Publications

Refine Results

(Filters Applied) Clear All

Bootstrapping and Maintaining Trust in the Cloud(469.63 KB)

Date:
December 5, 2016
Published in:
Proceedings of the 32nd Annual Computer Security Applications Conference, ACSAC 2016
Type:
Conference Paper

Summary

Today's infrastructure as a service (IaaS) cloud environments rely upon full trust in the provider to secure applications and data. In this paper we introduce keylime, a scalable trusted cloud key management system. Keylime provides an end-to-end solution for both bootstrapping hardware rooted cryptographic identities for IaaS nodes and for system integrity monitoring of those nodes via periodic attestation.
READ LESS

Summary

Today's infrastructure as a service (IaaS) cloud environments rely upon full trust in the provider to secure applications and data. In this paper we introduce keylime, a scalable trusted cloud key management system. Keylime provides an end-to-end solution for both bootstrapping hardware rooted cryptographic identities for IaaS nodes and for...
READ MORE

Leveraging Data Provenance to Enhance Cyber Resilience(273.48 KB)

Date:
November 3, 2016
Published in:
Proceedings of 1st IEEE Cybersecurity Development Conference (SecDev'16), Boston, Mass.
Type:
Conference Paper

Summary

Creating bigger and better walls to keep adversaries out of our systems has been a failing strategy. The recent attacks against Target and Sony Pictures, to name a few, further emphasize this. Data provenance is a critical technology in building resilient systems that will allow systems to recover from attackers that manage to overcome the “hard-shell” defenses. In this paper, we provide background information on data provenance, details on provenance collection, analysis, and storage techniques and challenges.
READ LESS

Summary

Creating bigger and better walls to keep adversaries out of our systems has been a failing strategy. The recent attacks against Target and Sony Pictures, to name a few, further emphasize this. Data provenance is a critical technology in building resilient systems that will allow systems to recover from attackers...
READ MORE

POPE: Partial Order Preserving Encoding(589.23 KB)

Date:
October 16, 2016
Published in:
Proceedings of the ACM Conference on Computer and Communications Security (CCS)
Type:
Conference Paper
Topic:

Summary

Recently there has been much interest in performing search queries over encrypted data to enable functionality while protecting sensitive data. One particularly efficient mechanism for executing such queries is order-preserving encryption/encoding (OPE). In this paper, we propose an alternative approach to range queries over encrypted data that is optimized to support insert-heavy workloads as are common in “big data” applications while still maintaining search functionality and achieving stronger security.
READ LESS

Summary

Recently there has been much interest in performing search queries over encrypted data to enable functionality while protecting sensitive data. One particularly efficient mechanism for executing such queries is order-preserving encryption/encoding (OPE). In this paper, we propose an alternative approach to range queries over encrypted data that is optimized to...
READ MORE

High-throughput ingest of data provenance records in Accumulo

Date:
September 13, 2016
Published in:
HPEC 2016: IEEE Conf. on High Performance Extreme Computing, 13-15 September 2016.
Type:
Conference Paper

Summary

Whole-system data provenance provides deep insight into the processing of data on a system, including detecting data integrity attacks. The downside to systems that collect whole-system data provenance is the sheer volume of data that is generated under many heavy workloads. In order to make provenance metadata useful, it must be stored somewhere where it can be queried. This problem becomes even more challenging when considering a network of provenance-aware machines all collecting this metadata. In this paper, we investigate the use of D4M and Accumulo to support high-throughput data ingest of whole-system provenance data. We find that we are able to ingest 3,970 graph components per second. Centrally storing the provenance metadata allows us to build systems that can detect and respond to data integrity attacks that are captured by the provenance system.
READ LESS

Summary

Whole-system data provenance provides deep insight into the processing of data on a system, including detecting data integrity attacks. The downside to systems that collect whole-system data provenance is the sheer volume of data that is generated under many heavy workloads. In order to make provenance metadata useful, it must...
READ MORE

Charting a Security Landscape in the Clouds: Data Protection and Collaboration in Cloud Storage(1.6 MB)

Date:
July 7, 2016
Published in:
MIT Lincoln Laboratory Technical Report 1210
Type:
Technical Report
Topic:

Summary

This report surveys different approaches to securely storing and sharing data in the cloud based on traditional notions of security: confidentiality, integrity, and availability, with the main focus on confidentiality. An appendix discusses the related notion of how users can securely authenticate to cloud providers.
READ LESS

Summary

This report surveys different approaches to securely storing and sharing data in the cloud based on traditional notions of security: confidentiality, integrity, and availability, with the main focus on confidentiality. An appendix discusses the related notion of how users can securely authenticate to cloud providers.
READ MORE

Cryptography for Big Data Security(538.97 KB)

Date:
May 3, 2016
Published in:
Chapter in Big Data: Storage, Sharing, and Security, Fei Hu (editor), Auerbach Publications
Type:
Book Chapter
Topic:

Summary

New and improved security tools are needed to protect systems collecting and handling big data to allow applications to reap the benefits of big data analysis without the risk of such catastrophic attacks. Modern cryptography offers many powerful technologies that can help protect big data applications throughout the data lifecycle, as it is being collected, stored in repositories, and processed by analysts. In this chapter, we give a brief survey of several of these technologies and explain how they can help big data security.
READ LESS

Summary

New and improved security tools are needed to protect systems collecting and handling big data to allow applications to reap the benefits of big data analysis without the risk of such catastrophic attacks. Modern cryptography offers many powerful technologies that can help protect big data applications throughout the data lifecycle,...
READ MORE

SoK: Privacy on Mobile Devices – It’s Complicated(1.07 MB)

Date:
March 2, 2016
Published in:
Proceedings of2016 Privacy Enhancing Technologies Symposium (PETS)
Type:
Conference Paper
Topic:

Summary

Modern mobile devices place a wide variety of sensors and services within the personal space of their users. As a result, these devices are capable of transparently monitoring many sensitive aspects of these users’ lives (e.g., location, health, or correspondences). Users typically trade access to this data for convenient applications and features, in many cases without a full appreciation of the nature and extent of the information that they are exposing to a variety of third parties.

READ LESS

Summary

Modern mobile devices place a wide variety of sensors and services within the personal space of their users. As a result, these devices are capable of transparently monitoring many sensitive aspects of these users’ lives (e.g., location, health, or correspondences). Users typically trade access to this data for convenient applications...
READ MORE

Spyglass: Demand-Provisioned Linux Containers for Private Network Access(1.26 MB)

Date:
November 8, 2015
Published in:
Proceedings of the 29th Large Installation System Administration conference (LISA15), Washington D.C.
Type:
Conference Paper

Summary

System administrators have super-user access to the low level infrastructure of the systems and networks they maintain. Given the typical administrator’s breadth of access to this infrastructure, administrators or the client devices they use are a prime target for compromise by a motivated adversary. In this paper, we describe Spyglass, a tool for managing, securing, and auditing administrator access to private or sensitive infrastructure networks by creating on-demand bastion hosts inside of Linux containers.
READ LESS

Summary

System administrators have super-user access to the low level infrastructure of the systems and networks they maintain. Given the typical administrator’s breadth of access to this infrastructure, administrators or the client devices they use are a prime target for compromise by a motivated adversary. In this paper, we describe Spyglass,...
READ MORE

Control Jujutsu: On the Weaknesses of Fine-Grained Control Flow Integrity(280.86 KB)

Date:
October 12, 2015
Published in:
Proceedings of ACM Conference on Computer and Communications Security (CCS)
Type:
Conference Paper

Summary

Control flow integrity (CFI) has been proposed as an approach to defend against control-hijacking memory corruption attacks. CFI works by assigning tags to indirect branch targets statically and checking them at runtime. In this work, we show that even a fine grained form of CFI with unlimited number of tags and a shadow stack (to check calls and returns) is ineffective in protecting against malicious attacks.
READ LESS

Summary

Control flow integrity (CFI) has been proposed as an approach to defend against control-hijacking memory corruption attacks. CFI works by assigning tags to indirect branch targets statically and checking them at runtime. In this work, we show that even a fine grained form of CFI with unlimited number of tags...
READ MORE

Timely Rerandomization for Mitigating Memory Disclosures(215.65 KB)

Date:
October 12, 2015
Published in:
Proceedings of ACM Conference on Computer and Communications Security (CCS)
Type:
Conference Paper

Summary

Address Space Layout Randomization (ASLR) can increase the cost of exploiting memory corruption vulnerabilities. One major weakness of ASLR is that it assumes the secrecy of memory addresses and is thus ineffective in the face of memory disclosure vulnerabilities. In this paper we present an approach that synchronizes randomization with potential runtime disclosure.
READ LESS

Summary

Address Space Layout Randomization (ASLR) can increase the cost of exploiting memory corruption vulnerabilities. One major weakness of ASLR is that it assumes the secrecy of memory addresses and is thus ineffective in the face of memory disclosure vulnerabilities. In this paper we present an approach that synchronizes randomization with...
READ MORE