1

Chapter 23: Analysis and Development of

Green-Aware Security Mechanisms for Modern Internet Applications

1Luca Caviglione and 2,3Alessio Merlo

1ISSIA-CNR, Italy 2E-campus University, Novedrate, Italy

3DIST- University of Genoa, Italy

HANDBOOK ON GREEN INFORMATION AND COMMUNICATION SYSTEMS

2

Energy consumption of SN and devices

Social Networks (SNs) are one of the big phenomenon of Web 2.0, making Internet becoming always more an Internet of People. Users can ubiquitously access SN from different devices

(laptop, handheld devices, top box devices, …) Access to SN is made through non standardized solutions.

Web 2.0 and SN also contribute in the increased energy consumption of Internet that it is now responsible for a relevant portion of CO2 emission.

3

Security issues in SN

Security in SN is a complex and cross-layer issue (from network layer to application layer), due to: the huge amount of personal data to protect; the ubiquity of SNs.

Security in SNs is currently obtained by combining heterogeneous (and often overlapping) specific security solutions. SN security is also not standardized and hard to evaluate; security solutions waste resources due to their overlapping.

Security in SNs is nowadays also an energy consumption issue.

4

Green Security and SNs

Thus, SNs combine an Energy-consumption problem and a Security problem

By intersecting these two issues together with architectural problems related to Web 2.0, a new kind of “space” arise.

Green-Aware Security is a new research field aimed at tackling this intersection.

5

Five Main Contributions

Introducing security issues of Web 2.0 (in the sense of SN) at network layer;

Pointing out vulnerabilities and security flaws at application layer of SNs applications;

Showing by example how focused attacks can exploit vulnerabilities in SNs;

Formalizing the concept of energy-awareness for security mechanisms;

Providing an early model of energy-consumption in terms of security.

6

Mobile and social

The spread of SNs is spurred by a full mobility support, allowing the user to access SNs through mobile devices, desktop PC, set top boxes and so on;

In addition, access from mobile is constrained by battery duration, which constitutes a new attack surface.

Moreover, access to SN is granted by heterogeneous and often incompatible clients, thus resulting in a very balkanized scenario.

Assessing security and possible threats is harder than in other Web apps.

7

SNs in a nutshell

SNs are very popular since:1.they allow to share user-generated contents in a quick and simple way, also by providing the needed hosting and authoring tools;

2.they offer different features to support user-to-user communications (i.e. Instant Messaging);

3.they enable the creation of new software services through a set of APIs.

8

SNs in a nutshell /2

4. current SNs are “open” (i.e., a user in a SN can interact with similar platforms operated by different providers);

5. they are highly interactive and they support real-time features;

6. as a consequence of a solid mobility support, many SNs offer also localization services, making them suitable to be used jointly with geo-tagged information.

9

Main Security Hazards of SNs

Previous features increase also new security hazards:

1.simple distribution of personal information leading to possible attacks à-la social engineering;

2.due to complex or incoherent privacy and security settings, users can reveal their topographical location, thus reflecting in breaches into physical security as well;

10

Security Hazards in SNs /2

3. the joint utilization of different/specialized services can bring to a new type of attacks based upon multiple profile fusion. Also, such amount of information can ease the automatic and massive user profiling, thus reducing privacy;

4. accessing SNs from mobile devices, mostly performed via the IEEE 802.11, accounts for additional risks in terms of attacks due to the joint utilization of weak security standards and unencrypted application layer protocols

11

Security Hazards in SNs /3

5. since mobile devices are often battery operated, a new class of battery-draining attacks arise;

5. the integration of third-party Web application can lead to many possible hazards, and creates new security breaches;

6. to provide the proper degree of interactivity and sophisticated user-interfaces, specific design patterns are adopted. But, they increase the risk of attacks such as request forgeries;

12

Security Hazards in SNs /4

8. the availability of SN applications from a variety of appliances (e.g., mobile gaming consoles) may foster new kind of attacks based upon stack misbehaviors, or protocol fingerprinting. For instance, many devices do not have a full-featured TCP/IP stack and could exhibit erratic or exploitable behaviors.

Thus, security issues on SNs are cross-layers (application, network, devices) and strongly relies on the heterogeneity of actors and media they are related with.

13

Application Layer Security Issues

SNs are essentially Web Applications. Thus they suffer from weakness related to client/server paradigm and native Web technologies (i.e. HTTP, SQL, AJAX, JavaScript, PHP, JSP, ASP, …).

According to OWASP, the most dangerous vulnerabilities for Web Apps are: Injection, XSS, Broken Authentication, Insecure Object Reference, XSRF, Security Misconfiguration, Insecure Cryptographic Storage, Failure to restrict URL access, Insufficient Transport Layer protection and Unvalidated Redirect and Forward.

14

Network Layer Security Issues

At the network layer, SNs may suffer from different vulnerabilities which take to gather information:i)by exploiting the use of HTTP over IEEE 802.11 channels;ii)by retrieving information from HTML pages and in-line objects;iii)since SNs have a typical traffic pattern, it is possible to gather information also from ciphered traffic;iv)Devices used to connect to SNs may not have a complete TCP/IP stack, reducing security.

15

Exploiting SN’s flaws

We investigated how a subset of OWASP vulnerabilities may be exploited on a SN.

To this aim, we built a toy model of a simple SN (denoted as AllTogether) to investigate the impact of: Injection XSS Broken Authentication XSRF

16

The AllTogether toy Scenario

AllTogether is a sample model where each logged user can:

navigate his profile; update his profile; adding/removing friends; chat with friends; exchange messages with all users; specify visibility policies for portions of his/her profile

with a single friend granularity.

17

Exploiting Injection in AllTogether

SQL Injection can be used to force the adding of a malicious user as a friend of a victim one;

This is possible if no check are made on the

friend name which may contain another SQL statement;

Correct query: INSERT INTO Friends VALUES (“John Doe”, “Jane Doe”);

Injected query: INSERT INTO Friends VALUES (“John Doe”, “Jane Doe”); INSERT INTO Friends VALUES (“John Doe”, “Eve )”;

18

Exploiting XSS in AllTogether

Users update profile using HTML forms. A malicious user can embed JS code in an HTML of his profile as follows:

+39010353XXX <script language="javascript" type="text/javascript">alert(document.cookie);</script>

A user accessing that field will execute automatically the JS code through his browser, if proper control on HTML fields are not executed on the SN side.

19

Exploiting Broken Auth in AllTogether

SNs use password retrieval services which are generally based on a shared secret (e.g. the surname of the user’s mother);

A user is challenged to answer correctly to the secret question in order to change his credentials;

Many of these information are available on posts and profile;

Malicious user can discover such information by crawling the SN graph;

20

Exploiting XRSF in AllTogether

The XSRF attack can force a user to perform an unwanted action, inadvertently;

SN APIs are public and method for friend addition may be well known by any user;

A malicious user can force a victim to visit an URL (e.g. through a message) that, once executed by the victim, invokes the APIs method for adding a friendship relation;

In order to successfully exploit XSRF, the victim user must be logged to the SN.

21

Heterogeneous Security and Energy Consumption

Attacks to an OSN (as those explained for the AllTogether toy example scenario) are hardly managed by a single security mechanism, thus security in OSN is generally granted by a set o different solutions.

Besides, successful attacks have impacts also on energy consumption as well as on data privacy, integrity and confidentiality.

Thus, both these different aspects should be considered taking to a new approach to security.

22

Towards Green Security

Security mechanisms account for energy consumption at different levels, putting an overhead within the computing infrastructure;

Optimal and non-overlapping security solutions sufficient for countering network and application security issues is required but not sufficient in the near future;

Energy-consumption perspective must be taken also into account.

23

Green Security and Green Newtorking

The complexity of SNs consequently increases the resources required to the network, since users connects from different devices, often at the same time;

Thus, also security requirements increases due to the complexity of clients for accessing the SN;

In general, this reflects into an amount of power consumption, due both to service complexity and security;

24

Towards a new problem space

A new kind of green-aware security issues arise:security mechanisms may require proper architectural elements to be placed in the network; in order to secure communications additional signaling could be needed;such protocols and mechanisms can reflect in additional software layers increasing consumption through additional CPU usage;users access the Internet both via wireless and wired access networks. Thus, security mechanisms could be deployed at different layers. 

25

A Green Perspective in Securing SNs

SNs are protected by means of a combination overlapping security mechanisms, designed without taking into account energy costs.

Such security mechanisms (e.g. IDS, Antivirus) currently significantly lowers the battery of mobile devices.

Modeling and assessing the energy consumption of current mechanisms and designing new green-aware solutions is our proposal.

26

Green Security: an Early Model

27

Green Security: an early model /2

28

Green Security: an early model /3

29

Conclusions

In this Chapter, we: Analyzed security issues related to SNs; Pointed out interrelations between Green

Computing, Security and SNs; Argued that current approaches to securing SNs are

not optimized in terms of energy consumption; Proposed a new research trend aimed at greening

the development of future security solutions.

Future developments: sperimental measurements of actual energy

consumption of security mechanisms; Modeling and designing green-aware security

solutions.