Featured Research

from universities, journals, and other organizations

Researchers develop defense against cyberattacks

Date:
August 15, 2014
Source:
Technische Universitaet Muenchen
Summary:
A group of journalists has reported the existence of the 'Hacienda' spy program. According to this report, five western intelligence agencies are using the Hacienda software to identify vulnerable servers across the world in order to control them and use them for their own purposes. Scientists have now developed free software that can help prevent this kind of identification and thus the subsequent capture of systems.

Today, a group of journalists has reported the existence of the "Hacienda" spy program. According to this report, five western intelligence agencies are using the Hacienda software to identify vulnerable servers across the world in order to control them and use them for their own purposes. Scientists at the Technische Universitδt Mόnchen (TUM) have developed free software that can help prevent this kind of identification and thus the subsequent capture of systems.

Port scanners are programs that search the Internet for systems that exhibit potential vulnerabilities. According to the report published today by journalists at Heise Online, Hacienda is one such port scanning program. The report says that this program is being put into service by the "Five Eyes," a federation of the secret services of the USA, Canada, the UK, Australia and New Zealand. "The goal is to identify as many servers as possible in other countries that can be remotely controlled," explains Dr. Christian Grothoff, Emmy Noether research group leader at the TUM Chair for Network Architectures and Services.

New free software "TCP Stealth"

Grothoff and his students at TUM have developed the "TCP Stealth" defense software, which can inhibit the identification of systems through both Hacienda and similar cyberattack software and, as a result, the undirected and massive takeover of computers worldwide, as Grothoff explains. "TCP Stealth" is free software that has as its prerequisites particular system requirements and computer expertise, for example, use of the GNU/Linux operating system. In order to make broader usage possible in the future, the software will need further development.

But even now, through "TCP Stealth," the researchers are already putting an additional defensive tool into the hands of system administrators, as firewalls, virtual private networks (VPNs) and other existing techniques provide only limited protection against such cyberattacks.

The connection between a user and a server on the Internet occurs using the so-called Transmission Control Protocol (TCP). The user's computer first has to identify itself to a service by sending a data packet to the server. "This is the user asking, 'Are you there?'" explains Grothoff. The service then answers the user's request; within this response alone, there is often information transmitted that adversaries can use for an attack.

Secret token is transmitted invisibly

The free software developed by TUM researchers is based on the following concept: There exists a number that is only known to the client computer and the server. On the basis of this number, a secret token is generated, which is transmitted invisibly while building the initial connection with the server. If the token is incorrect, the system simply doesn't answer, and the service appears to be dead. While similar defensive measures are already known, the protection capabilities of the new software is higher than that of extant techniques.

In particular, in contrast to existing defensive software, "TCP Stealth" also protects against a further variant of this kind of cyberattack. The attack occurs when an adversary interposes himself between the user and the server into an already existing connection. The data sent by the user to the server is then captured and replaced with other information. This is analogous to pulling an envelope from the mailbox after it has been deposited, removing the contents from that envelope, and replacing them with a different letter.

In order to prevent this, a verification code is also sent while building the initial connection. The server can then use this to detect whether or not it has received the correct data.

Further info: http://www.heise.de/ct/artikel/NSA-GCHQ-The-HACIENDA-Program-for-Internet-Colonization-2292681.html


Story Source:

The above story is based on materials provided by Technische Universitaet Muenchen. Note: Materials may be edited for content and length.


Cite This Page:

Technische Universitaet Muenchen. "Researchers develop defense against cyberattacks." ScienceDaily. ScienceDaily, 15 August 2014. <www.sciencedaily.com/releases/2014/08/140815102318.htm>.
Technische Universitaet Muenchen. (2014, August 15). Researchers develop defense against cyberattacks. ScienceDaily. Retrieved October 20, 2014 from www.sciencedaily.com/releases/2014/08/140815102318.htm
Technische Universitaet Muenchen. "Researchers develop defense against cyberattacks." ScienceDaily. www.sciencedaily.com/releases/2014/08/140815102318.htm (accessed October 20, 2014).

Share This



More Computers & Math News

Monday, October 20, 2014

Featured Research

from universities, journals, and other organizations


Featured Videos

from AP, Reuters, AFP, and other news services

Facebook Says The DEA's Fake Accounts Go Too Far

Facebook Says The DEA's Fake Accounts Go Too Far

Newsy (Oct. 19, 2014) — Facebook says the DEA violated its Terms of Service and that such impersonations damage the integrity of the site. Video provided by Newsy
Powered by NewsLook.com
Court Ruling Means Kids' Online Activity Could Be On Parents

Court Ruling Means Kids' Online Activity Could Be On Parents

Newsy (Oct. 17, 2014) — In a ruling attorneys for both sides agreed was a first of its kind, a Georgia appeals court said parents can be held liable for what kids put online. Video provided by Newsy
Powered by NewsLook.com
For Google, Even A $16.5 Billion Earnings Report Is A Miss

For Google, Even A $16.5 Billion Earnings Report Is A Miss

Newsy (Oct. 17, 2014) — Analysts were expecting more, but Google’s ad growth slowed on the quarter and the company is spending more of its money. Video provided by Newsy
Powered by NewsLook.com
Obama Signs Cybersecurity Order, Wants Safer Payments

Obama Signs Cybersecurity Order, Wants Safer Payments

Reuters - US Online Video (Oct. 17, 2014) — President Barack Obama announces details of a new executive order designed to make federal payments safer following recent massive data breaches. Rough Cut (no reporter narration). Video provided by Reuters
Powered by NewsLook.com

Search ScienceDaily

Number of stories in archives: 140,361

Find with keyword(s):
 
Enter a keyword or phrase to search ScienceDaily for related topics and research stories.

Save/Print:
Share:  

Breaking News:

Strange & Offbeat Stories

 

Space & Time

Matter & Energy

Computers & Math

In Other News

... from NewsDaily.com

Science News

Health News

Environment News

Technology News



Save/Print:
Share:  

Free Subscriptions


Get the latest science news with ScienceDaily's free email newsletters, updated daily and weekly. Or view hourly updated newsfeeds in your RSS reader:

Get Social & Mobile


Keep up to date with the latest news from ScienceDaily via social networks and mobile apps:

Have Feedback?


Tell us what you think of ScienceDaily -- we welcome both positive and negative comments. Have any problems using the site? Questions?
Mobile iPhone Android Web
Follow Facebook Twitter Google+
Subscribe RSS Feeds Email Newsletters
Latest Headlines Health & Medicine Mind & Brain Space & Time Matter & Energy Computers & Math Plants & Animals Earth & Climate Fossils & Ruins