Embed Size (px)
DESCRIPTION
Describing the paradigm shift of Information security at Mass Internet age. Bot Net Order look like Order 66. What are "New Hopes " of cyber warfare ?
Citation preview
Security WarsSecurity Wars
episode 3episode 3
Revenge of Myth. Revenge of Myth. Ikuo Takahashi
A long time agoin a network far ,far away
Internet has been messed up by the unprecedented attacks from people who
covet the Internet by lust, people who impose on others for economic interests, people who juggle
with the bot. The society has made up the mind to defend the Internet. However, conventional law
enforcement measures are useless against organized attack such as phishing and botnet. Is messed up Internet dying to
Wild World Web? How can we repair the Internet ?………………..
previously Security Wars• Episode 1 Dark side of Hackers
– dark side hackers
– Society’s decision
エピソー
ト
Ⅰ闇に堕ちたハッカー
Sec Wars Episode 2
Attack of anonymous troops
エピソー
ド2
匿名軍団
の攻撃
Anonymous Troops
• Cyber Attack as Organized Crime
• Anonymity– 2 channel
– misuse of encryption e.g. overlay network
• Order “Bot Net”– rental of attacking troops
匿名軍団
・匿名BBS
・ボットネット
Change of backgrounds of Cyber crime
• from curiosity, self exhibition
• personal fun– individual attack
• domestic
• organisation crime
• monetary greed
• transborder
サイバー
犯罪の組織化・
金銭目的化・国際化
Order 66 vs ”Bot net” Order
• Order 66– Holoscan appeared on the
palm of his gauntlet ”It is time” the holoscan said.”Execute Order Sixty-Six”
– Standing Order Number One was,apparently,Kill Everything That moves.
– Combat droids were equipped with sophisticated self-motivators that kicked in automatically.
• Star Wars ep3 Chapter 18
• Bot net Order– Bot net were equipped to attack
the target by D-Dos or posting spam
– They communicate each other with sophisticated self-motivators that kicked in automatically. They change their using port or protocol in order to hide themselves.
Order “Bot Net” &ISP’s Network Management
A ブロック B ブロック C ブロック
ADSL/ 光
ISP-A
ISP-B ISP-C
・・
・・
ISP-D
DDoS!
・・
①detection
・・・・? ?
?
?
・・
Honey Pot
② infroamtion sharing
Dark side of Web 2.0
• phishing is dark “long tail”-– abuse of long tail effect
cannot be defraud
defraud
Conventional ways against phishing
• Infringement of copyright– duplicate the “Logo” service mark of business
• Anti-Spam Law– Amendment (May 30,2008)
• From “Opt out” to “Opt in”
• strengthen enforcement of law
著作権侵害を理由とす
る刑事事件・特定電子メ
ール法
Actual cases 1
• “Yafoo!” false site– Accused duplicated the homepage of Yahoo
company without authorisation, publish “Yafoo” webpage and unauthorised accessed real Yahoo site with ID and passwords which he stole with above false site.
– Tokyo district court Judgement Sep.12,2005• violation of Anti illegal access law and copyright law• imprison 1 year and 10months /suspended 4 years
Actual cases 2
• Phishing fraud gangsters – 8 persons were prosecuted
• stealing the personal information of some 1,000 people since last year and to have defrauded some 700 people out of about 100 million yen by using the data
• using Internet BBS to recruit members
– First -Takayuki Matsuoka-• leader of group• April 18,2006 Kyoto district court
– imprison 4 years and three million yen monetary penalty
組織犯罪としてのフィ
ッシング
Limitation of conventional measure
• After battle of Mustafer, many Jedi and Padaone were killed.– Emperor’s tactical
enterprise.• Master Yoda
– “My failure,this was.Failed the Jedi.I did.”
– “Too old I was””Too rigid. Too arrogant to see that the old way in not the only way”
• Law enforcement system – recover actual damage– punish wrongdoer– ability to trace wrongdoer
• not effective– international organisation
crime
Episodes3
Revenge of Myth.
エピソー
ド3
通信の秘密の足
かせ
Paradigm shift to Mass Internet society
• Concept of Internet Society– “Jefferson
Democracy” as Ideal • “Thomas” of
Congress Database• Based on rich
educated• Self fulfillment and
self governance• Netizen and
Netiquette
• Mass Internet Society– “forever beginner”
– Mass society
– “anonymous coward”
– No Self-fulfillment & governance
大衆インター
ネット社会へのパラダイム
シフト
・ジェファー
ンデモクラシー
自己実現
自
己統治
・「永遠のビギナー
」「
匿名の卑怯者」
Defend “Innocent User(Forever Beginner)”
• “Research Group concerning next generation information security policy” (MIC) – (Jisedai no jyohou security seisaku ni kansuru
kenkyukai houkokusyo) Soumusho– User who is not highly conscious to information
security or highly skilled.– They (e.g. retired post war generation) are joining to
network community.
• Start from actual facts
“Weapon” of Cyber Attack
• “Transborder”– difficulties of international cooperation of
law enforcement activities
• “Anonymity”– economic hurdle to trace wrongdoer.
– privacy of communication is barrier to defense activities.
Is this WAR?• Presumably
– Start from actual fact.
• definition of “War”– “asymmetric war”– no nation, no blood
• Defend the “Innocent User”– Refer; “Wire fraud recovery
Act”
•“Victory?” Yoda echoed with great skepticism. ”The shroud of the dark side has fallen. Begun,this clone War has!”
•Master Yoda after “War of Geonosis”
How to “repair” the Internet
• Defense concept-”Cloud defense”– from client to “in the cloud”
– from reactive to proactive
– compare “furikome sagi-telephone fraud”
• against misuse of transborder character
• against misuse of anonymity
Suggestions from War against ”furikome –fraud”
• furikome –fraud”– spohisticated telephone fraud
– organization crime-affiliated group of Yakuza
• Against ”furikome –fraud”– national movement, culture-kind warnings
– “to prevent your parents”
– legal defense
Suggestions from War against ”furikome –fraud”
legal aspect
• against “furikome –fraud”– multiple package of legal methods
• Identifying account holder law (amended 2004)• Anti misuse of cellphone law(2005)
– request IDs @ contract of cellphpne– Chief of police ask ISP to produce account information
• Remedies of damage from furikome –fraud law (2008)
– freeze the criminal’s account – distribute the assets of account by easy way
The Other Star Wars concept
• Strategic Defense Initiative– proposal by U.S. President Ronald
Reagan on March 23, 1983[1] to use ground and space-based systems to protect the United States from attack by strategic nuclear ballistic missiles.
Rediscover of Communication sovereign
-role of sovereign-
• “Constitution of the International Telecommunication Union”
– Article 34 bis Member States also reserve the right to cut off, in accordance with their national law, any other private telecommunications which may appear dangerous to the security of the State or contrary to its laws, to public order or to decency.
– Article 35 Each Member State reserves the right to suspend the international telecommunication service, either generally or only for certain relations and/or for certain kinds of correspondence, outgoing, incoming or in transit, provided that it immediately notifies such action to each of the other Member States through the Secretary-General.
Inspection of border
• Quarantine Law– The objective of this law is to prevent pathogen causing infectious diseases
nonexistent in Japan from entering the country through vessels or aircraft, and to take measures necessary for prevention of other infectious diseases borne through vessels or aircraft.
• How about communication?– Information security 80% from outside Japan
– contents
– execution of sovereign-wide discretion
Concept of proactive defense
• ISP activity– security
– phishing
– inappropriate information
– copyright
• Domain Registrar's take down procedure
ISP against Myth.-dogma (JP) “secrecy of communication “
• Secrecy of communication– Electronic communication business law sec.4
• Dogma– Intermediates cannot reveal the sender information– ISP can act as long as the “defence” stands.
• Appropriate business activity
• Self defence
• crime prevention
通信の秘密のドグマとの闘い
・電気通信事業法4条
・違法性阻却事由のなかでの活動
Development of Dogma
• No distinction between content and communication data– Traffic data is too protected
• Warrant is necessary for search of traffic data in criminal case
• Disclosure procedure of sender is useless
– Chilling effect to ISP • Ambiguous legality of ISP’s management
activities
ドグマの肥大化
・通信デー
タへの適用
法執行への制限
匿名性強化
発信者情報
開示-
無用さ
・ISPへの萎縮効果
Two aspects of Secrecy of Communication
• Traceability– (civil) difficult to file a litigation against
sender– (criminal) LEA have to overcome high
barrier
• No control or restriction of contents– censorship– historical issue
追跡可能性と伝達の保
証
Traceability
• differences –mixi v. LinkedIn
• economical cost
• “Such cost is expensive by far in Japan”
Traceability-Beyond the dogma
• JP– Warrant for search
of traffic data
– Disclosure procedure of sender is useless
– Ambiguous of ISP’S management activities
• US/UK– Subpoena for traffic data
(civil)
– Subpoena for account information and §2703 (d) order (criminal)
– ISP’s code of Practice in UK
追跡可能性におけるドグマを超える
ために
・米国における提出命令制度・d命
令・ISPの行為規範
US network and privacy
real time Stored communicationacquisition use disclosure
content Provider exception
Network Neutrality
Voluntary disclosure
(civil org.) ?(LE)
consent exception,
computer intruder exception
(civil org.)
Prohibited/
exception
(LE) ditto.
compulsory
(LE) Title 3(Interception) 、 FISA
(LE) search warrant/subpoena with notice
Communication data
Aggressive acquisition
? (civil org.)?
(LE) Pen register/Trace Trap Order
(civil org.) subpoena
(LE) subpoena/
(d)order
ISP’s cooperation• Co-operation with
Law Enforcement• Cooperation
against CybercrimeTuesday 1 - Wednesday 2 April 2008Council of Europe, Strasbourg, France
• Find - Peter Cassidy, Secretary General, Anti Working Phishing Group
ISPとLEとの協力
Against illegal/inappropriate traffic
• “traffic”– not only content
• traffic itself become weapon of attack
• “illegal” and “Inappropriate”
• History– Telegram Act article 5 (prohibition of communication) was
deleted in 1952at the introduction of Public Electronic Telecommunication Law.
– Authority might order the prohibition from“public safety or good order”
Framework against illegal / inappropriate information
against public order
misc illegal
infringing right
harmful to juvenile
ISP may delete on contract.
disclose suicide information
filtering
by disclose of sender
ISP may delete on contract.
ISP may delete on contract.
illegal inappropriate
ISP’s issue against illegal traffic
• take down the Phishing site– Information sharing– ISP can delete phishing information file legally.
”Present status of Phishing and direction of ISP’s counter measure” issued by Ministry of Internal Affairs and Communication(Aug,2005)
• warning user whose PC is infected virus.
• warning copyright infringing user
• Throttling the P2P traffic
フィッシングの遮断
ウイ
ルス感染P
C
のお知らせ
P2P
トラフィックの制限?
“Revenge” of secrecy of communication
• ISP cannot refuse to deliver illegal traffic.– right of intermediates vs. privacy of parties?
– based on contracts?
– waiver of privacy ?
• compare – real flu virus/ Post office may refuse (Postal law)
– duties to avoid jamming (Electronic wave law)
Interpretation of secrecy of communication
• Three elements– “actively acquire”
• How about ping?
– “unauthorised disclose”• coordinated response ?
– “Use for self or others”• public purpose?
• There is no official interpretation at the Internet era.
More burden
• Block the illegal traffic ?– Blocking child porno.
• world trend
• Germany– In Germany, based on the initiative of the Federal Ministry of
Family Affairs,Senior Citizens, Women and Youth (BMFSFJ), the government has had discussions for several months now on how to block child pornography sites hosted on servers outside of the country.
– UK via IWF (cleanfeed)
– Copyright guardian.
Copyright Guardian?
• Three strike law– France
• 3 strikes law pass Parliament (May 13.2009).• "Creation and Internet" law has finally been adopted by the
National Assembly.– UK
• Agreement between ISP and copyright holder.– Judgement in Belgium, Denmark
• “Belgium Says ISPs Must Protect Copyright”• IFPI Forces Danish ISP to Block The Pirate Bay
– Disconnect Finland
著作権制度の擁護者?
ISP’s grief
• Vador didn’t intend to kill Padome.– “I’m very sorry, Lord
Vador.(..) It seems in your anger, you killed her”
• “No…no. it is not possible” (ep3) – Darth Vader
ISPの悲しみ
・言論の自由の制限のつもりはない
・どのように・何を・コストは誰が
Does not intend to regulate “Freedom of
speech” concepts
How to control?What control?Who control?
Who pay for costs?
CU @Episode 4
May the Force be
with U!
どのようなエピソー
ド4
を描けるのか
