Saturday, April 29, 2017

Fundamental Cyber Security Work

Dig Deeper: Fundamental Cyber Security Work
As with every scientific field, there is research that is performed that is an inflection point for future research. Below is a list of seminal papers that will give you a solid foundation for cybersecurity research. This list includes research that had impacts that changed the way the field thought about topics. This list is not meant to be a list of just good research or interesting topics. A brief explanation of why the paper is seminal is provided per reference.
TitleAuthor(s)Seminality
Communication Theory of Secrecy SystemsClaude Shannon
• First formal statement of modern cryptography
• Defined secrecy system, cipher, and how to determine the strength of secrecy system from information theoretic perspective
The Protection of Information in Computer SystemsJerome H. Saltzer, and Michael D. Schroeder
• Introduces seminal secure design principles
• Descriptor-based protection systems
• Historical insights into computer security
Moore’s Law (Cramming More Components onto integrated circuits (1965) and Progress in Digital Integrated Electronics (1975))Gordon Moore
• Defined a model of processor development and progression
• Provided a way to project computing capabilities into the future
• A fundamental concept that has enabled the quantification of encryption security strength
New Directions in CryptographyWhitfield Diffie and Martin Hellman
• First idea for public-key cryptography
• Defined Diffie–Hellman key agreement protocol
A Method for Obtaining Digital Signatures and Public-Key CryptosystemsRon Rivest, Adi Shamir, and Leonard Adleman
• Defined RSA public-key system
• One of the most used public-key cryptographic systems
On Data Banks and Privacy Homomorphisms (1978)Ronald Rivest, Leonard Adleman, and Michael Dertouzos
• First paper defined homomorphic encryption
Fully Homomorphic Encryption Using Ideal Lattices (2009)Craig Gentry
• Second paper defined the first practical fully homomorphic encryption scheme
The Byzantine Generals ProblemLeslie Lamport, Robert Shostak, and Marshall Pease
• Theoretical exploration of agreement under adversarial threat
• Defined limitations of trust in redundant systems
• Does not solve the common vulnerability challenge
Smashing the Stack for Fun and ProfitAleph One (Elias Levy)
• First widespread introduction to buffer overflows
• Step-by-step discussion of the vulnerability and shell code
• Exploration of the implications
On the Security of Public-Key ProtocolsDanny Dolev and Andrew Yao
• Theoretical exploration of attacks on public key protocols
• Defined Dolev-Yao threat model that has become the threat model used for cryptographic protocols
A Computer Virus and a Cure for Computer VirusFred Cohen
• First definition of a virus
• Proof of undecidability of detecting a virus (counterproof) by mapping to halting problem
The Foundations of Computer Security: We Need SomeDonald Good
• Essay to complain about lack of strong foundations for engineering in computer security (cybersecurity not a concept yet)
• Surveyed how theoretically secure systems are not really secure
• Proclaimed we need more theories before being able to engineer “secure” systems
Programming Satan’s ComputerRoss Anderson and Roger Needham
• Theoretical exploration of timing, ordering, and oracle attacks
• Define principles for developing security protocols for integrity and authenticity using cryptography
The Base-Rate Fallacy and Its Implications for the Difficulty of Intrusion DetectionStefan Axelsson
• Theoretical explanation of the problems we have with IDS
• With extreme ratio of noise to signal (attacks=black swan events) even if you have a 100% detector you still need extremely low false-positive rate to not be inundated with false-positive detections
Red Pill (2004)Joanna Rutkowska
• Red pill demonstrated a method to detect that you were running as a guest virtual machine
• Blue pill demonstrated malware becoming a hypervisor to running OS dynamically
Introducing the Blue Pill (2006)
The Science of Guessing: Analyzing an Anonymized Corpus of 70 Million PasswordsJoseph Bonneau
• Study that shows that regardless of subpopulation everyone choose equivalently weak passwords
• An attacker is better off using a global password list

APIs - REST API