Umesh Shankar scite author profile

With the growing prevalence of sensor and wireless networks comes a new demand for location-based access control mechanisms. We introduce the concept of secure location verification, and we show how it can be used for location-based access control. Then, we present the Echo protocol, a simple method for secure location verification. The Echo protocol is extremely lightweight: it does not require time synchronization, cryptography, or very precise clocks. Hence, we believe that it is well suited for use in small, cheap, mobile devices.

show abstract

Multiscale Stepping-Stone Detection: Detecting Pairs of Jittered Interactive Streams by Exploiting Maximum Tolerable Delay

Donoho

et al. 2002

View full text Add to dashboard Cite

Computer attackers frequently relay their attacks through a compromised host at an innocent site, thereby obscuring the true origin of the attack. Previous work has developed ways to detect when an interactive connection into a site and another outbound from the site give evidence of such a "stepping stone." This was done based on monitoring the access link connecting the site to the Internet [7,8].In this paper we anticipate intruder evasion which attempts to defeat such detectors by transforming the stream as it passes through the site to reduce correlations between the two interactive connections. The evasion we focus on here is the local jittering of packet arrival times (without addition and subtraction of packets).To counter such evasion, we assume that the intruder has a "maximum delay tolerance." By using wavelets and similar multiscale methods, we show that we can separate the shortterm behavior of the streams -where the jittering indeed masks the correlation -from the long-term behavior of the streams -where the correlation remains.It therefore appears that there is an effective countermeasure to this particular evasion tactic, at least for sufficiently long-lived connections.

show abstract

Secure verification of location claims

2003

View full text Add to dashboard Cite

show abstract

Dynamic pharming attacks and locked same-origin policies for web browsers

Karlof

Shankar²,

Tygar

et al. 2007

View full text Add to dashboard Cite

We describe a new attack against web authentication, which we call dynamic pharming. Dynamic pharming works by hijacking DNS and sending the victim's browser malicious Javascript, which then exploits DNS rebinding vulnerabilities and the name-based sameorigin policy to hijack a legitimate session after authentication has taken place. As a result, the attack works regardless of the authentication scheme used. Dynamic pharming enables the adversary to eavesdrop on sensitive content, forge transactions, sniff secondary passwords, etc. To counter dynamic pharming attacks, we propose two locked same-origin policies for web browsers. In contrast to the legacy same-origin policy, which regulates cross-object access control in browsers using domain names, the locked same-origin policies enforce access using servers' X.509 certificates and public keys. We show how our policies help two existing web authentication mechanisms, client-side SSL and SSL-only cookies, resist both pharming and stronger active attacks. Also, we present a deployability analysis of our policies based on a study of 14651 SSL domains. Our results suggest one of our policies can be deployed today and interoperate seamlessly with the vast majority of legacy web servers. For our other policy, we present a simple incrementally deployable opt-in mechanism for legacy servers using policy files, and show how web sites can use policy files to support selfsigned and untrusted certificates, shared subdomain objects, and key updates.

show abstract

Active mapping: resisting NIDS evasion without altering traffic

Shankar

Paxson

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Umesh Shankar

Secure verification of location claims

Multiscale Stepping-Stone Detection: Detecting Pairs of Jittered Interactive Streams by Exploiting Maximum Tolerable Delay

Secure verification of location claims

Dynamic pharming attacks and locked same-origin policies for web browsers

Active mapping: resisting NIDS evasion without altering traffic

Contact Info

Product

Resources

About