Job ad: post-doctoral researcher in security, operating systems, computer architecture

Jobs, Operating systems, Processors, Programming languages

We are pleased to announce a job opening at the University of Cambridge Computer Laboratory for a post-doctoral researcher working in the areas of security, operating systems, and computer architecture.

Research Associate in compiler-assisted instrumentation of operating system kernels
University of Cambridge – Faculty of Computer Science and Technology
Salary: £27,578-£35,938 pa

The funds for this post are available for up to two years:

We are seeking a Post-doctoral Research Associate to join the CTSRD and MRC2 projects, which are investigating fundamental revisions to CPU architecture, operating system (OS), programming language, and networking structures in support of computer security. The two projects are collaborations between the University of Cambridge and SRI International, and part of the DARPA CRASH and MRC research programmes on clean-slate computer system design.

This position will be an integral part of an international team of researchers spanning multiple institutions across academia and industry. The successful candidate will contribute to low-level aspects of system software: compilers, language run-times, and OS kernels. Responsibilities will include researching the application of novel dynamic instrumentation techniques to C-language operating systems and applications, including adaptation of the FreeBSD kernel and LLVM compiler suite, and evaluation of the resulting system.

Continue reading Job ad: post-doctoral researcher in security, operating systems, computer architecture

Three Paper Thursday: Binary analysis and Security

Three Paper Thursday

Mention the phrase “binary reverse engineering” or “binary analysis” and it often conjures up an image of software pirates or hacking groups. However, there are practical reasons for doing analysis on machine code. For instance, machines don’t run source code, they run machine code – how do we know it’s running correctly? Malware doesn’t usually come with source code (but they are known to leak on occasion); How do we protect our software from discovered vulnerabilities if we’re unable to re-compile the program from the original source code? For three paper Thursday this week, my contribution is to highlight three representative security applications of binary analysis, namely software testing, malware analysis and software protection. Continue reading Three Paper Thursday: Binary analysis and Security

Capsicum in CACM Research Highlights

Academic papers, Operating systems

The Research Highlights section of Communications of the ACM from March 2012 features two articles on Capsicum, collaborative research by the Cambridge security group and Google on capability-oriented security for contemporary operating systems. The first, Technical Perspective: The Benefits of Capability-Based Protection by Steven Gribble, considers the value of capability systems (such as Capsicum) in addressing current security problems. The second, A taste of Capsicum: practical capabilities for UNIX, is an abridged and updated version of our USENIX Security paper from 2010. These articles have since been picked up by Slashdot, Reddit, and others, and are linked to from the Capsicum publications, talks, and documentation page.

Privacy economics: evidence from the field

Academic papers, Privacy technology, Security economics

It has been argued that privacy is the new currency on the Web. Services offered for free are actually paid for using personal information, which is then turned into money (e.g., using targeted advertising). But what is the exchange rate for privacy? In the largest experiment ever and the first done in field, we shed new light on consumers’ willingness to pay for added privacy.

One in three Web shoppers pay half a euro extra for keeping their mobile phone number private. If privacy comes for free, more than 80% of consumers choose the company that collects less personal information, our study concludes.

Continue reading Privacy economics: evidence from the field

Three Paper Thursday: Financial Crypto 2012

Three Paper Thursday

I spent last week attending Financial Cryptography on Bonaire (a small Dutch island in the Caribbean), along with its attached workshops on Ethics in Computer Security Research and Usable Security.  As usual, the conference attracted a broad spectrum of papers mixing applied cryptography and miscellaneous financial security problems (including our own group’s work on PIN guessing statistics and Facebook’s photo-based backup authentication). All of the papers are now online. I’ll point to three papers which thought-provoking for me. I’m not going to claim these are the best or most important papers-the conference featured some very strong work on applying cryptography to practical problems like smart metering and oblivous printing, while perhaps the most newsworthy research was Wustrow et al.’s hacking of the Washington DC Internet voting prototype. I’ll just highlight why these papers were memorable for me. Continue reading Three Paper Thursday: Financial Crypto 2012

Some evidence on multi-word passphrases

Academic papers, Authentication, Security engineering, Security psychology, Usability, Web security

Using a multi-word “passphrase” instead of a password has been suggested for decades as a way to thwart guessing attacks. The idea is now making a comeback, for example with the Fastwords proposal which identifies that mobile phones are optimised for entering dictionary words and not random character strings. Google’s recent password advice suggests condensing a sentence to form a password, while Komanduri et al.’s recent lab study suggests simply requiring longer passwords may be the best security policy. Even xkcd espouses multi-word passwords (albeit with randomly-chosen words). I’ve been advocating through my research though that authentication schemes can only be evaluated by studying large user-chosens distribution in the wild and not the theoretical space of choices. There’s no public data on how people choose passphrases, though Kuo et al.’s 2006 study for mnemonic-phrase passwords found many weak choices. In my recent paper (written with Ekaterina Shutova) presented at USEC last Friday (a workshop co-located with Financial Crypto), we study the problem using data crawled from the now-defunct Amazon PayPhrase system, introduced last year for US users only. Our goal wasn’t to evaluate the security of the scheme as deployed by Amazon, but learn more how people choose passphrases in general. While this is a relatively limited data source, our results suggest some caution on this approach. Continue reading Some evidence on multi-word passphrases

Three-paper Thursday: Android Malware Intelligence

Three Paper Thursday

Google’s mobile platform Android has been gaining increasingly popularity in the last few years. The policy of being open in its application marketplace is undoubtedly one of the keys that help Android grow so quickly. The low entry barriers as well as the non-vetting process help Android attract a lot of developers who have brought 450,000+ applications to the Android Market in 3 years. This success comes at a price though: Android is now the leading target of mobile malware also due to the less restrictive nature of the platform and the marketplace. The official Android Market and third-party marketplaces harbour benign applications as well as nefarious ones. On this week’s Three Paper Thursday, I’d like to introduce three papers that provide insights on intelligence of Android malware in the wild.

Continue reading Three-paper Thursday: Android Malware Intelligence

Three-paper Thursday: capability systems

Operating systems, Processors, Programming languages, Three Paper Thursday

This week, my contribution to our three-paper Thursday research reading list series is on capability systems. Capabilities are unforgeable tokens of authority — capability systems are hardware, operating, or programming systems in which access to resources can occur only using capabilities. Capability system research in the 1970s motivated many fundamental insights into practical articulations of the principle of least privilege, separation of mechanism and policy, and the interactions between program representation and security. They also formed the intellectual foundation for a recent renaissance in capability-oriented microkernels (L4, sel4) and programming languages (Joe-E, Caja, ECMAScript 5). Capability systems have a long history at Cambridge, including the CAP Computer, and more recently, our work on Capsicum: practical capabilities for UNIX. I’ve selected three “must read” papers, but there are plenty of other influential pieces that, unfortunately, space doesn’t allow for!
Continue reading Three-paper Thursday: capability systems

Social authentication – harder than it looks!

Academic papers, News coverage, Privacy technology, Security economics, Security psychology, Usability

This is the title of a paper we’ll be presenting next week at the Financial Crypto conference (slides). There is also coverage in the New Scientist.

Facebook has a social authentication mechanism where you may be asked to recognise some of your friends from photos as part of the login process. We analysed this and found it to be vulnerable to guessing by your friends, and also to modern face-recognition systems. Most people want privacy only from those close to them; if you’re having an affair then you want your partner to not find out but you don’t care if someone in Mongolia learns about it. And if your partner finds out and becomes your ex, then you don’t want them to be able to cause havoc on your account. Celebrities are similar, except that everyone is their friend (and potentially their enemy).

Second, if someone outside your circle of friends is doing a targeted attack on you, then by friending your friends they can get some access to your social circle to collect photos, which they might use in image-recognition software or even manually to pass the test.
Continue reading Social authentication – harder than it looks!

How hard are PINs to guess?

Academic papers, Authentication, Banking security, Usability

Note: this research was also blogged today at the NY Times’ Bits technology blog.

I’ve personally been researching password statistics for a few years now (as well as personal knowledge questions) and our research group has a long history of research on banking security. In an upcoming paper at next weel’s Financial Cryptography conference written with Sören Preibusch and Ross Anderson, we’ve brought the two research threads together with the first-ever quantitative analysis of the difficulty of guessing 4-digit banking PINs. Somewhat amazingly given the importance of PINs and their entrenchment in infrastructure around the world, there’s never been an academic study of how people actually choose them. After modeling banking PIN selection using a combination of leaked data from non-banking sources and a massive online survey, we found that people are significantly more careful choosing PINs then online passwords, with a majority using an effectively random sequence of digits. Still, the persistence of a few weak choices and birthdates in particular suggests that guessing attacks may be worthwhile for an opportunistic thief. Continue reading How hard are PINs to guess?