Petr Hanacek

Peer-to-Peer Networks Security

In this work wepsilare dealing with security in highly distributed systems, namely in peer-to-peer networks. We are describing some known theoretical attacks and defenses in these kinds of networks and comparing them against real world data. This should lead to creation of models for peer-to-peer networks defense and for detection of Malware spreading. Also we are proposing our system for automatic downloading and detection of new viruses in peer-to-peer networks with all possible extensions.

e-banking security - A comparative study

Herein we are dealing with the security of banks applications remote access. This article summarizes basic forms of electronic banking and widely used authentication and authorization methods. There is a need to access each one separately because of different approaches for different types of communication paths (telephonic banking, internet banking, etc.).

Power Consumption of Hardware Cryptography Platform for Wireless Sensor

Wireless sensor networks usually require certain level of security, however there is lack of sensor nodes with cryptographic hardware build-in. We proved realization of cryptographic platform based on smart card--sensor node connection. Time complexity and power consumption of the platform was measured and compared to conventional software implementation. Our results showed low power demand and high efficiency of public key cryptography running on the platform.

Secure Collection Tree Protocol for Tamper-Resistant Wireless Sensors

We proposed modification of Collection Tree Protocol suitable for wireless sensors with tamper resistant module. This platform provides better security, however ordinary protocols cannot utilize its features. Our goal was to offer secure routing protocol with similar behavior and efficiency to the original protocol. Both protocols were simulated to prove that adding security to protocols does not necessarily lead to higher demands to data transfer and thus power consumption.

Implementing A Unique Chip Id On A Reconfigurable Polymorphic Circuit

A unique unclonable chip ID has been implemented using various platforms in the recent years. In this paper, we investigate the use of polymorphic gates as a new mechanism for implementing a unique chip ID in systems already containing some polymorphic gates. The proposed solution exploits the fact that switching time of polymorphic gates (controlled by V dd ) is slightly different even for neighboring gates on the same die because of fabrication variations. We applied a partial reconfiguration in order to generate 48-bit IDs on the reconfigurable polymorphic REPOMO32 chip that we have developed in our previous research. We achieved 94.44% stable bits which is reasonably close to existing approaches. DOI: http://dx.doi.org/10.5755/j01.itc.42.1.925

Automated Malware Detection Based on Novel Network Behavioral Signatures

In this paper we introduce the second generation of the experimental detection framework of AIPS system which is used for experimentation with detection models and with their combinations. Our research aims mainly on detection of attacks that abuse vulnerabilities of buffer overflow type, but the final goal is to extend detection techniques to cover various types of vulnerabilities. This article describes the concept of detection framework, updated set of network metrics, provides a design of model architecture and shows an experimental results with draft of framework on the set of laboratory simulated attacks. Index Terms—Artificial intelligence, behavioral signatures, metrics, network security, security, security design. 112 metrics divided into five categories according to their nature. These metrics are used to describe properties of detected attack not upon the fingerprint of common signature, but based on its behavior. During the experiments we found several limitations of the original idea and some parts of the architecture were changed. We extended the metric dataset to 169 metrics containing approximately 4000 parameters and changed the categories to reflect the nature of the new dataset. The main goals of this research is (a) to design the architecture of detection framework that will enhance the overall network security level with the ability to learn new behaviors of attacks without intervention of human by using the expert knowledge from Honeypot (or similar) systems; (b) to find the most suitable set of metrics that will successfully describe the behavior of attacks in the network traffic and will significantly higher the detection rate and lower the false positive rate. In this article we introduce the second generation of the experimental detection framework of AIPS system which is used for experimentation with detection models and with their combinations. The fundamental principle of the detection is based on evaluation of metrics set, which describes the behavior of attack. These metrics are formally specified and extraction of them can be generally realized for each data flow. We could interpret the specification of metrics set as formally extended protocol NetFlow (9), which describes more than statistical properties of network

A concept of automated vulnerability search in contactless communication applications

Designing and implementing secure applications which use contactless communication link is difficult even when secure hardware is used. Many current proximity devices, such as contactless smart cards or near field communication devices, are verified to be highly secure; however, inappropriate protocol implementation may result in the leak of sensitive information, even if the protocol is also secure by itself. In this paper we show a concept of automated vulnerability search in protocol implementation by using verification methods, which should help developers to verify their applications. We also show simple example of possible attack on seemingly secure payment protocol implemented using seemingly secure smart card to show the way the adversary can abuse improper implementation. The vulnerability the attacker exploits can be in one command or in a combination of commands, which are not vulnerable individually. It is not easy to find such combinations manually, this is where the automated verification methods are put to use. A model checker, provided with an appropriate model, can automatically find vulnerabilities which are not likely to be found manually. The model can be created by the actual communication analysis. We wanted to show that the adversary does not have to have the access to the source code of the application to perform a successful attack, so a platform for the application analysis from the actual contactless communication was developed. The platform provides eavesdropping, altering data for man-in-the-middle attack, and emulating of both communication parties. The source code can help the analysis, but would not be sufficient by itself, so creating model from source code was left for future research. When the model checker finds vulnerability, an attack can be executed. The attack can be either successful, revealing real vulnerability which must be fixed, or unsuccessful, which would result in the model refinement and another model checker run.

On the application of symbolic regression and genetic programming for cryptanalysis of symmetric encryption algorithm

The aim of the paper is to show different point of view on the problem of cryptanalysis of symmetric encryption algorithms. Our dissimilar approach, compared to the existing methods, lies in the use of the power of evolutionary principles which are in our cryptanalytic system applied with leveraging of the genetic programming (GP) in order to perform known plaintext attack (KPA). Our expected result is to find a program (i.e. function) that models the behavior of a symmetric encryption algorithm DES instantiated by specific key. If such a program would exist, then it could be possible to decipher new messages that have been encrypted by unknown secret key. The GP is employed as the basis of this work. GP is an evolutionary algorithm-based methodology inspired by biological evolution which is capable of creating computer programs solving a corresponding problem. The symbolic regression (SR) method is employed as the application of GP in practical problem. The SR method builds functions from predefined set of terminal blocks in the process of the GP evolution; and these functions approximate a list of input value pairs. The evolution of GP is controlled by a fitness function which evaluates the goal of a corresponding problem. The Hamming distance, a difference between a current individual value and a reference one, is chosen as the fitness function for our cryptanalysis problem. The results of our experiments did not confirmed initial expectation. The number of encryption rounds did not influence the quality of the best individual, however, its quality was influenced by the cardinality of a training set. The elimination of the initial and final permutations had no influence on the quality of the results in the process of evolution. These results showed that our KPA GP solution is not capable of revealing internal structure of the DES algorithms behavior.

Preventing real-world relay attacks on contactless devices

This paper is focused on preventing relay attacks on contactless devices, such as contactless smart cards or Near-Field Communication (NFC) devices. Relay attacks can be prevented by the so called distance bounding protocols, which are based on restricting the round trip time to some limit. Distance bounding protocols protect against all theoretical attacks, because the time limit is calculated from the maximal allowed distance and from the speed of light. Real-world attacks are not perfect and induce additional delay to the delay caused by the signal travelling longer distance. This delay is caused by hardware components processing the signal and sending it to a different location. If the communication is relayed over a distance exceeding the range of one transmitter, it is likely that some buffering will be used. If the data are sent over network using TCP/IP, the induced delay will be significant. The attacker can reduce the response time in the relay attack by overclocking the forged reader in order to get the response from the smart card faster than the legitimate reader would get it. This would give the attacker a chance to reduce the roundtrip time and not exceed the time limit defined in the distance bounding protocol. We propose a method to prevent real-world attacks that induce delays significantly longer than the delay caused by the time travelling longer distance. We also show a countermeasure to the oveclocking attacks.

Modeling of Contactless Smart Card Protocols and Automated Vulnerability Finding

We present a method of automated vulnerability finding in protocols that use contactless smart cards. We focus on smart cards with contactless interface because they are simpler than their counterparts with contact interface and provide less functionality, which can be modeled more easily. Our method uses model checking to find possible attacks in a model of the protocol implementation on particular smart card. There is a possibility to model arbitrary smart card, we demonstrate this method on one of the currently most widespread contactless smart cards - the Mifare DESFire. Using our method we were able to locate a couple of weaknesses of this smart card which may cause vulnerability if the protocol is not implemented properly. This method can be used by developers to evaluate security of their protocol implementation on particular smart card.