STATE-OF-THE-ART OF SECURE ICT LANDSCAPE (VERSION 2) APRIL 2015 NIS PLATFORM WORKING GROUP 3 (WG3) Editors: Mari Kert (European Organisation for Security) Javier Lopez (University of Malaga) Evangelos Markatos (FORTH) Bart Preneel (KU Leuven and iMinds) Secure ICT Landscape NIS Platform - Working Group 3 Page 2 Secure ICT Landscape Table of Contents Contributors ................................................................................................................................................... 7 Executive Summary ........................................................................................................................................ 9 1 Introduction .......................................................................................................................................... 11 2 Basic Technologies ................................................................................................................................ 12 2.1 Introduction and objectives .................................................................................................................... 12 2.2 Metrics in cybersecurity ......................................................................................................................... 12 2.2.1 Introduction .................................................................................................................................... 12 2.2.2 Current Status ................................................................................................................................. 12 2.2.3 Research Challenges ....................................................................................................................... 13 2.3 Authentication, Authorization and Access Control ................................................................................. 13 2.3.1 Authentication and Authorization .................................................................................................. 13 2.3.2 Access Control ................................................................................................................................. 16 2.4 System integrity - Antivirus – Antispyware ............................................................................................. 17 2.4.1 Introduction .................................................................................................................................... 17 2.4.2 Current Status ................................................................................................................................. 17 2.4.3 Research Challenges ....................................................................................................................... 18 2.4.4 Existing Tools .................................................................................................................................. 18 2.5 Cryptology .............................................................................................................................................. 18 2.5.1 Cryptographic algorithms: design and evaluation .......................................................................... 18 2.5.2 Advanced cryptographic protocols ................................................................................................. 20 2.5.3 Quantum Cryptography .................................................................................................................. 21 2.6 Audit and monitoring ............................................................................................................................. 23 2.6.1 Intrusion Detection and Intrusion Prevention ................................................................................ 23 2.6.2 Intrusion Tolerant and Resilient Critical Information Infrastructures ............................................. 25 2.6.3 Information and Event Management Tools .................................................................................... 25 2.6.4 Computer Forensic tools ................................................................................................................. 27 2.6.5 (Cyber) Situation Awareness tools .................................................................................................. 28 2.7 Configuration Management and Assurance .......................................................................................... 31 2.7.1 Policy Enforcement Applications .................................................................................................... 31 2.7.2 Network Management .................................................................................................................... 32 2.8 Software security and secure software development ............................................................................ 33 2.8.1 Software Design for the Future Internet ......................................................................................... 33 2.8.2 Risk .................................................................................................................................................. 34 2.8.3 Assurance ........................................................................................................................................ 36 2.8.4 Secure Coding & Secure Programming Languages ......................................................................... 37 2.9 Hardware and platform security ............................................................................................................ 38 2.9.1 Trusted computing, secure execution ............................................................................................. 38 2.10 Network and mobile security ............................................................................................................... 41 2.10.1 Network security .......................................................................................................................... 41 2.10.2 Mobile security ............................................................................................................................. 42 2.10.3 Security of supporting infrastructures .......................................................................................... 43 NIS Platform - Working Group 3 Page 3 Secure ICT Landscape 2.11 Cybersecurity threat technologies/ Offensive technologies ................................................................. 44 2.11.1 Introduction .................................................................................................................................. 44 2.11.2 Current Status ............................................................................................................................... 44 2.11.3 Research Challenges ..................................................................................................................... 45 2.12 Information sharing technologies ........................................................................................................ 45 2.12.1 Introduction .................................................................................................................................. 45 2.12.2 Current Status ............................................................................................................................... 45 2.12.3 Research Challenges ..................................................................................................................... 47 2.13 Network Steganography ...................................................................................................................... 47 2.13.1 ........................................................................................................................................................... 47 2.13.2 Introduction .................................................................................................................................. 47 2.13.3 Current Status ............................................................................................................................... 48 2.13.4 Research Challenges ..................................................................................................................... 48 2.14 Operating Systems Security .................................................................................................................. 48 2.14.1 ........................................................................................................................................................... 48 2.14.2 Introduction .................................................................................................................................. 48 2.14.3 Current Status ............................................................................................................................... 49 2.14.4 Research Challenges ..................................................................................................................... 49 2.14.5 Existing Tools ................................................................................................................................ 50 2.15 Web Security ........................................................................................................................................ 50 2.15.1 Introduction .................................................................................................................................