Defense Event

Leveraging the Cloud for Software Security Services

Jonathan Oberheide

Thursday, December 22, 2011
10:00am - 12:00pm
3725 Beyster Bldg.

Add to Google Calendar

About the Event

This thesis seeks to leverage the network cloud to provide improved protection against modern security threats, allowing for dramatic improvements and asymmetric gains beyond what is possible with current approaches and architectures. Indeed, many of the critical security problems facing the Internet and its users are inadequately addressed by current security technologies. Current security measures often are deployed in an ad-hoc or host-based model, limiting their efficacy against modern malicious threats. However, recent advancements in the past decade in cloud computing and high-speed networking have ushered in a new era of software services. Software services that were previously deployed on-premise in organizations and enterprises are now being outsourced to the cloud, leading to fundamentally new models in how software services are sold, consumed, and managed. This thesis focuses on how novel software security services can be deployed that leverage the cloud to scale elegantly in terms of their capabilities, performance, and management. First, a method of performing detection of malicious software in the cloud to protect end hosts is presented. That method is also adapted to provide protection to mobile devices, an ever-increasing target for malicious attackers. Next, the benefits of applying cloud-oriented architectures for the application of malware analysis is explored. A method for large-scale classification of malicious software is presented as well as a method of evaluating the efficacy of antivirus evasion techniques, to emphasis that the benefits of the cloud can be leveraged by both legitimate and malicious parties. Lastly, to demonstrate the benefits of cloud-oriented architectures in other security services outside the realm of malicious software, we present a method for robustly computing cryptographic signatures across an end host, mobile device, and cloud service. Thesis Statement: By leveraging properties inherent to the network cloud, it is possible to design new classes of security services that offer improved detection of malicious threats, perform large-scale classification and analysis, and enable deployment of novel security technologies that scale elegantly in terms of capabilities, performance, and management.

Additional Information

Sponsor(s): Farnam Jahanian

Open to: Public