ProActive Trust Establishment in BYOD Wireless Networks

Files
ucalgary_2014_sambashiva_ashwathi.pdf(10.25 MB)
Date
2014-08-21
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
Abstract
This thesis demonstrates the benefits of Active Intrusion Detection (AID). AID is a principled method for generating probes driven by the execution of a custom decision mechanism. AID is different from traditional intrusion detection because it generates probes in an active fashion and engages network entities in dialogues meant to fingerprint and reveal internal or unique characteristics. This thesis demonstrates the detection of suspicious intrusions by dynamically and interactively transmitting network probes. These probes are customized according to the current state of the network, and is called Active Probing[1]. Active probing can detect misconfigured or rogue services on the network. I focus on the feasibility of AID in a Bring-Your-Own-Device (BYOD) scenario, given the intense interest in BYOD, as computing evolves. The work demonstrated here helps a device in the BYOD scenario to establish trust in the network that it enters. Establishment of trust is necessary because of the lack of authentication and authorization at lower levels of the network. Adversaries can exploit this weakness to set up rogue services on a network. They can also configure network services in an incorrect way, in an attempt to exploit an existing vulnerability in any entity on the network. Dearth of trust enables the existence of misconfigured or rogue services on the network, which is described in Williamson et al.[2] as the Deception Surface. I adopt the abstract probing model proposed by Williamson et al. and construct systems called ProActive and AndroidNetApp. I explore elected aspects of the HTTP protocol in a BYOD setting using ProActive, conduct various experiments, and analyze the results obtained. Active probing is slightly more expensive than randomly probing the target entity to determine its identity, but ProActive's accuracy compensates for the extra time it consumes. References: [1]. Douglas E. Comer and John C. Lin. Probing TCP Implementations. In Proceedings of the USENIX Summer 1994 Technical Conference, pages 245-255, Berkeley, CA, USA, 1994. USENIX Association. [2]. John F. Williamson, Sergey Bratus, Michael E. Locasto, and Sean W. Smith. Using Active Intrusion Detection to Recover Network Trust. In Proceedings of the 25th Large Installation System Administration Conference, pages 19-30, Boston, MA, December 2011. LISA'11, USENIX Association.
Description
Keywords
Computer Science
Citation
Samba Shiva, A. (2014). ProActive Trust Establishment in BYOD Wireless Networks (Master's thesis, University of Calgary, Calgary, Canada). Retrieved from https://prism.ucalgary.ca. doi:10.11575/PRISM/27437
URI
http://hdl.handle.net/11023/1692
Collections
Open Theses and Dissertations