Get Your Head out of the Clouds:An Illusion of Privacy & Confidentiality
Abstract not provided.
Publications
Get your head out of the clouds: The illusion of confidentiality and privacy
Proceedings - 8th IEEE International Symposium on Cloud and Services Computing, SC2 2018
The cloud has been leveraged for many applications across different industries. Despite its popularity, the cloud technologies are still immature. The security implications of cloud computing also dominate the research space. Many confidentiality-and integrity-based (C-I) security controls concerning data-at-rest and data-in-transit are focused on encryption. In the world where social-media platforms transparently gather data about user behaviors and user interests, the need for user privacy and data protection is of the utmost importance. However, how can a user know that his data is safe, that her data is secure, that his data's integrity is upheld; to be confident that her communications only reach the intended recipients? We propose: They can't. Many threats have been hypothesized in the shared-service arena, with many solutions formulated to avert those threats; however, we illustrate that many technologies and standards supporting C-I controls may be ineffective, not just against the adversarial actors, but also against trusted entities. Service providers and malicious insiders can intercept and decrypt network-and host-based data without any guest or user knowledge.
Get Your Head Out of the Clouds: The Illusion of Confidentiality & Privacy
Abstract not provided.
Now You See Me Now You Don't: Advancing Network Defense through Network Deception
Abstract not provided.
Hypervisor Assisted Forensics and Incident Response in the Cloud
Abstract not provided.
Hypervisor Assisted Forensics and Incident Response in the Cloud
Abstract not provided.
Hypervisor Asssisted Forensics and Incident Response in the Cloud
Abstract not provided.
Computer network deception as a Moving Target Defense
Proceedings - International Carnahan Conference on Security Technology
Computer Network Defense (CND) has traditionally been provided using reactionary tools such as signature-based detectors, white/blacklisting, intrusion detection/protection systems, etc. While event detection/correlation techniques may identify threats - those threats are then dealt with manually, often employing obstruction-based responses (e.g., blocking). Literature has shown that as threat sophistication grows, perimeter-planted security efforts are ineffective in combating competent adversaries; malicious actors are already seated behind enterprise defenses, navigating the controls. We have developed a novel approach to CND: the Deception Environment. Under the Deception Environment framework, we have created a live, unpredictable, and adaptable deception network leveraging virtualization/cloud technology, software defined networking, introspection and analytics. The environment not only provides the means to identify and contain the threat, but also facilitates the ability to study, understand, and develop protections against sophisticated adversaries. Its extensibility has enabled us to explore its application as a Moving Target Defense (MTD).
8 Results