1 part 7: state of the art and future u are we in a sorry state? u how to keep us safe? u software...
TRANSCRIPT
![Page 1: 1 Part 7: State of the Art and Future u Are we in a sorry state? u How to keep us Safe? u Software trust management u Hardware trust management u Evasive](https://reader036.vdocuments.site/reader036/viewer/2022082820/5697bf761a28abf838c809d4/html5/thumbnails/1.jpg)
1
Part 7: State of the Art and Future
Are we in a sorry state? How to keep us Safe? Software trust management Hardware trust management Evasive virus scanning Return of Obscurity Techniques (e.g. Steganography)
![Page 2: 1 Part 7: State of the Art and Future u Are we in a sorry state? u How to keep us Safe? u Software trust management u Hardware trust management u Evasive](https://reader036.vdocuments.site/reader036/viewer/2022082820/5697bf761a28abf838c809d4/html5/thumbnails/2.jpg)
2
Case 1: Doom and Gloom
Viruses are running around Even though they are not the smart kind
Financial losses are a problem Anyone trying to do PKI for credit cards?
Integrity checking missing As users get smarter, attackers get even smarter
![Page 3: 1 Part 7: State of the Art and Future u Are we in a sorry state? u How to keep us Safe? u Software trust management u Hardware trust management u Evasive](https://reader036.vdocuments.site/reader036/viewer/2022082820/5697bf761a28abf838c809d4/html5/thumbnails/3.jpg)
3
Case 2: Getting better
Spam effectiveness is getting lower Filtering making major inroads
Fraud is being contained via awareness
Countermeasures getting smarter Hardware (TPM) and virtual machines are coming RSA Secureid and such cards are being pushed
Phone verification is catching on
![Page 4: 1 Part 7: State of the Art and Future u Are we in a sorry state? u How to keep us Safe? u Software trust management u Hardware trust management u Evasive](https://reader036.vdocuments.site/reader036/viewer/2022082820/5697bf761a28abf838c809d4/html5/thumbnails/4.jpg)
4
Trust Management
Hardware trust management Stores keys in hardware (e.g. PKI cards)
Software Trust management Hashes, signatures, trusted software Verification, attestation, cleaner installations
Email trust Advent of email authentication may be soon
![Page 5: 1 Part 7: State of the Art and Future u Are we in a sorry state? u How to keep us Safe? u Software trust management u Hardware trust management u Evasive](https://reader036.vdocuments.site/reader036/viewer/2022082820/5697bf761a28abf838c809d4/html5/thumbnails/5.jpg)
5
Better Systems Security
Smarter viral scanners White lists Evasive scanners In kernel support
Rootkit detectors Practical detectors can run in kernel Boot time detectors work
![Page 6: 1 Part 7: State of the Art and Future u Are we in a sorry state? u How to keep us Safe? u Software trust management u Hardware trust management u Evasive](https://reader036.vdocuments.site/reader036/viewer/2022082820/5697bf761a28abf838c809d4/html5/thumbnails/6.jpg)
6
Obscurity
Security though obscurity may be a good idea in some cases
Hide secret using polymorphic schemes Virus/rootkit checkers use techniques that are “secret” Make systems “highly personalized” in some automatic way
Makes viruses not know how things are arranged in a particular computer
![Page 7: 1 Part 7: State of the Art and Future u Are we in a sorry state? u How to keep us Safe? u Software trust management u Hardware trust management u Evasive](https://reader036.vdocuments.site/reader036/viewer/2022082820/5697bf761a28abf838c809d4/html5/thumbnails/7.jpg)
7
Conclusions
Security has come a long way Networking is almost conquered Viral attacks is sill a pain Software is the final frontier
![Page 8: 1 Part 7: State of the Art and Future u Are we in a sorry state? u How to keep us Safe? u Software trust management u Hardware trust management u Evasive](https://reader036.vdocuments.site/reader036/viewer/2022082820/5697bf761a28abf838c809d4/html5/thumbnails/8.jpg)
8
Conclusions