290 likes | 406 Views
HANDBOOK ON GREEN INFORMATION AND COMMUNICATION SYSTEMS. Chapter 23: Analysis and Development of Green-Aware Security Mechanisms for Modern Internet Applications. 1 Luca Caviglione and 2,3 Alessio Merlo 1 ISSIA-CNR, Italy 2 E-campus University, Novedrate, Italy
E N D
HANDBOOK ON GREEN INFORMATION AND COMMUNICATION SYSTEMS Chapter 23: Analysis and Development of Green-Aware Security Mechanisms for Modern Internet Applications 1Luca Caviglione and 2,3Alessio Merlo 1ISSIA-CNR, Italy 2E-campus University, Novedrate, Italy 3DIST- University of Genoa, Italy
Energy consumption of SN and devices • Social Networks (SNs) are one of the big phenomenon of Web 2.0, making Internet becoming always more an Internet of People. • Users can ubiquitously access SN from different devices (laptop, handheld devices, top box devices, …) • Access to SN is made through non standardized solutions. • Web 2.0 and SN also contribute in the increased energy consumption of Internet that it is now responsible for a relevant portion of CO2 emission.
Security issues in SN • Security in SN is a complex and cross-layer issue (from network layer to application layer), due to: • the huge amount of personal data to protect; • the ubiquity of SNs. • Security in SNs is currently obtained by combining heterogeneous (and often overlapping) specific security solutions. • SN security is also not standardized and hard to evaluate; • security solutions waste resources due to their overlapping. • Security in SNs is nowadays also an energy consumption issue.
Green Security and SNs • Thus, SNs combine an Energy-consumption problem and a Security problem • By intersecting these two issues together with architectural problems related to Web 2.0, a new kind of “space” arise. • Green-Aware Security is a new research field aimed at tackling this intersection.
Five Main Contributions • Introducing security issues of Web 2.0 (in the sense of SN) at networklayer; • Pointing out vulnerabilities and security flaws at applicationlayer of SNs applications; • Showing by example how focused attacks can exploit vulnerabilities in SNs; • Formalizing the concept of energy-awareness for security mechanisms; • Providing an early model of energy-consumption in terms of security.
Mobile and social • The spread of SNs is spurred by a full mobility support, allowing the user to access SNs through mobile devices, desktop PC, set top boxes and so on; • In addition, access from mobile is constrained by battery duration, which constitutes a new attack surface. • Moreover, access to SN is granted by heterogeneous and often incompatible clients, thus resulting in a very balkanized scenario. • Assessing security and possible threats is harder than in other Web apps.
SNs in a nutshell SNs are very popular since: • they allow to share user-generated contents in a quick and simple way, also by providing the needed hosting and authoring tools; • they offer different features to support user-to-user communications (i.e. Instant Messaging); • theyenable the creation of new software services through a set of APIs.
SNs in a nutshell /2 • current SNs are “open” (i.e., a user in a SN can interact with similar platforms operated by different providers); • they are highly interactive and they support real-time features; • as a consequence of a solid mobility support, many SNs offer also localization services, making them suitable to be used jointly with geo-tagged information.
Main Security Hazards of SNs Previous features increase also new security hazards: • simple distribution of personal information leading to possible attacks à-la social engineering; • due to complex or incoherent privacy and security settings, users can reveal their topographical location, thus reflecting in breaches into physical security as well;
Security Hazards in SNs /2 • the joint utilization of different/specialized services can bring to a new type of attacks based upon multiple profile fusion. Also, such amount of information can ease the automatic and massive user profiling, thus reducing privacy; • accessing SNs from mobile devices, mostly performed via the IEEE 802.11, accounts for additional risks in terms of attacks due to the joint utilization of weak security standards and unencrypted application layer protocols
Security Hazards in SNs /3 • since mobile devices are often battery operated, a new class of battery-draining attacks arise; • the integration of third-party Web application can lead to many possible hazards, and creates new security breaches; • to provide the proper degree of interactivity and sophisticated user-interfaces, specific design patterns are adopted. But, they increase the risk of attacks such as request forgeries;
Security Hazards in SNs /4 • the availability of SN applications from a variety of appliances (e.g., mobile gaming consoles) may foster new kind of attacks based upon stack misbehaviors, or protocol fingerprinting. For instance, many devices do not have a full-featured TCP/IP stack and could exhibit erratic or exploitable behaviors. Thus, security issues on SNs are cross-layers (application, network, devices) and strongly relies on the heterogeneity of actors and media they are related with.
Application Layer Security Issues • SNs are essentially Web Applications. Thus they suffer from weakness related to client/server paradigm and native Web technologies (i.e. HTTP, SQL, AJAX, JavaScript, PHP, JSP, ASP, …). • According to OWASP, the most dangerous vulnerabilities for Web Apps are: Injection, XSS, Broken Authentication, Insecure Object Reference, XSRF, Security Misconfiguration, Insecure Cryptographic Storage, Failure to restrict URL access, Insufficient Transport Layer protection and Unvalidated Redirect and Forward.
Network Layer Security Issues At the network layer, SNs may suffer from different vulnerabilities which take to gather information: • by exploiting the use of HTTP over IEEE 802.11 channels; • by retrieving information from HTML pages and in-line objects; • since SNs have a typical traffic pattern, it is possible to gather information also from ciphered traffic; • Devices used to connect to SNs may not have a complete TCP/IP stack, reducing security.
Exploiting SN’s flaws • We investigated how a subset of OWASP vulnerabilities may be exploited on a SN. • To this aim, we built a toy model of a simple SN (denoted as AllTogether) to investigate the impact of: • Injection • XSS • Broken Authentication • XSRF
The AllTogether toy Scenario • AllTogether is a sample model where each logged user can: • navigate his profile; • update his profile; • adding/removing friends; • chat with friends; • exchange messages with all users; • specify visibility policies for portions of his/her profile with a single friend granularity.
Exploiting Injection in AllTogether • SQL Injection can be used to force the adding of a malicious user as a friend of a victim one; • This is possible if no check are made on the friend name which may contain another SQL statement; • Correct query: INSERT INTO Friends VALUES (“John Doe”, “Jane Doe”); • Injected query: INSERT INTO Friends VALUES (“John Doe”, “Jane Doe”); INSERT INTO Friends VALUES (“John Doe”, “Eve )”;
Exploiting XSS in AllTogether • Users update profile using HTML forms. A malicious user can embed JS code in an HTML of his profile as follows: +39010353XXX <script language="javascript" type="text/javascript">alert(document.cookie);</script> • A user accessing that field will execute automatically the JS code through his browser, if proper control on HTML fields are not executed on the SN side.
Exploiting Broken Auth in AllTogether • SNs use password retrieval services which are generally based on a shared secret (e.g. the surname of the user’s mother); • A user is challenged to answer correctly to the secret question in order to change his credentials; • Many of these information are available on posts and profile; • Malicious user can discover such information by crawling the SN graph;
Exploiting XRSF in AllTogether • The XSRF attack can force a user to perform an unwanted action, inadvertently; • SN APIs are public and method for friend addition may be well known by any user; • A malicious user can force a victim to visit an URL (e.g. through a message) that, once executed by the victim, invokes the APIs method for adding a friendship relation; • In order to successfully exploit XSRF, the victim user must be logged to the SN.
Heterogeneous Security and Energy Consumption • Attacks to an OSN (as those explained for the AllTogether toy example scenario) are hardly managed by a single security mechanism, thus security in OSN is generally granted by a set o different solutions. • Besides, successful attacks have impacts also on energy consumption as well as on data privacy, integrity and confidentiality. • Thus, both these different aspects should be considered taking to a new approach to security.
Towards Green Security • Security mechanisms account for energy consumption at different levels, putting an overhead within the computing infrastructure; • Optimal and non-overlapping security solutions sufficient for countering network and application security issues is required but notsufficient in the near future; • Energy-consumption perspective must be taken also into account.
Green Security and Green Newtorking • The complexity of SNs consequently increases the resources required to the network, since users connects from different devices, often at the same time; • Thus, also security requirements increases due to the complexity of clients for accessing the SN; • In general, this reflects into an amount of power consumption, due both to service complexity and security;
Towards a new problem space A new kind of green-awaresecurity issues arise: • security mechanisms may require proper architectural elements to be placed in the network; • in order to secure communications additional signaling could be needed; • such protocols and mechanisms can reflect in additional software layers increasing consumption through additional CPU usage; • users access the Internet both via wireless and wired access networks. Thus, security mechanisms could be deployed at different layers.
A Green Perspective in Securing SNs • SNs are protected by means of a combination overlapping security mechanisms, designed without taking into account energy costs. • Such security mechanisms (e.g. IDS, Antivirus) currently significantly lowers the battery of mobile devices. • Modeling and assessing the energy consumption of current mechanisms and designing new green-aware solutions is our proposal.
Conclusions • In this Chapter, we: • Analyzed security issues related to SNs; • Pointed out interrelations between Green Computing, Security and SNs; • Argued that current approaches to securing SNs are not optimized in terms of energy consumption; • Proposed a new research trend aimed at greening the development of future security solutions. • Future developments: • sperimental measurements of actual energy consumption of security mechanisms; • Modeling and designing green-aware security solutions.