Featured Research

from universities, journals, and other organizations

Researchers develop defense against cyberattacks

Date:
August 15, 2014
Source:
Technische Universitaet Muenchen
Summary:
A group of journalists has reported the existence of the 'Hacienda' spy program. According to this report, five western intelligence agencies are using the Hacienda software to identify vulnerable servers across the world in order to control them and use them for their own purposes. Scientists have now developed free software that can help prevent this kind of identification and thus the subsequent capture of systems.

Today, a group of journalists has reported the existence of the "Hacienda" spy program. According to this report, five western intelligence agencies are using the Hacienda software to identify vulnerable servers across the world in order to control them and use them for their own purposes. Scientists at the Technische Universitδt Mόnchen (TUM) have developed free software that can help prevent this kind of identification and thus the subsequent capture of systems.

Port scanners are programs that search the Internet for systems that exhibit potential vulnerabilities. According to the report published today by journalists at Heise Online, Hacienda is one such port scanning program. The report says that this program is being put into service by the "Five Eyes," a federation of the secret services of the USA, Canada, the UK, Australia and New Zealand. "The goal is to identify as many servers as possible in other countries that can be remotely controlled," explains Dr. Christian Grothoff, Emmy Noether research group leader at the TUM Chair for Network Architectures and Services.

New free software "TCP Stealth"

Grothoff and his students at TUM have developed the "TCP Stealth" defense software, which can inhibit the identification of systems through both Hacienda and similar cyberattack software and, as a result, the undirected and massive takeover of computers worldwide, as Grothoff explains. "TCP Stealth" is free software that has as its prerequisites particular system requirements and computer expertise, for example, use of the GNU/Linux operating system. In order to make broader usage possible in the future, the software will need further development.

But even now, through "TCP Stealth," the researchers are already putting an additional defensive tool into the hands of system administrators, as firewalls, virtual private networks (VPNs) and other existing techniques provide only limited protection against such cyberattacks.

The connection between a user and a server on the Internet occurs using the so-called Transmission Control Protocol (TCP). The user's computer first has to identify itself to a service by sending a data packet to the server. "This is the user asking, 'Are you there?'" explains Grothoff. The service then answers the user's request; within this response alone, there is often information transmitted that adversaries can use for an attack.

Secret token is transmitted invisibly

The free software developed by TUM researchers is based on the following concept: There exists a number that is only known to the client computer and the server. On the basis of this number, a secret token is generated, which is transmitted invisibly while building the initial connection with the server. If the token is incorrect, the system simply doesn't answer, and the service appears to be dead. While similar defensive measures are already known, the protection capabilities of the new software is higher than that of extant techniques.

In particular, in contrast to existing defensive software, "TCP Stealth" also protects against a further variant of this kind of cyberattack. The attack occurs when an adversary interposes himself between the user and the server into an already existing connection. The data sent by the user to the server is then captured and replaced with other information. This is analogous to pulling an envelope from the mailbox after it has been deposited, removing the contents from that envelope, and replacing them with a different letter.

In order to prevent this, a verification code is also sent while building the initial connection. The server can then use this to detect whether or not it has received the correct data.

Further info: http://www.heise.de/ct/artikel/NSA-GCHQ-The-HACIENDA-Program-for-Internet-Colonization-2292681.html


Story Source:

The above story is based on materials provided by Technische Universitaet Muenchen. Note: Materials may be edited for content and length.


Cite This Page:

Technische Universitaet Muenchen. "Researchers develop defense against cyberattacks." ScienceDaily. ScienceDaily, 15 August 2014. <www.sciencedaily.com/releases/2014/08/140815102318.htm>.
Technische Universitaet Muenchen. (2014, August 15). Researchers develop defense against cyberattacks. ScienceDaily. Retrieved September 17, 2014 from www.sciencedaily.com/releases/2014/08/140815102318.htm
Technische Universitaet Muenchen. "Researchers develop defense against cyberattacks." ScienceDaily. www.sciencedaily.com/releases/2014/08/140815102318.htm (accessed September 17, 2014).

Share This



More Computers & Math News

Wednesday, September 17, 2014

Featured Research

from universities, journals, and other organizations


Featured Videos

from AP, Reuters, AFP, and other news services

FBI Finishes $1 Billion Facial Recognition System

FBI Finishes $1 Billion Facial Recognition System

Newsy (Sep. 15, 2014) — The FBI announced it plans to make its Next Generation Identification System available to law enforcement, but some privacy advocates are worried. Video provided by Newsy
Powered by NewsLook.com
A+ for Apple iPhone Pre-Sales

A+ for Apple iPhone Pre-Sales

Reuters - Business Video Online (Sep. 15, 2014) — Apple says it received a record 4 million first-day pre-orders for its new iPhone 6 and iPhone 6 Plus, pushing delivery dates into October. Bobbi Rebell reports. Video provided by Reuters
Powered by NewsLook.com
Microsoft to Buy 'Minecraft' Maker for $2.5B

Microsoft to Buy 'Minecraft' Maker for $2.5B

AP (Sep. 15, 2014) — Microsoft will acquire the maker of the long-running hit game Minecraft for $2.5 billion as the company continues to invest in its Xbox gaming platform and looks to grab attention on mobile phones. (Sept. 15) Video provided by AP
Powered by NewsLook.com
Manufacturer Prints 3-D Car In Record Time

Manufacturer Prints 3-D Car In Record Time

Newsy (Sep. 15, 2014) — Automobile manufacturer Local Motors created a drivable electric car using a 3-D printer. Printing the body only took 44 hours. Video provided by Newsy
Powered by NewsLook.com

Search ScienceDaily

Number of stories in archives: 140,361

Find with keyword(s):
 
Enter a keyword or phrase to search ScienceDaily for related topics and research stories.

Save/Print:
Share:  

Breaking News:
from the past week

In Other News

... from NewsDaily.com

Science News

Health News

    Environment News

      Technology News



      Save/Print:
      Share:  

      Free Subscriptions


      Get the latest science news with ScienceDaily's free email newsletters, updated daily and weekly. Or view hourly updated newsfeeds in your RSS reader:

      Get Social & Mobile


      Keep up to date with the latest news from ScienceDaily via social networks and mobile apps:

      Have Feedback?


      Tell us what you think of ScienceDaily -- we welcome both positive and negative comments. Have any problems using the site? Questions?
      Mobile iPhone Android Web
      Follow Facebook Twitter Google+
      Subscribe RSS Feeds Email Newsletters
      Latest Headlines Health & Medicine Mind & Brain Space & Time Matter & Energy Computers & Math Plants & Animals Earth & Climate Fossils & Ruins