Categories
Building Trust Improving Technical Security Strengthening the Internet

NDSS 2020: The Best in Security Research – For the Good of the Internet

On 23 February, the 27th consecutive Network and Distributed System Security Symposium (NDSS) kicks off in San Diego, CA. NDSS is a premier academic research conference addressing a wide range of topics on network and system security. It’s an incubator for new, innovative ideas and research on the security and privacy of the Internet.

NDSS 2020 (23-26 February) will be one of the biggest NDSS symposium yet, featuring 88 peer-reviewed academic papers, 34 posters, 5 workshops, and 2 keynotes on vital and timely topics. Here are some of the highlights.

Workshops

This year’s program officially starts with five workshops on Sunday, 23 February. NDSS workshops are organized around a single topic and provide an opportunity for greater dialogue between researchers and practitioners in the area.

The QUIC Privacy and Security (QUIPS) Workshop focuses on QUIC security and privacy analysis efforts. The IETF QUIC protocol is a modern UDP-based, stream-multiplexing, encrypted transport protocol. Inspired by prior art, QUIC’s packet and header encryption removes cleartext information from the network while simultaneously mitigating ossification of version-specific protocol behavior. The goal of the QUIPS workshop is to bring formal analysis results to the IETF working group and developer communities in order to build confidence in and improve QUIC before its widespread deployment.

The Workshop on Measurements, Attacks and Defenses for the Web (MADWeb) returns this year after making its debut in 2019. The web connects billions of devices, running numerous types of clients, and serves billions of users every day. To cope with such a widespread adoption, the web constantly changes. This is evident by some browsers that have a release cycle of just six weeks. These rapid changes are not always studied from a security perspective, resulting in new attack vectors that were never observed before. MADWeb is looking to connect researchers working at the intersection of browser evolution and web security. The goal is to bring together a community to discuss the rapid changes to browsers from a security perspective, the security implications of current web technologies, and how we can make browsers in the future more secure without hindering the evolution of the web.

The Learning from Authoritative Security Experiment Results (LASER) Workshop focuses on learning from and improving cybersecurity experimental results. The workshop strives to provide a highly interactive, collegial environment for discussing and learning from experimental methodologies, execution, and results. Ultimately, the workshop seeks to foster a dramatic change in the experimental paradigm for cybersecurity research, improving the overall quality and reporting of practiced science. As such, it will be structured as a true “workshop” in the sense that it will focus on discussions and interactions around the topic of experimental methodologies, execution, and results with the goal of encouraging improvements in experimental science in cybersecurity research. Authors will lead the group in a discussion of the experimental aspects of their respective efforts.

The Binary Analysis Research (BAR) Workshop returns for its third year at NDSS. Binary analysis refers to the process where humans and automated systems examine underlying code in software to discover, exploit, and defend against vulnerabilities. With the enormous and ever-increasing amount of software in the world today, formalized and automated methods of analysis are vital to improving security. This workshop will emphasize the importance of releasing and sharing artifacts that can be used to reproduce results in papers and can be used as a basis for further research and development.

The Workshop on Decentralized IoT Systems and Security (DISS) is also in its third year. The seemingly endless potential of the Internet of Things (IoT) is somewhat tempered by the ongoing concern over the ever-increasing risk that these devices pose to the Internet. The ultimate success of IoT depends on solving the underlying security and privacy challenges. Following the spirit of NDSS, the goal of this workshop is to bring together researchers and practitioners to analyze and discuss decentralized security in the IoT.

Keynotes

There will be two keynotes this year: Paul Forney, Chief Security Architect at Schneider Electric, on Monday, and Dr. Sharon Goldberg, Associate Professor in the Computer Science Department at Boston University and CEO/Co-Founder of Arwen, on Tuesday.

Paul Forney will discuss “Overcoming the ‘Evil Twins’ Attack: Lessons Learned from the Industrial Battlefield.” He asks the important question: “What could happen during a simultaneous attack of the industrial safety controllers (SIS) and Industrial Control Systems (ICS) of a critical infrastructure system?” Paul will discuss the technical lessons that can be learned from this sort of attack and how to best architect, protect, and contextualize a better future.

Dr. Sharon Goldberg will present “A Few Adventures in Technology Transfer.” This talk will discuss her adventures in technology transfer and in particular address two key metrics – ease of integration and precise specification.

NDSS 2020 Papers

The star and indeed the core of NDSS 2020 is the final set of peer-reviewed academic papers to be presented and published. This year there are 88 peer-reviewed papers organized into 19 sessions, representing less than 20% of the original submissions. This year there were over 500 submissions during both a summer and a fall submission period. A program committee of 97 experts assisted by 133 external reviewers worked to select and shepherd the accepted papers to this result. Topics cover a wide range including authentication, cryptography, censorship, network security, privacy, IoT, and mobile and web security. Papers, slides, and videos of all the talks will eventually be available on the NDSS 2020 programme page. The detailed agenda is already there!

Finally, NDSS 2020 also includes an energetic Poster Session and Reception featuring 34 posters of recently published or newly-emerging research. Attendees can vote for their favorites with special prizes being awarded in different categories.

All of this fabulous content takes a huge effort by a large group of people. Special note should be given to the Program Committee along with the Organizing Committee. This is teamwork and collaboration in action!

NDSS is where the next generation of security research starts, and for more than 20 years, the Internet Society has been a proud partner in hosting this event. Nearly 450 security experts will gather this coming week in San Diego to collaborate and engage in research discussion to help advance network and system security – all for the benefit of better security and a strong Internet.

Follow along via our social media channels – Twitter, Facebook, and LinkedIn, or search/post using #NDSS20.

See you in San Diego!

Categories
Building Trust Improving Technical Security Technology

NDSS 2019 Honors Timeless Papers

The papers and presentations are done, the awards and appreciation certificates have been handed out, and the boxes are packed and labeled for shipping. NDSS 2019 has come to a successful close. It was a record setting event with over 550 registrations, 89 papers, 36 posters, and four workshops. It was inspiring to see such energetic and passionate security research professionals gathered together in one place discussing their work. All of the highlights can be found at the NDSS 2019 website, including the Distinguished Paper and Distinguished Poster Awards for this year and the full program. It is worthwhile, however, to highlight a new award series initiated this year.

NDSS Test of Time Awards

This year, to kick off the second 25 years of NDSS, an NDSS Test of Time annual award was created. This award is for papers that were published more than ten years ago and have had a significant impact on both academia and industry in the years since. There were three awardees in the inaugural class.

The first Test of Time award is from 1996: SKEME: A Versatile Secure Key Exchange Mechanism for Internet by Hugo Krawczyk. SKEME was an integral component of early versions of the Internet Key Exchange (IKE) protocol used with Internet Protocol Security (IPsec) and is the basis for many of the cryptographic design choices in the current IKEv2 Internet Standard. IPsec and IKE are the de facto Internet standards for protection of Internet Protocol (IP) communications, including Virtual Private Networks (VPNs), and are widely deployed in numerous commercial products.

The second award is Client Puzzles: A Cryptographic Countermeasure Against Connection Depletion Attacks by Ari Juels and John Brainard, published at NDSS 1999. The paper introduced the use of “client puzzles” to protect against connection depletion attacks (a form of denial of service) in connection-oriented protocols, such as TCP Syn flooding. The paper led to a number of other efforts to develop different forms of client puzzles and to apply them to various other protocols and systems.

The final NDSS Test of Time award is A Virtual Machine Introspection Based Architecture for Intrusion Detection by Tal Garfinkel and Mendel Rosenblum, published in 2003. This paper introduced the use of VMI for cybersecurity and opened the floodgates on a tremendous amount of research and derivative tools that took VM technology beyond simple resource multiplexing and leveraged it for intrusion detection, intrusion prevention, forensics, isolation, and other cybersecurity protections. The paper is the most highly cited NDSS paper (1751 citations) from the period 1995-2009.

Categories
Building Trust Improving Technical Security Technology

NDSS 2019 Highlights the Best in Security Research

Tomorrow, the 26th consecutive Network and Distributed System Security Symposium (NDSS) is set to kick off in San Diego, CA. NDSS is a premier academic research conference addressing a wide range of topics associated with improving network and system security. A key focus of the Internet Society has long been improving trust in the global open Internet and all of its connected devices and systems. In today’s world, we need new and innovative ideas and research on the security and privacy of our connected devices and the Internet that connects them together.

NDSS 2019 (24-27 February) will be the biggest NDSS symposium yet, featuring 89 peer-reviewed papers, 35 posters, 4 workshops, and a keynote. Record registration numbers are a key indicator that NDSS 2019 is featuring vital and timely topics. Below are some of the highlights expected in the coming week.

Workshops

This year’s program officially starts with four workshops on Sunday, 24 February. NDSS workshops are organized around a single topic and provide an opportunity for greater dialogue amongst researchers and practitioners in the area. Each of this year’s workshops have dynamic agendas.

The Workshop on Binary Analysis Research (BAR) is returning for its second year at NDSS after a very successful inaugural year in 2018. Binary analysis refers to the process where humans and automated systems examine underlying code in software to discover, exploit, and defend against vulnerabilities. With the enormous and ever-increasing amount of software in the word today, formalized and automated methods of analysis are vital to improving security. This workshop will include a keynote, a number of peer-reviewed papers, an invited speaker, and a panel discussion. It will also emphasize the importance of releasing and sharing artifacts that can be used to reproduce results in papers and can be used as a basis for further research and development.

The Workshop on Decentralized IoT Systems and Security (DISS) is in its second year, following a very successful inaugural year in 2018. The seemingly endless potential of the Internet of Things (IoT) is somewhat tempered by the concern over the ever-increasing risk that these devices pose to the Internet. The ultimate success of IoT depends on solving the underlying security and privacy challenges. Following the spirit of NDSS, the goal of this workshop is to bring together researchers and practitioners to analyze and discuss decentralized security in the IoT. DISS features a keynote, several papers, and a panel discussion.

The new workshop this year is the Workshop on Measurements, Attacks and Defenses for the Web (MADWeb). The web connects billions of devices, running numerous types of clients, and serves billions of users every day. To cope with such a widespread adoption, the web constantly changes. This is evident by some browsers that have a release cycle of just six weeks. These rapid changes are not always studied from a security perspective, resulting in new attack vectors that were never observed before. The MADWeb is looking to connect researchers working at the intersection of browser evolution and web security. The goal is to create a new venue for discussing the rapid changes to browsers from a security perspective, the security implications of current web technologies, and how we can make browsers in the future more secure without hindering the evolution of the web.

Finally, the Workshop on Usable Security (USEC 2019) is one of the original NDSS workshops and is occurring at NDSS for the sixth consecutive year. You can see the results from the previous five years of USEC at NDSS plus three sister events held in Europe (EuroUSEC) here. This workshop has long focused on considering technical as well as human aspects of security. Enabling people to manage privacy and security necessitates giving due consideration to the users and the larger operating context within which technology is embedded. This year, and possibly for future USEC workshops, exceptional USEC papers will be invited to publish extended versions in a special issue of the Journal of Cybersecurity.

Keynote

Moving beyond the workshops, NDSS will also feature Dr. Deborah Frincke. Dr. Frincke leads the Research Directorate of the National Security Agency (NSA). She will speak on the modern challenges for cyber defense, asking the attendees how we meet the challenge of cyber defense as technological advancement creates a world where an adversary has more opportunity to break into our framework of order.

NDSS 2019 Papers

The main content of NDSS 2018 is of course the set of papers to be presented and published. This year there are 89 peer-reviewed papers organized into 19 sessions, representing around 20% of the original submissions. Topics are wide ranging and include authentication, cryptography, censorship, privacy, blockchain, IoT, and mobile and web security. Papers, slides, and videos of all the talks will eventually be available on the NDSS 2019 programme page.

The final program component of NDSS 2019 is the Monday night Poster Session and Reception. This session will feature 35 posters of recently published or newly emerging research. Attendees will have a chance to vote for their favorite posters with special prizes being awarded in different categories.

The Internet Society is proud to have been associated with NDSS for over 20 years. We are excited to see the results of this year’s event! As of this writing, we are smashing all our recent records including number of accepted papers, number of accepted posters, and total attendees. Congratulations to all the workshop speakers, NDSS authors and speakers, and poster presenters for contributing to what will surely be an exciting week of research discussion and collaboration leading to significant advancements in network and system security.

Follow along via our social media channels – TwitterFacebook, and LinkedIn, or search/post using #NDSS19. See you in San Diego!

Image courtesy of Wes Hardaker

Categories
Building Trust Improving Technical Security Technology

Announcing NDSS 2019 & the Call for Papers

It may seem far away, but it’s time to begin planning for the 26th Network and Distributed System Security Symposium. NDSS 2019 will once again be held in sunny San Diego at the lovely Catamaran Spa and Resort from 24-27 February 2019.

This annual security symposium is a premiere venue for fostering information exchange among researchers and practitioners of network and distributed system security. The target audience includes those interested in practical aspects of network and distributed system security, with a focus on actual system design and implementation. A major goal is to encourage and enable the Internet community to apply, deploy, and advance the state of available security technologies.

NDSS 2019 will have a new General Chair, Dr. Trent Jaeger of Pennsylvania State University. In addition, the Program Committee for NDSS 2019 is being chaired by Dr. Alina Opera of Northeastern University and Dr. Dongyan Xu of Purdue University. Additional positions will be announced in the coming weeks.

Most importantly for all you researchers out there, the NDSS 2019 Call for Papers has been released. As in years past, the focus of the symposium will be the many aspects of security and privacy including the security of emerging networks including the Internet of Things (IoT), integrating security into network protocols, security for future Internet architectures, usable security and privacy, and security for large-scale critical infrastructure. Many of these topics are of keen interest to the Internet Society community. The submission site will open on 6 July, and the deadline for submissions is 7 August. Questions about the CFP can be addressed to the program chairs at ndss-pc-chair@elists.isoc.org and general questions about NDSS can be sent to ndss@elists.isoc.org.

Additionally, the NDSS 2019 team is beginning the work of signing up sponsors for the event. As a premiere security research event, NDSS gives you the opportunity to support the next generation of security research and researchers. There are numerous ways that the broader security and Internet community can help support NDSS. Additional information will be forthcoming at https://www.ndss-symposium.org/ndss2019/sponsorship/. In the meantime, expressions of interest can be sent to ndss-sponsor@elists.isoc.org.

It seems like just yesterday that NDSS 2018 was wrapping up with the last tweets, Facebook, and LinkedIn posts focusing on various high points. NDSS 2018 was indeed a stunning success with high quality research results presented, record attendance numbers, and four quality co-located workshops. All the papers, slides, and videos from NDSS 2018 are still available online at https://www.ndss-symposium.org/ndss2018/programme/.

We look forward to another amazing event next February, and we hope you’ll be part of it! Remember to use #NDSS19 in all your social media posts along the way.

Categories
Events Improving Technical Security Open Internet Standards Technology

NDSS 2018: Automating the Process of Vulnerability Discovery

NDSS 2018 is in full swing in San Diego this week and a couple of papers that really grabbed my attention were both in the same session on Network Security and Cellular Networks yesterday.

Samuel Jero, a PhD student at Purdue University and past IRTF Applied Networking Research Prize Winner, presented a fascinating paper on “Automated Attack Discovery in TCP Congestion Control Using a Model-guided Approach”. Of the many protocols and algorithms that are in daily use on the Internet, some are more fundamental and important than others and it doesn’t get much more fundamental and important than TCP congestion control.

TCP congestion control is what makes it possible for millions of autonomous devices and networks to seamlessly, and more-or-less fairly, share available bandwidth. Without it the network would literally collapse.

Attacks against congestion control to manipulate senders’ or receivers’ understanding of the state of the network have been known for some time. Jero and his co-authors Endadul Hoque, David Choffnes, Alan Mislove and Cristina Nita-Rotaru developed an approach using model-based testing to address the scalability challenges of previous work to automate the discovery of manipulation attacks against congestion control algorithms.

By building abstract models of several congestion control algorithms from IETF RFCs, the team were able to generate abstract attack strategies. These abstract strategies could then be mapped to concrete attack strategies including details of how attack packets should be created and timing information for injecting malicious traffic to effect an attack. Both off-path and on-path attackers were considered.

Armed with a set of concrete attack strategies, the team built a platform on which to test them against different congestion control implementations running on a variety of OS environments. Evaluating five TCP implementations from four Linux distributions and Windows 8 they found 11 classes of attacks, eight of which were previously unknown.

This work illustrates the vulnerability of transport protocols that carry their signalling in the clear, as TCP does. It is relatively trivial for an attacker to confuse congestion control state machines about the state of the network which leads to the large and diverse set of attack methods discovered. The new and rapidly developing QUIC protocol is perhaps one of the key next steps in defending the Internet against these kinds of manipulations: QUIC encrypts signalling by design.

In his paper, “LTEInspector: A Systematic Approach for Adversarial Testing of 4G LTE”, Syed Hussain (with co-authors Omar Chowdhury, Shagufta Mehnaz and Elisa Bertino) also employs a model-based testing approach to uncover 10 new attacks against the three fundamental protocol operations of the 4G LTE protocol (attach, detach and paging).

To ensure that the theoretical attacks were actually practical against real deployed 4G LTE networks, the team validated eight attacks using a real-world testbed. The most interesting attack discovered in this way is referred to as the ‘authentication relay attack,’ which enables an adversary to poison the core network’s knowledge of the location of a victim device, without possessing any legitimate credentials. This attack could provide a means to create a false alibi or plant fake evidence during a criminal investigation for example.

Both of these papers illustrate the power of applying model-based testing approaches to deployed systems to effectively automate the process of vulnerability discovery. As the dependence of modern society on Internet and cellular technologies continues to grow, this kind of work is crucial to help us move beyond the ‘whack-a-mole’ response to security vulnerabilities we’re familiar with.

These two papers are great examples of the strength of the work presented at NDSS and the importance of the research undertaken by this community for the security of our networked, distributed future. Both papers are already on the NDSS website, and slides and videos from these and all other presentations will be posted shortly after NDSS.

Categories
Building Trust Events Improving Technical Security Internet of Things (IoT) Technology

Report: Distributed IoT Security and Standards Workshop at NDSS 2018

Network and Distributed Systems Security (NDSS) Symposium is in full swing for its 25th anniversary year. As usual the NDSS program includes a really impressive array of great content on a wide range of topics. Prior to the main event there were four one-day workshops on themes related to the topic of NDSS: Binary Analysis Research, DNS Privacy, Usable Security, and the workshop I’d like to delve into here, Distributed IoT Security and Standards (DISS).

The DISS workshop received 29 submissions and accepted 12 papers. In an interesting twist on the usual scientific workshop format, the presented papers were all still in draft form and will now be revised based on the Q&A and offline discussions that took place as a result of the workshop. Revised papers will be published by the Internet Society in due course.

Introducing proceedings, co-chair Dirk Kutscher explained that it has become evident that the success of the Internet of Things (IoT) depends on sound and usable security and privacy. Device constraints, intermittent network connectivity, the scale of deployments, economic issues all combine to create an interesting and challenging environment for the research community to address.

A decentralised approach to IoT security is being pursued by multiple projects and several were presented during the workshop. Simultaneously, many IoT standards are under development in IETF, W3C, and elsewhere. It is therefore very timely to bring researchers together on the topic of DISS. The scope for the workshop was threefold:

  1. Enabling secure interoperability across IoT ecosystems;
  2. Security and privacy in ongoing IoT standardisation work, and;
  3. Other topics related to decentralised security and standardization in IoT

Ian Molloy gave a very interesting presentation on his work (with co-authors David Barrera and Heqing Huang) to monitor the connectivity profiles of different IoT devices and enforce network security policy to minimise the risks posed by insecure IoT devices to both the device owners and the wider Internet. The approach was described as ‘parental controls’ for IoT and brought to mind the work underway in the IETF on Manufacturer Usage Descriptions (MUD). An interesting difference between the two approaches is that Molloy’s explicitly does not require the user to trust the manufacturer to define a policy and provide a product that understands or respects the concerns of the end-user. There may be a place for a more distributed and crowdsourced approach.

Two papers addressed security reviews of existing standards. Michael McCool presented work (with co-author Elena Reshetova) to evaluate the security of the W3C Web of Things standard. Carsten Bormann presented an analysis of various developing standards for authorization solutions for the IoT. Both talks made clear that while standardisation for various pieces of a secure IoT ecosystem is underway, there is more work to be done to minimise the potential for implementation mistakes and the unintended consequences of exposing IoT device metadata.

Tomer Golomb presented a very interesting approach to anomaly detection including a great video demonstration of a wall of Raspberry Pis sharing state regarding normal operating conditions and then alarming when simulated exploits were run against known vulnerabilities.

The workshop also received an explicitly non-technical paper that considered the economic aspects of standardising security for the IoT. The authors tried to understand why IoT device manufacturers continue to ignore the findings of security research. They observed that consumers can’t determine the level of security provided by IoT products and are unwilling to pay for something they cannot assess. They identified a number of recommendations for ‘market-driven’ standardisation organisations:

  1. Define precise security model
  2. Stop consumer/business differentiation
  3. Add membership level for academic institutes
  4. Conduct security testing without conflict of interest
  5. Define and Enforce Update Policy

Lively discussion following this talk emphasised the importance of academic involvement, an open standards process with a multistakeholder ethos, and incorporating the development of reference implementations as part of the standards development life cycle. The need for regulation to help overcome the information asymmetry problem between industry and the consumers of IoT devices was also a hot topic of discussion.

Other topics discussed during the workshop included securing payments for outsourced computations, building a secure and open federation layer for IoT silos, authentication and key exchange protocols for IoT, practical implementation aspects and attestation.

To read more about NDSS, see our introductory blog post, our overview of the full NDSS 2018 program, and remember you can follow along via our social media channels – Twitter, Facebook, YouTube, and LinkedIn – or search/post using #NDSS18.

Categories
Building Trust Events Improving Technical Security Open Internet Standards Technology

Starting Today: NDSS Highlights the Best in Internet Security Research

You’ve undoubtedly heard about all sorts of Internet security vulnerabilities and incidents causing harm around the world, but the flip side of all that doom and gloom is all the promising efforts underway to create a more secure, private, and trusted Internet. Starting today and going through Wednesday (18-21 February), the Network and Distributed Systems Security (NDSS) Symposium takes place to present groundbreaking research in the world of Internet security.

This year marks the 25th anniversary of NDSS, and the Internet Society is proud to have been associated with it for over 20 years now. A key focus of the Internet Society has long been improving trust in the global open Internet. In order to promote this trust, we need new and innovative ideas and research on the security and privacy of our connected devices and the Internet that brings them together. NDSS is a top tier forum for highlighting this research.

NDSS 2018 is four full days featuring:

In addition to being excited by the potential of all the excellent security and privacy research to be presented at NDSS, the Internet Society is also pleased to support NDSS with continuing commitments to promoting open access to all information, encouraging cooperation and collaboration, and developing the next generation of leaders in the security space.

Quality academic research that is open and easily accessible to anyone is one of our best long-term investments in a truly open and trustable Internet. All of the information from NDSS including abstracts, papers, slides, videos, and posters will be available on the NDSS website. Papers and abstracts for the main programme are already on the NDSS website, and posters, slides, and videos from all the presentations will be posted shortly after NDSS. Individual workshops will have proceedings produced and put online in the weeks following NDSS.

NDSS brings together security researchers, standards developers, vendors, and the operational community into a cooperative and collaborative environment for the exchange of ideas. People are what ultimately hold the Internet together. The Internet’s development has been based on voluntary cooperation and collaboration, and these tenets remain essential factors for the Internet’s prosperity and potential. Because of this, the Internet Society has a long commitment to a Collaborative Security approach and views NDSS as an excellent example of this collaboration. We are especially pleased to see examples like the DNSPRIV and DISS workshops having active participation from the Internet Engineering Task Force (IETF) community, resulting in close coordination between emerging research and resulting standards. Enhanced collaboration makes both communities stronger.

Finally, for those of us who have been working in this space for more than a few years, we recognize the importance of developing the next generation of leaders. We need the best and the brightest engaged in solving the challenging security and privacy issues facing the Internet. Academic research by its very nature is developing the next generation of thought leaders in this space. To further support the exposure of students, NDSS, with the help of NSF, Cisco, and the Internet Society, is proud to have awarded 20 grants for students to attend NDSS in person.

For all of the above reasons and more, the Internet Society is pleased to support NDSS. We look forward to the results of this year’s event! And we want to wish a happy 25th anniversary to all those in the NDSS community!

There is still time if you want to join us in person in San Diego (by registering onsite). Otherwise you can follow along via our social media channels – Twitter, Facebook, YouTube, and LinkedIn, or search/post using #NDSS18.

Categories
Building Trust Events Improving Technical Security Open Internet Standards Technology

Celebrating the 25th Anniversary of NDSS

This year we are celebrating the 25th anniversary of the Network and Distributed System Security Symposium (NDSS). NDSS is a premier academic research conference addressing a wide range of topics associated with improving trust in the Internet and its connected devices. A key focus of the Internet Society has long been improving trust in the global open Internet. In order to promote this trust, we need new and innovative ideas and research on the security and privacy of our connected devices and the Internet that connects them together.

NDSS 2018 is about to get underway in San Diego, CA (18-21 February). It will be the biggest NDSS symposium yet, featuring 71 peer-reviewed papers, 20 posters, 4 workshops, 2 keynotes, and a co-located research group meeting. Record registration numbers are a key indicator that NDSS 2018 is featuring vital and timely topics. Below are some of the highlights expected in the coming week.

Workshops

This year’s program officially starts with four workshops on Sunday, 18 February. NDSS workshops are organized around a single topic and provide an opportunity for greater dialogue amongst researchers and practitioners in the area. Each of this year’s workshop have dynamic agendas.

The Workshop on Binary Analysis Research (BAR) is a new workshop topic for NDSS this year. Binary analysis refers to the process where humans and automated systems examine underlying code in software to discover, exploit, and defend against vulnerabilities. With the enormous and ever-increasing amount of software in the word today, formalized and automated methods of analysis are vital to improving security. This workshop will include a number of peer-reviewed papers and a panel discussion.

The Workshop on Decentralized IoT Security and Standards (DISS) is also new to NDSS this year. We are surrounded every day with the excitement and seemingly endless potential of the Internet of Things (IoT). The success of IoT depends significantly on solving the underlying security and privacy challenges. Following the spirit of NDSS, the goal of this workshop is to bring together researchers and practitioners to analyze and discuss decentralized security in the IoT, especially in the light of ongoing standardisation work and wider systems interoperability.

The Workshop on DNS Privacy (DNSPRIV) is in its second year at NDSS and will focus on increasing usability and decreasing traceability in the Domain Name System (DNS) infrastructure. DNS Privacy has been a growing concern of the IETF and others in the Internet engineering community for the last few years. Almost every activity on the Internet starts with a DNS query (and often several). The goal of this workshop is to bring together privacy and Internet researchers with a diversity of backgrounds and views, to identify promising long-term mitigations of the broad space of DNS privacy risks. This workshop, along with the DISS workshop, both have active participation from the Internet Engineering Task Force (IETF) community resulting in collaboration between academics and the engineers developing the standards.

Finally, the Workshop on Usable Security (USEC 2018) is one of the original NDSS workshops and is occurring at NDSS for the fifth consecutive year. It has long been established that ensuring effective security and privacy in real-world technology requires considering technical as well as human aspects. USEC 2018 fosters a multi-disciplinary approach to all aspects of human factors including adoption and usability in the context of security and privacy. Also notable about the USEC 2018 workshop is that it encourages papers that replicate previous results for validation purposes or document failed experiments to highlight the lessons learned. Finally, in another first for NDSS, USEC 2018 and DNSPRIV will have one joint session to discuss usability in the context of DNS.

Keynotes

Moving beyond the workshops, NDSS will also feature two excellent keynotes this year. On Monday morning, Ari Juels of Cornell University will kick off NDSS 2018 with a talk entitled “Beyond Smarts: Toward Correct, Private, Data-Rich Smart Contracts”. In this keynote, Ari will explore smart contracts, blockchains, secure off-chain data feeds or oracles, and much more. Check back after NDSS for a video recording of what will undoubtedly be an educational keynote.

On Wednesday morning, Parisa Tabriz of Google, Inc. will talk about “The Long Winding Road from Idea to Impact in Web Security”. In this keynote, she will share stories of multi-year initiatives that have made Chrome and the open web platform safer. She will talk about securing Flash content, the push to drive HTTPS adoption, and a 5+ year refactoring project to help mitigate speculative cpu vulnerabilities. She will focus on some of the practical constraints and lessons learned for others to consider when trying to improve security of large, complex, real-world systems.

NDSS Programme

The main content of NDSS 2018 is of course the set of papers to be presented and published. This year there are 71 peer-reviewed papers organized into 17 sessions, representing around 20% of the original submissions. Topics are wide-ranging and include authentication, cryptography, privacy, android, blockchain, cloud, and web security. This year, the Internet Society has reinforced its commitment to open access of information by updating the publishing policy for NDSS. Copyright of all papers remains with the authors. Papers, slides, and videos of all the talks will eventually be available on the NDSS 2018 programme page.

The final program component of NDSS 2018 is the Monday night Poster Session and Reception. This session will feature 20 posters of recently published or newly emerging research. Attendees will have a chance to vote for their favorite posters with special prizes being awarded in different categories.

Finally, on the Saturday before NDSS there will be an interim meeting of a proposed Internet Research Task Force (IRTF) research group on Decentralized Internet Infrastructure. The organizers of this meeting opted to use the fact that many of them will be in town for NDSS to co-locate their meeting as well. This group is in the formative stages so now is an excellent time to engage. The agenda looks interesting so if you are in San Diego early, drop on by the Rousseau room.

To wrap up this rather long blog post, I would like to say that the Internet Society is proud to have been associated with NDSS for over 20 years, and we are excited to see the results of this year’s event! Happy 25th to all those in the NDSS community!

You can still register onsite if you’d like to join us in person in San Diego, or you can follow along via our social media channels – Twitter, Facebook, and LinkedIn, or search/post using #NDSS18. Now, I’m off to catch my flight. See you in San Diego!

Categories
Building Trust Events Improving Technical Security Technology

Workshop on Binary Analysis Research (BAR) 2018 at NDSS on 18 February

Binary analysis refers to the process where human analysts and/or automated systems scrutinize the underlying code in software to discover, exploit, and defend against malice and vulnerabilities, oftentimes without access to source code. Through protecting legacy software deployed in all types of devices and platforms in the modern world, binary analysis techniques are becoming more and more critical in making our everyday life and our society more secure.

A Workshop on Binary Analysis Research (BAR) will be co-located with the Network and Distributed System Security Symposium (NDSS), and held in San Diego, CA, USA, on February 18, 2018.

The Workshop aims to provide an interaction point for researchers doing work in binary program analysis, with half of the workshop dedicated to traditional paper sessions and the other half to a roundtable discussion among researchers, implementers, and end-users of binary analysis techniques. BAR has attracted attention of many researchers, especially tool and framework authors, who actively work to create cutting-edge techniques and build powerful tools. Here we are happy to announce that eight high-quality academic papers have been accepted to appear in the paper sessions of the workshop, with presenters from both academia and industry. Researchers and authors of several famous binary analysis tools and frameworks, including BAP, Binary Ninja, BitBlaze-Fuzzball, BinCAT, CodeSurfer, Manticore, McSema, Panda, and S2E, will participate in the roundtable discussion.

With the analysis of binary programs once again becoming relevant due to the proliferation of interconnected embedded devices, the subfield of binary analysis has recently undergone a renaissance. Over the past few years, well over a dozen binary analysis frameworks were produced and released by well over a dozen research groups and private enterprise, putting the world in a situation where there are more binary analysis frameworks than there are web browsers. The situation has not been ignored by funding agencies, with massive grants, featuring binary analysis, being funded around the world. To drive the point home, in 2016, DARPA Cyber Grand Challenge turned automatic binary analysis, exploitation, and defense into something resembling a spectator sport.

It is worth noting that this binary analysis gold rush has taken place in a mostly uncoordinated manner, with some researchers meeting up on an ad-hoc basis at conferences and other research groups working in obscurity and isolation. As a result, while commonly adapted solutions to some problems have emerged, there is very little actual sharing and solution reuse among tools. This has resulted in missing tool functionality and needlessly duplicated effort, and has hampered the adoption of fundamental scientific advances in the field.

At the Workshop on the 18th, we are expecting great presentations, heated discussions, and exchange of brilliant ideas. If you are interested in reverse engineering and binary analysis, please consider registering for the workshop and paying us a visit!

Categories
Building Trust Domain Name System (DNS) Events Improving Technical Security Internet of Things (IoT) Privacy Technology

Announcing Four NDSS 2018 Workshops on Binary Analysis, IoT, DNS Privacy, and Security

The Internet Society is excited to announce that four workshops will be held in conjunction with the upcoming Network and Distributed System Security (NDSS) Symposium on 18 February 2018 in San Diego, CA. The workshop topics this year are:

A quick overview of each of the workshops is provided below. Submissions are currently being accepted for emerging research in each of these areas. Watch for the final program details in early January!

The first workshop is a new one this year on Binary Analysis Research (BAR). It is exploring the reinvigorated field of binary code analysis in light of the proliferation of interconnected embedded devices. In recent years there has been a rush to develop binary analysis frameworks. This has occurred in a mostly uncoordinated manner with researchers meeting on an ad-hoc basis or working in obscurity and isolation. As a result, there is little sharing or results and solution reuse among tools. The importance of formalized and properly vetted methods and tools for binary code analysis in order to deal with the scale of growth in these interconnected embedded devices cannot be overstated. The BAR workshop aims to provide an interaction point for researchers doing work in binary program analysis, with half of the workshop dedicated to traditional paper sessions and the other half to a roundtable discussion among researchers, implementers, and end-users of binary analysis techniques.

The second workshop is also new this year and focuses on Decentralized IoT Security and Standards (DISS). The success of the Internet of Things (IoT) depends significantly on solving the underlying security and privacy challenges. Due to their scale of deployment and limited resources, some of these systems will be extremely challenging to secure. A decentralized approach to IoT security brings forth many opportunities but also challenges, such as operating with constrained device and network capabilities, state synchronization, and trust management. At the same time, many IoT standards are now under development and decisions are being made today that will have long-term impact on the security of these systems. Of particular interest are open standards (e.g., IETF CoAP, OCF, and LWM2M), developed by organizations such as the IETF and the W3C including W3C Web of Things. The DISS workshop will gather researches and the open standards community together to help address the challenges of IoT Security.

The third workshop, DNS Privacy: Increasing Usability and Decreasing Traceability (DNSPRIV), continues the work started at the first DNS Privacy workshop held at NDSS 2017. DNS Privacy has been a growing concern of the IETF and others in the Internet engineering community for the last few years. Almost every activity on the Internet starts with a DNS query (and often several). Those queries can reveal information about not only what websites are visited but also about other services such as the domains of email contacts or chat services. This information crosses international boundaries and is sent in the clear. The IETF has taken steps to address these concerns; however, because of the diversity of the DNS ecosystem, and the pervasive role of DNS and domain names in Internet applications and security, much is not fully understood or resolved. The goal of this workshop is to bring together privacy and Internet researchers with a diversity of backgrounds and views, to identify promising long-term mitigations of the broad space of DNS privacy risks.

The final workshop, Usable Security (USEC), is a regular at NDSS dating back several years. It has even resulted in a sister event held in Europe over the summer months. This workshop brings together the technical and human aspects in of real-world technology to provide improved security and privacy. Experience has taught us over and over again that the best technical solutions for security and privacy will fail in deployment if usability is not a key design consideration. Enabling people to manage privacy and security necessitates giving due consideration to the users and the larger operating context within which technology is embedded. USEC 2018 aims to bring together researchers already engaged in this interdisciplinary effort with other computer science researchers in areas such as visualization, artificial intelligence, machine learning, and theoretical computer science as well as researchers from other domains such as economics and psychology.

I hope you will join us at NDSS 2018 from 18-21 February. Registration for the event will open later this month. Visit the NDSS website for more information, including upcoming announcements on the full workshop and NDSS program agendas. You can also find us on Twitter, Facebook, and LinkedIn using #NDSS18.

Categories
Improving Technical Security Open Internet Standards Technology

NDSS Highlights the Best in Internet Security Research

The nonstop news about Internet security vulnerabilities and incidents could lead one to despair for the future of the Internet. However, what often does not make the news is all the quality research that contributes ultimately to a more secure, private, and trustworthy Internet. Quality academic research that is open and easily accessible is one of our best long-term investments in a truly open and trustable Internet.

The Internet Society is proud of its long association with and support for the Network and Distributed Systems Security (NDSS) Symposium. Ground breaking quality research papers from over twenty years of NDSS symposia dating back to 1997 are all freely available on the Internet Society website. Earlier this year, NDSS 2017 was the biggest NDSS to date with 68 academic papers, two keynotes, and two workshops. For the first time, NDSS 2017 ran a two-track conference and recorded the presentations. Be sure to check out all the excellent recordings online via the online program or our new YouTube channel.

Currently, the NDSS Steering and Organizing Committees are hard at work laying the groundwork for a successful NDSS 2018. The Call For Papers has been out for some time now, and the deadline for submission, 11 August 2017, is rapidly approaching. The NDSS 2018 Program Co-Chairs, Patrick Traynor from the University of Florida and Alina Oprea from Northeastern University, have finalized a very impressive program committee to conduct rigorous evaluation of the submissions.

In addition, the Workshop Co-Chairs, Mathias Payer from Purdue University and Matthew Smith from the University of Bonn, have announced the Call for Workshops with submissions due by 31 August 2017. This year they are soliciting both full and half day proposals to add additional diversity to the workshop program.

Finally, the Internet Society is soliciting partners to help support this exciting and valuable symposium. There are a number of sponsorship opportunities outlined on the NDSS sponsorship information page.

Any questions or suggestions about the symposium in general or sponsorship in particular are welcome at ndss@isoc.org.

Categories
Building Trust Domain Name System (DNS) Improving Technical Security Open Internet Standards Privacy Technology

DNS Privacy: Solutions emerging, but deployment lags

I recently attended the DNS Privacy Workshop colocated with this year’s NDSS 2017 in San Diego, California. DNS privacy has received considerable attention from researchers and engineers since the Snowden revelations of state-backed pervasive surveillance in 2013 and the workshop covered a lot of ground.

For some Internet users, anonymity is critically important and a service like ToR exists to obfuscate the location and browsing habits of ToR users. Even ToR users have a need to resolve names using DNS however (for non-hidden services) and they are then vulnerable to the exit relay operator’s DNS configuration. The addition of DNS data to existing attack techniques makes attacks more precise, especially for infrequently visited websites (e.g. dissident sites). Exit relay operators are therefore advised to run their own resolvers with QNAME minimisation. In the long term, adding confidentiality to DNS is necessary to prevent it being used as a vector for de-anonymisation of ToR users.

Curiously, ToR was also discussed as a potential solution to the problem of DNS recursive resolver logs falling into the wrong hands. Incorporating a micropayment solution to align incentives and using ToR to anonymise traffic could create a recursive resolution service that wouldn’t have the logging vulnerability problems we see today. Latency of such a service would however be an issue in many cases, which brings me to my next point.

There is a critical tension between contemporary uses of the DNS to provide resilient and low-latency services versus the desire for greater privacy. Most DNS TTLs of the Alexa top 500 are less than 20 minutes. TTLs of 20 minutes make caching solutions and tools like Namecoin effectively impractical for popular sites. One suggestion is to download large caches of DNS data from relatively anonymous locations (libraries, coffeeshops, etc.) and then use those when in more privacy-vulnerable locations, e.g. at home. However within a 2 week window one third of A records (and nearly two thirds of AAAA records … go figure) for the Alexa top 500 have changed, so this approach, while certainly possible, has clear limitations.

While DNS privacy seems like an unambiguously good thing, greater confidentiality of DNS traffic will impact researchers and service providers that rely on passive collection of DNS information. Codifying anonymisation and data access practices may help here.

Workshop participants heard concerns about the pace with which the technical building blocks for adding confidentiality to DNS, namely DNS-over-TLS, are being adopted. However, we should remember that DNS-over-TLS was only standardized 9 months ago in RFC 7858.

In addition to addressing the implementation and deployment challenge, the DNS community needs to heed the lessons about usable security that have been learned, e.g. from HTTP(S) security indicators and SSL Certificate warnings. In order for DNS privacy solutions to become pervasive, addressing the usability challenge is essential. It may be that the emerging solutions to the DNS privacy problem are not sufficiently baked or too hot off the press to expect much deployment to have taken place, or a stronger effort to evangelise the availability of new tools may be necessary.

The workshop also considered a detailed analysis of padding DNS queries and responses (padding encrypted DNS messages makes it harder to apply size-based correlation with known unencrypted messages), securing DNS Service Discovery, and a detailed analysis of the tradeoffs between the numerous authentication mechanisms for DNS privacy enabling recursive resolvers.

The workshop concluded with breakouts creating content for the workshop report including conclusions, recognised challenges and research agenda recommendations. A full report of the workshop will be available in due course.

Slides from the workshop are available and audio should also be available soon. The DNS Privacy Project pages provide extensive further reading and details regarding available implementions of servers and clients supporting DNS-over-TLS.