Alf Zugenmaier

Shield: vulnerability-driven network filters for preventing known vulnerability exploits

Software patching has not been effective as a first-line defense against large-scale worm attacks, even when patches have long been available for their corresponding vulnerabilities. Generally, people have been reluctant to patch their systems immediately, because patches are perceived to be unreliable and disruptive to apply. To address this problem, we propose a first-line worm defense in the network stack, using shields -- vulnerability-specific, exploit-generic network filters installed in end systems once a vulnerability is discovered, but before a patch is applied. These filters examine the incoming or outgoing traffic of vulnerable applications, and correct traffic that exploits vulnerabilities. Shields are less disruptive to install and uninstall, easier to test for bad side effects, and hence more reliable than traditional software patches. Further, shields are resilient to polymorphic or metamorphic variations of exploits [43].In this paper, we show that this concept is feasible by describing a prototype Shield framework implementation that filters traffic above the transport layer. We have designed a safe and restrictive language to describe vulnerabilities as partial state machines of the vulnerable application. The expressiveness of the language has been verified by encoding the signatures of several known vulnerabilites. Our evaluation provides evidence of Shields low false positive rate and small impact on application throughput. An examination of a sample set of known vulnerabilities suggests that Shield could be used to prevent exploitation of a substantial fraction of the most dangerous ones.

Network virtualization: a hypervisor for the Internet?

Network virtualization is a relatively new research topic. A number of articles propose that certain benefits can be realized by virtualizing links between network elements as well as adding virtualization on intermediate network elements. In this article we argue that network virtualization may bring nothing new in terms of technical capabilities and theoretical performance, but it provides a way of organizing networks such that it is possible to overcome some of the practical issues in today¿s Internet. We strengthen our case by an analogy between the concept of network virtualization as it is currently presented in research, and machine virtualization as proven useful in deployments in recent years. First we make an analogy between the functionality of an operating system and that of a network, and identify similar concepts and elements. Then we emphasize the practical benefits realized by machine virtualization, and we exploit the analogy to derive potential benefits brought by network virtualization. We map the established applications for machine virtualization to network virtualization, thus identifying possible use cases for network virtualization. We also use this analogy to structure the design space for network virtualization.

Reducing handover latency in future IP-based wireless networks: proxy mobile IPv6 with simultaneous bindings

Handover in future wireless communication systems must be seamless. Current IP-level mobility protocols have difficulties meeting the stringent handover delay requirements. At the same time they do not give sufficient control to the network to optimize the handover process and they do not deal well with slow connection setups of some wireless technologies. In this paper we propose an enhancement of Proxy MIPv6 (PMIPv6) with Simultaneous bindings. The result, called SPMIPv6, is a proactive network- controlled handover solution that allows some handover processes to be carried proactively while the mobile node is connected to the serving network. We analyze SPMIPv6 performance and show that the handover latency can be limited to one RTT between the mobile node and the target access router, which is typically below 10ms, and that the packet loss due to handover can be decreased and eliminated by appropriately buffering packets at the target access router. Moreover, our performance evaluation based on a SPMIPv6 implementation shows no TCP and UDP performance degradation during handovers. Two important characteristics of SPMIPv6 are its robustness to incorrect handover predictions and its built-in features to accommodate large network attachment latencies.

Travelling without Moving: 802.11 Access Points backed by Secure NETLMM

In network-based localized mobility management (NETLMM), a mobile node is not involved in signalling related to mobility support, and keeps the same IP address after handoff from one link to another. The mobile nodes current access router acts as a mobility access gateway by sending Proxy Local Binding Updates to the local mobility anchor on behalf of the mobile node. Due to some properties of the NETLMM domain, implementing it efficiently using IEEE 802.11 radio access networks is not straightforward. This paper presents the challenges involved with such an implementation, presents solutions to them, and analyze the overall performance of the complete system.

FLASCHE – a mechanism providing anonymity for mobile users

The protection goal anonymity helps to preserve the privacy of us ers by ensuring that their identity remains unknown. Many mechanisms ena bling anonymity exist. However, these mechanisms work inefficiently when used in mobile wireless networks. This contribution shows how anonymity can be provided efficiently for mobile users by exploiting the fact that they are mobile. A possible realization, called FLASCHE, is described.

Transparent Encryption for External Storage Media with Key Management Adapted to Mobile Use

External storage devices, such as USB-Sticks, SD-Cards, or other flash memory devices, are widely used today. These devices may pose a threat if they contain sensitive data and are then lost or forgotten somewhere. Usability of existing encryption solutions for such external storage media is limited because of the need to reenter keys or authentication credentials every time the media is plugged to a different device. We present a solution to the usability problem by caching the key with time delayed deletion. We implemented two variations of this concept. One solution does not require any explicit user interaction, thus limiting the use of the external storage device to short term data transfer, only. The second solution allows multiple encryption keys for different files of the file system to be managed on a trusted host, using the timed key caching to avoid handing out keys or passwords.

Mobility and Key Management in SAE/LTE

Often in wireless communications the cryptographic algorithm is con-sidered as ‘the security solution’ but actually it is only the nucleus. The means for using the cryptographic algorithm is the ‘key’ used by the algorithm. Thus man-agement of keys and security there-of is an important issue. The security of the key management solution should not impede mobility of devices by adding undue delays. Thus, secure and fast key management during mobility is an important is-sue for the third generation partnership project (3GPP) activity on system architec-ture evolution / long-term evolution (SAE/LTE). In this paper we review mobility and security issues with the focus of key management in SAE/LTE and present possible existing solutions together with their analysis.

Next generation communications and secure seamless handover

The next generation communications system will constitute of a heterogeneous access network technologies under a common IP layer. This next generation is often called beyond third generation, B3G. The heterogeneity present in these networks leads to security challenges not present in homogeneous networks. Besides the security issues there is also the issue of providing fast handover such that the user does not perceive any change in service quality or in other words seamless handover. In this paper, we will first define B3G systems and present some of the issues related to it. Next, we will propose approaches to secure and seamless handover in a B3G system.

Privacy, control and internet mobility

This position paper explores privacy issues created by mobile and wireless Internet access. We consider the information about the user’s identity, location, and the serviced accessed that is necessarily or unnecessarily revealed observers, including the access network, intermediaries within the Internet, and the peer endpoints. In particular, we are interested in data that can be collected from packet headers and signaling messages and exploited to control the user’s access to communications resources and online services. We also suggest some solutions to reduce the amount of information that is leaked.

Location Stamps for Digital Signatures: A New Service for Mobile Telephone Networks

Location aware services are expected to make up a large share of the mobile telephone market in the future. The services proposed so far make use of uncertified location information--information push services, guidance systems, positioning for emergency calls, etc. We propose a service that provides certified location information. Integrated with cryptographic digital signatures this service enables the determination of the current position of the signer in a provable way. Such certified location information--called location stamp--can be applied in electronic commerce, e.g. for determination of applicable laws or taxes.