submit Opinions CrossRef Open Access Subscribe New Journal Ideal

Click on image to enlarge

Indexed in Scopus

Journal of Cyber Security and Mobility

Ashutosh Dutta, Johns Hopkins University, USA
Ruby Lee, Princeton University, USA
Neeli R. Prasad, International Technological University, San Jose, USA
Wojciech Mazurczyk, Warsaw University of Technology, Poland

ISSN: 2245-1439 (Print Version),

ISSN: 2245-4578 (Online Version)
Vol: 3   Issue: 1

Published In:   January 2014

Publication Frequency: Quarterly

Search Available Volume and Issue for Journal of Cyber Security and Mobility

Journal Description        Editorial Foreword        Read Full Articles        Editorial Board        Subscription        Indexed       Opinions

The Sad History of Random Bits

George Markowsky

School of Computing & Information Science, University of Maine

Abstract: [+]    |    Download File [ 1105KB ]    |   Read Article Online

Abstract: In this paper we examine the history of using random numbers in computer programs. Unfortunately, this history is sad because it is replete with disasters ranging from one of the first pseudo-random number generators, RANDU,being very bad to the most recent efforts by the NSA to undermine the pseudo random number generator in RSA’s BSAFE cryptographic library. Failures in this area have been both intentional and unintentional, but unfortunately the same sorts of mistakes are repeated. The repeated failures in getting our“random numbers” correct suggests that there might be some systemic reasons for these failures. In this paper we review some of these failures in more detail,and the 2006 Debian Open SSL Debacle in great detail. This last event left users of Debian and its derivatives with seriously compromised cryptographic capabilities for two years.We also illustrate how this failure can be exploited in an attack. We also modify the concept of a system accident developed in the work of Charles Perrow [1].We identify some system failures in building pseudo-random number generators and offer some suggestions to help develop PRNGs and other code more securely.

Keywords: Debian; system accident; SSL; SSH, Bitcoin, cryptography;security breach; software engineering, PRNG, pseudo-random numbers,booby trap, BSAFE, Dual EC DRNG.

Fast Network Attack Modeling and Security Evaluation based on Attack Graphs

Igor Kotenko and Andrey Chechulin

Laboratory of Computer Security Problems, St. Petersburg Institute for Informaticsand Automation of the Russian Academy of Sciences (SPIIRAS),39, 14th Liniya, St. Petersburg, Russia

Abstract: [+]    |    Download File [ 2185KB ]    |   Read Article Online

Abstract: The paper suggests an approach to network attack modeling and security evaluation which is realized in advanced Security Information and Event Management (SIEM) systems. It is based on modeling of computer network and malefactors’ behaviors, building attack graphs, processing current alerts for real-time adjusting of particular attack graphs, calculating different security metrics and providing security assessment procedures. The novelty of the proposed approach is the use of special algorithms for construction, modification and analysis of attack graphs aimed at rapid security evaluation. This allows using this approach in SIEM systems that operate in near-real time. The generalized architecture of the Attack Modeling and Security Evaluation Component (AMSEC), as one of the main analytical components of SIEM systems, is outlined. The main components and techniques for attack modeling and security evaluation are defined. A prototype of the AMSEC is presented.Experiments with this prototype are evaluated.

Keywords: network attack modeling, attack graphs, security evaluation, nearreal time, security information and event management

Code Search API, Base of Parallel Code Refactoring System for Safety Standards Compliance

Peter Jurnécka, Petr Hanáček and MatejKačic

FIT BUT, Bozetechova 1/2 Brno, Czech Republic

Abstract: [+]    |    Download File [ 837KB ]    |   Read Article Online

Abstract: New technologies of multi-core and massively parallel processors are becoming common parts of today’s desktop computers. These state-of-the-art technologies allow programming of parallel applications and systems, however,creating parallel applications puts higher demands on programmers’skills, project maintenance and modification of existing source codes. Program flaws entered on source codes could have fatal consequences, specifically inaviation or medicine systems, due to possible fatal impacts in case of systems failure. This paper describes the current status of aviation and medicine software safety standards, points out the common requirements of all these standards,specially the requirement for reliability. Reliability can be easily achieved using design patterns with verified reliable source code modules. In our research, we propose system for implementation of concurrency and synchronization design patterns into existing code. We have created parallel source code search API which is described in this paper, and which is planned to be used in our parallel code refactoring system for safety standards compliance. This API enables us to define appropriate places in source codes for introduction of parallel design patterns into existing parallel source codes.In next design iteration, the proposed system will provide suggestions of refactoring operations of found source codes, based on static code analysis and formal description of parallel design patterns.

Keywords: software safety, parallel design patterns, code searching.

Memory Acquisition by Using Network Card

Štefan Balogh

Slovak University of Technology, Faculty of Electrical Engineeringand Information Technology, Ilkoviˇcova 3, Bratislava SK-812 19, Slovak Republic

Abstract: [+]    |    Download File [ 600KB ]    |   Read Article Online

Abstract: To detect present rootkit the rootkit and malware detectors need to have memory access. But, sophisticated rootkits are able to subvert the verification process of security scanner using virtual memory subversion techniques to hide their activity.We have proposed a new solution for direct memory access,based on a custom NDIS protocol driver that can send (on request of the local executable program) the contents of the computer memory over the network. Our method allows an unexpected type of the direct memory access, which is independent of the processor, and its control capabilities. This is a strong advantage in rootkit detection, because the rootkit cannot take any action to hide itself while the memory is scanned.

Keywords: Live Forensics; Memory Acquisition; DMA; Forensic analysis;network card; direct memory access; rootkit detection.

Making Static Code Analysis More Efficient

Pomorova O.V. and Ivanchyshyn D.O.

System Programming Department, Khmelnytskyi National University, InstytutskaStr. 11, Khmelnytskyi, 29016, Ukraine

Abstract: [+]    |    Download File [ 933KB ]    |   Read Article Online

Abstract: Modern software is a complex high-tech product. Users and customers put forward a number of requirements to such products. Requirements depend on software purpose. However, reliability, fault tolerance, security and safety requirements are topical for all software types. One of the approaches for realization of such requirements in the implementation stage of software life cycle is a static source code analysis (SCA). The efficiency assessment task of the SCA tools is an actual problem. This paper presents the method of the efficiency evaluating of the software static source code analysis. It allow sincreasing the quality and reliability of software in general. The result of this work is a method of efficiency improving at the debugging stage and approach for selection of the static code analysis tools for software of various types.

Keywords: Source code analysis, security, vulnerabilities, weaknesses, staticanalysis efficiency, efficiency metrics

River Publishers: Journal of Cyber Security and Mobility