Computer Security – ESORICS 2017

I believe the single most important reason why we are so helpless against cyber-attackers is that present systems are not supervisable. This opinion is developed in years spent working on network intrusion detection, both as academic and entrepreneur. I believe we need to start writing software and systems that are supervisable by design; in particular, we should do this for embedded devices. In this paper, I present a personal view on the field of intrusion detection, and conclude with some consideration on software design.

[1]  Angelos D. Keromytis,et al.  On the General Applicability of Instruction-Set Randomization , 2010, IEEE Transactions on Dependable and Secure Computing.

[2]  Thomas C. Eskridge,et al.  VINE: A Cyber Emulation Environment for MTD Experimentation , 2015, MTD@CCS.

[3]  Steve A. Schneider,et al.  CSP and Anonymity , 1996, ESORICS.

[4]  Per Larsen,et al.  Large-Scale Automated Software Diversity—Program Evolution Redux , 2017, IEEE Transactions on Dependable and Secure Computing.

[5]  Jeannette M. Wing,et al.  An Attack Surface Metric , 2011, IEEE Transactions on Software Engineering.

[6]  Ehab Al-Shaer,et al.  An Effective Address Mutation Approach for Disrupting Reconnaissance Attacks , 2015, IEEE Transactions on Information Forensics and Security.

[7]  David A. Basin,et al.  Automated Analysis of Diffie-Hellman Protocols and Advanced Security Properties , 2012, 2012 IEEE 25th Computer Security Foundations Symposium.

[8]  Kevin M. Carter,et al.  Quantitative Evaluation of Dynamic Platform Techniques as a Defensive Mechanism , 2014, RAID.

[9]  Scott A. DeLoach,et al.  Compiling Abstract Specifications into Concrete Systems - Bringing Order to the Cloud , 2014, LISA.

[10]  Evangelos P. Markatos,et al.  Defending against hitlist worms using network address space randomization , 2007, Comput. Networks.

[11]  Chao Yang,et al.  NOMAD: Towards non-intrusive moving-target defense against web bots , 2013, 2013 IEEE Conference on Communications and Network Security (CNS).

[12]  Srdjan Capkun,et al.  Verena: End-to-End Integrity Protection for Web Applications , 2016, 2016 IEEE Symposium on Security and Privacy (SP).

[13]  Somesh Jha,et al.  End-to-End Software Diversification of Internet Services , 2011, Moving Target Defense.

[14]  Anh Nguyen-Tuong,et al.  Effectiveness of Moving Target Defenses , 2011, Moving Target Defense.

[15]  Peng Ning,et al.  Address Space Layout Permutation (ASLP): Towards Fine-Grained Randomization of Commodity Software , 2006, 2006 22nd Annual Computer Security Applications Conference (ACSAC'06).

[16]  Angelos D. Keromytis,et al.  Global ISR: Toward a Comprehensive Defense Against Unauthorized Code Execution , 2011, Moving Target Defense.

[17]  William W. Streilein,et al.  On the Challenges of Effective Movement , 2014, MTD '14.

[18]  Vyas Sekar,et al.  Nomad: Mitigating Arbitrary Cloud Side Channels via Provider-Assisted Migration , 2015, CCS.

[19]  Peng Liu,et al.  A Practical Approach for Adaptive Data Structure Layout Randomization , 2015, ESORICS.

[20]  Joseph G. Tront,et al.  MT6D: A Moving Target IPv6 Defense , 2011, 2011 - MILCOM 2011 Military Communications Conference.

[21]  Ehab Al-Shaer,et al.  Towards eliminating configuration errors in cyber infrastructure , 2011, 2011 4th Symposium on Configuration Analytics and Automation (SAFECONFIG).

[22]  Sushil Jajodia,et al.  A moving target defense mechanism for MANETs based on identity virtualization , 2013, 2013 IEEE Conference on Communications and Network Security (CNS).

[23]  Salvatore J. Stolfo,et al.  The MEERKATS Cloud Security Architecture , 2012, 2012 32nd International Conference on Distributed Computing Systems Workshops.

[24]  George Cybenko,et al.  No free lunch in cyber security , 2014, MTD '14.

[25]  Hamed Okhravi,et al.  Multi-variant execution to protect unpatched software , 2015, 2015 Resilience Week (RWS).

[26]  Angelos D. Keromytis,et al.  Countering code-injection attacks with instruction-set randomization , 2003, CCS '03.

[27]  Arun K. Sood,et al.  Closing cluster attack windows through server redundancy and rotations , 2006 .

[28]  Valentina Casola,et al.  A moving target defense approach for protecting resource-constrained distributed devices , 2013, 2013 IEEE 14th International Conference on Information Reuse & Integration (IRI).

[29]  Sushil Jajodia,et al.  Efficient integrity checks for join queries in the cloud , 2016, J. Comput. Secur..

[30]  Arun K. Sood,et al.  Designing SCIT architecture pattern in a Cloud-based environment , 2011, 2011 IEEE/IFIP 41st International Conference on Dependable Systems and Networks Workshops (DSN-W).

[31]  Ehab Al-Shaer,et al.  Toward Network Configuration Randomization for Moving Target Defense , 2011, Moving Target Defense.

[32]  George Cybenko,et al.  Quantitative Metrics and Risk Assessment: The Three Tenets Model of Cybersecurity , 2013 .