Cloud Security and Mobile Application Security. SBA Research & Vienna University of Technology Edgar R. Weippl

Transcription

1 Cloud Security and Mobile Application Security SBA Research & Vienna University of Technology Edgar R. Weippl

2 Target Audience Graduate students in computer science Some knowledge in in security but no focus on information security Interest in Privacy and Security

3 Trust Humans interact with humans. Computer and communication security as a mechanism to implement trust. Bruce Schneier, Liars and Outliers: Enabling the Trust that Society Needs to Thrive, John Wiley & Sons, 2012.

4 Trust

5 Observation & Empirical Research Observation of complex systems

6 Empirical Research Dropbox Martin Mulazzani, Sebastian Schrittwieser, Manuel Leithner, Markus Huber, and Edgar R. Weippl. Dark clouds on the horizon: Using cloud storage as attack vector and online slack space. USENIX Security, 8/2011. WhatsApp Sebastian Schrittwieser, Peter Fruehwirt, Peter Kieseberg, Manuel Leithner, Martin Mulazzani, Markus Huber, and Edgar R. Weippl. Guess who is texting you? evaluating the security of smartphone messaging applications. In Network and Distributed System Security Symposium (NDSS 2012), Facebook Markus Huber, Sebastian Schrittwieser, Martin Mulazzani, and Edgar Weippl. Appinspect: Largescale evaluation of social networking apps. In ACM Conference on Online Social Networks (COSN 2013), Amazon Amir Herzberg and Haya Shulman and Johanna Ullrich and Edgar R. Weippl, Cloudoscopy: Services Discovery and Topology Mapping, in Proceedings of the ACM Cloud Computing Security Workshop (CCSW) at ACM CCS 2013, 2013.

7 Empirical Research Dropbox Martin Mulazzani, Sebastian Schrittwieser, Manuel Leithner, Markus Huber, and Edgar R. Weippl. Dark clouds on the horizon: Using cloud storage as attack vector and online slack space. USENIX Security, 8/2011. WhatsApp Sebastian Schrittwieser, Peter Fruehwirt, Peter Kieseberg, Manuel Leithner, Martin Mulazzani, Markus Huber, and Edgar R. Weippl. Guess who is texting you? evaluating the security of smartphone messaging applications. In Network and Distributed System Security Symposium (NDSS 2012), Facebook Markus Huber, Sebastian Schrittwieser, Martin Mulazzani, and Edgar Weippl. Appinspect: Largescale evaluation of social networking apps. In ACM Conference on Online Social Networks (COSN 2013), Amazon Amir Herzberg and Haya Shulman and Johanna Ullrich and Edgar R. Weippl, Cloudoscopy: Services Discovery and Topology Mapping, in Proceedings of the ACM Cloud Computing Security Workshop (CCSW) at ACM CCS 2013, 2013.

8 Cloudoscopy Amir Herzberg and Haya Shulman Computer Science Dept. Bar-Ilan University - and - Johanna Ullrich and Edgar Weippl SBA Research, Wien

9 Cloud Computing / IaaS Infrastructure for on-demand IT services Rent storage, cycles, infrastructure, data hosting, outsource expertise and maintenance Some popular providers Amazon EC2, Microsoft Azure, Google, Rackspace Resource sharing between a number of VMs CPU Memory Bandwidth

10 New Threats Malicious cloud tenants, e.g., conflicting interests Resource sharing can be exploited for attacks by malicious tenants on other tenants, e.g., cross VM attacks Malicious cloud operator, e.g., may cheat to save resources Placement of instances on same physical region, same host Charges the subscriber not proportionally to service provided Rerouting traffic inefficiently Selling the list of its clients to data hoarders

11 Cloud Computing Security Isolation to prevent attacks by other tenants Network and host isolation Cloud service verification to establish trust in cloud Known (traditional) services verification: storage and computation. Extensively studied New (infrastructure) services verification: placement and communication

12 Cloud Computing Security Verify placement and communication To prevent single point of failure To reduce latency and guarantee quality of service To avoid snooping on traffic by attackers Efficient placement of instances and communication To prevent cross VM attacks, e.g., memory side channel attacks Cloud security is difficult to measure Need tools to enable clients to verify cloud services

13 Cloudoscopy 1. IP address deanonymisation: Expose the internal IP address of a victim instance 2. Hop-count measuring: measure its hopcount distance from adversarial cloud instances 3. Co-residence testing: test to find a specific instance which is close enough to the victim (e.g., co-resident) to allow (denial of service or side-channel) attacks.

14 IP Address Deanonymisation Expose the internal IP address of a victim instance, then Simple: tracert, ping New approach: interrupt-overloading sidechannel general and not protocol specific New approach: server-bounce scan In some protocols, e.g., SMTP, servers open a connection using a domain name from an incoming connection.

15 IP Address Deanonymisation: Discovery via Interrupts

16 IP Address Deanonymisation: Discovery via Interrupts

17 IP Address Deanonymisation: Discovery via Interrupts

18 IP Address Deanonymisation: Discovery via Interrupts

19 Hop-count measuring Once IP is found, find path to victim Cloud platforms block ICMP errors/ control messages Our idea: Scan with incrementing TTL Use timing side-channel to count hosts

20 Co-residence Testing Place prober on same host as victim Check if TTL scan to victim is 0 Check patterns to prober via interrupt-based side-channel If both pass attacker is co-resident with victim

21 Co-residence Testing Legitimate use: Ensure location (EU vs. US laws) Ensure separation of locations (redundancy) Attacks based on tenant-to-tenant and tenant-provider communication Blocking is not the solution, because 1/3 of communication would be less efficient

22 Summary

23 Empirical Research Dropbox Martin Mulazzani, Sebastian Schrittwieser, Manuel Leithner, Markus Huber, and Edgar R. Weippl. Dark clouds on the horizon: Using cloud storage as attack vector and online slack space. USENIX Security, 8/2011. WhatsApp Sebastian Schrittwieser, Peter Fruehwirt, Peter Kieseberg, Manuel Leithner, Martin Mulazzani, Markus Huber, and Edgar R. Weippl. Guess who is texting you? evaluating the security of smartphone messaging applications. In Network and Distributed System Security Symposium (NDSS 2012), Facebook Markus Huber, Sebastian Schrittwieser, Martin Mulazzani, and Edgar Weippl. Appinspect: Largescale evaluation of social networking apps. In ACM Conference on Online Social Networks (COSN 2013), Amazon Amir Herzberg and Haya Shulman and Johanna Ullrich and Edgar R. Weippl, Cloudoscopy: Services Discovery and Topology Mapping, in Proceedings of the ACM Cloud Computing Security Workshop (CCSW) at ACM CCS 2013, 2013.

24 Apps, Mobile Devices, Cloud Services So many new opportunities Building on experience of previous decades Things can only get better Really? Martin Mulazzani, Sebastian Schrittwieser, Manuel Leithner, Markus Huber, and Edgar R. Weippl. Dark clouds on the horizon: Using cloud storage as attack vector and online slack space. USENIX Security, 8/2011.

25 Data Deduplication At the server Same file only stored once Save storage space at server At the client Calculate hash or other digest Reduce communication

26 Attacks Hash manipulation Stolen Host ID Direct Up-/Download Uploading without linking Simple HTTPS request

27 Evaluation Time until (hidden) chunks get deleted: Random data in multiple files Hidden upload: at least 4 weeks Regular upload: unlimited undelete possible (> 6 months) Popular files on Dropbox: thepiratebay.org Top 100 Torrent files Downloaded copyright-free content (.sfv,.nfo,...) 97 % (n = 368) were retrievable 20 % of torrents were less than 24 hours old Interpretation: At least one of the seeders uses Dropbox

28 Solutions Aftermath Dropbox fixed the flaws HTTPS Up-/Download Attack Host ID is now encrypted No more client-side deduplication Proof of ownership Take down notice 4. Download all files of the victim 3. Link hashes with fake client 1. Steal hashes 2. Send hashes to Attacker Attackers PC Victim using Dropbox

29 Underlying Problems Access Control Identification based on hash values

30 Access Control Structures Requirements on access control structures: The access control structure should help to express your desired access control policy. You should be able to check that your policy has been captured correctly. Access rights can be defined individually for each combination of subject and object. For large numbers of subjects and objects, such structures are cumbersome to manage. Intermediate levels of control are preferable.

31 Access Control Matrix Notation S set of subjects O set of objects A set of access operations Access control matrix: M = (M so ) s S,o O, M so A. The entry M so specifies the operations subject s may perform on object o. bill.doc edit.exe fun.com Alice - {exec} {exec,read} Bob {read,write} {exec} {exec,read,write}

32 Access Control Matrix ctd. The access control matrix is an abstract concept not very suitable for direct implementation not very convenient for managing security How do you answer the question: Has your security policy been implemented correctly? Bell LaPadula (and Orange Book): access control matrix defines discretionary access control (DAC).

33 Capabilities Focus on the subject access rights are stored with the subject Alice edit.exe: {exec} fun.com: {exec,read} capabilities rows of the access control matrix Subjects may grant rights to other subjects. Subjects may grant the right to grant rights. Problems: How to check who may access a specific object? How to revoke a capability? Distributed system security has created renewed interest in capabilities.

34 Access Control Lists (ACLs) Focus on the object access rights are stored with the object fun.com Alice: {exec} Bill: {exec,read,write} ACLs columns of the access control matrix Access rights are often defined for groups of users. Unix: owner, group, others VMS: owner, group, world, system Problem: How to check access rights of a specific subject? ACLs are typical for secure operating systems of Orange Book class C2.

35 Intermediate Controls Intermediate controls facilitate better security management. To deal with complexity, introduce more levels of indirection. users roles procedures data types objects

36 Groups and Negative Permissions Groups are an intermediate layer between users and objects. users groups objects To deal with special cases, negative permissions withdraw rights users groups objects

37 Role Based Access Control (RBAC) Several intermediate concepts can be inserted between subjects and objects Roles: collection of procedures assigned to users; a user can have more than one role and more than one user can have the same role. Procedures: high level access control methods with a more complex semantic than read or write; procedures can only be applied to objects of certain data types; example: funds transfer between bank accounts. Data types: each object is of a certain data type and can be accessed only through procedures defined for this data type.

38 RBAC continued RBAC itself does not have a generally accepted meaning, and it is used in different ways by different vendors and users. Controlling access to an object by restricting the procedures that may access this object is a general programming practice. It is a fundamental concept in the theory of abstract data types and object-oriented programming. Examples: user profiles in IBM s OS/400; global groups and local groups in Windows NT.

39 RBAC NIST model of RBAC (shown in Sandhu et al., 2000) is organized into four levels of increasing functional capabilities flat RBAC hierarchical RBAC constrained RBAC symmetric RBAC.

40 Flat RBAC

41 * Hierarchical RBAC +super-role 1 * +sub-role User membership Role authorization Permission * * * activation * * * User:Session: 1:n Session

42 Constrained RBAC

43 WhatsApp Sebastian Schrittwieser, Peter Fruehwirt, Peter Kieseberg, Manuel Leithner, Martin Mulazzani, Markus Huber, and Edgar R. Weippl. Guess who is texting you? evaluating the security of smartphone messaging applications. In Network and Distributed System Security Symposium (NDSS 2012),

44 Man-in-the-Middle

45 CERTIFICATES?

46

47 Authentication

48

49

50 In Reality

51 Even Worse Code = Hi!

52 Completely Stealthy

53 WowTalk

54 Status Messages

55

56

57 iphone/u.php?cc=countrycode&me =phonenumber&s=statusmessage

58 Enumeration Attack

59 Enumeration Attack

60 Enumeration Attack

61 On vacation Sleeping At work... Bleh. Missing my love! Heartbroken Nicaragua in 4 days!! On my way to Ireland! at work but not doing shit I m never drinking again

62

63 WhatsApp ebuddy XMS WowTalk Viber HeyTell Forfone Voypi Tango EasyTalk

64 Results

65 Summary Authentication protocols: 6 out of 9 similar applications had the same problems Unintended use (reverse hash in Dropbox) Trust in client application Missing input validation Everything you should learn in Security 101 Software Obfuscation as possible temporary solution

66 Questions? DBSec 2013 March 1 ARES 2014 Submission Deadline March 1 IPICS Summerschool contact me personally (new Website not yet available)

67 What can you do? Analyze communication protocols Reverse engineering of applications Make guesses on how something could have been implemented and try to confirm / refute it

68