Salman Manzoor

Topic: 
Security risk measurement & SLAs
Research work: 

My research interests covers the quantitative security risk assessment for distributed/networked computing systems with the focus on Cloud computing.

While the Cloud is pervasively used, the lack of security guarantees continues to remain an impediment for the Cloud’s use as a trusted platform. From the customer’s perspective, the need is of measurable and actionable assurance on the security measures (access control, levels of data integrity etc). From the service provider’s perspective, providing security assurance is a non-trivial issue given the multitude of threats surfaces and service chain elements to consider. As Cloud services are typically delivered over the classical Internet protocols, thus the attack surfaces also need to include threats at the level of the Internet (as a communication/services conduit) as well as those introduced by the multi-customer resource sharing and management paradigms such as virtualization.

One of the methods to provide security assurance is by evaluating the system for vulnerabilities that can be exploited by adversaries. Consequently, we conduct (currently at the IaaS level) threat analysis to (a) systematically identity system weaknesses, and (b) develop associated techniques to mitigate risks that can undermine the desired security goals. This is currently conducted with a customer-centric viewpoint and also involves proposing customer measurable security quantifiers to assess the risk levels. An additional objective is to explore the cascading effect of threats i.e., threats that can be induced by vulnerable interactions amongst the services and propagate across the system.

ESRs Publications

Description:

Core-private caches represent a convenient and practical way for exfiltrating secret information and endanger ICT systems, including CIs. Attacks abusing the caches as covert channels are hard to be detected, as the caches are easily accessible without any privileges. To address this threat and enhance the security in CIs and other ICT systems, we proposed the usage of feasibility metrics to assess the probability of a covert channel exploit happening in the system or, to conduct post mortem analysis. The proposed feasibility metrics can be derived using hardware performance counters, and represent a lightweight way to reason about the possible covert channel threat. To validate our proposal, we demonstrate the applicability of the proposed metrics by conducting experiments with a L1 CCA and considering varied scenarios. Our results discern that the busy waiting and the successive scheduling of the processes can reliably be correlated with the success of a covert-channel exploit using the L1 cache. The proposed metrics help systematically ascertain efficient ways to address such exploits, and to facilitate security enhancement in ICT systems, including CIs.

Description:

In this paper, we have explored the relation among different actors involved in the Cloud ecosystem to develop an ontology. This ontology is further mapped to a design structure matrix for evaluating threats from varied actors’ perspectives. Our DSM-based threat analysis can be utilized to identify the most critical/influential as well as least critical/influential actor in the Cloud. However, our DSM-based approach is flexible and thus, it can be used to reveal other critical information such as classifying vulnerabilities that achieve a common goal. We believe that by systematically identifying the Cloud vulnerabilities, the CI based on using the Cloud can consequentially be better protected.

Description:

Technische Universitaet Darmstadt