Download ATC-2015 Software Protection and Current Developments in Cyber

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
Document related concepts

Security printing wikipedia , lookup

Transcript 
ATC-2015 Software Protection and Current Developments in
Cyber Security
Serhat Toktamışoğlu
[email protected]
“This document contains confidential and/or proprietary information of MilSOFT and may not be reproduced, copied, disclosed to other parties or used in
anyway in whole or in part without prior written consent of MilSOFT”
1
MilSOFT
Ø Company
Name
Ø Established
Ø Main
in
Work Area
: MilSOFT Yazılım Teknolojileri A.Ş.
: 1998
: System Integration & Software Development
Ø Facility :
METU Technopolis / ANKARA
Teknopark Istanbul / ISTANBUL
MilSOFT-USA (Washington/D.C.-USA)
Ø Expertise:
Command & Control (C2)
Tactical Data Links and Messaging
Intelligence Surveillance & Reconnaissance (ISR)
Electronic Warfare
Embedded Systems
ICT Solutions
Cyber Security
100% Private Turkish
Company
Ø Certications
:
§  CMMI Level-5 (first one in Europe & only one in Turkey)
§  ISO 9001:2008
§  ISO 27001:2013
§  AQAP-2110 & 2210
Ø Clearances
:
§  NATO Secret
§  National Secret
“This document contains confidential and/or proprietary information of MilSOFT and may not be reproduced, copied, disclosed to other parties or used in
anyway in whole or in part without prior written consent of MilSOFT”
2
Customer Profile (International)
“This document contains confidential and/or proprietary information of MilSOFT and may not be reproduced, copied, disclosed to other parties or used in
anyway in whole or in part without prior written consent of MilSOFT”
3
Cyber Security/Warfare and Public & Private Partnership
q  Cyber security is the collection of tool, policies, security concepts, security
safeguards, guidelines, risk management approaches, actions, training, best
practices, assurance and Technologies that can be used to protect the cyber
environment and organization and user’s assets.*
q  Cyber warfare is politically motivated hacking to conduct sabotage and
espionage. It is a form of information warfare sometimes seen as analogous to
conventional warfare**
q  «Arms Race» is now «Digital Arms Race»
*ITU (International Telecommunication Union)
** DOD - Cyberspace
“This document contains confidential and/or proprietary information of MilSOFT and may not be reproduced, copied, disclosed to other parties or used in
anyway in whole or in part without prior written consent of MilSOFT”
4
Common and Different Security Needs for Different Levels
q  What we watched in the movies, series and read in the novels became
reality now
q  A cyber attack to the nation’s critical weaponry system may have
catastrophic results
q  If a cyber attacker who compromises a critical infrastructure or a financial
system which effects several nations may have a global impact
“This document contains confidential and/or proprietary information of MilSOFT and may not be reproduced, copied, disclosed to other parties or used in
anyway in whole or in part without prior written consent of MilSOFT”
5
Common and Different Security Needs for Different Levels-2
q  Critical Organizations (or their partners) are under attack with different motives
q  Individuals are more under threat than yesterday, Planes, Refrigerators, Cars,
Health Care Devices etc.
q  For sure at the «Internet of The Things» era they will feel they need more
and more security in digital life
“This document contains confidential and/or proprietary information of MilSOFT and may not be reproduced, copied, disclosed to other parties or used in
anyway in whole or in part without prior written consent of MilSOFT”
6
Common and Different Security Needs for Different Levels-3
q  A striking example of increasing Cyber Security needs for an average
individual is Jeep Cherokee hacking announced this summer
q  They used a zero-day exploit, the code used lets hackers send commands
through the Jeep’s entertainment system to vital car components (steering,
brakes, transmission etc.)
q  In another attack, researchers plant a remote-access Trojan on the Tesla
Model S’ network while they had physical access. Tesla has already released
a patch
q  Even a Botnet made by cars are possible
q  Top Security Officers are getting hired by the top manufacturers.
q  Be prepared to see «Security Usta» in your local garage J
“This document contains confidential and/or proprietary information of MilSOFT and may not be reproduced, copied, disclosed to other parties or used in
anyway in whole or in part without prior written consent of MilSOFT”
7
Need for Specialization
q  Firewalls, IPS/IDS, antivirus applications, Security Applications, Software
Protection Applications and so on.
q  Different domains need different requirements. For example avionic software
need specific security along with safety described in DO-178
q  Difficult to specialize in all security fields even for the big multi-national
entrprises
q  "Do One Thing and Do It Well."
“This document contains confidential and/or proprietary information of MilSOFT and may not be reproduced, copied, disclosed to other parties or used in
anyway in whole or in part without prior written consent of MilSOFT”
8
Our Specilization is «Software Protection»
q  Software Protection can be defined as last line of Cyber Security.
q  Started from MilSOFT internal needs and now a TÜBİTAK funded project
q  Main purpose: When firewall, IPS/IDS, antivirus applications are bypassed
or there is no such protection in the system, applications should protect
themselves.
q  After using Software Protection Product on your software, it will be harder to
reverse-engineer or tamper your software, since your program will protect
itself.
“This document contains confidential and/or proprietary information of MilSOFT and may not be reproduced, copied, disclosed to other parties or used in
anyway in whole or in part without prior written consent of MilSOFT”
9
Software Reverse Engineering
q  Software reverse engineering, or “reversing,” is a collection of techniques
for deciphering and analyzing how a program operates.
q  Reversing is a common, often benign practice among software developers
that can be used to enable software from different companies to interoperate
or to identify security vulnerabilities before they can be exploited by third
parties
q  «Translated from machine-readable to human-readable form so that its
functions and vulnerabilities can be analyzed more easily» GCHQ
“This document contains confidential and/or proprietary information of MilSOFT and may not be reproduced, copied, disclosed to other parties or used in
anyway in whole or in part without prior written consent of MilSOFT”
10
Software Reverse Engineering-2
q  Software makers, fearing piracy, hacking and intellectual property theft,
often forbid the practice in licensing agreements.
q  Governments have passed laws, with digital media in mind, that strictly
circumscribe tampering with the encryption.
q  Governments also do reversing «legally» as seen GCHQ activities revealed
by Intercept Online
q  Wassenaar Agreement is an issue within reversing community
q  «When you outlaw reverse engineering, only outlaws will reverse engineer»
D.Litchfield
“This document contains confidential and/or proprietary information of MilSOFT and may not be reproduced, copied, disclosed to other parties or used in
anyway in whole or in part without prior written consent of MilSOFT”
11
Software Protection Usage
q  Protect Against
q  Tampering
q  IP Theft
q  Copyright Violations
q  Vulnerability Finding
q Malware also uses software protection techniques not
surprisingly. You have a backdoor in your system, you may like to
hide its activities to gain sometime
q  It is also essential to stop copycatted by average attackers
q Not working against fuzzing
q Not for hardware components
“This document contains confidential and/or proprietary information of MilSOFT and may not be reproduced, copied, disclosed to other parties or used in
anyway in whole or in part without prior written consent of MilSOFT”
12
How to protect it
q Obfuscation: To harden reverseengineering and critical data
stealing
q Tamperproofing: To harden
changing software behavior and
function
q Anti-Debug: To prevent the
software to be run under any
debugger
“This document contains confidential and/or proprietary information of MilSOFT and may not be reproduced, copied, disclosed to other parties or used in
anyway in whole or in part without prior written consent of MilSOFT”
13
Software Protection Program Examples
q  «The Software Protection Initiative (SPI) offers a novel approach to protecting high
value computer programs. It doesn’t secure the computer or the network. Instead it
empowers a single computer program to secure itself.» *DoD
q  «These SPI products are currently being deployed to selected HPC centers and are
in use at over 150 DoD government and contractor sites.» *DoD
q  Microsoft Windows x64 bit Operating Systems kernel have similar protection
technology called «Kernel Patch Protection» informally known as PatchGuard
“This document contains confidential and/or proprietary information of MilSOFT and may not be reproduced, copied, disclosed to other parties or used in
anyway in whole or in part without prior written consent of MilSOFT”
14
Essential Software Protection Scenarios
q  If your aircraft is down on a hostile teritory, critical software should protect themselves
against reverse-engineering and prevent stealing of critical implementation details.
Hainan Island or RQ-170 Incidents are good examples
q  Simply a printer driver may be patched to bypass chip control
q  Curious story of emission
“This document contains confidential and/or proprietary information of MilSOFT and may not be reproduced, copied, disclosed to other parties or used in
anyway in whole or in part without prior written consent of MilSOFT”
15
MilSOFT Software Protection Product
q  Using techniques from literature and developed own techniques
and algorithms (2 patent apllications are on the way)
q  Prototyping is completed.
q  Demo with limited capabilities will be ready at the end of 2015.
q  First release: First half of 2016 for Linux OS then later for Windows
OS
“This document contains confidential and/or proprietary information of MilSOFT and may not be reproduced, copied, disclosed to other parties or used in
anyway in whole or in part without prior written consent of MilSOFT”
16
THANK YOU
“This document contains confidential and/or proprietary information of MilSOFT and may not be reproduced, copied, disclosed to other parties or used in
anyway in whole or in part without prior written consent of MilSOFT”
17
Related documents
Article Outage Management and IVR Communications Systems
Article Outage Management and IVR Communications Systems
Customer Spend Profile
Customer Spend Profile
Health Release Form - Holland Public Schools
Health Release Form - Holland Public Schools
Consent applies to all of the following: For Custody Eval only: To
Consent applies to all of the following: For Custody Eval only: To
Subject Access Request Template Letter
Subject Access Request Template Letter
THE 14TH STREET MEDICAL GROUP
THE 14TH STREET MEDICAL GROUP
HERE - Jemez Mountains Electric Cooperative, Inc.
HERE - Jemez Mountains Electric Cooperative, Inc.
test selection
test selection
Workplace Wellness: Learn from Yesterday, Focus Today and
Workplace Wellness: Learn from Yesterday, Focus Today and
Human Subjects Bill of Rights
Human Subjects Bill of Rights