Browsing by Author "Arbaugh, William A."
Now showing 1 - 6 of 6
Results Per Page
Sort Options
Item An Analysis of Vulnerability Trends(2000-11-13) Browne, Hilary K.; Arbaugh, William A.; McHugh, John; Fithen, WilliamWe have conducted an empirical study of a number of computer security exploits and determined that the rates at which incidents involving the each exploit are reported to the CERT can be modeled using a common mathematical framework. Data associated with three significant exploits involving vulnerabilities in phf, imap, and bind can all be modeled using the formula C = I + S * sqrt(M) where C is the cumulative count of reported incidents, M is the time since the start of the exploit cycle, and I and S are the regression coefficients determined by analysis of the incident report data. Further analysis of two additional exploits involving vulnerabilities in mountd and statd confirm the model. We believe that the models will aid in predicting the severity of subsequent vulnerability exploitations, based on the rate of early incident reports. (Also cross-referenced as UMIACS-TR-2000-76)Item Context Caching using Neighbor Graphs for Fast Handoffs in a Wireless Network(2003-06-04) Mishra, Arunesh; Shin, Min-ho; Arbaugh, William A.User mobility in wireless data networks is increasing because of technological advances, and the desire for voice and multimedia applications. These applications, however, require handoffs between base stations to be fast to maintain the quality of the connections. Previous work on context transfer for fast handoffs has focused on reactive methods, i.e. the context transfer occurs after the mobile station has associated with the next base station or access router. In this paper, we describe the use of a novel and efficient data structure, neighbor graphs, which captures dynamically the mobility topology of a wireless network as a means for pre-positioning the station's context at the potential next base stations-- ensuring that the station's context remains one hop ahead. From experimental and simulation results, we find that the use of neighbor graphs reduces the layer 2 handoff latency due to reassociation by an order of magnitude from 15.37 ms to 1.69 ms, and that the effectiveness of the approach improves dramatically as user mobility increases. (UMIACS-TR-2003-46)Item Design and Implementation of Signed Executables for Linux(2002-02-26) van Doorn, Leendert; Ballintijn, Gerco; Arbaugh, William A.We describe the design and implementation of signed executables for Linux, which provide the following strong integrity guarantees: the inability to tamper with executables and the inability to add new unauthorized executables. Unlike other implementations, ours covers statically and dynamically linked executables as well as executable scripts. In addition, we reduced the overhead of signature verification to almost zero by caching the successful verification results. The negligible overhead enables signature verification to be used as a basic building block for other applications of which some are described in this paper. Also UMIACS-TR-2001-41Item The Design of Efficient Internetwork Authentication for Ubiquitous Wireless Communications(2006-01-13T21:31:06Z) Shin, Minho; Ma, Justin; Arbaugh, William A.A variety of wireless technologies have been standardized and commercialized, but no single solution is considered the best to satisfy all communication needs due to different coverage and bandwidth limitations. Therefore, internetworking between heterogeneous wireless networks is extremely important for ubiquitous and high performance wireless communications. The security problem is one of the major challenges in internetworking. To date, most research on internetwork authentication has focused on centralized authentication approaches, where the home network participates in each authentication process. For high latency between the home and visiting networks, such approaches tend to be inefficient. In this paper, we describe chained authentication, which requires collaboration between adjacent networks without involvement of the home network. After categorizing chained protocols, we propose a novel design of chained authentication methods under 3G-WLAN internetworking. The experiments show that proactive context transfer and ticket forwarding reduce the 3G authentication latency to 36.8% and WLAN EAP-TLS latency to 23.1% when RTT between visiting and home networks is 200 ms.Item An Initial Security Analysis of the IEEE 802.1X Standard(2002-02-06) Mishra, Arunesh; Arbaugh, William A.The current IEEE 802.11 standard is known to lack any viable security mechanism. However, the IEEE has proposed a long term security architecture for 802.11 which they call the Robust Security Network (RSN). RSN utilizes the recent IEEE 802.1X standard as a basis for access control, authentication, and key management. In this paper, we present two security problems (session hijacking, and the establishment of a man-in-the-middle) we have identified and tested operationally. The existence of these flaws highlight several basic design flaws within 802.1X and its combination with 802.11. As a result, we conclude that the current combination of the IEEE 802.1X and 802.11 standards does not provide a sufficient level of security, nor will it ever without significant changes. Also UMIACS-TR-2002-10Item Pro-active Key Distribution using Neighbor Graphs(2003-11-25) Mishra, Arunesh; Shin, Min-ho; Arbaugh, William A.User mobility in wireless data networks is increasing because of technological advances, and the desire for voice and multimedia applications. These applications, however, require handoffs between base stations (or access points) to be fast to maintain the quality of the connections. In this paper, we introduce a novel data structure, the Neighbor Graph, which dynamically captures the mobility topology of the network, and we show how neighbor graphs can be utilized to reduce the authentication time of an IEEE 802.11 hand-off from 1.1 seconds (full EAP/TLS) to 50 ms without loss of security. (UMIACS-TR-2003-106)