International conference

Uniqueness of the File Systems Genome: Supporting Arguments and Massive Experimental Measurements

R. Di Pietro, L.V. Mancini, A. Villani, D. Vitali

published in the proceedings of the 8th International Conference on Risks and Security of Internet and Systems (CRiSIS 2013), La Rochelle, France

Abstract This paper provides evidence of a distinguished feature of file systems, that we call File System Genome. Such a feature is originated by the locations where the file blocks are placed on the mass-storage device by the operating system during the installation procedure. It appears from our study that the File System Genome is a distinctive feature of each operating system installation. In particular, our extensive set of experiments

shows that the installation of the same operating system on two identical hardware configurations generates two different File System Genomes. Further, the application of sound information theory tools, such as min entropy, show that the differences between two File System Genome are considerably relevant.

The results provided in this paper constitute the scientific basis for a number of applications in various fields of information technology, such as devices’ identification and security.

Relieve Internet Routing security of Public Key Infrastructure,

L. V. Mancini, C. Soriente, A. Spognardi, A. Villani, D. Vitali,

published in the proceedings of the International Conference on Computer Communication Networks (ICCCN 2012), Munich, Germany

Abstract Lack of security mechanisms expose the Border Gateway Protocol (BGP) to a wide range of threats that are constantly undermining security of the Internet. Most prominent attacks include prefix hijacking and announcement of false routes to maliciously attract or divert traffic. A number of cryptographic solutions to prevent both attacks have been proposed but have not been adopted due to involved operations and considerable overhead. Most of them rely on digital signatures to authorize Autonomous Systems to propagate route announcements. Surprisingly, the scientific community has devoted only little interest to the problem of revocation in BGP. In particular, BGP systems based on Public Key Infrastructure allow to revoke an Autonomous System by revoking its public key certificate. However, there seem to be no solution for selective revocation of AS-path announcements.

This paper introduces reBGP, an enhanced version of BGP that leverages Identity Based Cryptography to secure BGP with minimal overhead. reBGP prevents prefix hijacking and false route announcement through Aggregate Identity Based Signatures and provides an effective revocation means to invalidate AS-path announcements. reBGP enjoys a constant overhead to verify authenticity of routes and does not require a Public Key Infrastructure. Extensive testing of our implementation, show that our proposal represents a practical solution to secure BGP.

DDoS detection with information theory metrics and netflows: a real case,

D. Vitali, A. Villani, A. Spognardi, R. Battistoni, L. V. Mancini,

published in the proceedings of the International Conference on Security and Cryptography, SeCrypt 2012, Roma, Italy

Abstract Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) constitute one of the main issues for critical Internet services. The recent widespread availability and simplicity of automated tools has also promoted the voluntary participation to extensive attacks against known websites, like Operation Payback-DDoS attacks against websites of banks who had withdrawn banking facilities from WikiLeaks. Today the most effective DoS detection metrics are based on information theory, but their effectiveness are often evaluated on synthetic dataset, generated by the researchers

on their own. Such analysis are time consuming and expensive since are usually carried on full network traffic. This work focuses on the analysis on sets of network flow - a sequence of packets from a source computer to a destination and strive to detect the DDoS attacks at an early stage in order to launch effective countermeasures timely. We present a comparison and an evaluation of the main metrics proposed in the literature based on a true and large network flow dataset, collected from an Italian transit tier II Autonomous System (AS) located in Rome. This AS network is connected to all the three main network infrastructures present in Italy (Commercial, Research and Public Administration networks), and to several international providers (even for Internet transit purposes). Many attempted attacks to Italian critical IT infrastructures can be observed inside this AS network traffic. Several publicly declared attacks have been traced and many others malicious activities have been found by ex-post analysis.

Obfuscation of Sensitive Data in Network Flows,

D. Riboni, A. Villani, D. Vitali, C. Bettini, L.V. Mancini,

published in the proceedings of the 31st Annual IEEE International Conference on Computer Communications (IEEE INFOCOM 2012), Orlando, Florida

Abstract In the last decade, the release of network flows has gained significant popularity among researchers and networking communities. Indeed, network flows are a fundamental tool

for modeling the network behavior, identifying security attacks, and validating research results. Unfortunately, due to the sensitive nature of network flows, security and privacy concerns discourage the publication of such datasets.

On the one hand, existing techniques proposed to sanitize network flows do not provide any formal guarantees. On the other hand, microdata anonymization techniques are not directly applicable to

network flows. In this paper, we propose a novel obfuscation technique for network flows that provides formal guarantees under realistic assumptions about the adversary's knowledge. Our work is supported by extensive experiments with a large set of real network flows collected at an important Italian Tier II Autonomous System, hosting sensitive government and corporate sites. Experimental results show that our obfuscation technique preserves the utility of network flows for network traffic analysis.

Replication schemes in Unattended Sensor Networks

D.Vitali, A. Spognardi, L.V. Mancini,

published in the proceedings of the fourth International Conference on New Technologies, Mobility and Security (NTMS 2011), Paris, France

Abstract Unattended Wireless Sensors Networks (UWSNs) are emerging Wireless Sensor Networks (WSNs) characterized by periodic absence of trusted entities, like the Sink Collectors. The time periods with no sink attendance, force the network sensors to locally store collected data until the next sink visit. This means that data collection is not performed in real time, but it falls at regular intervals. Such conditions define a different paradigm regarding traditional WSNs and introduce several new security issues, data survival above all.

At the best of our knowledge, only two strategies were proposed to mitigate mobile adversary data deletion attack : encryption protocols (implementing backward and/or forward secrecy) and replication. While encryption protocols can impose an extensive computational effort and experience several security issues (like key exposure), replication schemes seem to capture a renewed interest from researchers, since their power requirement seem compatible with the constraints of wireless sensors. In this paper we focus on a new replication scheme and compare its performances with some other proposals, previously presented in literature. The schemes share some model assumptions, in terms of network and adversary attack strategy and objectives.