IP Telecom and Security Program - PowerPoint PPT Presentation

About This Presentation

Title:

IP Telecom and Security Program

Description:

(U of Montreal, 2004) Some government/industry experience in ITSEC (1993-2004) ... Bank of Montr al. Partner in CFI grant (your name here) Security and FLOSS ... – PowerPoint PPT presentation

Number of Views:341

Avg rating:3.0/5.0

Slides: 45

Provided by: lewisr

Learn more at: http://www.cs.toronto.edu

Category:

more less

Transcript and Presenter's Notes

Title: IP Telecom and Security Program

1
IP Telecom and Security Program

Attendees Lewis Robart and David Gibson
IP Telecom and Security Group, Spectrum
Engineering Branch, Industry Canada
Groups objective is to ensure reliable
telecommunications services, through engineering
investigation and analysis of emerging
technologies.
Program Components
Engineering investigation and analysis
Protocol Analysis Lab (PAL)
Industry collaboration
Standards development
Academic partnerships

2
Centre for CyberSecurity Researchat University
of Toronto at Mississauga

Stefan Saroiu
University of Toronto

3
How do we start addressing the problem?

We need modern ways of examining how Internet and
networked information systems work?
Network traffic vantage points
Mechanisms to replay traffic in controlled
environments
We need to examine new problems introduced by new
technologies
Mobile devices ubiquitous connectivity
500/month buys WiMax metropolitan connectivity
at broadband speeds in Seattle
In 10 years, a 500 PDA will have a 20x faster
CPU and a 30x bigger hard disk than your desktop
Keshav 05

4
Eric YuAssoc. Prof.Fac. Info.
StudiesUniversity of Toronto

Systems design for security and privacy
Software Requirements Engineering, NFRs
Intentional modeling for Software Engineering
Strategic Modeling
Knowledge Management
Enterprise Architecture

www.fis.utoronto.ca/yu
5
Strategic Dependency Model Smart Card System
Strategic Rationale Model Card Manufacturer

The i framework for strategic actors modeling

6
Michel BarbeauSchool of Computer
ScienceCarleton University

Interests Wireless security, intrusion
detection, threat assessment, radio frequency
fingerprinting, mobility profiling

7
Recent Work

WiMax/802.16 Threat Analysis
Paper in Q2SWinet 05
Enhancing Intrusion Detection in Wireless
Networks Using Radio Frequency Fingerprinting
Paper CIIT 04 with J. Hall and E. Kranakis
Rogue Access Point Detection in Wireless Networks
Patent with J.M. Robert (Alcatel)
See www.scs.carleton.ca/barbeau

8
(No Transcript)
9
Cyber-Security Research and Test Facility

Stephen Neville
Assistant Professor
Electrical Computer Engineering Dept.
University of Victoria
Email sneville_at_ece.uvic.ca

10
Overview

Development of a research and test facility for
accurately simulating corporate-scale network
environments for systems (and systems-of-systems)
level cyber-security and privacy research.
Goals
Ability to simulate/re-create arbitrary network
environments
Up to full 1 Gbps bandwidths.
Reproductions down to packet payloads and
inter-packet timing characteristics.
Overlaying of arbitrary attack and normal events.
Not based on virtual networks
unlike Iowa States ISEAGE system.
or, DETER based on University of Utahs EmuLab
suite.

11
Overview (cont.)

Ability to re-instantiate/re-run experiments
on-demand
Exact control over facilitys configuration
All system OSes (mirrored in at experiment run
time)
Network traffic data images
Network switch configurations
Timing and sequencing of overlaid attack and
normal traffic events
Performed through custom experiment control and
management software
Experiment configuration
Data set loading
Experiment sequencing
On-demand isolation from all UVic networks
To meet the goals of scientific repeatability
To facilitate statistically valid sensitivity and
robustness research

12
Overview (cont.)

Physically isolated secure facility
Exact control over all network traffic
Physically isolated networks (not virtual
networks)
Physically separate laboratory space
Complete facility behind locked doors.
No internet connection during experimental runs
Access restrictions based on a per data set basis
Required to meet security and privacy concerns.

13
Equipment

42 dual-Xeon 3.0GHz IBM HS20 blades
Each with dual 36 G SCSI drives
2 dual-Xeon 3.0 GHz 2U x386 servers
each with its own 350G 15k SCSI RAID
12 Nortel Layer 2/3 network switch modules
Cisco 4503 layer 2/3 switch
4 3.4 Ghz dual-Xeon desktop servers
2 with quad 2x2 20 LCD displays
9 small form factor 2.8Ghz Xeon PCs
4 1 Gbps Ethernet ports per machine
4 independent 1 Gbps networks
2 attack/simulation networks
2 experiments control networks
Leverage UVics existing petabyte storage
facility
4 Gbps fiber connection to UVics research
network

Physical Architecture

15
Status

Fully funded.
CFI New Opportunities grant
British Columbia Knowledge Development fund.
Generous in-kind donation by IBM Canada Inc.
CFI Infrastructure 5 year Operating grant
550k in total funding.
Equipment on-site and powered (as of Oct. 1)
Rack mount equipment is secure server room.
Adjacent secure lab space under renovation.
Final network connections in process of being
made.

16
Going Forward

Over next 4 to 8 weeks initial facility
capabilities will come on-line.
Custom facility control and management software
Position to be filled Nov. 1st
Completion time estimated at 8 months
Completion date Late summer 06
Interesting research can be undertaken prior to
all the facilitys capabilities are fully
realized.
Seeking
Representative network traffic data sets
Academic and industrial collaborators
Not limited to cyber-security related research
Open to general systems and systems-of-systems
level research
Ideally also, funding opportunities
Particularly, student support

17
Securing Computing Systems

David Lie
Department of Electrical and Computer Engineering
University of Toronto

Interests
Virtual Machine Monitors to provide
Isolation
Customization
Flexibility
Intrusion Detection
Automatic Signature Generation
Automatic Filter Generation
Automatic Recovery

18
Preventing Information Leakage
Private Key
Other Applications
SSH-Unpriv
SSH-Priv
Operating System
Minimal OS
Password File
Virtual Machine

Even if the Linux system is compromised, the
private key and password are safe in a separate
Virtual Machine
The adversary cannot get that information

19
Marsha Chechik

University of Toronto, Department of CS
Interests
Automated reasoning about software
Requirements engineering
Verification and validation
Interests in Cybersecurity
Reasoning about components and their interactions
w.r.t. complex security properties
Specifications that allow compositional reasoning
Analysis of code
Automated, precise, scalable

20
Example reasoning about ssh

Split ssh into two parts (secure kernel and the
rest)
Prove that the two parts still perform the right
function
Prove that the splitting did not introduce new
problems
In ssh communication between the two parts
could be undermined, allowing access to the rest
of info
Prove, using Toronto software model-checker Yasm
that secure kernel satisfies its properties
About 30,000 lines of code.
Guarantee, using Virtual Memory Monitors, that
the rest of the system is secure

21
CISaCcisac.math.ucalgary.ca

H.C. Williams
iCORE Chair, Algorithmic Number Theory
Cryptography
Department of Mathematics and Statistics
University of Calgary

22
CISaCs Mission

CISaC's objective is to conduct
multi-disciplinary
research in information protection, including
mathematical foundations,
Secure communication and cryptography,
Quantum information science,
Privacy
Security of computer networks, software, and
hardware.

23
Urs Hengartner

Assistant Professor in the School of Computer
Science at University of Waterloo
Ph.D. from Carnegie Mellon (August 2005)
uhengart_at_cs.uwaterloo.ca
Research interests
Privacy in future computing environments
Uncertainty in access control
Credential discovery

24
Research Interests in Information Privacy

Privacy violations caused by naïve application of
access control in pervasive computing
Location-based service leaks current location
Calendar entry leaks participants location
Privacy for emerging services
Bell Canadas Seek Find service
Googles talk, email, services

Ashraf Matrawy Assistant Professor, Systems and
Computer Engineering, Carleton University
Background is network reliability, QoS, and
security
Security interests
Mitigation of Network Denial of Service (NDoS)
through new network architectures and traffic
management techniques. (with DSG at Carleton)
Establishing trust in collaborative and P2P
applications in wireless environments.
Evaluation of network security development of
metrics that describe the security status of a
computer network.
http//www.sce.carleton.ca/faculty/matrawy.html
amatrawy_at_sce.carleton.ca

26
José M. Fernandez École Polytechnique

Background
M.Sc. Theoretical Crypto (U of T, 1993)
Ph.D. in Quantum Computing (U of Montreal, 2004)
Some government/industry experience in ITSEC
(1993-2004)
École Polytechnique
Asst. Prof. Department of Computer Engineering,
since 2004
Teaching
4th-year intro to ITSEC (updated!)
Graduate Network Security course
Graduate Microprogramme in Computer Security in
development
Research/training HQP
Done
3x M.Sc., 4x B.Sc.
In progress
1x Ph.D.(co-dir)
8x M.Sc. (3x co-dir)

Current Research Areas
DDoS Attacks
Statistical modelling and defensive strategy
optimisation
2x M.Sc.A (EH, AB)
In ad-hoc networks
2x M.Sc.A. (AM, SMR)
Next-generation IDS
Mobile-agent based
1x M.Sc.A (ST)
Evolutionary methods
1x M.Sc.A (FK)
Collaborative strategies
1x M.Sc.A (KA)
Malware analysis and optimisation
1x M.Sc.A (PMB)
Quantum Stuff
1x Ph.D.

27
José M. Fernandez École Polytechnique

Funding
CFI
1 M grant (eqptSW) ?
144x blade cluster for network emulation
Special-purpose HW
Traffic generator
Reconfigurable network
Research Sensor Network
(looking for hosts!!)
High-security Malware Lab
NSERC
15 k/yr x 3 yr. ?
Polytechnique start-up grants
15 k ( 15k pending)
FQRNT (pending)
20k/yr x 2 yr.
Too many toys, not enough kids !!!

Collaborators Partnerships
DGI-Polytechnique
John Mullins
formal methods in security
Ettore Merlo Giuliano Antoniol
Software security. Automated vulnerability
discovery by static analysis of source code
Samuel Pierre
Security in ad-hoc networks
CRIMOB
FQRNT research centre proposal
Sureté du Québec/RCMP
Teaching and trg of students (internships)
Possible RD projects
ASIMM
Local IT Security prof. association
Bank of Montréal
Partner in CFI grant
____(your name here)____

28
Security and FLOSS
Security FLOSS
Professor Mark Perry mperry_at_uwo.ca Faculty of
Law Faculty of Science University of Western
Ontario
29
FLOSS for the paranoid

Who can we trust?
Ourselves?
What are vital systems for democracy?
Voting
Government
Tax
Defense
What software to use?
FLOSS.

30
Nadia TAWBIComputer Science Software
Engineering DepartmentLaval University

Research Interests
Static Code Analysis
Dynamic Code Analysis
Malicious Code Detection
Formal Verification
Securing Optimizing Resource Limited Devices

31
Security Policy Enforcement Mechanisms

Malicious Code Detection
Extracting a model representing program
behaviour
Type based analysis
Flow analysis
Abstract Interpretation
Expressing security policy in a modal logic
Model checking
Depending on the result
Accept
Reject
Instrument
Embedded security
Optimizing security enforcement mechanisms

32
RD Areas
Andrew.Patrick_at_nrc-cnrc.gc.ca

human-computer interaction interfaces and
evaluation
machine translation and data mining for security
intelligence
anonymous ad-hoc mobile networks
security and privacy for e-services
engineering software for security

intelligent agents for trust communication,
handling (personal) data, and computer activity
monitoring
privacy applications and negotiation
trust psychological and artificial
biometrics face recognition, usability

33
Gord AgnewUniversity of Waterloo

Long term storage of records in large databases
(e-health records)
Secure and authenticated end-to-end VoIP
Secure Sensor Networks

34
Patrick C. K. Hung

Faculty of Business and Information Technology
University of Ontario Institute of Technology
(UOIT)
Oshawa, Ontario

Research Interests Security and Privacy,
Services Computing, Business Process Integration,
Electronic Negotiation and Agreement.
35
What I am working on

Teaching Introduction to Programming,
E-Commerce, E-Business Technologies, E-Commerce
Security Infrastructures, and External
Environment of Business
Research
"Mobile Network Dynamic Workflow Exception
Handling System," U.S. Patent Application Filed
to U.S. Patent and Trademark Office, Boeing
Phantom Works, USA, 2004-2006
"M-services computing security and privacy
enforcement model," NSERC Discovery Grants
Program - Individual, 2005-2007
Requirements and Architecture for Healthcare
Privacy in Mobile Ad Hoc Networks (MANETs) with
BUL, Bells Privacy Center of Excellence, UofT,
and Faculty of Health Sciences at UOIT, IN
PROGRESS
Professional Services
Program Co-chair of the Ninth IEEE EDOC
Conference (EDOC 2005) "The Enterprise Computing
Conference" and the General Chair of the tenth
IEEE EDOC 2006
Program Committee Vice-Chair of 2006 IEEE
International Conference on Services Computing
(SCC 2006)
Associate Editor of the International Journal of
Web Services Research (JWSR) and International
Journal of Business Process Integration
Management (IJBPIM)
Executive committee member of the IEEE Computer
Societys Technical Steering Committee for
Services Computing (TSC-SC)

36
The 2006 International Conference on Privacy,
Security and Trust (PST 2006)

Venue University of Ontario Institute of
Technology (UOIT)
Oshawa, Ontario, Canada
Theme Bridge the Gap between PST Technologies
and Business Services
Date October 30 (Monday) - November 1
(Wednesday), 2006

37
Topics of interest include, but are NOT limited
to, the following

Privacy Preserving/Enhancing Technologies
Critical Infrastructure Protection
Identity and Trust management
Network and Wireless Security
Operating Systems Security
Intrusion Detection Systems and Technologies
Secure Software Development and Architecture
Representations and formalizations of Trust in
electronic and physical social systems
PST challenges in e-services, e.g. e-Health,
e-Government, e-Banking, e-Commerce, and
e-Marketing
Information filtering, recommendation, reputation
and delivery technologies, spam handling
technologies
Trust technologies, technologies for building
trust in e-Business Strategy
Observations of PST in practice, society, policy
and legislation
Digital Rights Management
Human Computer Interaction and PST
Implications of, and technologies for, Lawful
Surveillance
Biometrics, National ID cards, identity theft
PST in services computing
Privacy, traceability, and anonymity
Trust and reputation in self-organizing
environments