One step ahead in internet security - nemesys

Download PDF
15 downloads 17139 Views 2MB Size Report
Comment
One step ahead in internet security. A quick glance ... for Internet purposes, or it might reach a cloud server. ... security risks across that whole chain. This issue is ...
One step ahead in internet security Smart mobile devices are an increasingly ubiquitous feature of everyday life, yet they can be vulnerable to cyber-attacks, the impact of which reaches beyond privacy and security issues. The NEMESYS project of the EU FP7 develops, on a day to day basis, novel security technologies for seamless service provisioning in the smart mobile ecosystem, as Professor Erol Gelenbe explains A quick glance

down any busy street tells you that mobile devices are becoming increasingly ubiquitous, and people use them for an ever-widening range of everyday tasks. These devices communicate first of all by accessing the wireless networks that are around us, as Professor Erol Gelenbe, the coordinator of the NEMESYS project explains. “Mostly the wireless networks are provided by telephone operators. Communications then enter what we call a backbone network, which is essentially a private network, run by the same operators or, by the companies that provide a service to them,” he outlines. “Beyond that, the communication goes through another wireless network, to reach another enduser – if it’s a voice communication. It might reach a website, if it’s for Internet purposes, or it might reach a cloud server. So the communications that we think of as, broadly speaking, telephone communications, have become universal.”

Physical infrastructures These communications access different physical infrastructures, and there are security risks across that whole chain. This issue is at the core of the NEMESYS project. “Broadly speaking, there are two main security risks. One kind is where the information that you are conveying is actually being illegally tapped into, in one way or another. It is not just an issue of reading what you have written, or listening in to your conversation – it’s also a matter

00

of trying to understand what you’re doing and inferring some valuable information out of that. That information could be used by a third party for their commercial benefit” says Professor Gelenbe. Another form of attack is trying to delay or stop normal communication, which Professor Gelenbe says can also have a big impact. “Suppose somebody delays the transfer of data from large number of electricity meters. Not only will this affect end-users, who may not get the energy that they need, but it will also influence the quality of service and hence the reputation of the energy provider,” he points out.

what the attacks are doing, we try to attract them to certain points, called honey-pots, where we can analyse them more effectively,” outlines Professor Gelenbe. Researchers in the project are also gathering information from industry on cyber-attacks, deepening their understanding of how attacks work. “A lot of information is also available through communications between operators and service providers,” says Professor Gelenbe. Researchers can use this information to identify those parts of the network and the system design which could potentially be improved. Rather than thinking in terms of

In future we may use self-driving cars. The person who previously would have been driving will be working on their tablet while the car drives itself. But driving itself means more than just driving, it also means communicating with cars around it, and with the walls, barriers and traffic lights on the road The impact of this kind of disruption goes beyond privacy and personal security to affect a far broader range of issues, underlining the wider importance of smart phone and mobile security. The NEMESYS project addresses this by developing technology that can detect different forms of attack, and re-organise the system’s operation in a manner that either eliminates the threat or mitigates its impact. “This is based, first of all, on our understanding of how the system operates. Then, on the basis of our understanding of

single isolated threats, Professor Gelenbe says it is the way a system is designed and operated as a whole which creates security risks. “The standards that we use in communications for mobile devices are not free of design errors for example, which means they can be vulnerable to attacks,” he outlines. Researchers look at the whole system as a source of possible flaws that could be exploited; these threats could have an impact beyond mobile security. “For instance, in the future we may use selfdriving cars. The person who previously

EU  Research

At a glance Full Project Title Enhanced Network Security for Seamless Service Provisioning in the Smart Mobile Ecosystem (NEMESYS) Project Objectives The main goal of NEMESYS is the research and development of novel security technologies for seamless service provisioning in the smart mobile ecosystem. Mobile and smartphone security is a fast moving field. To this end, NEMESYS gathers and analyses information about the nature of cyber attacks targeting smart mobile devices, so that appropriate countermeasures can be taken to combat them. Project Funding NEMESYS is an EU FP7-ICT funded project, under the grant agreement no: 317888.

NEMESYS Architecture would have been driving will be working on their tablet while the car drives itself,” continues Professor Gelenbe. “Now, driving itself means more than just driving, it also means communicating between cars, and the walls and barriers on the road. A mobile network threat can the impair the physical security of the driver and the car.” An attack on the mobile network underpinning these communications would clearly have serious consequences, underlining the importance of security in the smart mobile ecosystem. Professor Gelenbe says the issue is becoming evermore pressing. “We really need to understand how we can render the system resilient, secure and stable,” he stresses. The project is developing novel security technologies for this purpose. “One set of technologies is related to how we select and change various parameters in existing networks, so that attacks are detected and rapidly mitigated. They’re related to our understanding of the overall design. Some parameters cannot be changed overnight, so any change to the system is going to be gradual and based on consensus,” continues Professor Gelenbe. “The system is parameterized in many different ways, and you can modify the parameters to, on the one hand, detect attacks, and on the other hand render them ineffective or less harmful.” The project is also developing a layer of software that encapsulates operating systems, which will be used to gather further data. Operating systems on mobile devices have certain transition steps in their behaviour, from which information can be collected about attacks. “If certain transitions happen more frequently than

www.euresearcher.com

others, then this is an indication that there is some kind of anomalous behaviour,” explains Professor Gelenbe. Researchers are developing software that can gather information from honey-pots. “A mobile phone may be targeted by an attack, so we create software that gathers information about that attack, and then analyse it and do the transition analysis I talked about, at the operating system level,” outlines Professor Gelenbe. “Then of course this information must go back to a reporting and analysis system.”

Project Partners The NEMESYS Consortium consists of 6 complementary partners from 5 different European Countries, namely United Kingdom, Greece, Spain, Germany and Italy. Contact Details Project Coordinator, Professor Erol Gelenbe Imperial College London T: +44 207 594 6342 E: [email protected] W: www.nemesys-project.eu

Professor Erol Gelenbe

Statistical analysis This system is based on network-wide statistical analysis and also includes a visual component to help detect, identify and analyse threats. While it’s difficult to predict the nature, extent and timing of a cyber-attack, Professor Gelenbe says it is possible to prepare for when they do occur. “What you can do is look at the technology that’s being deployed and try to see how you can detect an attack when it happens,” he outlines. This of course is an issue that concerns both government and industry, and Professor Gelenbe and his colleagues are keen to translate their research into practical improvements. “We’re talking to governments about regulatory and policy issues, which could have wider implications,” he says. “We are also discussing possible extensions in the form of new enterprises and new research projects. We are dealing with exploitation, looking at the parts of the project that could be transferred to industry, or sold or commercialised – either by companies from within our project group, or from outside.”

Erol Gelenbe was born in Istanbul, and graduated from Ankara College and the Middle East Technical University in Turkey. He is a Fellow of IEEE and ACM, a Member of the French National Academy of Engineering, and of the Science Academies of Hungary, Poland and Turkey. He has held Chaired Professorships at the Universities of Liege (Belgium), Paris Orsay, Paris Rene-Descartes, Duke University, and the University of Central Florida, before joining Imperial as the Professor in the Dennis Gabor Chair. His work has earned him technical awards from ACM (USA), the Institution for Engineering and Technology (UK), the French Academy of Sciences and the Parlar Foundation in Turkey.

00