WORKSHOP ON "NETWORK AND INFORMATION SECURITY: RESEARCH IDEAS"

Transcription

1 EUROPEAN COMMISSION Information Society and Media Directorate-General Emerging Technologies and Infrastructures Trust and Security WORKSHOP ON "NETWORK AND INFORMATION SECURITY: RESEARCH IDEAS" WORKSHOP REPORT 22 nd September BRUSSELS

2 EUROPEAN COMMISSION Information Society and Media Directorate-General Emerging Technologies and Infrastructures Trust and Security TABLE OF CONTENTS 1 INTRODUCTION SCOPE, MOTIVATION AND GOALS AGENDA NETWORK AND INFORMATION SECURITY: RESEARCH IDEAS Workshop content Research items identified SUMMARY... 9 The views expressed in this report are those of the participants and do not necessarily reflect the official European Commission s view on the subject.

3 1 INTRODUCTION A workshop on "Network and Information security: Future Research Ideas, organised by the Trust and Security Unit of DG INFSO, was held on 22nd September 2011 in Brussels. The aim of the workshop was to have an open discussion and exchange of ideas on future network and information security challenges requiring research in the short, medium, and longer terms. The workshop identified many future research topics, and the discussions enabled further elaboration on these topics included in this report. 2 SCOPE, MOTIVATION AND GOALS The workshop was designed to include a mixture of presentations, questions and answer periods with an emphasis on interactive discussions where the participants could openly exchange their ideas and views. The workshop results would be used for the preparation of the future research programmes, which would undoubtedly have an element on trustworthy ICT including Horizon 2020, for which the European Commission will make a proposition before the end of this year to the Council of the European Union and the European Parliament. The workshop was divided into 3 sections, each with a dedicated chair. These included Future challenges for Trust and Security research Network, Systems and Services technologies for a Trustworthy ICT CyberSecurity and Emerging Cyberthreats A wrap up took place at the end of the workshop. Workshop on Network and Information Security: Research ideas Page 1

4 3 AGENDA 9:30 Welcome and Introduction Mario Scillia, European Commission 10:15 Future challenges for Trust and Security research Chair: Nick Wainwright Speakers: Nick Wainwright, Jean-Pierre Seifert, Demosthenes Ikonomou, Philippe Massonet 11:05 Q&A Discussions 11:25 Coffee break 11:40 Network, Systems and Services technologies for a Trustworthy ICT Chair: Javier Lopez Speakers: Javier Lopez, Sotiris Ioannidis, Roberto Baldoni/Giorgia Lodi, Ulrich Seldeslachts, Karima Boudaoud and Martin Gaedke 12:40 Q&A Discussions 13:00 Lunch break 14:00 CyberSecurity and Emerging Cyberthreats Chair: Evangelos Markatos Speakers: Evangelos Markatos, Piotr Kijewski, Salvatore D'Antonio, Peter Matthews and Orestis Tsigkas 14:50 Q&A Discussions 15:10 Coffee break 15:25 Wrap-up Jim Clarke 15:45-16:00 Closing European Commission Workshop on Network and Information Security: Research ideas Page 2

5 4 NETWORK AND INFORMATION SECURITY: RESEARCH IDEAS 4.1 Workshop content The workshop was supported by the following presentations made by researchers engaged in Network and Information management research. Session 1. Future Challenges for Trust and security research Nick Wainwright (Chair), HP Labs: Future challenges for Trust and security research associated with the enterprise perspective Jean-Pierre Seifert, Deutsche Telekom Laboratories: Research challenges related to network and information security Demosthenes Ikonomou, ENISA: Research challenges related to network and information security Philippe Massonet, CETIC: Research challenges associated with Trustworthy Infrastructure clouds (moving towards a cloud utility) Session 2. Network, Systems and Services technologies for a Trustworthy ICT Javier Lopez (Chair), University of Malaga: Securing the Internet of Things (IoT) Sotiris Ioannidis, FORTH: Future Threats in Networked systems Giorgia Lodi, Consorzio Interuniversitario Nazionale per l'informatica: Progressive security for Critical cloud services Ulrich Seldeslachts, LSEC Belgium made a presentation entitled Challenges and Ideas from the European Security Innovation Network partners Karima Boudaoud, University of Nice: Human oriented vision to security management Martin Gaedke, Chemnitz University of Technology, Dept. of Computer science: Technological foundation for making a Social Web without borders a reality Session 3. CyberSecurity and Emerging Cyberthreats Piotr Kijewski, NASK: Security research from a CERT perspective Salvatore D'Antonio, University of Naples Parthenope: Security Information and Event Management for Critical Infrastructure Protection Peter Matthews, CA Labs: Research areas required related to Network and Information security Workshop on Network and Information Security: Research ideas Page 3

6 Orestis Tsigkasm, Informatics and Telematics Institute / Centre for Research and Technology: Malicious attacks detection and prevention in Cognitive Radio Networks Evangelos Markatos (Chair), FORTH: Detecting polymorphic cyberattacks. 4.2 Research items identified Based on these presentations and discussions at the end of each session, a significant number of research items for Network and Information security were elaborated by the participants. Security of open source based systems e.g. smart phones An area that needs research is examining the security of systems that are built based upon open source (e.g. smart phones). The current trend of the combination of open source and cellular phones/equipment brings significant security issues and raises a dilemma between the requirements to have closed access to the network whilst at the same time having devices on the networks developed based on openness. This dilemma must be solved in research by looking at the development of low cost systems that will bridge the gap between openness and closed systems, especially critical infrastructures. Cloud A number of research needs were raised on trust, security and privacy of the Cloud that were essential before government or other users will move their business to the cloud. There is a need to address both the services cloud and its infrastructure whether separately or together and need to examine the consumer/business IT convergence to enable people operate safely in multiple domains from the same device. In order to put together a secure, trustworthy cloud system, there is a need for coherent set of models, architecture, ontologies, taxonomies, and standards. Further research-needs to be undertaken on virtual private clouds (VPCs) were identified. The VPC environment may incorporate private clouds on public cloud infrastructures consisting of storage and computation, and include isolation mechanisms for multiple security layers. Some possible lines of research on VPCs include categorisation of services, taxonomies of cloud services based on confidentiality, integrity and availability requirements, interoperability of security and QoS policies and monitoring intrusions, including different levels of intelligent monitoring (e.g. coarse and fine grained monitoring) according to different protection levels are required. Service management index is a way of comparing cloud services and the security and threat characteristics, making those characteristics available so that it can be carried as part of the cloud service compliance metrics e.g. without the use of ontologies. More information can be found at Resilience Research is required on ontologies and taxonomies for resilience in order to adopt an end-to-end resilience concept. The aim is to provide a classification scheme for resilience of communications networks and offer a basis for further work on technical standardisation of means for providing and managing resilient networks. Future Workshop on Network and Information Security: Research ideas Page 4

7 networks requirements in terms of governance, unification, service orientation, autonomicity, etc., should be taken into account when addressing this redefinition of resilience. The ontology will categorise the main elements for an attack, effectively grouping them in conceptual blocks, which can be used by operators when they manage, maintain and upgrade their networks. There are ongoing discussions whether these ontologies could be standardised. Resilience must be systematically addressed and to do that we need to understand the properties in the systems that will need to be addressed. If there are conceptual blocks for the systems, there would be no need to standardise each and every item within the systems. Further details will be elaborated on this topic during a workshop Ontologies and taxonomies for resilience in cooperation with DGINFSO and ENISA in Brussels on 17 th October Cryptography There should be research on advanced cryptographic techniques assuring end to end encryption and there should be a Pan-European approach to set acceptable minimum levels of requirements for governmental applications. There are already examples of this in the US (NIST) and Japan (CRYPTREC). In addition, there is a need for an increased understanding that encryption is not just about the initial configuration, but also about the long-term management of the encryption keys. Additional research should also be focussed on the interfaces between the cryptographic mechanisms and the systems themselves. This will become extremely important when adapting cryptographic algorithms and Internet security protocols to the Internet of Things. Internet of Things/Security Protocols There are significant trust, security and privacy research needs for the adaptation of Internet security protocols to the Internet of Things. A number of areas for IoT security research including protocol and network security with cryptography developed (smaller, faster) to deal with the large number of objects with significant heterogeneity. Data and information privacy should be dealt with by the use of Privacy by design and transparency for IoT users. New approaches are needed for identity management of objects and things, trust and governance for objects, and the need to determine what is meant by with fault tolerance in IoT and how to address it, whether at the level of small objects or of the systems. Future and emerging threats Research and solutions are required to handle future threats at various levels, examining both defensive and offensive options. An immediate threat is from the underground economy where the goals and models of attackers has shifted dramatically from hacking-for-fun to making huge profits. It poses serious threats to social networks, which are now attractive targets due to the large number of users, with large trust among them. Detailed information profiles of users are available, increasing potential opportunities for fraud and spreading malware. There are threats due to complexity and parallelism of multi-core, multi-threaded technologies and an order of hundreds of hardware threads on a single chip. This will require building new secure languages, apps, libraries and OS s designed with parallelism in mind. Virtualisation and hardware isolation can also help in this regard. New threats arise from the scale of the Internet has grown to a 100 million node network, not even counting the IoT or weak devices. Research is required to study and understand interdependencies between systems, to Workshop on Network and Information Security: Research ideas Page 5

8 model larger systems in security evaluations and to form boundaries that can be studied more easily. An emerging threat is mobile device malware, where the devices have comparable hardware to regular computers so mobile devices will be facing similar threats to personal computers. Research is required on multiple fronts: outsourcing part of the security solution to the network itself; application analysis in the sandbox; intrusion detection in the network; and server replication of phone states. Social Internet Social internet requires more research as it will form part of the core Internet of the future. Controls ultimately need to transcend location and the need of users to discover where their data is at any given time requires investigation. Research challenges to exploit the social Internet include: massive computing capacity; real time virtualisation and massive prototyping; real time monitoring, detection, and response; real time enand de-ciphering; self detective and self healing networks; personal anonymiser and IDbased networks; digital footprint remover; information tagging and automated classification; user interfacing and behavioural psychology. Future research should be undertaken on collaborative problem solving where people and machines are brought together to solve problems that could not be solved in isolation. This has been described recently in IEEE Internet Computing: "Social Router by Dustdar and Gaedke. Some opportunities in collaborative problem-solving were presented including standardising the way that social networks interact in start creating integrated social networks. For this to work, we need better identity concepts in order to have integrated social webs (examples such as 4sq, Facebook, ); Some work has been done on this already but significantly more research is required. A social Internet of Things to make machines talk to people and vice versa in a trustworthy way requires us to figure out what protocols are needed to bring together social networks, IoT, and trustworthiness. Federated wisdom for social webs needs policies, privacy and social semantics for federating them, eg., smart grids used to connect neighbourhoods, towns, cities, etc. Future research should look at how to model these social webs and their connections to enable the co-location of physical entities. Federated social communities need interactive approaches that transcend organisational and social boundaries. If successful, this will likely create new markets. Human Oriented approaches There is a need to examine human-oriented security solutions as the generation of users is changing as they are born and raised with ICT. Studies show they would be more open to use security solutions, and the security designers need to listen and adapt. Security solutions could be based on language and visual clues for the users. There were discussions about the level of evidence about young people caring more about security and privacy. While there is mainly anecdotal evidence on whether users will or won t care about these issues, there are considerable levels of users that care about their security and privacy. The point agreed was that as a research community, we should not take as a starting point that young people do not care about security and privacy: this would be a big mistake; moreover, we should study all points of view from the sociological perspectives and involve the right stakeholders in our research projects. There should be more research in the transitivity of trust in social networks. For example, if we put information into a social network, there is no way to see how you Workshop on Network and Information Security: Research ideas Page 6

9 can control the trust that you are delegating or transferring to other persons. There are three potential research topics in this area: 1. Enforcement: When you provide data to other companies and the data has a life-time and they have to delete it, the big challenge is what happens if they don t delete it? This is a problem where we need a solution involving built in intelligence where this issue can be dealt with properly; 2. User control: Where is the data located and who has access to it? Many of today s applications build significant profiling information on users. As a strong research community, can we utilise our many different expertises to take the decentralised spirit of the web into European applications and have the same potential that social computing provides within our own applications; and 3. Local storage: Is it possible to store the data on our own servers? Can we create or arrange servers to store our own data instead of the applications storing it. This concept is currently being discussed in the incubator unit in the W3C committee looking at web servers attached to your browser only. It could be a safe means of storing personal data on your own server and providing it on request to external applications. Analysis of Security Data Research lines of interest related to the analysis of large security data sets are needed. While there is large amounts of data collected e.g. in Poland, this needs to be taken further by looking at algorithms for meaningful analysis. A difficulty is encountered when sharing data as usually some of the data comes from vendors for specific purposes but not for research. It was pointed out that the Inco-trust and BIC projects have identified international data exchange architectures specifically for cybersecurity (EU- US) as a cooperation topic and this work in Poland could be very synergistic. (ref. ). Other areas could include DNS research to detect malicious domains at the registry level, botnet research to see what are they targeting and research into ways of automating analysis of them, and research into automating ways of detection and analysis of malware on smartphone software (cf. above). Critical Infrastructure Future research into detecting, monitoring and preventing attacks on SCADA systems is very important, and research based on SIEM (Security Information and Event Management) based approach to critical infrastructure security must be continued and extended to especially include monitoring and control of the overall critical infrastructure network. Monitoring and detection enables collection of data from servers and network devices and sensors (wired and wireless) and gives the ability to perform very good detection process; for this, emerging attacks (stealth attacks) that are difficult to detect must be considered. Privacy In the research areas of privacy in relation to network and information security, the strict regulation must be addressed in conjunction with: taking care of privacy within the development of loosely connected entities; fragmentation and need for global regulations; dealing with corporations losing control of their data; privacy in mobile computing and social computing and businesses; insider threat detection; prediction; log analysis and user profiling. Research is needed into reputation management and role Workshop on Network and Information Security: Research ideas Page 7

10 discovery including data mining roles and identities, graph optimisation and heuristics. Standardisation There were discussions at the workshop on the role of standards in the auditing process and improvements needed here. There are around twenty different standards related to auditing of computing, making it extremely difficult, if not impossible, for auditors to learn or comply. In addition, standards are mainly vendor-driven and in some cases, the auditors themselves are not in the loop. In other cases, the auditors are developing standards themselves. For the future, we should be looking at a convergence model for standards and determine who would be involved in driving this or how would it could done. A suggestion was made to examine the NIST model of standards, which is based on capture the requirements of the standards and alignment of people involved in composing the standards. Wireless Security An area of future research is malicious attacks detection and prevention in Cognitive Radio Networks (CRN), which are becoming an increasingly important part of the wireless networking landscape due to the ever increasing scarcity of spectrum resources. The physical layer security for wireless communications must ensure the exchange of confidential messages over a wireless medium in the presence of unauthorized eavesdroppers. This can be achieved primarily in two ways: without the need for a secret key by intelligently designing transmit coding strategies and exploiting the wireless communication medium to develop secret keys over public channels. Detection and prevention of DNS and malicious attacks against the reasoning engine and the learning engine of the CR is also very important as in this case, we may see an attack that could be a virus or bad information or resultant beliefs for users that is continually propagating unless properly dealt with. Self Detection and Protection Research is required into self code detection and buffer overflows especially when dealing with polymorphic attacks (self modifying shell-code). Attackers need compromised computers to carry out malicious activities such as spamming, extortion, phishing, illegal content, phishing DDoS, and code injection. Through code injection attacks, they compromise computers by exploiting design deficiencies (e.g. buffer overflow overriding the return address by writing code into it), changing the code payload from one execution to another. At this point, the attacker has control over the remote machine. To make matters worse, they change the payload code from one execution to another (polymorphic) by sending the encrypted messages they send. They encrypt the sent message as self decrypting code where the actual shell code is not revealed until run time. If you look at the network data, you do not realise an attack is going on as the self-modifying code can hide the real malicious code. Therefore, pattern matching/static analysis is not enough for dealing with highly polymorphic and selfmodifying code. A solution proposed for detecting self-modifying polymorphic shellcode on the network is network-level emulation, where each packet received from the network is not processed by the ordinary TCP/IP stack but is executed as if it is executable code enabling the identify of remote code injection attacks, which are still a threat to the deployment. In summary, attackers have also turned their attention to less widely used services and third-party applications and these must also be protected. Workshop on Network and Information Security: Research ideas Page 8

11 5 SUMMARY The workshop on "Network and Information security: Future Research Ideas, organised by the Trust and Security Unit of DG INFSO, held on 22nd September 2011 was successful in highlighting a significant number of future research topics across the three sessions: Session 1. Future Challenges for Trust and security research Session 2. Network, Systems and Services technologies for a Trustworthy ICT Session 3. CyberSecurity and Emerging Cyberthreats The following table highlights and maps the findings of the workshop according to the sessions. Research Topic Workshop Sessions Session 1. Future Challenges for Trust and security research Session 2. Network, Systems and Services technologies for a Trustworthy ICT Session 3. CyberSecurity and Emerging Cyberthreats Smart phone Cloud Resilience Cryptography Internet of Things/ Security Protocols Future and emerging threats Social Networks and Human Contribution to Security Analysis of Security Data Critical Infrastructure Privacy Standardization Wireless Security Self Detection and Protection Workshop on Network and Information Security: Research ideas Page 9