New techniques to defend against computer security attacks

The growing dependence of present day organizations on computer systems and software, and the vulnerable nature of the latter has brought security issues under the magnifying glass. Today, it is necessary to administer appropriate protection barriers at every layer of a computer system. In this thesis we design new techniques for protection against varied adversarial attempts. First, we explore the problem of establishing integrity of software loaded on a system. We design a framework for attesting the integrity of software loaded at boot time. We develop a new primitive for software based attestation and show that our primitive is more robust than previous work and allows for easy verification of integrity measurements by machines and humans alike. We then develop a framework for verifying the integrity of the output of a specific application. We use electronic voting as an example and develop a technique for electronic independent audit. Our framework leverages virtualization and image comparison techniques and meets the definition of software independence to a certain extent. We move on to network layer threats, and design a mechanism to defend against denial of service attacks. We develop a new algorithm for memory bound puzzles, a popular defense mechanism against denial of service. Our algorithm utilizes heuristic search using pattern databases and is more tunable compared to previous approaches. We evaluate the threat of phishing attacks against the user of a system and design a filter for distinguishing a phishing attack URL from a benign URL. We determine several metrics to identify a phishing attack and model a logistic regression classifier using these metrics. We further use this filter to perform data analysis on several million URLs and confirm the prevalence of phishing on the Internet today. With the defense mechanisms introduced in this thesis, we envision getting a step closer to whole system security.