- Количество слайдов: 16
Secure Public Instant Messaging (IM): A Survey Mohammad Mannan Paul C. Van Oorschot Digital Security Group School of Computer Science Carleton University, Ottawa, Canada
What’s This Talk About? n n Do we need secure IM? Do the current methods provide enough security for IM?
Organization n n n Scope and background What’s at stake? Reasons why IM is insecure Existing IM security mechanisms Shortcomings Concluding remarks
Scope n n PC-to-PC (one-to-one) text messaging Popular public and business IM n n AOL, Yahoo!, and MSN Messenger, ICQ Yahoo! Business Messenger, Reuters Messaging third party clients (Trillian, IMSecure) Out of scope n n n Short Messaging System(SMS) Internet Relay Chat (IRC) chat room/group chat
Background n IM is mainly used for – n n n exchanging text messages tracking availability of a list of users Recent statistics n Pew report 2004 – n n 42% Internet users use IM in the U. S. growth rate of IM population: 29% (since 2000) 70% Internet users report using email more than IM Ferris Report (business IM users) n n 10 million in 2002 182 million in 2007
IM Communications Model IM Server Client 1 n n n Client 2 Client-server: presence, contact list and availability management, message relay between users Client-client: audio/video chat, file transfer Authentication: password-based, sometimes use SSL (Secure Socket Layer)
What’s at Stake? n n n Conversations (privacy and information leakage) Propagation vector for Internet worms, viruses and Trojans SPIM (IM spam) – Unsolicited commercial IMs n Radicati Group projections – n n 1. 2 billion SPIMs in 2004 (5% of total IMs) 400 million in 2003 34. 8 billion spam email messages in 2004 Compromised systems
Reasons why IM is insecure n “Insecure” connection n n impersonation replay Sharing IM features with other applications Exploitable URI (Uniform Resource Identifiers) handlers aim, ymsgr n example: aim: //addbuddy? mybuddy n attacks n n n buffer overflow scripting attacks Deceitful hyperlinks
Existing IM Security Mechanisms(1) n Built-in methods n n n launch anti-virus explicit consent for add contact, file transfer, presence info (not cryptographically protected) new version and critical updates notification prevents automated account creation word filtering password-protected settings etc.
Existing IM Security Mechanisms(2) n Third-party security solutions n n AIM can make use of Class 2 digital certificates IMSecure Trillian Why don't we use email security solutions for IM? n n Proprietary protocols P 2 P connections
Shortcomings of Current Solutions n n Anti-virus can check only limited file types URL exploitations Cost and maintenance burden of digital certificates SSL-based (corporate IM) solutions: n n n resource hungry visible messages to server limited threat model (end-points are trusted)
Weaknesses of IMSecure Model User System IM Client Unprotected Messages Read/Modify Messages Malicious Program IMSecure Encrypted Messages IM Server/ Others
Concluding Remarks n n n IM security is important Current methods are insufficient Can we use existing protocols to secure IM? User interface issues Ongoing work in IETF (see also paper)
Thanks. Paper: http: //www. scs. carleton. ca/~mmannan/publications/pst 04. pdf Presentation: http: //www. scs. carleton. ca/~mmannan/publications/pst 04. ppt
Web References n Symantec: IM Worms Could Spread In Seconds, June 2004, http: //www. techweb. com/wire/story/TWB 20040618 S 0007 n Look out spam, here comes spim, Mar. 2004, http: //www. theregister. co. uk/2004/03/31/look_out_spam_here_comes n Microsoft warns of JPEG threat, Sep. 2004 http: //www. macworld. co. uk/news/index. cfm? News. ID=9635&Page=1& page. Pos=2 n National Cyber Security Alliance Perception Poll Release http: //www. staysafeonline. info/news/NCSAPerception. Poll. Release. pdf
Related Work n n n Much work on feature enhancement, analysis Secure Instant Messaging Protocol Preserving Confidentiality against Administrator, Kikuchi et al. , March, 2004. Threats to Instant Messaging, Symantec Security Response, 2003.