behavioral and structural properties of binary code. These techniques can be used to generate more abstract, semantically-rich descriptions of malware, and to characterize classes of malicious code instead of specific instances. This makes the specification more robust against modifications of the syntactic layout of the code. Also, in some cases, it allows for the detection of novel malware instances.

In designing security solutions, cryptography as well as suitable organizations and procedures are of equal import. The focus of this article is on the creation of nationwide security infrastructures and applications, and the experience that Cybernetica has gained from the design and implementation of such projects. System users are frequently the source of security concerns. The developer's aim is consequently to keep systems simple, with a minimum of human interaction. Based on these principles, complex and security-critical applications have been developed and implemented in Estonia. We provide the Estonian e-voting solution as an example of a complicated system which can be user friendly.

This article presents an overview of security issues for mobile and wireless communications. It describes the security requirements and architectural options for these networks. Subsequently, three technologies are discussed in more detail: mobile phones (GSM and 3GSM), Wireless LAN (IEEE 802.11) and Personal Area Networks (Bluetooth). A critical evaluation is given of the strengths and weaknesses of these security solutions.

Modern society's current development is characterized by a sharp increase in the role of the information sphere, which is comprised of the complexity of information, information infrastructure, the organizations responsible for the gathering, formation, spread and use of information, systems regulating these functions and the evolution of social relationships that thrive within these systems. The information sphere has a great impact on defense, political and economic conditions affecting the safety of a state. National safety rests heavily on provisions governing information safety and this dependence will only increase as technology progresses. As observations have demonstrated, the safety of each separate state depends on regional stability, meaning that the safety of each state is necessarily interdependent with regional safety. The UN's resolution on the struggle against international terrorism challenged the whole world to focus on this problem seriously rather than face catastrophic consequences. The solution to the problem lies in the investigation of the causes and niduses of international terrorism and its information-psychological neutralization. To this aim, a regional information-psychological safety zone or net would have to be created to maintain regional safety and stability, to trace, localize and neutralize international terrorism. Political, social and mathematical issues to consider in the creation of this regional information-psychological safety zone or net are presented in this paper.

In this paper we introduce and develop a framework for visual data-hiding technologies that aim at resolving emerging problems of modern multimedia networking. First, we present the main open issues of multimedia security and secure communications. Secondly, we formulate multimedia data-hiding as communications with side information and advocate an appropriate information-theoretic framework for the analysis of different data-hiding methods in various applications. Finally, we discuss data-hiding-based solutions to some multimedia security related problems.

The Internet has become a critical communication infrastructure which we are increasingly reliant upon. As the world moves into a converged network where voice, video, and data are all transmitted over the same network, disruption of the Internet can cause more severe damage. Therefore, it is critical to protect the Internet from potential service disruption in order to ensure its continous functioning.

The Border Gateway Protocol (BGP) is the standard and only inter-domain routing protocol used on the Internet. BGP discovers and maintains routing information used for transmitting traffic across the Internet, thus, it is widely considered as a crucial component of the Internet infrastructure. Attacks on BGP can result in large scale service disruption. In this paper, we study BGP security. Specifically, we study 1) the BGP protocol and its real world operations; 2) BGP security vulnerabilities and threats; and 3) BGP security mechanisms, including S-BGP from BBN, soBGP from Cisco, and psBGP from Carleton University. This paper aims to provide sufficient background information for understanding BGP security issues, and to better understand the differences between existing BGP security proposals and the challenges faced in the design and practical deployment of a more secure BGP. We also provide comments regarding the role the government may play in helping to address security issues in BGP.

The issue of security is becoming increasingly important as civilization progresses into the information age (World Wide Web, transmission/distribution of digital multimedia data and more). In this article, we present the general concepts of a steganographic system, summarize our own steganographic research accomplishments during the past three years and propose a number of significant issues for future research on multimedia security systems (data hiding and authentication). In particular, we will discuss the following issues.

1. What is digital modern steganography/steganalysis?

2. Why, and who needs steganography/steganalysis?

3. What are the uses for steganography/steganalysis?

4. What are the differences among steganography, cryptography, and watermarking?

5. How can information be undetectably hidden?

6. How is a good cover medium for a given stego message chosen?

7. How does one detect a stego message?

This paper is a review of prior work on pointwise guessing and its application to a specific cryptanalytic attack scenario. In pointwise guessing of an unknown X, the guesser is only allowed to ask questions of the form ‘Is X equal to x?’ which we assume are answered truthfully by another agent. In a variation of this problem, the guesser first observes some side information variable Y before the guessing starts. We use these guessing games as models for a crypto system where there is a wiretapper who observes the cryptogram Y and tries to guess the plaintext message X by successively generating pointwise probes. We characterize the guessing effort in such schemes in a game-theoretic sense for the special case where the message X is a vector of independent identically distributed random variables.

In this paper, we address properties of the private quantum channel (PQC), namely a security weakness occurring when at least two copies of the ciphertext are available. We discuss possible definitions of the known-plaintext, known-ciphertext and chosen-plaintext attack. We examine the ability of a PQC to randomize correlations and, finally, we show that specific PQCs encrypting a given set of plaintexts can achieve the approximate encryption of a larger set of plaintexts.

Dissipation and decoherence (for example, the effects of noise in quantum computations), interaction with a thermostat (or in general with a physical vacuum), measurement, and many other complicated problems in open quantum systems, are a consequence of the interaction of quantum systems with the environment. These problems are described mathematically in terms of complex probabilistic processes (CPP). In treating the environment as a Markovian process, we derive a Langevin-Schrödinger type stochastic differential equation (SDE) for describing the quantum system's interaction with the environment. For the 1D randomly quantum harmonic oscillator (QHO) model, L-Sh SDE is a solution ??in the form of?? orthogonal CPP. On the basis of orthogonal CPP, the stochastic density matrix (SDM) method is developed and in its framework, the relaxation processes in the uncountable dimension closed system of the “QHO + environment” are investigated. Using the SDM method, thermodynamical potentials such as nonequilibrium entropy and the energy of the ground state are constructed. The dispersions for different operators are calculated. In particular, the expression for uncertain relations depending on the parameters of interaction with the environment is obtained. The Weyl transformation for stochastic operators is specified, and the Ground state Winger function is developed in detail.

The survey of results by Massey, Arikan and Merhav, Haroutunian and Ghazaryan is given. Recent results on the Shannon cipher system with wiretapper guessing subject to distortion and reliability criteria are discussed and interpreted with explicit expressions and figures for particular cases.

In this paper, models of information hiding systems with one and two messages are considered. Using the analogy of the two-terminal discrete memoryless channel, the notion of information hiding E-capacity is discussed. This function expresses the dependence of the information hiding rate on the error exponent and distortion levels for the information hider and attacker. E-capacity bounds for these models are presented.

Three original variants of the encryption of multidimensional digital data are presented. Each of these variants has an unlimited number of modifications, specified by a private key consisting of several integers. Emphasis is placed on the simplest 2D cases. The main tools are aperiodic discrete point sets, developed in the physics literature exactly.

A short review and some recent results on the asymptotic investigation of the mutual information and information rates in weak signal transmission over certain stationary channels are presented. We also study the asymptotic behavior of the information rate in memoryless channels and the capacity of channels with almost Gaussian noise.

We review our recent work on the reliability function of the timing channel associated to the first in first out exponential-server queue. This result may be of use in understanding the limits to communication over covert timing channels arising in networks.