Tag: Kevin Butler

Seeding the Cloud: Detecting Co-Residency with Network Flow Watermarking

Presenter: Hannah Pruse

Mentor: Kevin Butler

AM Session Oral Presentation

Panel Name: M2 Chaos in the Clouds

Location: Alsea Room

Time: 11:00am – 12:00pm

Cloud computing has become vital in the realm of information technology by providing computing as a service. Cloud provider customers do not need to purchase and maintain their own machines to deploy web applications, but can instead run virtual machines (VMs) from the provider’s datacenter. The key to supporting this model is virtualization, which allows physical resources to be shared across multiple users, allowing several VMs to run on a single computer. However, customers share resources with unknown and un- trusted parties, leaving sensitive data vulnerable to unauthorized access through the exploitation of side channels. Prior co-residency detection methods relied on specific vulnerabilities of hypervisors, the underlying software facilitating virtualization, which can be easily fixed. We demonstrate that co-residency exploitation is not simply a flaw in a particular hypervisor, but is a real threat in the cloud computing model. We have developed a hypervisor-independent attack that compromises isolation of VMs, allowing for exfiltration of co-residency information by injecting a watermark, or specific patterns of delays, into the target VM’s network flow. Through experiments in a local testbed and real-world deployments on a commercial cloud, we observed accurate detection of co-residency in less than 60 seconds. We demonstrate that our watermark itself can be a covert channel for malicious access of data, thus highlighting the significance of this vulnerability and the threat posed to current cloud computing platforms.

libPacForge: a Library for Automated Packet Generation in C++

Presenter: Peter McKay (Computer and Information Science)

Mentor: Kevin Butler

Oral Presentation

Panel C: “Technology and Government” Coquille/Metolius Rooms

Concurrent Session 1: 9:00-10:15am

Facilitator: Melina Pastos

This paper concerns the automation of arbitrary packet crafting and transmission, in order to test functionality at the transport layer of the internet protocol suite and above. Although libraries such as libpcap exist to make it easy for programmers to carry out network packet analysis, no such library exists specifically to ease the creation of programs that craft and efficiently transmit arbitrary packets (i.e. software testing suites and network protocol prototypes). This paper will detail this author’s creation of such a library, libPacForge, and the results of tests to compare its usability and efficiency against a manually crafted packet generator in C, as well as against a program created using the Metasploit Framework. These tests measured efficiency by comparing transmission rate of rapidly changing packets, and measured usability by analyzing the time necessary to write a functional program. In the course of carrying out these tests, a marked increase was observed in terms of both efficinecy and usability. From this we can deduce that automation can reduce the time needed to write effective tests and prototypes.

Analyzing the Deployment of Secure Routing Protocols at Internet Scale

Presenter: Braden Hollembaek

Mentor: Kevin Butler

Poster: 18

Major: Computer Science 

With large-scale attacks occurring at alarming frequency, the current state of Internet routing security has proven to be inadequate. Various security modifications to the current protocols have been proposed to help mitigate this problem, but none have seen widespread support or adoption due, in part, to the lack of investigative research on the high demands of bandwidth and cryptographic processing power required by these protocols. The purpose of this study is to provide the critical and independent analysis necessary to determine the feasibility and effect of deploying secure routing protocols across the highest levels of the Internet. By creating software capable of simulating all of the world’s routing traffic, we are able to analyze the additional bandwidth consumed by multiple secure protocols as well as increased load placed on the CPUs. As the research progresses, we will be comparing various secure protocol specifications to determine which security features are the best candidates for adoption and which are not well-suited for use at Internet scale. Based on their efficiency for real-world deployment while not compromising their security, we will be able to make strong recommendations on which protocol suite will be the most practical for implementation going forward.

Verifying the Implementation of Secure Multi-Party Computation Systems

Presenter: Jonathan Eskeldson

Mentor: Kevin Butler

Poster: 14

Major: Computer Science/Mathematics 

As technology has advanced, applications have arisen which rely on sensitive data. In the past, users had to trust these application’s creators with private data. However, breaches of private data and abuses of power, such as
the Snowden NSA revelations, have eroded users’ trust. A recent development in cryptography, called multi-party computation (MPC), allows multiple parties to compute a function over sensitive inputs, in such a way that the
inputs themselves are not revealed, bypassing the issue of trust. This is usually done by performing Yao’s Garbled Circuit protocol. This was mostly theoretical work until a few years ago, when systems capable of performing these operations were created. While there is confidence in the theory driving such systems, little attention has been paid to their implementations, which are prone to error due to their large size and complexity. These errors could create discrepancies between what a system claims to do and what that system actually does, which could weaken its security. The purpose of this study is to rigorously evaluate the security of leading MPC implementations, and expose bugs that weaken the system’s security. This research will help inspire confidence in the implementation of these systems, making them suitable for use in areas where security is a high priority, including electronic elections and private auctions.