DOCSLIB.ORG

How to Analyze the Cyber Threat from Drones

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
How to Analyze the Cyber Threat from Drones C O R P O R A T I O N KATHARINA LEY BEST, JON SCHMID, SHANE TIERNEY, JALAL AWAN, NAHOM M. BEYENE, MAYNARD A. HOLLIDAY, RAZA KHAN, KAREN LEE How to Analyze the Cyber Threat from Drones Background, Analysis Frameworks, and Analysis Tools For more information on this publication, visit www.rand.org/t/RR2972 Library of Congress Cataloging-in-Publication Data is available for this publication. ISBN: 978-1-9774-0287-5 Published by the RAND Corporation, Santa Monica, Calif. © Copyright 2020 RAND Corporation R® is a registered trademark. Cover design by Rick Penn-Kraus Cover images: drone, Kadmy - stock.adobe.com; data, Getty Images. Limited Print and Electronic Distribution Rights This document and trademark(s) contained herein are protected by law. This representation of RAND intellectual property is provided for noncommercial use only. Unauthorized posting of this publication online is prohibited. Permission is given to duplicate this document for personal use only, as long as it is unaltered and complete. Permission is required from RAND to reproduce, or reuse in another form, any of its research documents for commercial use. For information on reprint and linking permissions, please visit www.rand.org/pubs/permissions. The RAND Corporation is a research organization that develops solutions to public policy challenges to help make communities throughout the world safer and more secure, healthier and more prosperous. RAND is nonprofit, nonpartisan, and committed to the public interest. RAND’s publications do not necessarily reflect the opinions of its research clients and sponsors. Support RAND Make a tax-deductible charitable contribution at www.rand.org/giving/contribute www.rand.org Preface This report explores the security implications of the rapid growth in unmanned aerial systems (UAS), focusing specifically on current and future vulnerabilities. We propose conceptual approaches meant to enable the enumeration and categorization of UAS- related cyber threats, covering the use of UAS as both targets and vectors of cyberat- tack, as well as their use by both allies and adversaries. These approaches have been applied to real-world threat scenarios to test their validity and illustrate the types of attacks that are currently feasible. Industry trends and the implications of these trends for cybersecurity are presented as well. Finally, we consider the UAS-related cyberse- curity threat from the perspective of the Department of Homeland Security (DHS). This research should be of interest to individuals within DHS that have respon- sibilities related to the operation of UAS, those responsible for ensuring the cyberse- curity of DHS and DHS-protected facilities and assets, or anyone concerned with the way that UAS proliferation may change the cybersecurity landscape. About the Homeland Security Research Division This research was conducted using internal funding generated from operations of the RAND Homeland Security Research Division (HSRD) and within the HSRD Acquisition and Development Program. HSRD conducts research and analysis across the United States Homeland Security Enterprise and serves as the platform by which RAND communicates relevant research from across its units with the broader Home- land Security Enterprise. For more information on the Acquisition and Develop- ment Program, see www.rand.org/hsrd or contact Emma Westerman, Director of the Acquisition and Development Program, by email at [email protected] or phone at (703) 413-1100 ext. 5660. For more information on this publication, visit www.rand.org/t/ RR2972. i Contents Preface ...................................................................................................i About the Homeland Security Operational Analysis Center ..................................i Summary .............................................................................................. ix Acknowledgments ...................................................................................xv Abbreviations ....................................................................................... xvii CHAPTER ONE Introduction ........................................................................................... 1 Background and Purpose ............................................................................. 1 How This Report Is Organized ...................................................................... 2 CHAPTER TWO Understanding the UAS Threat Space ............................................................ 5 Enumerating and Categorizing Threats: The STRIDE Taxonomy .............................. 6 Discovering Threats in a Scenario: The Cybersecurity Kill Chain .............................. 9 Visualizing Threats: The UAS Cybersecurity Diagram Template ..............................11 CHAPTER THREE The UAS and Cybersecurity Threat Space Today .............................................15 The Extent of UAS Cyber Vulnerabilities ..........................................................15 Vignettes of Selected UAS Cyberattacks ...........................................................17 CHAPTER FOUR Industry Trends and the Future of UAS Cybersecurity ..................................... 27 Technological Innovation and UAS................................................................ 28 Emerging UAS Industry Trends .................................................................... 30 Industry Trends: Conclusion ........................................................................47 CHAPTER FIVE UAS, Cybersecurity, and the Department of Homeland Security ..........................49 Attacks Against DHS Assets .........................................................................49 iii iv How to Analyze the Cyber Threat from Drones DHS Offensive Cyber Actions with UAS as Vector ..............................................51 DHS Components and Offices as Mitigators .....................................................51 Relevant DHS Projects ...............................................................................53 Current and Future Policy Related to DHS and UAS Cybersecurity Concerns ............. 54 CHAPTER SIX Conclusion and Recommendations ..............................................................55 Recommendations ....................................................................................55 APPENDIX A Attack Categorization ...............................................................................57 References .............................................................................................67 Figures 1.1. Categorizing UAS-Related Cyber Threats ................................................... 2 2.1. The STRIDE Threat Taxonomy ............................................................. 7 2.2. Simple Quadcopter Data-Flow Diagram with Single Radio Controller ................. 9 2.3. Cybersecurity Kill Chain .....................................................................10 2.4. UAS Attack-Surface Illustration Template .................................................11 2.5. UAS Information from Communications and Observations .............................12 2.6. UAS Attack-Vector Illustration Template ...................................................13 2.7. Example of a “Split-Screen” Illustration for Attack Surface and Attack Vector ........14 3.1. Breakdown of Prevalence of Selected Cyberattack Characteristics in Literature .......18 3.2. UAS Attack to Access and Delete Files Midflight .........................................19 3.3. UAS Attack to Fool Hovering Feature with Spoofed GPS Signal .......................21 3.4. UAS and the Cybersecurity Kill Chain—”UAS as Vector” Exploit (A Drone Botmaster) ............................................................................... 22 3.5. Attack by Drone Hijacks Open Networks and Overrides Networked Devices ....... 23 3.6. Attack by Drone to Overcome Proximity-Based Control of Smart Lightbulbs ....... 24 4.1. Number of UAS Patents ..................................................................... 28 4.2. Generic S-Curve ...............................................................................29 4.3. Annual Patent Output for the United States, China, and the Rest of the World, 2001–2017 ............................................................................... 30 4.4. Communications Related to UTM .........................................................35 4.5. Decentralized Asset Manager for Swarming .............................................. 38 4.6. Number of Publications on UAS Swarming .............................................. 40 4.7. Network of Swarming Publications ......................................................... 40 v Tables 4.1. Top UAS Patenting Organizations ..........................................................31 4.2. Affiliation of Authors of Swarming Publications ..........................................41 4.3. Summary of Key UAS Features and Trends................................................47 A.1. Attack Categorization .........................................................................58 vii Summary In a world of constant and rapid technological change, minimizing vulnerabilities is a never-ending race against one’s adversaries—a race against their technology and its exploitation, as well as their devices, ideas, modes of operation, and tactics. In this report, we examine the cybersecurity implications of one key technological trend: the advancement and proliferation of public-use unmanned aerial
Load more

Recommended publications
  • The Global Urban Air Mobility Project Report 7 March, 2019
    (Picture: Volocopter and Frankfurt Airport are now working on airport-city centre air taxi concepts) The Global Urban Air Mobility project report 7 March, 2019 Europe Belgium Antwerp joined the UAM Initiative (EIP-SCC) in September 2018. According to a press release: “Antwerp has stated its ambition to explore the potential of drones in an urban context. As a starting point, the feasibility of using drones for observation tasks by the local police will be studied. Specifically, the city of Antwerp and its local police will initiate a project definition aimed at developing an autonomous aerial imaging system with the ability to cover the territory of the city. In the development of the project, the city will also closely involve its quadruple helix partners (universities-businesses-citizens) and embed the initiative in its wider Smart City strategy.” “The feasibility of implementing this solution will be studied in close collaboration with institutional partners such as Belgocontrol, Eurocontrol and the European Aviation Safety Agency (EASA). Among other partners who have signed and support the Manifesto of Intent are the Antwerp Fire Department, the Federal Ministry of Transport, the Belgian Civil Aviation Authority, the Federal Police (Air Support), the Port of Antwerp, iMec, University of Antwerp, Drone Think Do, Droneport, EUKA, Helicus and Unifly. Meanwhile in October 2018 it was announced that the Helicus Aero Initiative (HAI) will put in place a system to transport medical supplies by drones between hospitals and laboratories/pharmacies. The project, named MEDRONA, was selected for funding by the federal government. Inter hospital test flights will take place during the second part of 2019 in Antwerp urban airspace.
    [Show full text]
  • A the Hacker
    A The Hacker Madame Curie once said “En science, nous devons nous int´eresser aux choses, non aux personnes [In science, we should be interested in things, not in people].” Things, however, have since changed, and today we have to be interested not just in the facts of computer security and crime, but in the people who perpetrate these acts. Hence this discussion of hackers. Over the centuries, the term “hacker” has referred to various activities. We are familiar with usages such as “a carpenter hacking wood with an ax” and “a butcher hacking meat with a cleaver,” but it seems that the modern, computer-related form of this term originated in the many pranks and practi- cal jokes perpetrated by students at MIT in the 1960s. As an example of the many meanings assigned to this term, see [Schneier 04] which, among much other information, explains why Galileo was a hacker but Aristotle wasn’t. A hack is a person lacking talent or ability, as in a “hack writer.” Hack as a verb is used in contexts such as “hack the media,” “hack your brain,” and “hack your reputation.” Recently, it has also come to mean either a kludge, or the opposite of a kludge, as in a clever or elegant solution to a difficult problem. A hack also means a simple but often inelegant solution or technique. The following tentative definitions are quoted from the jargon file ([jargon 04], edited by Eric S. Raymond): 1. A person who enjoys exploring the details of programmable systems and how to stretch their capabilities, as opposed to most users, who prefer to learn only the minimum necessary.
    [Show full text]
  • BUGS in the SYSTEM a Primer on the Software Vulnerability Ecosystem and Its Policy Implications
    ANDI WILSON, ROSS SCHULMAN, KEVIN BANKSTON, AND TREY HERR BUGS IN THE SYSTEM A Primer on the Software Vulnerability Ecosystem and its Policy Implications JULY 2016 About the Authors About New America New America is committed to renewing American politics, Andi Wilson is a policy analyst at New America’s Open prosperity, and purpose in the Digital Age. We generate big Technology Institute, where she researches and writes ideas, bridge the gap between technology and policy, and about the relationship between technology and policy. curate broad public conversation. We combine the best of With a specific focus on cybersecurity, Andi is currently a policy research institute, technology laboratory, public working on issues including encryption, vulnerabilities forum, media platform, and a venture capital fund for equities, surveillance, and internet freedom. ideas. We are a distinctive community of thinkers, writers, researchers, technologists, and community activists who Ross Schulman is a co-director of the Cybersecurity believe deeply in the possibility of American renewal. Initiative and senior policy counsel at New America’s Open Find out more at newamerica.org/our-story. Technology Institute, where he focuses on cybersecurity, encryption, surveillance, and Internet governance. Prior to joining OTI, Ross worked for Google in Mountain About the Cybersecurity Initiative View, California. Ross has also worked at the Computer The Internet has connected us. Yet the policies and and Communications Industry Association, the Center debates that surround the security of our networks are for Democracy and Technology, and on Capitol Hill for too often disconnected, disjointed, and stuck in an Senators Wyden and Feingold. unsuccessful status quo.
    [Show full text]
  • 2016 8Th International Conference on Cyber Conflict: Cyber Power
    2016 8th International Conference on Cyber Conflict: Cyber Power N.Pissanidis, H.Rõigas, M.Veenendaal (Eds.) 31 MAY - 03 JUNE 2016, TALLINN, ESTONIA 2016 8TH International ConFerence on CYBER ConFlict: CYBER POWER Copyright © 2016 by NATO CCD COE Publications. All rights reserved. IEEE Catalog Number: CFP1626N-PRT ISBN (print): 978-9949-9544-8-3 ISBN (pdf): 978-9949-9544-9-0 CopyriGHT AND Reprint Permissions No part of this publication may be reprinted, reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording or otherwise, without the prior written permission of the NATO Cooperative Cyber Defence Centre of Excellence ([email protected]). This restriction does not apply to making digital or hard copies of this publication for internal use within NATO, and for personal or educational use when for non-profit or non-commercial purposes, providing that copies bear this notice and a full citation on the first page as follows: [Article author(s)], [full article title] 2016 8th International Conference on Cyber Conflict: Cyber Power N.Pissanidis, H.Rõigas, M.Veenendaal (Eds.) 2016 © NATO CCD COE Publications PrinteD copies OF THIS PUBlication are availaBLE From: NATO CCD COE Publications Filtri tee 12, 10132 Tallinn, Estonia Phone: +372 717 6800 Fax: +372 717 6308 E-mail: [email protected] Web: www.ccdcoe.org Head of publishing: Jaanika Rannu Layout: Jaakko Matsalu LEGAL NOTICE: This publication contains opinions of the respective authors only. They do not necessarily reflect the policy or the opinion of NATO CCD COE, NATO, or any agency or any government.
    [Show full text]
  • The CLASP Application Security Process
    The CLASP Application Security Process Secure Software, Inc. Copyright (c) 2005, Secure Software, Inc. The CLASP Application Security Process The CLASP Application Security Process TABLE OF CONTENTS CHAPTER 1 Introduction 1 CLASP Status 4 An Activity-Centric Approach 4 The CLASP Implementation Guide 5 The Root-Cause Database 6 Supporting Material 7 CHAPTER 2 Implementation Guide 9 The CLASP Activities 11 Institute security awareness program 11 Monitor security metrics 12 Specify operational environment 13 Identify global security policy 14 Identify resources and trust boundaries 15 Identify user roles and resource capabilities 16 Document security-relevant requirements 17 Detail misuse cases 18 Identify attack surface 19 Apply security principles to design 20 Research and assess security posture of technology solutions 21 Annotate class designs with security properties 22 Specify database security configuration 23 Perform security analysis of system requirements and design (threat modeling) 24 Integrate security analysis into source management process 25 Implement interface contracts 26 Implement and elaborate resource policies and security technologies 27 Address reported security issues 28 Perform source-level security review 29 Identify, implement and perform security tests 30 The CLASP Application Security Process i Verify security attributes of resources 31 Perform code signing 32 Build operational security guide 33 Manage security issue disclosure process 34 Developing a Process Engineering Plan 35 Business objectives 35 Process
    [Show full text]
  • Five Threats Series: Threat 2 – Ransomware Attack
    405(d) Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients (HICP) Five Threats Series: Threat 2 – Ransomware Attack March 2019 In Partnership With The 405(d) Aligning Health Care Industry Security Practices initiative, along with the Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients (HICP) publication and this engagement are in partnership with the Healthcare & Public Health Sector Coordinating Council (HSCC) 2 Agenda Time Topic Speaker 5 Minutes Opening Remarks & Introductions 5 Minutes CSA Section 405(d)’s Mandate, Purpose, and Desired Goals 5 Minutes HICP Overview 10 Minutes Using HICP and Supporting Resources 40 Minutes Threat 2 – Ransomware Attack and Mitigating Practices 5 Minutes Looking Forward 5 Minutes Upcoming 5 Threats 15 Minutes Questions 3 CSA Section 405(d)’s Mandate, Purpose, and Desired Goals Cybersecurity Act of 2015 (CSA): Legislative Basis CSA Section 405 Improving Cybersecurity in the Health Care Industry Section 405(b): Health Section 405(c): Health Section 405(d): Aligning care industry Care Industry Health Care Industry preparedness report Cybersecurity Task Force Security Approaches 5 Industry-Led Activity to Improve Cybersecurity in the Healthcare and Public Health (HPH) Sector WHAT IS THE 405(d) EFFORT? WHO IS PARTICIPATING? An industry-led process to develop The 405(d) Task Group is consensus-based guidelines, convened by HHS and comprised practices, and methodologies to of over 150 information security strengthen the HPH-sector’s officers, medical professionals, cybersecurity posture against privacy experts, and industry cyber threats. leaders. HOW WILL 405(d) ADDRESS HPH WHY IS HHS CONVENING THIS CYBERSECURITY NEEDS? EFFORT? With a targeted set of applicable To strengthen the cybersecurity & voluntary practices that seeks posture of the HPH Sector, to cost-effectively reduce the Congress mandated the effort in cybersecurity risks of healthcare the Cybersecurity Act of 2015 organizations.
    [Show full text]
  • Vulnerability Management: Overview
    Resource ID: w-013-3774 Cybersecurity Tech Basics: Vulnerability Management: Overview SEAN ATKINSON, CIS™ (CENTER FOR INTERNET SECURITY), WITH PRACTICAL LAW INTELLECTUAL PROPERTY & TECHNOLOGY Search the Resource ID numbers in blue on Westlaw for more. A Practice Note providing an overview of what Design, implementation, or other vendor oversights that create defects in commercial IT products (see Hardware and Software cyber vulnerability management programs Defects). are, how they work, and the key role they play Poor setup, mismanagement, or other issues in the way an in any organization’s information security organization installs and maintains its IT hardware and software components (see Unsecured Configurations). program. This Note discusses common types of Vulnerability management programs address these issues. Other cyber vulnerabilities and core process steps for common vulnerabilities that organizations must also tackle in their implementing and maintaining a vulnerability information security programs include: management program to decrease cybersecurity Gaps in business processes. Human weaknesses, such as lack of user training and awareness. risks. It also addresses common pitfalls that Poorly designed access controls or other safeguards. can lead to unnecessary cyber incidents and Physical and environmental issues. data breaches. Unlike threats, organizations can often directly control their vulnerabilities and therefore minimize the opportunities for threat actors. Most organizations depend on a combination of commercial and custom-developed hardware and software products to support their Organizations that develop their own in-house software should information technology (IT) needs. These technology components use security by design techniques to avoid creating vulnerabilities. inevitably include vulnerabilities in their design, setup, or the code that For more information on assessing overall data security risks and runs them.
    [Show full text]
  • Cyber Threat Metrics
    SANDIA REPORT SAND2012-2427 Unlimited Release Printed March 2012 Cyber Threat Metrics Mark Mateski, Cassandra M. Trevino, Cynthia K. Veitch, John Michalski, J. Mark Harris, Scott Maruoka, Jason Frye Prepared by Sandia National Laboratories Albuquerque, New Mexico 87185 Sandia National Laboratories is a multi-program laboratory managed and operated by Sandia Corporation, a wholly owned subsidiary of Lockheed Martin Corporation, for the U.S. Department of Energy's National Nuclear Security Administration under contract DE-AC04-94AL85000. Approved for public release; further dissemination unlimited Issued by Sandia National Laboratories, operated for the United States Department of Energy by Sandia Corporation. NOTICE: This report was prepared as an account of work sponsored by an agency of the United States Government. Neither the United States Government, nor any agency thereof, nor any of their employees, nor any of their contractors, subcontractors, or their employees, make any warranty, express or implied, or assume any legal liability or responsibility for the accuracy, completeness, or usefulness of any information, apparatus, product, or process disclosed, or represent that its use would not infringe privately owned rights. Reference herein to any specific commercial product, process, or service by trade name, trademark, manufacturer, or otherwise, does not necessarily constitute or imply its endorsement, recommendation, or favoring by the United States Government, any agency thereof, or any of their contractors or subcontractors. The views and opinions expressed herein do not necessarily state or reflect those of the United States Government, any agency thereof, or any of their contractors. Printed in the United States of America. This report has been reproduced from the best available copy.
    [Show full text]
  • Terminator Dark Fate Sequel
    Terminator Dark Fate Sequel Telesthetic Walsh withing: he wags his subzones loosely and nope. Moth-eaten Felice snarl choicely while Dell always lapidify his gregariousness magic inertly, he honours so inertly. Sometimes unsentenced Pate valuate her sacristan fussily, but draconian Oral demodulating tunelessly or lay-offs athletically. Want to keep up with breaking news? Schwarzenegger against a female Terminator, lacked the visceral urgency of the first two films. The Very Excellent Mr. TV and web series. Soundtrack Will Have You Floating Ho. Remember how he could run like the wind, and transform his hands into blades? When the characters talk about how the future is what you make, they are speaking against the logic of the plot rather than organically from it. 'Dark Fate' is our best 'Terminator' sequel in over 20 years. Record in GA event if ads are blocked. Interviews, commentary, and recommendations old and new. Make a donation to support our coverage. Schwarzenegger appears as the titular character but does not receive top billing. Gebru has been treated completely inappropriately, with intense disrespect, and she deserves an apology. Or did the discovery of future Skynet technology start a branching timeline where the apocalypse came via Cyberdyne instead of Skynet? Need help contacting your corporate administrator regarding your Rolling Stone Digital access? We know that dark fate sequel. Judgment Day could be a necessary event that is ultimately the only way to ensure the future of the human race. Beloved Brendan Fraser Movie Has Been Blowing Up On Stream. Underscore may be freely distributed under the MIT license.
    [Show full text]
  • The Terminator by John Wills
    The Terminator By John Wills “The Terminator” is a cult time-travel story pitting hu- mans against machines. Authored and directed by James Cameron, the movie features Arnold Schwarzenegger, Linda Hamilton and Michael Biehn in leading roles. It launched Cameron as a major film di- rector, and, along with “Conan the Barbarian” (1982), established Schwarzenegger as a box office star. James Cameron directed his first movie “Xenogenesis” in 1978. A 12-minute long, $20,000 picture, “Xenogenesis” depicted a young man and woman trapped in a spaceship dominated by power- ful and hostile robots. It introduced what would be- come enduring Cameron themes: space exploration, machine sentience and epic scale. In the early 1980s, Cameron worked with Roger Corman on a number of film projects, assisting with special effects and the design of sets, before directing “Piranha II” (1981) as his debut feature. Cameron then turned to writing a science fiction movie script based around a cyborg from 2029AD travelling through time to con- Artwork from the cover of the film’s DVD release by MGM temporary Los Angeles to kill a waitress whose as Home Entertainment. The Library of Congress Collection. yet unborn son is destined to lead a resistance movement against a future cyborg army. With the input of friend Bill Wisher along with producer Gale weeks. However, critical reception hinted at longer- Anne Hurd (Hurd and Cameron had both worked for lasting appeal. “Variety” enthused over the picture: Roger Corman), Cameron finished a draft script in “a blazing, cinematic comic book, full of virtuoso May 1982. After some trouble finding industry back- moviemaking, terrific momentum, solid performances ers, Orion agreed to distribute the picture with and a compelling story.” Janet Maslin for the “New Hemdale Pictures financing it.
    [Show full text]
  • Threats and Vulnerabilities in Federation Protocols and Products
    Threats and Vulnerabilities in Federation Protocols and Products Teemu Kääriäinen, CSSLP / Nixu Corporation OWASP Helsinki Chapter Meeting #30 October 11, 2016 Contents • Federation Protocols: OpenID Connect and SAML 2.0 – Basic flows, comparison between the protocols • OAuth 2.0 and OpenID Connect Vulnerabilities and Best Practices – Background for OAuth 2.0 security criticism, vulnerabilities related discussion and publicly disclosed vulnerabilities, best practices, JWT, authorization bypass vulnerabilities, mobile application integration. • SAML 2.0 Vulnerabilities and Best Practices – Best practices, publicly disclosed vulnerabilities • OWASP Top Ten in Access management solutions – Focus on Java deserialization vulnerabilites in different commercial and open source access management products • Forgerock OpenAM, Gluu, CAS, PingFederate 7.3.0 Admin UI, Oracle ADF (Oracle Identity Manager) Federation Protocols: OpenID Connect and SAML 2.0 • OpenID Connect is an emerging technology built on OAuth 2.0 that enables relying parties to verify the identity of an end-user in an interoperable and REST-like manner. • OpenID Connect is not just about authentication. It is also about authorization, delegation and API access management. • Reasons for services to start using OpenID Connect: – Ease of integration. – Ability to integrate client applications running on different platforms: single-page app, web, backend, mobile, IoT. – Allowing 3rd party integrations in a secure, interoperable and scalable manner. • OpenID Connect is proven to be secure and mature technology: – Solves many of the security issues that have been an issue with OAuth 2.0. • OpenID Connect and OAuth 2.0 are used frequently in social login scenarios: – E.g. Google and Microsoft Account are OpenID Connect Identity Providers. Facebook is an OAuth 2.0 authorization server.
    [Show full text]
  • An Email Application with Active Spoof Monitoring and Control
    2016 International Conference on Computer Communication and Informatics (ICCCI -2016), Jan. 07 – 09, 2016, Coimbatore, INDIA An Email Application with Active Spoof Monitoring and Control T.P. Fowdur, Member IEEE and L.Veerasoo [email protected] [email protected] Department of Electrical and Electronic Engineering University of Mauritius Mauritius Abstract- Spoofing is a serious security issue for email overview of some recent anti-spoofing mechanisms is now applications. Although several anti-email spoofing techniques presented have been developed, most of them do not provide users with sufficient control and information on spoof attacks. In this paper In [11], the authors proposed an anti-spoofing scheme for IP a web-based client oriented anti-spoofing email application is packets which provides an extended inter-domain packet filter proposed which actively detects, monitors and controls email architecture along with an algorithm for filter placement. A spoofing attacks. When the application detects a spoofed security key is first placed in the identification field of the IP message, it triggers an alert message and sends the spoofed header and a border router checks the key on the source message into a spoof filter. Moreover, the user who has received packet. If this key corresponds to the key of the target packet, the spoofed message is given the option of notifying the real sender of the spoofing attack. In this way an active spoof control the packet is considered valid, else it is flagged as a spoofed is achieved. The application is hosted using the HTTPS protocol packet. A Packet Resonance Strategy (PRS) which detects and uses notification messages that are sent in parallel with email different types of spoofing attacks that use up the resources of messages via a channel that has been secured by the Secure the server or commit data theft at a datacenter was proposed in Socket Layer (SSL) protocol.
    [Show full text]