Ryan K. L. Ko

Secure Voting in the Cloud Using Homomorphic Encryption and Mobile Agents

While governments are transitioning to the cloud to leverage efficiency, transparency and accessibility advantages, public opinion - the backbone of democracy - is being left behind. Statistics show that traditional paper voting is failing to reach the technological-savvy generation, with voter turnout decreasing every election for many first-world countries. Remote electronic voting is a possible solution facilitator to this problem, but it still faces several security, privacy and accountability concerns. This paper introduces a practical application of partially homomorphic encryption to help address these challenges. We describe a cloud-based mobile electronic voting scheme, evaluating its security against a list of requirements, and benchmarking performance on the cloud and mobile devices. In order to protect voter privacy, we propose moving away from a public bulletin board so that no individual cipher votes are saved, while still allowing vote verification. As the majority of the security threats faced by electronic voting are from the underlying system, we also introduce the novel concept of using a dedicated hardware server for homomorphic tallying and decryption.

A guide to homomorphic encryption

Traditional cryptography techniques require our data to be unencrypted to be processed correctly. This means that at some stage on a system we have no control over, our data will be processed in plaintext. Homomorphic encryption or specifically, fully homomorphic encryption is a viable solution to this problem. It allows encrypted data to be processed as if it were in plaintext and will produce the correct value once decrypted. While many know that homomorphic encryption promises to be an ideal solution to trust, security, and privacy issues in cloud computing, few actually knows how it works and why it is not yet a practical solution despite its promises. This chapter serves as a much needed primer on current homomorphic encryption techniques, discusses about several practical challenges, and introduces workarounds proposed by practitioners and researchers to overcome these challenges.

Taxonomy of Man-in-the-Middle Attacks on HTTPS

With the increase in Man-in-the-Middle (MITM) attacks capable of breaking Hypertext Transfer Protocol Secure (HTTPS) over the past five years, researchers tasked with the improvement of HTTPS must understand each attacks characteristics. However with the large amount of attacks it is difficult to discern attack differences, with out any existing classification system capable of classifying these attacks. In this paper we provide a framework for classifying and mitigating MITM attacks on HTTPS communications. The identification and classification of these attacks can be used to provide useful insight into what can be done to improve the security of HTTPS communications. The classification framework was used to create a taxonomy of MITM attacks providing a visual representation of attack relationships, and was designed to flexibly allow other areas of attack analysis to be added. The classification framework was tested against a testbed of MITM attacks, then further validated and evaluated at the INTERPOL Global Complex for Innovation (IGCI) with a forensic taxonomy extension, and forensic analysis tool.

Privacy Preserving Computation by Fragmenting Individual Bits and Distributing Gates

Solutions that allow the computation of arbitrary operations over data securely in the cloud are currently impractical. The holy grail of cryptography, fully homomorphic encryption, still requires minutes to compute a single operation. In order to provide a practical solution, this paper proposes taking a different approach to the problem of securely processing data. FRagmenting Individual Bits (FRIBs), a scheme which preserves user privacy by distributing bit fragments across many locations, is presented. Privacy is maintained by each server only receiving a small portion of the actual data, and solving for the rest results in a vast number of possibilities. Functions are defined with NAND logic gates, and are computed quickly as the performance overhead is shifted from computation to network latency. This paper details our proof of concept addition algorithm which took 346ms to add two 32-bit values - paving the way towards further improvements to get computations completed under 100ms.

Escrow: A Large-Scale Web Vulnerability Assessment Tool

The reliance on Web applications has increased rapidly over the years. At the same time, the quantity and impact of application security vulnerabilities have grown as well. Amongst these vulnerabilities, SQL Injection has been classified as the most common, dangerous and prevalent web application flaw. In this paper, we propose Escrow, a large-scale SQL Injection detection tool with an exploitation module that is light-weight, fast and platform-independent. Escrow uses a custom search implementation together with a static code analysis module to find potential target web applications. Additionally, it provides a simple to use graphical user interface (GUI) to navigate through a vulnerable remote database. Escrow is implementation-agnostic, i.e. It can perform analysis on any web application regardless of the server-side implementation (PHP, ASP, etc.). Using our tool, we discovered that it is indeed possible to identify and exploit at least 100 databases per 100 minutes, without prior knowledge of their underlying implementation. We observed that for each query sent, we can scan and detect dozens of vulnerable web applications in a short space of time, while providing a means for exploitation. Finally, we provide recommendations for developers to defend against SQL injection and emphasise the need for proactive assessment and defensive coding practices.

Visualization and Data Provenance Trends in Decision Support for Cybersecurity

The vast amount of data collected daily from logging mechanisms on web and mobile applications lack effective analytic approaches to provide insights for cybersecurity. Current analytical time taken to identify zero-day attacks and respond with a patch or detection mechanism is unmeasurable. This is a current challenge and struggle for cybersecurity researchers. User- and data provenance-centric approaches are the growing trend in aiding defensive and offensive decisions on cyber-attacks. In this chapter we introduce (1) our Security Visualization Standard (SCeeL-VisT); (2) the Security Visualization Effectiveness Measurement (SvEm) Theory; (3) the concept of Data Provenance as a Security Visualization Service (DPaaSVS); and (4) highlight growing trends of using data provenance methodologies and security visualization methods to aid data analytics and decision support for cyber security. Security visualization showing provenance from a spectrum of data samples on an attack helps researchers to reconstruct the attack from source to destination. This helps identify possible attack patterns and behaviors which results in the creation of effective detection mechanisms and cyber-attacks.

STRATUS: Towards Returning Data Control to Cloud Users

When we upload or create data into the cloud or the web, we immediately lose control of our data. Most of the time, we will not know where the data will be stored, or how many copies of our files are there. Worse, we are unable to know and stop malicious insiders from accessing the possibly sensitive data. Despite being transferred across and within clouds over encrypted channels, data often has to be decrypted within the database for it to be processed. Exposing the data at some point in the cloud to a few privileged users is undoubtedly a vendor-centric approach, and hinges on the trust relationships data owners have with their cloud service providers. A recent example of the abuse of the trust relationship is the high-profile Edward Snowden case. In this paper, we propose a user-centric approach which returns data control to the data owners --- empowering users with data provenance, transparency and auditability, homomorphic encryption, situation awareness, revocation, attribution and data resilience. We also cover key elements of the concept of user data control. Finally, we introduce how we attempt to address these issues via the New Zealand Ministry of Business Innovation and Employment MBIE-funded STRATUS Security Technologies Returning Accountability, Trust and User-centric Services in the Cloud research project.

Security as a service (SecaaS)—An overview

With cloud computing facilitating the migration of platforms, infrastructure and software to the cloud, security services are now following suit. Security as a service (SecaaS) is inherently a business model in which organizations can purchase on-demand security solutions to protect their data, applications, and systems, while taking advantage of what cloud computing has on offer. This chapter explores the evolution from traditional on-premise and managed security solutions to the SecaaS model, and evaluates the supporting and opposing arguments for the adoption of cloud security services. Furthermore, an overview is given for cloud security services categories with additional focus areas presented, and critical gaps identified in the literature.

A Scalable Approach to Joint Cyber Insurance and Security-as-a-Service Provisioning in Cloud Computing

As computing services are increasingly cloud-based, corporations are investing in cloud-based security measures. The Security-as-a-Service (SECaaS) paradigm allows customers to outsource security to the cloud, through the payment of a subscription fee. However, no security system is bulletproof, and even one successful attack can result in the loss of data and revenue worth millions of dollars. To guard against this eventuality, customers may also purchase cyber insurance to receive recompense in the case of loss. To achieve cost effectiveness, it is necessary to balance provisioning of security and insurance, even when future costs and risks are uncertain. To this end, we introduce a stochastic optimization model to optimally provision security and insurance services in the cloud. Since the model we design is a mixed integer problem, we also introduce a partial Lagrange multiplier algorithm that takes advantage of the total unimodularity property to find the solution in polynomial time. We also apply sensitivity analysis to find the exact tolerance of decision variables to parameter changes. We show the effectiveness of these techniques using numerical results based on real attack data to demonstrate a realistic testing environment, and find that security and insurance are interdependent.

MetropolJS: visualizing and debugging large-scale javascript program structure with treemaps

As a result of the large scale and diverse composition of modern compiled JavaScript applications, comprehending overall program structure for debugging is challenging. In this paper we present our solution: MetropolJS. By using a Treemap-based visualization it is possible to get a high level view within limited screen real estate. Previous approaches to Treemaps lacked the fine detail and interactive features to be useful as a debugging tool. This paper introduces an optimized approach for visualizing complex program structure that enables new debugging techniques where the execution of programs can be displayed in real time from a birds-eye view. The approach facilitates highlighting and visualizing method calls and distinctive code patterns on top of code segments without a high overhead for navigation. Using this approach enables fast analysis of previously difficult-to-comprehend code bases.