Network Security in Building Networks - Prof. Norbert Pohlmann

(1)

Prof. Dr.

(TU NN)

Norbert Pohlmann

Institute for Internet Security - if(is)

Westphalian University of Applied Sciences Gelsenkirchen, Germany www.if-is.net

Network Security in

Building Networks

(2)

 Prof . Norb ert P ohlm ann , Ins titute for I ntern et S ecuri ty -if (is), W estpha lian U niv e rsity of A pplie d Science s Ge lsen kirch en, G erm any 2

Content

IT Security over time

Changes in the general condition

IT Security Situation Today

Some IT Security Solution

Paradigm Shifts in IT and IT Security

Summary

(3)

 Prof . Norb ert P ohlm ann , Ins titute for I ntern et S ecur ity -if (is), W estpha lian U niv e rsity of A pplie d Science s Ge lsen kirch en, G erm any 3

Network Security over time

 Overview: Our Problem

Network security

problems

Time

Today

(4)

IT Security over time

 Overview: Our challenge

Network security

problems

Time

Today

(5)

Changes in the general condition

 Basic conditions

The Internet is going beyond all borders and cultures!

Problems with criminal prosecution in a lot of countries Different opinions about what is right and what is wrong Different legal frameworks

Radical change and development in IT

Mobile devices, Social Networks, Cloud Computing, …

 new Player, new operation systems, new IT concepts, new attacks Internet of things: SmartGrid, SmartCar, SmartTraffic, SmartHome, …  e.g. nuclear phase-out provides more risk on the Internet

The kind of values that we have to protect are changing over the time

bits and bytes are changing

from data and information to knowledge into intelligence

(6)

 Prof . Norb ert P ohlm ann , Ins titute for I ntern et S ecuri ty -if (is), W estpha lian U niv e rsity of A pplie d Science s Ge lsen kirch en, G erm any

Imbalance of power in cyberspace between attackers and defenders

Highly motivated and skilled attackers

We see an innovation in attack models and the attackers are getting more professional (Successful business concepts)

The attacker operating in secrecy from almost anywhere in the world,

Use a lot of computers (Malware, botnets) with unlimited power

6

Changes in the general condition

(7)

IT Security Situation Today

 Threat Potential (1/8)

Too many vulnerabilities in our software

The quality of software of the operating systems and applications is not good enough!

Error rate:

Number of errors (bugs) per 1,000 Lines of Code (LoC).

Operating systems have more than 10 million LoC

 more than 3,000 errors

(Error rate 0.3 )

 and thus too many

potential vulnerabilities

Error rate Classification of programs

< 0.5 stable programs 0.5 … 3 maturing programs

3 … 6 unstable programs 6 … 10 error-prone programs

(8)

IT Security Situation Today

 Threat Potential (2/8)

Insufficient anti-malware protection (1/2)

Anti malware solutions have a too low detection rate  only 75 to 95%!

In case of direct attacks  less than 27% 0% 27% 100% Day 3 24h Day 14 proactive detection signature-based detection Security gaps

(9)

IT Security Situation Today

 Threat Potential (3/8)

Insufficient anti-malware protection (2/2)

One in 25 computers has malware!

Data theft / data manipulation (Key logger, Trojan horses, …) Spamming, click fraud, use of computing power, …

data encryption / ransom, …

Cyber War (Advanced Persistent Threat - APT) SUXNET, Frame, …

One of the biggest threats for the moment!

(10)

IT Security Situation Today

 Threat Potential (4/8)

No international identity management

(2013)

Passwords, passwords, passwords, …

are still the tools for authentication in the Internet!

Identification is valid in corporation or customer environment, but not international!

Federation approaches are not yet widespread enough!

(11)

IT Security Situation Today

 Threat Potential (5/8)

Insecure websites in the field

Today most of the malware is distributed by insecure websites

2.5 % of the German measured websites are infected with malware.

(



US ~ 1.01;



Japan ~ 0.51; …)

Reasons for insecure websites

Many websites / webserver are not implemented securely Patches are not or very late installed

There is no responsibility for own websites!

(12)

IT Security Situation Today

 Threat Potential (6/8)

Smartphones become a challenge

Losing the mobile devices

Constantly changing insecure environments (airports, railway stations, cafés...) ...

… thus the probability of loss is much higher!

(mobile phone statistic in London taxies)

Apps as spyware / malware

(mass instead of class)

Movement profile

Public Inspections

False or manipulated hotspot

(trustworthiness)

Consumerization or Bring Your Own Devices (BYOD)

12 stop the thief Address of the secretay Address of the competitor

(13)

IT Security Situation Today

 Threat Potential (7/8)

Cloud Computing becomes a challenge

“The cyber” provides additional points of attacks

Identity theft, session hijacking, vulnerabilities in shared services, separation of corporate data, and so on

I do not know the places where my data is stored and who has the opportunity to read the data!

How can I be sure that the data still exists?

The aspect “Trust” becomes much more important

(14)

IT Security Situation Today

 Threat Potential (8/8)

Internet User

Internet users need to know the problems of the Internet or they harm themselves and others ( Internet competence)

BITKOM survey: (Germany 2012)

Almost one in three Internet users is not adequately protected! - no personal firewall (30 %)

- no anti malware (28 %)

- is careless about e-mails and links - etc.

Study „Messaging Anti-Abuse Working Group“:

57 % of the Internet users have ever opened spam e-mail or clicked links in spam e-mails

(15)

 Prof . Norb ert P ohlm ann , Ins titute for I ntern et S ecur ity -if (is), W estpha lian U niv e rsity of A pplie d Science s Ge lsen kirch en, G erm any

Some Network Security Solution

 Idea of a central firewall system

15

Firewall

System

Building Networks

(16)

Some Network Security Solution

 Assessment of a central firewall system

Assets protocol state machine entity Transmitter (T) Receiver (R) entity action u action t+1 action t action 3 action 1 action 2 action ak s_j integration and enforcement module protocol element result of analysis

set of rules security relevant event (ei) ri result of decision analysis modul decision modul xi protocol element state machine Firewall Systems Security Management x_i xi ak = action-select( protocol-state-machine(xi, sj), authenticity(xi, tl),

result-of-decision( analysis(xi), security-management(rules) ), functionality-of-the-firewall-system() )

User: Configuration

Producer: Implementation Producer: Depth of analysis

Trustworthiness

Authentication

Producer: Trustworthiness of the Implementation of the Security Services

User: Security Policy

(17)

Smart Metering Gateway



Introduction

Essential part of the (German) smart grid activities

Connects Smart Homes and the Wide Area Network (WAN)

Smart components: solar power plants, smart cars, smart fridges, smart digital meters, …

Exchange of meter and grid condition data Accounting of meter data

Ensure integrity, authenticity and confidentiality of data Data privacy problems

(18)

Smart Metering Gateway



Environment of the Gateway

18 Federal Office for Information Security (BSI)

Protection Profile for the Gateway of a Smart Metering System

Technical guide line BSI TR-03109 Defines security mechanisms and other requirements

(19)

 Prof . Norb ert P ohlm ann , Ins titute for I ntern et S ecur ity -if (is), W estpha lian U niv e rsity of A pplie d Science s Ge lsen kirch en, G erm any

Smart Metering Gateway



Security Objectives

Security mechanisms Threads TLS/SSL -Encryption Digital Signature T imestamp Anonymisation and Pseudonymisation _{Physical Pr} otection (Security Module) Data manipulation X X X

Meter data manipulation X X X X

Data disclosure X X

Physical manipulation X

shortened representation

(20)

Paradigm Shift

– (1)

 More

responsibility

less

indifference

Producer responsibility

Software and hardware will better matched and problems would be better identified and solved.

Validation / Certification

Independent and qualified organization prove (improve) the quality of IT (security) products and solution

(21)

Paradigm Shift

– (2)

 More

proactive

less

reactive

IT security

Reactive IT Security Systems

Today we use a lot of reactive IT security solutions and that means we are always running behind the attacker.

The idea of reactive IT security is, if we detect an attack, we try to protect us as fast as possible to reduce the damage.

For example “reactive IT security systems” are Firewall Systems

Intrusion Detection Solutions Anti-Malware products

Anti-Spam /-Phishing …

„Airbag approach“:

(22)

Paradigm Shift

– (2)

 More

proactive

less

reactive

IT security

Proactive IT Security Systems

We need much more proactive IT security to protect our values. Our IT systems will be more robust and much more trustworthy with the idea of proactive IT security.

Here we use for example a security kernel with separation and isolation

technology combined with intelligent cryptographic security mechanisms.

(

Trustworthy Basis

)

„ESP strategy“:

(23)

 Prof . Norb ert P ohlm ann , Ins titute for I ntern et S ecur ity -if (is), W estpha lian U niv e rsity of A pplie d Science s Ge lsen kirch en, G erm any OS 23

Paradigm Shift

– (2)

 Trustworthy Base

Hardware OS OS

Security Kernel / Virtualization

App

Strong Isolation Policy Enforcement

App

Modularization Trusted Computing Base Virtualization

Trusted Software Layer

App

Security Module Trusted Boot Remote Attestation, Binding, Sealing … Trusted Plattform Integrity Control Robustness/Modularity Trusted Interaction Trusted Process Security Management

App

Trusted Virtual Domains

(24)

Paradigm Shift

– (3)

 More object less

perimeter

security

Perimeter security

Defense Model:

Protect a set of computer systems and networks with the help of Firewalls, VPNs, Intrusion detection and so on.

Assumption: The computers and the networks are fixed installed. Evaluation:

Modern world uses

flexible and distributed mobile devices. Perimeter security can’t

(25)

Paradigm Shift

– (3)

 More object less

perimeter

security

Object Security (Information Flow Control)

Idea:

Domain object-oriented security, in which the objects are provided with rights.

The rights define who can use the object with which action in which IT environment

Object Lifecycle Protection

Distributed Policy Enforcement (even on foreign systems)

generation

processing destruction

(26)

Paradigm Shift

– (4)

 More

collaboration

less

separation

Imbalance of power in cyberspace between attackers and defenders.

(27)

The Trouble of Network Security

 Summary

It is very important that we use network security in the right way Changes in the general condition !

Radical change in IT (Mobile devices, Social Networks, Cloud , …)

The protected values are constantly rising and changing over the time Attack models are innovating and attackers are getting more professional

Over the time our IT security and privacy problems are getting bigger and bigger!

We need paradigm shifts in IT and IT security, so that we can build trust in using the networks and the Internet in the future

More responsibility less indifference

More proactive less reactive IT security

More object less perimeter security

More collaboration less separation

(28)

Prof. Dr.

(TU NN)

Norbert Pohlmann

Institute for Internet Security - if(is)

Westphalian University of Applied Sciences Gelsenkirchen, Germany www.if-is.net