Скачать презентацию Secure Public Instant Messaging IM A Survey Mohammad Скачать презентацию Secure Public Instant Messaging IM A Survey Mohammad

708b6e490fc9be498c590d4924889c0e.ppt

  • Количество слайдов: 16

Secure Public Instant Messaging (IM): A Survey Mohammad Mannan Paul C. Van Oorschot Digital Secure Public Instant Messaging (IM): A Survey Mohammad Mannan Paul C. Van Oorschot Digital Security Group School of Computer Science Carleton University, Ottawa, Canada

What’s This Talk About? n n Do we need secure IM? Do the current What’s This Talk About? n n Do we need secure IM? Do the current methods provide enough security for IM?

Organization n n n Scope and background What’s at stake? Reasons why IM is Organization n n n Scope and background What’s at stake? Reasons why IM is insecure Existing IM security mechanisms Shortcomings Concluding remarks

Scope n n PC-to-PC (one-to-one) text messaging Popular public and business IM n n Scope n n PC-to-PC (one-to-one) text messaging Popular public and business IM n n AOL, Yahoo!, and MSN Messenger, ICQ Yahoo! Business Messenger, Reuters Messaging third party clients (Trillian, IMSecure) Out of scope n n n Short Messaging System(SMS) Internet Relay Chat (IRC) chat room/group chat

Background n IM is mainly used for – n n n exchanging text messages Background n IM is mainly used for – n n n exchanging text messages tracking availability of a list of users Recent statistics n Pew report 2004 – n n 42% Internet users use IM in the U. S. growth rate of IM population: 29% (since 2000) 70% Internet users report using email more than IM Ferris Report (business IM users) n n 10 million in 2002 182 million in 2007

IM Communications Model IM Server Client 1 n n n Client 2 Client-server: presence, IM Communications Model IM Server Client 1 n n n Client 2 Client-server: presence, contact list and availability management, message relay between users Client-client: audio/video chat, file transfer Authentication: password-based, sometimes use SSL (Secure Socket Layer)

What’s at Stake? n n n Conversations (privacy and information leakage) Propagation vector for What’s at Stake? n n n Conversations (privacy and information leakage) Propagation vector for Internet worms, viruses and Trojans SPIM (IM spam) – Unsolicited commercial IMs n Radicati Group projections – n n 1. 2 billion SPIMs in 2004 (5% of total IMs) 400 million in 2003 34. 8 billion spam email messages in 2004 Compromised systems

Reasons why IM is insecure n “Insecure” connection n n impersonation replay Sharing IM Reasons why IM is insecure n “Insecure” connection n n impersonation replay Sharing IM features with other applications Exploitable URI (Uniform Resource Identifiers) handlers aim, ymsgr n example: aim: //addbuddy? mybuddy n attacks n n n buffer overflow scripting attacks Deceitful hyperlinks

Existing IM Security Mechanisms(1) n Built-in methods n n n launch anti-virus explicit consent Existing IM Security Mechanisms(1) n Built-in methods n n n launch anti-virus explicit consent for add contact, file transfer, presence info (not cryptographically protected) new version and critical updates notification prevents automated account creation word filtering password-protected settings etc.

Existing IM Security Mechanisms(2) n Third-party security solutions n n AIM can make use Existing IM Security Mechanisms(2) n Third-party security solutions n n AIM can make use of Class 2 digital certificates IMSecure Trillian Why don't we use email security solutions for IM? n n Proprietary protocols P 2 P connections

Shortcomings of Current Solutions n n Anti-virus can check only limited file types URL Shortcomings of Current Solutions n n Anti-virus can check only limited file types URL exploitations Cost and maintenance burden of digital certificates SSL-based (corporate IM) solutions: n n n resource hungry visible messages to server limited threat model (end-points are trusted)

Weaknesses of IMSecure Model User System IM Client Unprotected Messages Read/Modify Messages Malicious Program Weaknesses of IMSecure Model User System IM Client Unprotected Messages Read/Modify Messages Malicious Program IMSecure Encrypted Messages IM Server/ Others

Concluding Remarks n n n IM security is important Current methods are insufficient Can Concluding Remarks n n n IM security is important Current methods are insufficient Can we use existing protocols to secure IM? User interface issues Ongoing work in IETF (see also paper)

Thanks. Paper: http: //www. scs. carleton. ca/~mmannan/publications/pst 04. pdf Presentation: http: //www. scs. carleton. Thanks. Paper: http: //www. scs. carleton. ca/~mmannan/publications/pst 04. pdf Presentation: http: //www. scs. carleton. ca/~mmannan/publications/pst 04. ppt

Web References n Symantec: IM Worms Could Spread In Seconds, June 2004, http: //www. Web References n Symantec: IM Worms Could Spread In Seconds, June 2004, http: //www. techweb. com/wire/story/TWB 20040618 S 0007 n Look out spam, here comes spim, Mar. 2004, http: //www. theregister. co. uk/2004/03/31/look_out_spam_here_comes n Microsoft warns of JPEG threat, Sep. 2004 http: //www. macworld. co. uk/news/index. cfm? News. ID=9635&Page=1& page. Pos=2 n National Cyber Security Alliance Perception Poll Release http: //www. staysafeonline. info/news/NCSAPerception. Poll. Release. pdf

Related Work n n n Much work on feature enhancement, analysis Secure Instant Messaging Related Work n n n Much work on feature enhancement, analysis Secure Instant Messaging Protocol Preserving Confidentiality against Administrator, Kikuchi et al. , March, 2004. Threats to Instant Messaging, Symantec Security Response, 2003.