Person:
Ahamad, Mustaque

Permanent Link
https://hdl.handle.net/1853/71046
Associated Organization(s)
Organizational Unit
ORCID
ArchiveSpace Name Record

Filters

26 1
25 1 1
27
27
Reset filters

Settings
search.filters.applied.f.isOrgUnitOfPublicationTitle: College of Computing ×

Publication Search Results

Now showing 1 - 10 of 27
  • Thumbnail Image
    Item
    One-Time Cookies: Preventing Session Hijacking Attacks with Stateless Authentication Tokens
    (Georgia Institute of Technology, 2012-02) Dacosta, Italo ; Chakradeo, Saurabh ; Ahamad, Mustaque ; Traynor, Patrick
    HTTP cookies are the de facto mechanism for session authentication in web applications. However, their inherent security weaknesses allow attacks against the integrity of web sessions. HTTPS is often recommended to protect cookies, but deploying full HTTPS support can be challenging due to performance and financial concerns, especially for highly distributed applications. Moreover, cookies can be exposed in a variety of ways even when HTTPS is enabled. In this paper, we propose One-Time Cookies (OTC), a more robust alternative for session authentication. OTC prevents attacks such as session hijacking by signing each user request with a session secret securely stored in the browser. Unlike other proposed solutions, OTC does not require expensive state synchronization in the web application, making it easily deployable in highly distributed systems. We implemented OTC as a plugin for the popular WordPress platform and as an extension for Firefox and Firefox for mobile browsers. Our extensive experimental analysis shows that OTC introduces a latency of less than 6 ms when compared to cookies - a negligible overhead for most web applications. Moreover, we show that OTC can be combined with HTTPS to effectively add another layer of security to web applications. In so doing, we demonstrate that One-Time Cookies can significantly improve the security of web applications with minimal impact on performance and scalability.
  • Thumbnail Image
    Item
    One-Time Cookies: Preventing Session Hijacking Attacks with Disposable Credentials
    (Georgia Institute of Technology, 2011) Dacosta, Italo ; Chakradeo, Saurabh ; Ahamad, Mustaque ; Traynor, Patrick
    Many web applications are vulnerable to session hijacking attacks due to the insecure use of cookies for session management. The most recommended defense against this threat is to completely replace HTTP with HTTPS. However, this approach presents several challenges (e.g., performance and compatibility concerns) and therefore, has not been widely adopted. In this paper, we propose “One-Time Cookies” (OTC), an HTTP session authentication protocol that is efficient, easy to deploy and resistant to session hijacking. OTC’s security relies on the use of disposable credentials based on a modified hash chain construction. We implemented OTC as a plug-in for the popular WordPress platform and conducted extensive performance analysis using extensions developed for both Firefox and Firefox for mobile browsers. Our experiments demonstrate the ability to maintain session integrity with a throughput improvement of 51% over HTTPS and a performance approximately similar to a cookie-based approach. In so doing, we demonstrate that one-time cookies can significantly improve the security of web sessions with minimal changes to current infrastructure.
  • Thumbnail Image
    Item
    A Crow or a Blackbird?: Using True Social Network and Tweeting Behavior to Detect Malicious Entities in Twitter
    (Georgia Institute of Technology, 2010) Balasubramaniyan, Vijay A. ; Maheswaran, Arjun ; Mahalingam, Viswanathan ; Ahamad, Mustaque ; Venkateswaran, H.
    The growing popularity of Twitter and its ability to enable near instantaneous sharing of information has made it a target of attacks by malicious entities who use it to spam and provide links to malware. There is evidence that these entities are using increasingly sophisticated techniques that mimic the behavior of reputed sources to avoid detection. We use novel mechanisms that utilize the true social network of users, the quality of information produced by them and their tweeting behavior to identify such entities. A scheme based on these mechanisms is even able to detect malicious entities that collude to establish dense social networks. Using actual data from a representative sample of 278, 758 Twitter users, we demonstrate the effectiveness of this approach by showing that (1) we identified 5334 accounts that had links to unsafe websites, and (2) over a period of 31 days, 181 accounts that our algorithm identified as potentially malicious were subsequently suspended by Twitter. We believe our algorithm is one of the first to automatically deal with a broad range of malicious entities present in Twitter.
  • Thumbnail Image
    Item
    Privacy Preserving Grapevines: Capturing Social Network Interactions Using Delegatable Anonymous Credentials
    (Georgia Institute of Technology, 2009) Balasubramaniyan, Vijay A. ; Lee, Younho ; Ahamad, Mustaque
    A wide variety of services allow users to meet online and communicate with each other, building new social relationships and reinforcing older ones. Unfortunately, malicious entities can exploit such services for fraudulent activities such as spamming. It is critical that these services protect users from unwanted interactions, especially when new relationships are being established - the introduction problem. The problem of assessing that a social network connection is no longer beneficial is also important due to the dynamic nature of such networks. A large number of new connections are established through existing, weak social ties (for example, friend of a friend). On the other hand, the willingness of a user to continue interactions with an existing relationship is an indication of his or her endorsement of that relationship. The interaction history of a user provides valuable information about both new social network connections and the validity of established ones. However, capturing this interaction history is rife with privacy concerns. In this paper, we create a transferable token framework, based on delegatable anonymous credentials (DAC - Crypto 2009), that captures interaction history in a privacy preserving manner. By using the Groth Sahai proof system, we extend DACs to allow for single use tokens with the ability to identify token double spenders. We show that such tokens can, simultaneously, demonstrate the existence of a social network path and capture the continued validity of a social network connection. We present an implementation of this DAC based token framework and utilize it in a Voice over IP (VoIP) setting to enable legitimate user interactions in the presence of a spammer threat model. Our results indicate that we are able to achieve low false positive and false negative rates for realistic threat scenarios without disclosing a user’s social network connections.
  • Thumbnail Image
    Item
    Emerging Cyber Threats Report for 2009
    (Georgia Institute of Technology, 2008-10-15) Ahamad, Mustaque ; Amster, Dave ; Barrett, Michael ; Cross, Tom ; Heron, George ; Jackson, Don ; King, Jeff ; Lee, Wenke ; Naraine, Ryan ; Ollmann, Gunter ; Ramsey, Jon ; Schmidt, Howard A. ; Traynor, Patrick
    On October 15, 2008, the Georgia Tech Information Security Center (GTISC) hosted its annual summit on emerging security threats and countermeasures affecting the digital world. At the conclusion of the event, GTISC released this Emerging Cyber Threats Report—outlining the top five information security threats and challengesfacing both consumer and business users in 2009. This year’s summit participants include security experts from the public sector, private enterprise and academia, reinforcing GTISC’s collaborative approach to addressing information security technology and policy challenges. "As one of the leading academic research centers focused on information security, GTISC believes strongly that a proactive and collaborative approach to understanding emerging threats will help us develop more effective information security technologies and strategies," said Mustaque Ahamad, director of GTISC. "The annual GTISC Security Summit on Emerging Cyber Security Threats and our annual Emerging Cyber Threats Report seek to give us a better understanding of the cyber security challenges we will face in the years ahead." GTISC research and advance interviews with key information security experts from government, industry and academia uncovered five specific trends and some profound questions that will drive threats and countermeasures in 2009 and beyond, including: Malware, Botnets, Cyber warfare, Threats to VoIP and mobile devices, and The evolving cyber crime economy. In an effort to inform the broader community about current and future risks, this report will describe each emerging threat, existing or potential countermeasures, and how the threat may evolve in the coming year. In addition, our experts will offer their opinion on the role that Internet security education and regulation may play in further preventing the spread of cyber crime.
  • Thumbnail Image
    Item
    The 2008 GTISC Security Summit - Emerging Cyber Security Threats
    (Georgia Institute of Technology, 2008-10-15) Ahamad, Mustaque ; Goodman, Seymour E. ; Rouland, Christopher Jay ; Elder, Robert J., Jr. ; Kwon, Mischel ; Lee, Wenke ; Moore, Morris ; Noonan, Thomas E. ; Ramsey, Jon ; Ransome, James ; Thompson, Heath
    Welcome address by Mustaque Ahamad, Director, Georgia Tech Information Security Center, Professor, College of Computing. Opening remarks by Sy Goodman, Professor and Co-Director, Center for International Strategy, Technology, and Policy ; Chris Rouland, Adjunct Lecturer College of Computing. Introduction by Tom Noonan, former chairman, president and chief executive officer of Internet Security Systems, Inc. Keynote address: Global Operations and Mission Assurance in a Contested Cyber Environment by Lt. General Robert J. Elder, Jr., Commander Eighth Air Force, Barksdale Air Force Base. Panel Discussions: Moderator: Thomas E. Noonan, Entrepreneur ; Mischel Kwon, Director, United States Computer Emergency Readiness Team; National Cyber Security Division, U.S. Department of Homeland Security ; Wenke Lee, Associate Professor, Georgia Tech Information Security Center ; Morris Moore, Vice President of Security Technology, Motorola's Applied Research and Technology Center ; Jon Ramsey, Chief Technology Officer, SecureWorks ; Jim Ransome, Senior Director, Secure Unified Wireless and Mobility Solutions Corporate Security Programs and Global Government Solutions, Cisco ; Heath Thompson, Director, Product Development, IBM/Internet Security Systems
  • Thumbnail Image
    Item
    Responsive Security for Stored Data
    (Georgia Institute of Technology, 2002) Lakshmanan, Subramanian ; Ahamad, Mustaque ; Venkateswaran, H.
    We present the design of a distributed store that offers various levels of security guarantees while tolerating a limited number of nodes that are compromised by an adversary. The store uses secret sharing schemes to offer security guarantees namely availability, confidentiality and integrity. However, a pure secret sharing scheme could suffer from performance problems and high access costs. We integrate secret sharing with replication for better performance and to keep access costs low. The tradeoffs involved between availability and access cost on one hand and confidentiality and integrity on the other are analyzed. Our system differs from traditional approaches such as state machine or quorum based replication that have been developed to tolerate Byzantine failures. Unlike such systems, we augment replication with secret sharing and demonstrate that such a hybrid scheme offers additional flexibility that is not possible with current schemes.
  • Thumbnail Image
    Item
    A Secure and Highly Available Distributed Store for Meeting Diverse Data Storage Needs
    (Georgia Institute of Technology, 2000) Lakshmanan, Subramanian ; Ahamad, Mustaque ; Venkateswaran, H.
    As computers become pervasive in environments like the home and community, data repositories that can maintain the long term state of applications will become increasingly important. Because of the greater reliance of people on such applications and the potentially sensitive nature of the data manipulated by them, the repository must be highly available and it should provide secure access to data. Furthermore, many different types of data, ranging from private data belonging to a single user to data shared across different users may be stored in the repository. We present the design of a distributed data repository, called a secure store, which can meet the data access needs of diverse applications. We develop protocols that replicate data at multiple servers to enhance availability and work even when a limited number of compromised servers exhibit arbitrary failure behavior. We also discuss how the nature of the data that is stored in the secure store impacts the availability and costs associated with data access.
  • Thumbnail Image
    Item
    Shared State Consistency for Time-sensitive Distributed Applications
    (Georgia Institute of Technology, 2000) Krishnaswamy, Vijaykumar ; Ahamad, Mustaque ; Bakken, David E. ; Raynal, M. (Michel)
    Distributed applications that share dynamically changing state are increasingly being deployed in wide-area environments. Such applications must access the state in a consistent manner, but the consistency requirements vary significantly from other systems. For example, shared memory models such as sequential consistency focus on the ordering of operations and the same level of consistency is provided to each process. In interactive distributed applications, the timeliness of updates becoming effective could be an extremely important consistency requirement and it could be different across different users. We propose a system that provides both non-timed and time sensitive read and write operations for manipulating dynamic shared state. For example, a timed read can be used by a process to read a recently written value whereas a timed write can make a new value available to all readers within a certain amount of time. We develop a consistency model that precisely defines the semantics of timed and non-timed read and write operations. A protocol that implements this model is also presented. We also describe an implementation and some performance measurements.
  • Thumbnail Image
    Item
    Securing Context-Aware Applications Using Environment Roles
    (Georgia Institute of Technology, 2000) Covington, Michael J. ; Long, Wende ; Srinivasan, Srividhya ; Dey, Anind K. ; Ahamad, Mustaque ; Abowd, Gregory D.
    In the future, a largely invisible and ubiquitous computing infrastructure will assist people with a variety of activities in the home and at work. The applications that will be deployed in such systems will create and manipulate private information and will provide access to a variety of other resources. Securing such applications is challenging for a number of reasons. Unlike traditional systems where access control has been explored, access decisions may depend on the context in which requests are made. We show how the well-developed notion of roles can be used to capture security-relevant context of the environment in which access requests are made. By introducing environment roles, we create a uniform access control framework that can be used to secure context-aware applications. We also present a security architecture that supports security policies that make use of environment roles to control access to resources.