Ramya Jayaram Masti

Enabling secure VM-vTPM migration in private clouds

The integration of Trusted Computing technologies into virtualized computing environments enables the hardware-based protection of private information and the detection of malicious software. Their use in virtual platforms, however, requires appropriate virtualization of their main component, the Trusted Platform Module (TPM) by means of virtual TPMs (vTPM). The challenge here is that the use of TPM virtualization should not impede classical platform processes such as virtual machine (VM) migration. In this work, we consider the problem of enabling secure migration of vTPM-based virtual machines in private clouds. We detail the requirements that a secure VM-vTPM migration solution should satisfy in private virtualized environments and propose a vTPM key structure suitable for VM-vTPM migration. We then leverage on this structure to construct a secure VM-vTPM migration protocol. We show that our protocol provides stronger security guarantees when compared to existing solutions for VM-vTPM migration. We evaluate the feasibility of our scheme via an implementation on the Xen hypervisor and we show that it can be directly integrated within existing hypervisors. Our Xen-based implementation can be downloaded as open-source software. Finally, we discuss how our scheme can be extended to support live-migration of vTPM-based VMs.

Towards Practical Identification of HF RFID Devices

The deployment of RFID poses a number of security and privacy threats such as cloning, unauthorized tracking, etc. Although the literature contains many investigations of these issues on the logical level, few works have explored the security implications of the physical communication layer. Recently, related studies have shown the feasibility of identifying RFID-enabled devices based on physical-layer fingerprints. In this work, we leverage on these findings and demonstrate that physical-layer identification of HF RFID devices is also practical, that is, can achieve high accuracy and stability. We propose an improved hardware setup and enhanced techniques for fingerprint extraction and matching. Our new system enables device identification with an Equal Error Rate as low as 0.005 (0.5%) on a set 50 HF RFID smart cards of the same manufacturer and type. We further investigate the fingerprint stability over an extended period of time and across different acquisition setups. In the latter case, we propose a solution based on channel equalization that preserves the fingerprint quality across setups. Our results strengthen the practical use of physical-layer identification of RFID devices in product and document anti-counterfeiting solutions.

Hardened Setup of Personalized Security Indicators to Counter Phishing Attacks in Mobile Banking

Application phishing attacks are rooted in users inability to distinguish legitimate applications from malicious ones. Previous work has shown that personalized security indicators can help users in detecting application phishing attacks in mobile platforms. A personalized security indicator is a visual secret, shared between the user and a security-sensitive application (e.g., mobile banking). The user sets up the indicator when the application is started for the first time. Later on, the application displays the indicator to authenticate itself to the user. Despite their potential, no previous work has addressed the problem of how to securely setup a personalized security indicator -- a procedure that can itself be the target of phishing attacks. In this paper, we propose a setup scheme for personalized security indicators. Our solution allows a user to identify the legitimate application at the time she sets up the indicator, even in the presence of malicious applications. We implement and evaluate a prototype of the proposed solution for the Android platform. We also provide the results of a small-scale user study aimed at evaluating the usability and security of our solution.

An architecture for concurrent execution of secure environments in clouds

We propose an architecture that enables the creation and management of multiple, concurrent secure execution environments on multi-core systems. Our architecture is suitable for use in cloud settings where each user may require an independent secure environment within which he can run his sensitive applications. Our solution effectively scales architectures like Intel TXT which, both on single- and multi-core platforms, support the creation of only one secure environment. Unlike existing solutions that require significant hypervisor participation, our architecture relies on light-weight processor extensions and a novel hardware-based virtualized TPM that supports multiple, concurrent dynamic root of trust requests from different VMs. This, together with the virtualization extensions in modern processors, allows the use of a disengaged hypervisor that is only responsible for VM management (i.e., creation, deletion, startup, shutdown) and is not involved in the creation or management of secure execution environments. Such disengagement not only reduces hypervisor complexity but also its interaction with guest VMs and hence, the risk of system compromise. We show that our architecture provides guest applications independent secure environments within which they can concurrently execute, and protects them against other compromised system components including malicious VMs and peripherals. We also demonstrate the feasibility of realizing our architecture by emulating and testing it using QEMU.

Enabling trusted scheduling in embedded systems

The growing complexity and increased networking of security and safety-critical systems expose them to the risk of adversarial compromise through remote attacks. These attacks can result in full system compromise, but often the attacker gains control only over some system components (e.g., a peripheral) and over some applications running on the system. We consider the latter scenario and focus on enabling on-schedule execution of critical applications that are running on a partially compromised system --- we call this trusted scheduling. We identify the essential properties needed for the realization of a trusted scheduling system and we design an embedded system that achieves these properties. We show that our system protects not only against misbehaving applications but also against attacks by compromised peripherals. We evaluate the feasibility and performance of our system through a prototype implementation based on the AVR ATmega103 microcontroller.

Evaluation of Personalized Security Indicators as an Anti-Phishing Mechanism for Smartphone Applications

Mobile application phishing happens when a malicious mobile application masquerades as a legitimate one to steal user credentials. Personalized security indicators may help users to detect phishing attacks, but rely on the users alertness. Previous studies in the context of website phishing have shown that users tend to ignore personalized security indicators and fall victim to attacks despite their deployment. Consequently, the research community has deemed personalized security indicators an ineffective phishing detection mechanism. We revisit the question of personalized security indicator effectiveness and evaluate them in the previously unexplored and increasingly important context of mobile applications. We conducted a user study with 221 participants and found that the deployment of personalized security indicators decreased the phishing attack success rate to 50%. Personalized security indicators can, therefore, help phishing detection in mobile applications and their reputation as an anti-phishing mechanism in the mobile context should be reconsidered.

SALVE: server authentication with location verification

The Location Service (LCS) proposed by the telecommunication industry is an architecture that allows the location of mobile devices to be accessed in various applications. We explore the use of LCS in location-enhanced server authentication, which traditionally relies on certificates. Given recent incidents involving certificate authorities, various techniques to strengthen server authentication were proposed. They focus on improving the certificate validation process, such as pinning, revocation, or multi-path probing. In this paper, we propose using the servers geographic location as a second factor of its authenticity. Our solution, SALVE, achieves location-based server authentication by using secure DNS resolution and by leveraging LCS for location measurements. We develop a TLS extension that enables the client to verify the servers location in addition to its certificate. Successful server authentication therefore requires a valid certificate and the servers presence at a legitimate geographic location, e.g., on the premises of a data center. SALVE prevents server impersonation by remote adversaries with mis-issued certificates or stolen private keys of the legitimate server. We develop a prototype implementation and our evaluation in real-world settings shows that it incurs minimal impact to the average server throughput. Our solution is backward compatible and can be integrated with existing approaches for improving server authentication in TLS.

Logical Partitions on Many-Core Platforms

Cloud platforms that use logical partitions to allocate dedicated resources to VMs can benefit from small and therefore secure hypervisors. Many-core platforms, with their abundant resources, are an attractive basis to create and deploy logical partitions on a large scale. However, many-core platforms are designed for efficient cross-core data sharing rather than isolation, which is a key requirement for logical partitions. Typically, logical partitions leverage hardware virtualization extensions that require complex CPU core enhancements. These extensions are not optimal for many-core platforms, where it is preferable to keep the cores as simple as possible. In this paper, we show that a simple address-space isolation mechanism, that can be implemented in the Network-on-Chip of the many-core processor, is sufficient to enable logical partitions. We implement the proposed change for the Intel Single-Chip Cloud Computer (SCC). We also design a cloud architecture that relies on a small and disengaged hypervisor for the security-enhanced Intel SCC. Our prototype hypervisor is 3.4K LOC which is comparable to the smallest hypervisors available today. Furthermore, virtual machines execute bare-metal avoiding runtime interaction with the hypervisor and virtualization overhead.

Holmes: A data theft forensic framework

This paper presents Holmes, a forensic framework for postmortem investigation of data theft incidents in enterprise networks. Holmes pro-actively collects potential evidence from hosts and the network for correlation analysis at a central location. In order to optimize the storage requirements for the collected data, Holmes relies on compact network and host data structures. We evaluate the theoretical storage requirements of Holmes in average networks and quantify the improvements compared to raw data collection alternatives. Finally, we present the application of Holmes to two realistic data theft investigation scenarios and discuss how combining network and host data can improve the efficiency and reliability of these investigations.