Password Cracking in the Cloud
|
|
- Jean Parsons
- 8 years ago
- Views:
Transcription
1 Password Cracking in the Cloud Gautam Korlam Department of Computer Science, UC Santa Barbara Report for CS290G Network Security Professor: Dr. Çetin Kaya Koç
2 ABSTRACT Cloud computing is a great resource for applications that require computing capacity for a short time but do not need investing in fixed capital for long term. As a result, it can be used for lot of attacks such as cracking passwords, keys or other forms of brute force attacks that are computationally expensive but highly parallelizable. This paper will focus on the currently available tools and techniques, discuss their practical aspects and outline experimental analysis to verify their feasibility and real world performance.
3 TABLE OF CONTENTS Abstract Introduction Cloud Computing Tools CloudCrack Cryptohaze Multiforcer Cloudcracker Details Winzip Encryption Brute Force Attack What Cloud Computing Offers Cracking A Zip Password Using GPUs Analysis and Scaling Conclusion References... 12
4 1 INTRODUCTION How safe is your password? One might argue that using secure hash algorithms, passwords can be stored securely without having to worry about their security. Cloud computing is likely to upset such long held assumptions about security. The tools required to crack encrypted passwords and data are easily available to the masses. A commercial cloud-computing offering is fast to provision, guarantees predictable performance and can be billed to a stolen credit card by an attacker. The balance of power between security controls and attack methods shifts quite dramatically if you assume the attacker has high-performance computing available at low cost. Take passwords, for example. The length and complexity of a password determines the effort required to mount a brute force attack. Password hashes based on an algorithm such as the Secure Hashing Algorithm, cannot be reversed but they can be brute-forced by trying all possible values. The problem is highly parallelizable i.e. the search space can be broken into as many batches as needed and sent out to multiple CPUs to brute-force in parallel. GPUs can also be effectively used in this regard. Using cloud computing resources, an attacker can now achieve in minutes or hours what would have taken years earlier. Firstly, tools, methods and services that make use of cloud computing resources for brute force attacks are discussed. Secondly, the details and optimizations that can be incorporated into one such method are outlined. Lastly, some experimental analysis using real world cloud computing resources are performed and the results are presented. The paper concludes with the impact of the existing methods on current security protocols and discusses possible future directions. 2 CLOUD COMPUTING TOOLS Encryption doesn t make it impossible to decrypt, but rather infeasible to decrypt. Buying a supercomputer to decrypt encrypted information, might not be worth the decrypted information, thereby making it infeasible. With cloud computing, however, end-users and regular people, have access to very powerful machines for a fraction of their actual cost (pay by usage). Coupling that
5 with the high scalability of the cloud, it means that what was previously infeasible, is now a very viable option. In fact what used to be only available to big corporations and governments, now has become available to anyone with a credit card and Amazon account. Techniques need not involve complex mathematical approaches to breaking encryption either, a standard brute force method executed in parallel can also be very effective. Brute Force basically involves trying every single possible password until eventually the password that works is found. In the past brute force wasn t considered a valid option since trying all those passwords which number in the hundreds of billions, would require a very powerful computer. Most people (even criminals), do not have access to that sort of computing power. However, with the advent of cloud computing, powerful hardware is suddenly becoming more available to the general public for low-down prices. What used to cost tens of thousands of dollars per server now costs just $2.60 an hour to rent. For example, there are several cloud based solutions available currently for accomplishing attacks. Some of them are discussed below. 2.1 CLOUDCRACK CloudCrack is a GPU-enhanced cryptanalysis suite for cloud computing platforms such as the Amazon EC2 Cluster Compute cloud. It is a NVIDIA GPU-accelerated cryptanalysis suite written in CUDA, NVIDIA s massively parallel concurrent programming language. CloudCrack contains custom CUDA multi-precision math libraries for storing a large target RSA modulus n in shared GPU memory, with each GPU core working as a parallel factoring process to break the target modulus. CloudCrack is based upon a Pollard s Rho factoring hybrid with an updated Brent cycle finder, and includes performance optimizations to the traditional Rho factoring method. The massively parallel design of the NVIDIA GPU architecture lends itself quite well to Pollard s Rho, and the reduction sieve performance enhancements added with CloudCrack can reduce by several orders of magnitude the size of the key-space required for a successful brute force attack against a large RSA target modulus n.
6 2.2 CRYPTOHAZE MULTIFORCER Cryptohaze Multiforcer is a high performance multi-hash brute force tool with support for per-position character sets, and very good performance scaling when dealing with large hash lists. It supports quite a few algorithms like MD5, NTLM, SHA1, MSSQL, DOUBLEMD5 etc. It includes cross-platform network support for unsalted hashes. This allows multiple hosts to easily work together on a complex problem space without requiring the user to manually break it into smaller pieces as some other tools require. As an example, on a list of 10 hashes, the Cryptohaze Multiforcer achieves 390M steps per second on an Nvidia GTX 260 card. On a list of 1.4 million hashes with the same card, performance drops to 380M steps per second. This is the password stepping rate and not the search rate. The search rate is 380M * 1.4M passwords per second. 2.3 CLOUDCRACKER Cloudcracker is an online password cracking service for cracking WPA protected wireless networks, password hashes or breaking document encryption. It is as simple as submitting a hash or handshake file and receiving the result via after a few hours. One can run a network handshake against 3 million words in under 20 minutes for as less as $17. For inexperienced users who do not know how to setup and use the more advanced tools, this service makes it very easy to achieve the same at a higher cost. For example it can crack and VPN or Wi-Fi connection secured using MS-CHAPv2 within 24 hours for around $200. MS-CHAPv2 is based on the encryption algorithm DES. Despite its long known weaknesses, MS-CHAPv2 is still widely used, especially in company environments, as the authentication protocol is supported out of the box by many operating systems. A PPTP/MS- CHAPv2 combination is also in widespread use on smartphones. The Cloudcracker web service is backed by a processing server which is able to test 18 billion keys per second. The server is equipped with 48 programmable processing units known as field programmable gate arrays (FPGA). Each FPGA is programmed to provide 40 parallel processors, each with a clock speed of 450 MHz, for cracking DES.
7 3 DETAILS One tool that leverages the power of the cloud to crack encrypted WinZip archives is discussed in detail below. 3.1 WINZIP ENCRYPTION WinZip has 3 options for encrypting a file: 1. The regular Zip encryption (96-bit) 2. AES 128 bit 3. AES 256 bit. Unfortunately, the default option for encryption is Zip encryption (96-bit) and it is very vulnerable to attacks. AES is still relatively safe, but ultimately the security the password provides depends on both the password itself, the type of encryption used and the value of the unencrypted data. 3.2 BRUTE FORCE ATTACK For example an 8 character password that consist of only lower case letters would mean a maximum of 235 million passwords. If upper case letters are included the total goes to 53 trillion possible combinations. Finally if digits and special characters are included, that would result in almost 7 quadrillion possible combinations. To perform a brute force attack on a number of passwords of that magnitude requires tremendous computing power. Most users don t have really powerful machines at their disposal. High performance today, may mean mediocre performance next month, so a lot of people buy mainstream performance machines as a matter of practicality and cost. But what if you could go the Amazon cloud and rent a really powerful machine?
8 3.3 WHAT CLOUD COMPUTING OFFERS Amazon Elastic Compute Cloud (Amazon EC2) is a web service that provides resizable compute capacity in the cloud. It is designed to make web-scale computing easier for developers. The GPU instances provide general-purpose graphics processing units (GPUs) with proportionally high CPU and increased network performance for applications benefitting from highly parallelized processing, including HPC, rendering and media processing applications. The GPU instance is named Cluster GPU Quadruple Extra Large instance and has 22 GB memory, 33.5 EC2 Compute Units, 2 x NVIDIA Tesla Fermi M2050 GPUs, 1690 GB of local instance storage, 64-bit platform, 10 Gigabit Ethernet. A GPU instance is chosen as the Graphics Processing Unit is more attuned to parallel processing than the CPU. In fact using a GPU to crack passwords has provided results magnitudes of times better than using a plain CPU attack. An example of a software that takes advantage of the GPU for parallel processing is the Accent Zip Password Recovery Tool, which utilizes your GPU instead of your CPU cores to crack the passwords resulting in nearly 1000 times better performance. 3.4 CRACKING A ZIP PASSWORD USING GPUS After initiating a cluster GPU instance, the Accent Zip Password Recovery Tool was installed on it and run on a simple zip (96-Bit) encrypted file. The brute force attack was executed at a rate of 827 MILLION passwords per second. The commercial version allows for use of both the GPUS simultaneously and would have reached the 1.5 Billion mark easily. This suggests that the all lower letter password would be cracked in a matter of 0.25 seconds. Similar test for AES- 128 bits and AES-256 bits encryption yielded a much lower speed of 280,000 passwords per second. The overall cost of renting such a server is about $2.6 per hour. The tool is remarkably simple, and appears effective, with mind-blowing speeds on the Amazon GPU cluster, however it will cost around $40.00 for the full version to be able to run across all GPUs on the cluster GPU instance.
9 Figure 1: Accent Zip Password Recovery Tool 4 ANALYSIS AND SCALING Cloud Computing isn t about buying just 1 machine, it s also about scaling up, buying lots and lots of machines for short burst on demand. Cloud Computing introduces the concept of a Machine-Hour. Every computational process could be quantified by machine hours. And if you want something done in less hours, just buy more machines. So let s say we can we have a file protected by a 8 Character password comprising of upper and lower case letters, and for simplicity sake, let s say it ll take an Amazon Extra Large Quadruple Cluster 56 Hours to crack the password. By spinning up extra machines on Amazon, since every computational process can be quantified by machine hours, more the machines, less the hours needed.
10 For example, 56 Amazon machines two for each letter of the alphabet (upper and lower case) can be assigned to work on passwords starting with the letter they are assigned to. So one machine would try all passwords starting with A, and another trying all passwords starting with a and then so and so forth for b, 'B, 'c, 'C.all the way to z and Z. 56 machines in total, requiring just one full hour of cracking per machine. Before cloud computing, the only way to do this was to actually buy 56 different machines that s expensive. With cloud computing it could cost just $2.60/machine-hour. That s cheaper than buying even one machine. The best part is, since Amazon charges per machine-hour it ll cost the exact same amount but in far less time. The setup overhead of splitting the task across machines is still required initially. This is of course a case of Vertical vs. Horizontal, buying more machines from Amazon is a straightforward way to crack a password in a short amount of time. Figure 2: Scaling the Cracking
11 Many utilities exist that make the scaling of the password cracking on the cloud easier. For example, StarCluster is an open source cluster-computing toolkit for Amazon s Elastic Compute Cloud (EC2). It has been designed to automate and simplify the process of building, configuring, and managing clusters of virtual machines on Amazon s EC2 cloud. StarCluster allows anyone to easily create a cluster computing environment in the cloud suited for distributed and parallel computing applications and systems. 5 CONCLUSION At 2.60/hour on the Extra Large GPU cluster, cracking better encryption algorithms will cost a lot of money, but some files floating on the internet protect data far more valuable than that. This extends to not just WinZip, but encrypted s and messages as well. In fact since AES is used both in WinZip and for some encryption, the numbers here may be reflective of how hard it would be to decrypt secured s. Taking it to the extreme, even the 7 quadrillion password combinations could be cracked in 3.5 Million machine-hours. It translates to just over $9 Million US Dollars. In a time where state-sponsored cyber-attacks are a real occurrence, what is $9 Million dollars to a government anyway? This was a real world test with real world implications. If criminals get their hands on valuable encrypted data, there really is nothing stopping them from spending money to spin up thousands of instances on Amazon trying to decrypt the data. In fact with cloud computing, anyone with a credit card has access to huge computational power and that opens up the possibility of criminals cracking what used to be secured data. The cloud also provides this at low-cost, thereby reducing the barrier to entry for criminals to crack your code, so a lot of the older password mechanism like the Zip Password protect, aren t relevant anymore. With the advent of cloud computing, like with any other technology, the bad guys have also found a new tool. When we consider the balance of risk and reward, the cost/benefit evaluation of a security control we have to consider the significantly lower cost of computing for everyone, attackers included. Passwords, wireless encryption keys, at-rest encryption and even old SSL algorithms must be reevaluated in this light. What was thought of as "infeasible" may be well within the means of "average" hackers.
12 6 REFERENCES 1. Password cracking in the cloud How to Crack Passwords in the Cloud with Amazon's Cluster GPU Instances CloudCracker CloudCrack Alex Biryukov, Johann Großschädl: Cryptanalysis of the Full AES Using GPU-Like Special- Purpose Hardware. Fundam. Inform. 114(3-4): (2012) 6. Robert Szerwinski and Tim Güneysu Exploiting the Power of GPUs for Asymmetric Cryptography. In Proceedings of the 10th international workshop on Cryptographic Hardware and Embedded Systems (CHES '08) 7. Cracking Passwords in the Cloud StarCluster Cryptohaze Multiforcer Cloud service cracks VPN passwords in 24 hours - online.com/security/news/item/cloud-service-cracks-vpn-passwords-in-24-hours html
How To Encrypt Data With Encryption
USING ENCRYPTION TO PROTECT SENSITIVE INFORMATION Commonwealth Office of Technology Security Month Seminars Alternate Title? Boy, am I surprised. The Entrust guy who has mentioned PKI during every Security
More informationUsing etoken for SSL Web Authentication. SSL V3.0 Overview
Using etoken for SSL Web Authentication Lesson 12 April 2004 etoken Certification Course SSL V3.0 Overview Secure Sockets Layer protocol, version 3.0 Provides communication privacy over the internet. Prevents
More informationHigh-speed cryptography and DNSCurve. D. J. Bernstein University of Illinois at Chicago
High-speed cryptography and DNSCurve D. J. Bernstein University of Illinois at Chicago Stealing Internet mail: easy! Given a mail message: Your mail software sends a DNS request, receives a server address,
More informationCryptographic Algorithms and Key Size Issues. Çetin Kaya Koç Oregon State University, Professor http://islab.oregonstate.edu/koc koc@ece.orst.
Cryptographic Algorithms and Key Size Issues Çetin Kaya Koç Oregon State University, Professor http://islab.oregonstate.edu/koc koc@ece.orst.edu Overview Cryptanalysis Challenge Encryption: DES AES Message
More informationConnected from everywhere. Cryptelo completely protects your data. Data transmitted to the server. Data sharing (both files and directory structure)
Cryptelo Drive Cryptelo Drive is a virtual drive, where your most sensitive data can be stored. Protect documents, contracts, business know-how, or photographs - in short, anything that must be kept safe.
More informationnwstor Storage Security Solution 1. Executive Summary 2. Need for Data Security 3. Solution: nwstor isav Storage Security Appliances 4.
CONTENTS 1. Executive Summary 2. Need for Data Security 3. Solution: nwstor isav Storage Security Appliances 4. Conclusion 1. EXECUTIVE SUMMARY The advantages of networked data storage technologies such
More informationNESCO/NESCOR Common TFE Analysis: CIP-007 R5.3 Password Complexity
NESCO/NESCOR Common TFE Analysis: CIP-007 R5.3 Password Complexity National Electric Sector Cybersecurity Organization (NESCO)/NESCO Resource (NESCOR) DISCLAIMER OF WARRANTIES AND LIMITATION OF LIABILITIES
More informationIoT Security Platform
IoT Security Platform 2 Introduction Wars begin when the costs of attack are low, the benefits for a victor are high, and there is an inability to enforce law. The same is true in cyberwars. Today there
More informationOptimizing GPU-based application performance for the HP for the HP ProLiant SL390s G7 server
Optimizing GPU-based application performance for the HP for the HP ProLiant SL390s G7 server Technology brief Introduction... 2 GPU-based computing... 2 ProLiant SL390s GPU-enabled architecture... 2 Optimizing
More informationA PPENDIX H RITERIA FOR AES E VALUATION C RITERIA FOR
A PPENDIX H RITERIA FOR AES E VALUATION C RITERIA FOR William Stallings Copyright 20010 H.1 THE ORIGINS OF AES...2 H.2 AES EVALUATION...3 Supplement to Cryptography and Network Security, Fifth Edition
More informationSAS Data Set Encryption Options
Technical Paper SAS Data Set Encryption Options SAS product interaction with encrypted data storage Table of Contents Introduction: What Is Encryption?... 1 Test Configuration... 1 Data... 1 Code... 2
More informationGPU File System Encryption Kartik Kulkarni and Eugene Linkov
GPU File System Encryption Kartik Kulkarni and Eugene Linkov 5/10/2012 SUMMARY. We implemented a file system that encrypts and decrypts files. The implementation uses the AES algorithm computed through
More informationANALYSIS OF RSA ALGORITHM USING GPU PROGRAMMING
ANALYSIS OF RSA ALGORITHM USING GPU PROGRAMMING Sonam Mahajan 1 and Maninder Singh 2 1 Department of Computer Science Engineering, Thapar University, Patiala, India 2 Department of Computer Science Engineering,
More informationSpeeding up GPU-based password cracking
Speeding up GPU-based password cracking SHARCS 2012 Martijn Sprengers 1,2 Lejla Batina 2,3 Sprengers.Martijn@kpmg.nl KPMG IT Advisory 1 Radboud University Nijmegen 2 K.U. Leuven 3 March 17-18, 2012 Who
More informationStrong Authentication for Future Web Applications
Strong Authentication for Future Web Applications Chris Williams Leidos, Inc. July 18, 2014 For W3C Identity in the Browser Workshop Abstract Leidos (formerly SAIC), has been using strong authentication
More informationData Security using Encryption in SwiftStack
Data Security using Encryption in SwiftStack May 2015 Copyright 2015 SwiftStack, Inc. swiftstack.com Page 1 of 11 Table of Contents Introduction... 3 Defining Three Threat Models... 3 Encrypted Data and
More informationA Comparison of Protocols for Device Management and Software Updates
B L A C K B E R R Y M 2 M S O L U T I O N S A Comparison of Protocols for Device Management and Software Updates In the last two decades, the number of connected computing devices has grown at a staggering
More informationHTTPS is Fast and Hassle-free with CloudFlare
HTTPS is Fast and Hassle-free with CloudFlare 1 888 99 FLARE enterprise@cloudflare.com www.cloudflare.com In the past, organizations had to choose between performance and security when encrypting their
More informationBig Data, Big Security:
Big Data, Big Security: Best Practices for Enterprise Data Encryption Introduction Big Data is a big topic right now and well it should be. The ebb and flow of commerce and other interactions around the
More informationGPU System Architecture. Alan Gray EPCC The University of Edinburgh
GPU System Architecture EPCC The University of Edinburgh Outline Why do we want/need accelerators such as GPUs? GPU-CPU comparison Architectural reasons for GPU performance advantages GPU accelerated systems
More informationWhite Paper. Enhancing Website Security with Algorithm Agility
ENHANCING WEBSITE SECURITY WITH ALGORITHM AGILITY White Paper Enhancing Website Security with Algorithm Agility Enhancing Website Security with Algorithm Agility Contents Introduction 3 Encryption Today
More informationThe Feasibility and Application of using a Zero-knowledge Protocol Authentication Systems
The Feasibility and Application of using a Zero-knowledge Protocol Authentication Systems Becky Cutler Rebecca.cutler@tufts.edu Mentor: Professor Chris Gregg Abstract Modern day authentication systems
More informationwww.xenon.com.au STORAGE HIGH SPEED INTERCONNECTS HIGH PERFORMANCE COMPUTING VISUALISATION GPU COMPUTING
www.xenon.com.au STORAGE HIGH SPEED INTERCONNECTS HIGH PERFORMANCE COMPUTING GPU COMPUTING VISUALISATION XENON Accelerating Exploration Mineral, oil and gas exploration is an expensive and challenging
More informationWHITE PAPER AUGUST 2014. Preventing Security Breaches by Eliminating the Need to Transmit and Store Passwords
WHITE PAPER AUGUST 2014 Preventing Security Breaches by Eliminating the Need to Transmit and Store Passwords 2 WHITE PAPER: PREVENTING SECURITY BREACHES Table of Contents on t Become the Next Headline
More informationChapter 1: Introduction
Chapter 1 Introduction 1 Chapter 1: Introduction 1.1 Inspiration Cloud Computing Inspired by the cloud computing characteristics like pay per use, rapid elasticity, scalable, on demand self service, secure
More informationDashlane Security Whitepaper
Dashlane Security Whitepaper November 2014 Protection of User Data in Dashlane Protection of User Data in Dashlane relies on 3 separate secrets: The User Master Password Never stored locally nor remotely.
More informationCENIC Private Cloud Pilot Using Amazon Reserved Instances (RIs) September 9, 2011
CENIC Private Cloud Pilot Using Amazon Reserved Instances (RIs) September 9, 2011 CENIC has been working with Amazon for some time to put in place procedures through which CENIC member institutions can
More informationDatabase Virtualization and the Cloud
Database Virtualization and the Cloud How database virtualization, cloud computing and other advances will reshape the database landscape by Mike Hogan, CEO ScaleDB Inc. December 10, 2009 Introduction
More informationDNA IT - Business IT On Demand
DNA IT - Business IT On Demand September 1 2011 DNA IT White Paper: Introduction to Cloud Computing The boom in cloud computing over the past few years has led to a situation that is common to many innovations
More informationManaging the Performance of Cloud-Based Applications
Managing the Performance of Cloud-Based Applications Taking Advantage of What the Cloud Has to Offer And Avoiding Common Pitfalls Moving your application to the cloud isn t as simple as porting over your
More information12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust
Security in Wireless LANs and Mobile Networks Wireless Magnifies Exposure Vulnerability Information going across the wireless link is exposed to anyone within radio range RF may extend beyond a room or
More informationHOW ENCRYPTION WORKS. Introduction to BackupEDGE Data Encryption. Technology Overview. Strong Encryption BackupEDGE
HOW ENCRYPTION WORKS Technology Overview Strong Encryption BackupEDGE Introduction to BackupEDGE Data Encryption A major feature of BackupEDGE is the ability to protect archives containing critical client
More informationHPC Cluster Decisions and ANSYS Configuration Best Practices. Diana Collier Lead Systems Support Specialist Houston UGM May 2014
HPC Cluster Decisions and ANSYS Configuration Best Practices Diana Collier Lead Systems Support Specialist Houston UGM May 2014 1 Agenda Introduction Lead Systems Support Specialist Cluster Decisions Job
More informationQLIKVIEW SERVER MEMORY MANAGEMENT AND CPU UTILIZATION
QLIKVIEW SERVER MEMORY MANAGEMENT AND CPU UTILIZATION QlikView Scalability Center Technical Brief Series September 2012 qlikview.com Introduction This technical brief provides a discussion at a fundamental
More informationWhite Paper. Options for Two Factor Authentication. Authors: Andrew Kemshall Phil Underwood. Date: July 2007
White Paper Options for Two Factor Authentication Authors: Andrew Kemshall Phil Underwood Date: July 2007 Page 1 Table of Contents 1. Problems with passwords 2 2. Issues with Certificates (without Smartcards)
More informationCloud Computing. Alex Crawford Ben Johnstone
Cloud Computing Alex Crawford Ben Johnstone Overview What is cloud computing? Amazon EC2 Performance Conclusions What is the Cloud? A large cluster of machines o Economies of scale [1] Customers use a
More informationProgramming models for heterogeneous computing. Manuel Ujaldón Nvidia CUDA Fellow and A/Prof. Computer Architecture Department University of Malaga
Programming models for heterogeneous computing Manuel Ujaldón Nvidia CUDA Fellow and A/Prof. Computer Architecture Department University of Malaga Talk outline [30 slides] 1. Introduction [5 slides] 2.
More informationCLOUD COMPUTING SECURITY ARCHITECTURE - IMPLEMENTING DES ALGORITHM IN CLOUD FOR DATA SECURITY
CLOUD COMPUTING SECURITY ARCHITECTURE - IMPLEMENTING DES ALGORITHM IN CLOUD FOR DATA SECURITY Varun Gandhi 1 Department of Computer Science and Engineering, Dronacharya College of Engineering, Khentawas,
More informationMitigating Server Breaches with Secure Computation. Yehuda Lindell Bar-Ilan University and Dyadic Security
Mitigating Server Breaches with Secure Computation Yehuda Lindell Bar-Ilan University and Dyadic Security The Problem Network and server breaches have become ubiquitous Financially-motivated and state-sponsored
More informationCryptanalysis with a cost-optimized FPGA cluster
Cryptanalysis with a cost-optimized FPGA cluster Jan Pelzl, Horst Görtz Institute for IT-Security, Germany UCLA IPAM Workshop IV Special Purpose Hardware for Cryptography: Attacks and Applications December
More informationScaling in the Cloud with AWS. By: Eli White (CTO & Co-Founder @ mojolive) eliw.com - @eliw - mojolive.com
Scaling in the Cloud with AWS By: Eli White (CTO & Co-Founder @ mojolive) eliw.com - @eliw - mojolive.com Welcome! Why is this guy talking to us? Please ask questions! 2 What is Scaling anyway? Enabling
More informationBenchmark Hadoop and Mars: MapReduce on cluster versus on GPU
Benchmark Hadoop and Mars: MapReduce on cluster versus on GPU Heshan Li, Shaopeng Wang The Johns Hopkins University 3400 N. Charles Street Baltimore, Maryland 21218 {heshanli, shaopeng}@cs.jhu.edu 1 Overview
More informationWHITE PAPER RUN VDI IN THE CLOUD WITH PANZURA SKYBRIDGE
WHITE PAPER RUN VDI IN THE CLOUD WITH PANZURA What if you could provision VDI in the cloud as a utility, colocating ondemand VDI instances and data next to each other and close to your users, anywhere
More informationPassword Manager with 3-Step Authentication System
Password Manager with 3-Step Authentication System Zhelyazko Petrov, Razvan Ragazan University of Westminster, London z.petrov@my.westminster.ac.uk, razvan.ragazan@my.westminster.ac.uk Abstract: A big
More informationAmazon Cloud Storage Options
Amazon Cloud Storage Options Table of Contents 1. Overview of AWS Storage Options 02 2. Why you should use the AWS Storage 02 3. How to get Data into the AWS.03 4. Types of AWS Storage Options.03 5. Object
More informationOverview Most of the documentation out there on the transition from SHA-1 certificates to SHA-2 certificates will tell you three things:
SHA-1 Versus SHA-2 Overview Most of the documentation out there on the transition from SHA-1 certificates to SHA-2 certificates will tell you three things: - Breaking SHA-1 is not yet practical but will
More informationIMPROVED SECURITY MEASURES FOR DATA IN KEY EXCHANGES IN CLOUD ENVIRONMENT
INTERNATIONAL JOURNAL OF RESEARCH IN COMPUTER APPLICATIONS AND ROBOTICS ISSN 2320-7345 IMPROVED SECURITY MEASURES FOR DATA IN KEY EXCHANGES IN CLOUD ENVIRONMENT Merlin Shirly T 1, Margret Johnson 2 1 PG
More informationSync Security and Privacy Brief
Introduction Security and privacy are two of the leading issues for users when transferring important files. Keeping data on-premises makes business and IT leaders feel more secure, but comes with technical
More informationFPGAs for Trusted Cloud Computing
FPGAs for Trusted Cloud Computing Traditional Servers Datacenter Cloud Servers Datacenter Cloud Manager Client Client Control Client Client Control 2 Existing cloud systems cannot offer strong security
More informationSecurity in Android apps
Security in Android apps Falco Peijnenburg (3749002) August 16, 2013 Abstract Apps can be released on the Google Play store through the Google Developer Console. The Google Play store only allows apps
More informationComputer Networks. Network Security and Ethics. Week 14. College of Information Science and Engineering Ritsumeikan University
Computer Networks Network Security and Ethics Week 14 College of Information Science and Engineering Ritsumeikan University Security Intro for Admins l Network administrators can break security into two
More informationSecurity. Contents. S-72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks 1
Contents Security requirements Public key cryptography Key agreement/transport schemes Man-in-the-middle attack vulnerability Encryption. digital signature, hash, certification Complete security solutions
More informationIs your data safe out there? -A white Paper on Online Security
Is your data safe out there? -A white Paper on Online Security Introduction: People should be concerned of sending critical data over the internet, because the internet is a whole new world that connects
More informationCrypTool. www.cryptool.de www.cryptool.com www.cryptool.org. Claudia Eckert / Thorsten Clausius Bernd Esslinger / Jörg Schneider / Henrik Koy
CrypTool A free software program for creating awareness of IT security issues for learning about and obtaining experience of cryptography for demonstrating encryption algorithms and analysis procedures
More informationGold Lock Desktop White Paper
Gold Lock Desktop White Paper TM EMAIL AND FILE ENCRYPTION SOFTWARE Effective Data Security in the 21st Century Evaluating the needs of appropriate data security and identifying the risks in the modern
More informationWindows Server Performance Monitoring
Spot server problems before they are noticed The system s really slow today! How often have you heard that? Finding the solution isn t so easy. The obvious questions to ask are why is it running slowly
More informationCloud Computing and Amazon Web Services
Cloud Computing and Amazon Web Services Gary A. McGilvary edinburgh data.intensive research 1 OUTLINE 1. An Overview of Cloud Computing 2. Amazon Web Services 3. Amazon EC2 Tutorial 4. Conclusions 2 CLOUD
More informationA Standards-based Approach to IP Protection for HDLs
A Standards-based Approach to IP Protection for HDLs John Shields Staff Engineer, Modelsim Overview Introduction A Brief Status First Look at The Flow Encryption Technology Concepts Key Management Second
More informationGraphics Cards and Graphics Processing Units. Ben Johnstone Russ Martin November 15, 2011
Graphics Cards and Graphics Processing Units Ben Johnstone Russ Martin November 15, 2011 Contents Graphics Processing Units (GPUs) Graphics Pipeline Architectures 8800-GTX200 Fermi Cayman Performance Analysis
More informationNVIDIA CUDA Software and GPU Parallel Computing Architecture. David B. Kirk, Chief Scientist
NVIDIA CUDA Software and GPU Parallel Computing Architecture David B. Kirk, Chief Scientist Outline Applications of GPU Computing CUDA Programming Model Overview Programming in CUDA The Basics How to Get
More informationDynamic Resource Allocation and Data Security for Cloud
Dynamic Resource Allocation and Data Security for Cloud Rajesh M. Devakate Annasaheb Dange College of Engg. & Technology, Ashta, Maharashtra, India. Amol B. Rajmane Ashokrao Mane Group of Institutions,
More informationAchieving business benefits through automated software testing. By Dr. Mike Bartley, Founder and CEO, TVS (mike@testandverification.
Achieving business benefits through automated software testing By Dr. Mike Bartley, Founder and CEO, TVS (mike@testandverification.com) 1 Introduction During my experience of test automation I have seen
More informationHow To Fix A Username Enumeration On A Vpn On A Pc Or Ipv (Vpn) On A Password Protected Ipv 2 (Vvv) On An Ipv 3 (Vp) On Pc Or Password Protected (V
Common VPN Security Flaws Roy Hills, NTA Monitor Ltd. http://www.nta-monitor.com/ January 2005 Abstract This paper outlines some of the common VPN security flaws that NTA Monitor have found during the
More informationThe Seven Habits of State-of-the-Art Mobile App Security
#mstrworld The Seven Habits of State-of-the-Art Mobile App Security Mobile Security 8 July 2014 Anand Dwivedi, Product Manager, MicroStrategy strworld Agenda - Seven Habits of State of the Art Mobile App
More informationWhat is CUDA?... 3. Why do I care about CUDA?... 3. What is CUDA not?... 4. Getting started... 5. Nvidia-Drivers... 5. Overclocking...
1 Table of Contents What is CUDA?... 3 Supported GPUs...3 Why do I care about CUDA?... 3 Where can I get this CUDA thing?. 4 What is CUDA not?... 4 Getting started... 5 Nvidia-Drivers.... 5 Overclocking...
More informationWLAN Security Networking with Confidence
WLAN Security Networking with Confidence Introduction So you ve just installed a new wireless local area network (WLAN) in your small business or home. The access point is on and connected, the client
More informationData Protection Appliance
Data Protection The Data Protection (DPA) is an enterprise-grade backup appliance designed to protect physical and virtual environments. DPA is delivered as a virtual or physical appliance and includes
More informationEnova X-Wall LX Frequently Asked Questions
Enova X-Wall LX Frequently Asked Questions Q: What is X-Wall LX? A: X-Wall LX is the third generation of Enova real-time hard drive cryptographic gateway ASIC (Application Specific Integrated Circuit)
More informationCloud Computing. Adam Barker
Cloud Computing Adam Barker 1 Overview Introduction to Cloud computing Enabling technologies Different types of cloud: IaaS, PaaS and SaaS Cloud terminology Interacting with a cloud: management consoles
More informationSY0-201. system so that an unauthorized individual can take over an authorized session, or to disrupt service to authorized users.
system so that an unauthorized individual can take over an authorized session, or to disrupt service to authorized users. From a high-level standpoint, attacks on computer systems and networks can be grouped
More informationHow to Store Data to the Cloud without giving the Cloud anything Jason Resch Cleversafe
How to Store Data to the Cloud without giving the Cloud anything Jason Resch Cleversafe Topics Barriers to cloud storage adoption Reliability concerns Security concerns Conventional Solutions Replication,
More informationIntroduction to Cyber Security / Information Security
Introduction to Cyber Security / Information Security Syllabus for Introduction to Cyber Security / Information Security program * for students of University of Pune is given below. The program will be
More informationYou re FREE Guide SSL. (Secure Sockets Layer) webvisions www.webvisions.com +65 6868 1168 sales@webvisions.com
SSL You re FREE Guide to (Secure Sockets Layer) What is a Digital Certificate? SSL Certificates, also known as public key certificates or Digital Certificates, are essential to secure Internet browsing.
More informationEnhancing Organizational Security Through the Use of Virtual Smart Cards
Enhancing Organizational Security Through the Use of Virtual Smart Cards Today s organizations, both large and small, are faced with the challenging task of securing a seemingly borderless domain of company
More informationParallels Virtuozzo Containers
Parallels Virtuozzo Containers White Paper Virtual Desktop Infrastructure www.parallels.com Version 1.0 Table of Contents Table of Contents... 2 Enterprise Desktop Computing Challenges... 3 What is Virtual
More informationDRAFT Standard Statement Encryption
DRAFT Standard Statement Encryption Title: Encryption Standard Document Number: SS-70-006 Effective Date: x/x/2010 Published by: Department of Information Systems 1. Purpose Sensitive information held
More informationChapter 19 Cloud Computing for Multimedia Services
Chapter 19 Cloud Computing for Multimedia Services 19.1 Cloud Computing Overview 19.2 Multimedia Cloud Computing 19.3 Cloud-Assisted Media Sharing 19.4 Computation Offloading for Multimedia Services 19.5
More informationDIY Device Cloud Documentation
DIY Device Cloud Documentation Release 1.0 Tony DiCola May 11, 2014 Contents 1 Overview 3 1.1 What is a device cloud?......................................... 3 1.2 Why do you want a device cloud?....................................
More informationExpertcity GoToMyPC and GraphOn GO-Global XP Enterprise Edition
Remote Access Technologies: A Comparison of Expertcity GoToMyPC and GraphOn GO-Global XP Enterprise Edition Contents: Executive Summary...1 Remote Access Overview...2 Intended Application... 2 Revolutionary
More informationCSE/EE 461 Lecture 23
CSE/EE 461 Lecture 23 Network Security David Wetherall djw@cs.washington.edu Last Time Naming Application Presentation How do we name hosts etc.? Session Transport Network Domain Name System (DNS) Data
More informationTOP SECRETS OF CLOUD SECURITY
TOP SECRETS OF CLOUD SECURITY Protect Your Organization s Valuable Content Table of Contents Does the Cloud Pose Special Security Challenges?...2 Client Authentication...3 User Security Management...3
More informationCluster, Grid, Cloud Concepts
Cluster, Grid, Cloud Concepts Kalaiselvan.K Contents Section 1: Cluster Section 2: Grid Section 3: Cloud Cluster An Overview Need for a Cluster Cluster categorizations A computer cluster is a group of
More informationPart V Applications. What is cloud computing? SaaS has been around for awhile. Cloud Computing: General concepts
Part V Applications Cloud Computing: General concepts Copyright K.Goseva 2010 CS 736 Software Performance Engineering Slide 1 What is cloud computing? SaaS: Software as a Service Cloud: Datacenters hardware
More informationhigh-performance computing so you can move your enterprise forward
Whether targeted to HPC or embedded applications, Pico Computing s modular and highly-scalable architecture, based on Field Programmable Gate Array (FPGA) technologies, brings orders-of-magnitude performance
More informationNetwork Security CS 5490/6490 Fall 2015 Lecture Notes 8/26/2015
Network Security CS 5490/6490 Fall 2015 Lecture Notes 8/26/2015 Chapter 2: Introduction to Cryptography What is cryptography? It is a process/art of mangling information in such a way so as to make it
More informationipad in Business Security
ipad in Business Security Device protection Strong passcodes Passcode expiration Passcode reuse history Maximum failed attempts Over-the-air passcode enforcement Progressive passcode timeout Data security
More informationGuide to Data Field Encryption
Guide to Data Field Encryption Contents Introduction 2 Common Concepts and Glossary 3 Encryption 3 Data Field Encryption 3 Cryptography 3 Keys and Key Management 5 Secure Cryptographic Device 7 Considerations
More informationSPINS: Security Protocols for Sensor Networks
SPINS: Security Protocols for Sensor Networks Adrian Perrig, Robert Szewczyk, J.D. Tygar, Victor Wen, and David Culler Department of Electrical Engineering & Computer Sciences, University of California
More informationCisco Integrated Services Routers Performance Overview
Integrated Services Routers Performance Overview What You Will Learn The Integrated Services Routers Generation 2 (ISR G2) provide a robust platform for delivering WAN services, unified communications,
More informationAmazon EC2 Product Details Page 1 of 5
Amazon EC2 Product Details Page 1 of 5 Amazon EC2 Functionality Amazon EC2 presents a true virtual computing environment, allowing you to use web service interfaces to launch instances with a variety of
More informationUsing Data Encryption to Achieve HIPAA Safe Harbor in the Cloud
Using Data Encryption to Achieve HIPAA Safe Harbor in the Cloud 1 Contents The Obligation to Protect Patient Data in the Cloud................................................... Complying with the HIPAA
More informationSecurity Architecture Whitepaper
Security Architecture Whitepaper 2015 by Network2Share Pty Ltd. All rights reserved. 1 Table of Contents CloudFileSync Security 1 Introduction 1 Data Security 2 Local Encryption - Data on the local computer
More informationWrite a technical report Present your results Write a workshop/conference paper (optional) Could be a real system, simulation and/or theoretical
Identify a problem Review approaches to the problem Propose a novel approach to the problem Define, design, prototype an implementation to evaluate your approach Could be a real system, simulation and/or
More informationAlaska Alternate Assessment. Website Security Assurances. June 2015. App3.6_Test_Site_Security
Alaska Alternate Assessment Website Security Assurances June 2015 App3.6_Test_Site_Security ISSUE 1: Secure access to http://ak.k12test.com The AK website makes use of the cryptographic protocols Transport
More informationCloud Computing Capacity Planning. Maximizing Cloud Value. Authors: Jose Vargas, Clint Sherwood. Organization: IBM Cloud Labs
Cloud Computing Capacity Planning Authors: Jose Vargas, Clint Sherwood Organization: IBM Cloud Labs Web address: ibm.com/websphere/developer/zones/hipods Date: 3 November 2010 Status: Version 1.0 Abstract:
More informationStream Processing on GPUs Using Distributed Multimedia Middleware
Stream Processing on GPUs Using Distributed Multimedia Middleware Michael Repplinger 1,2, and Philipp Slusallek 1,2 1 Computer Graphics Lab, Saarland University, Saarbrücken, Germany 2 German Research
More informationTop 10 Encryption Myths
Top 10 Encryption Myths Executive Summary When you talk about encryption especially to someone who isn t a security specialist you often get a variety of interpretations. In general, encryption is most
More informationScaling Your Data to the Cloud
ZBDB Scaling Your Data to the Cloud Technical Overview White Paper POWERED BY Overview ZBDB Zettabyte Database is a new, fully managed data warehouse on the cloud, from SQream Technologies. By building
More informationComputer Graphics Hardware An Overview
Computer Graphics Hardware An Overview Graphics System Monitor Input devices CPU/Memory GPU Raster Graphics System Raster: An array of picture elements Based on raster-scan TV technology The screen (and
More informationCyber Security Practical considerations for implementing IEC 62351
1. Introduction Cyber Security Practical considerations for implementing IEC 62351 Frank Hohlbaum, Markus Braendle, Fernando Alvarez ABB frank.hohlbaum@ch.abb.com Switzerland Two trends are currently changing
More information