Using STRIDE to Uncover Threats in an Information System

February 5, 2019 / bugejajoseph / Leave a comment

As part of my threat modelling lecture, on 4th February, I covered the basics of STRIDE. STRIDE is a mnemonic – Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, Elevation of Privilege. Microsoft’s STRIDE is a well-known and mature technique used by security professionals to elicit information security threats of real-world systems.

STRIDE is a model for identifying computer security threats.

The properties of STRIDE are as follows:

Spoofing Identity: Spoofing threats allow an attacker to pose as some other process or somebody else. Example, a user can pretend to be Steve Jobs, or a server can pretend to be Amazon.com, or even code posing as msvcrt.dll. This is a threat to authentication.
Tampering: Tampering threats involve unauthorised modification of data or code. The resource being manipulated could be both in storage or being transmitted. This is a threat to integrity.
Repudiation: An attacker makes a repudiation threat by denying to have performed an action that other parties can neither confirm nor contradict. Example, a user may claim that he has not received the goods that he purchased while in fact he did receive them. Naturally, this violates the repudiation property of a system.
Information Disclosure: Information disclosure threats involve the exposure of information, typically of a sensitive or personal nature, to individuals who are not supposed to have access to it. Examples of this threat type include a user’s ability to read a file, e.g., payroll information sent to HR, that he was not granted read access to. This is a threat to confidentiality.
Denial of Service: Denial-of-service (DoS) attacks deny or degrade service to valid users. Typically, this makes a Web server or a device (e.g., battery-operated device) temporarily unavailable or unusable, but it can also be of a permanent nature (e.g., if attacking an ICS or SCADA system). This is a threat to availability.
Elevation of Privilege: Elevation-of-privilege (EoP) threats often occur when a user gains increased capability. For instance, a non-privileged user taking advantage of a coding flaw to gain administrator or root capabilities. This threat type violates the authorisation goal of a system.

STRIDE provides a very effective way for identifying threats but before it can be used effectively one needs to be familiar with system modelling techniques. This is needed to provide a working model of the system being analysed. Here, Data Flow Diagrams (DFDs) come to the rescue. DFDs provide a visual notation of a system enabling an analyst to depict processes, storage, data flows, external entities, and as well trust boundaries. Once you get the system model right, it is relatively easy to identify threats with STRIDE.

Feel free to contact me for more insights on this or related topics.

Information Security – Kick-off Lecture

January 24, 2019January 25, 2019 / bugejajoseph / 1 Comment

Yesterday, on 23rd January 2019, I delivered my first lecture (titled: “Course Overview”) between 8:15 am – 10:00 am part of the Information Security course at Malmö University. This is the third academic year that I am running this exciting course at Bachelor’s level.

Different to the previous years, this time the course material will be published on Canvas (instead of itslearning), officially I am the course responsible, and the amount of students enrolled on this course exceeds 150 students! This is almost double the amount of students I had two years ago! Indeed, this is very satisfying as a tutor to have so many students that recognise the increasing importance of information security!

ed6a47d0-6d51-4445-87c4-dd2b859dcb21 (1)

Lecture at the “Faculty of Odontology” part of Malmö University.

One of the key points, I mentioned is how the sophistication of attacks is increasing especially since the introduction of Internet of Things (IoT) enabled technologies.

A particular instance of this are attacks being carried out remotely, for instance through the help of drones (war-flying). As a demonstration of this in the clip below, researchers exploit a ZigBee vulnerability (by delivering a malicious Over The Air update) forcing smart Hue light bulbs to flash S.O.S in distress.

What attacks should we expect in the future? Certainly, I would expect to see more of the above and increasingly more autonomous attacks potentially targeting SCADA/ICSs and smart cities causing blackouts and more. Possibly such attacks can be permanent and have irreversible consequences.

Meeting with E.ON

November 25, 2018November 25, 2018 / bugejajoseph / Leave a comment

On Friday 23rd November 2018, I had a meeting with E.ON in Malmö. E.ON is one of the major public utility companies in Europe and the world’s largest investor-owned energy service provider.

I was impressed by their hardware (in particular their ectogrid system that decreases pollution and energy consumption in a city) and their advanced software platform (in particular their ectocloud that gathers and assimilates data on user’s behavior and weather conditions to make forecasts on electricity availability). Truly, it was interesting to see world-class implementations of AI, Machine Learning algorithms, and network-enabled technologies, to achieve efficient energy management.

There, I did a mini-presentation, similar to a 5-minutes pitch, of my Phd project. The below, is a slide representing some of the challenges surrounding the field I am researching.

Screen Shot 2018-11-25 at 17.32.09.png

You can always keep updated about my research by checking my ResearchGate profile.

Keynote that made me reflect…

October 27, 2018 / bugejajoseph / Leave a comment

On October 24-25 2018, I attended a conference about Counterterrorism and Criminology (EISIC 2018) at Blekinge Institute of Technology in Karlskrona, Sweden. Among, the keynotes was Dr. Dieter Gollman professor of security in distributed applications at Hamburg University of Technology. Among his wide repertoire of contributions, his textbook “Computer Security” is a household name among Information Security students. Personally, I have used it for my Masters and am using it now for my students.

Two key points that Dr. Gollman mentioned and that me reflect on are: i) that the Internet of Things (IoT) especially when it comes to network security “is a new balloon for floating ideas”, and ii) that better models than the CIA triad may be needed for IoT systems.

Photo of Prof. Dieter Gollman taken at Blekinge Institute of Technology on 24-Oct-2018.

On i) it was emphasised that especially when it comes to working on IoT security one should not only coin something as state-of-the-art without having done a proper review of literature. For doing so, one must not simply search for IoT and security, but should also consult the literature for WSN and MANET security as otherwise 15-20 years of relevant results may be lost.

In terms of ii), it was suggested to replace the CIA model with a new model – the Control Triad (CO2). In the new model, there are three dimensions: Controllability, Observability, and Operability. These dimensions are important because in a control system, as is the IoT, a threat agent may not be keen on CIA but instead wants to control the system, to put it in a state that the actor wants it to be in or to operate it according to the agent liking, etc.

I hope that this short post will somewhat make you reflect on stuff you may be working on.

Weak risk awareness of our connected homes

September 21, 2018September 23, 2018 / bugejajoseph / Leave a comment

Traditionally, only a handful of household devices were connected to the Internet. Nowadays, we have everyday devices ranging from toasters, lightbulbs, TVs all connected to the Internet and with the possibly of being remotely controlled. These devices often go by the name of Internet of Things or smart home devices. While these networked devices bring added convenience, efficiency, and peace of mind, they also bring unique perils to the smart home residents.

The more smart devices are connected to the home’s network, the more can go wrong. Malicious threat agents such as hackers can reprogram the devices to attack others, vendors can collect fine-grained information on your activities and behaviours, or your devices could become infected with malware possibly preventing you from entering your home or adjusting the temperature to your liking. Many of the manufacturers making these devices have shallow experience with information security and see security and privacy as a burden. As a result, many of the devices available in the market have little or no security backed into them. For example, some devices come with default passwords that are easily retrieved on the Internet, or they cannot be easily updated or reconfigured in a more secure or privacy-preserving way.

In August 2018, I was interviewed by Malmö University on a similar topic. The interview was transcribed in Swedish but now you can read the full interview in English at the following link: http://iotap.mau.se/weak-risk-awareness-connected-homes/

Thesis hardcopies

September 12, 2018September 23, 2018 / bugejajoseph / Leave a comment

I have few hardcopies available of my licentiate thesis for interested readers. In case, you are a university student or a researcher working on similar topics kindly get in touch with me and you may receive a free copy.

Talk about my Research Topics at Vetenskapens Dag

September 12, 2018September 23, 2018 / bugejajoseph / Leave a comment

Today, I was invited to speak about my research topics at Vetenskapens Dag (Science Day). Here, I did a short talk to IT and Economics students in Malmö University where I touched on the following topics:

What is a smart connected home?
Why it is important to study smart homes?
What data are being collected by connected devices?
What risks to security and privacy are introduced by such IoT devices?
Who are the threat agents interested in gaining a foothold in our lives?
What can we do as consumers to protect ourselves?

Below is a screenshot of my presentation cover:

Please feel free to get in touch if you want to know more about this and related!

My Licentiate Seminar

August 28, 2018 / bugejajoseph / Leave a comment

On Monday, 03 September, I have my licentiate seminar at Malmö University. On that day, I will give a presentation, where I will talk for about 40 minutes about the smart connected home ecosystem.

Here, I will emphasize the security and privacy risks such as an Internet of Things system bring to the smart home residents, threat agents interested in conducting attacks on the home, challenges in implementing effective mitigations, and more.

This talk is essentially a summary highlighting key parts of my licentiate thesis (see picture of it below):

The full thesis is 192 pages long with a word count of about 48,000 words.

Take a look at my thesis and upcoming seminar by following the link: http://iotap.mah.se/smart-connected-homes-joseph-bugeja/

Data Collected by Smart Home Devices

July 4, 2018 / bugejajoseph / Leave a comment

What type of data smart home devices collect? This is exactly what I talked about last week in Seattle (USA) at the Services Conference Federation (SCF 2018). Understanding the data smart home systems collect is useful to assess what is at stake if a device is compromised and as a precursor for conducting privacy analysis.

Image result for data privacy

By analysing the privacy policies of different smart home and IoT device manufacturers we observed that all investigated devices collect instances of personal data. This in the worst case can include biometric data. Such data is used for instance in smart TVs for authentication purposes and sometimes to support advanced interaction features.

However, there are many other instances of non-personal data which when aggregated can truly paint a detailed coarse-grained model of an individual’s lifestyle preferences, habits, and history.

On the Future of Cybercrime

June 26, 2018June 26, 2018 / bugejajoseph / 1 Comment

As computers get faster cybercrime will get faster. As computers permeate more of our society cybercrime will enter those same areas. As computers become more autonomous – with AI and machine learning – crime will become more autonomous. Cybercrime will enter as well areas such as driverless cars, implanted medical devices, and more.

Image result for cybercrime !img

So you look at something like ransomware which is basically a ransom crime (that is old!). Project that onto computers and as a consequence of that you have to pay to get your data back. Project that onto a car. You wake up in the morning you go out to your car and instead of being able to turn it on there’s a note saying you pay a hundred dollars to unlock your car. That’s coming so just watch where the computers go and you see where the crime goes.

The above text is an abstract extracted from the YouTube clip: https://www.youtube.com/watch?v=G2VzjeAOksc. More information related to this can be found in the documentary titled: “Dark Web: Fighting Cybercrime”.

Joseph Bugeja

Security, Privacy, and Trust