How secure is your home Wi-fi?

It is certainly true that most homes today have at least a wireless broadband connection or two. A broadband connection (wired or wireless) is a form of high-speed network connection that allows users get connected to the Internet. Wireless broadband connection is a broadband connection that does not require the user to plug network cables from her laptop or PC to the access point before it can be connected to the Internet. So that the user can use her laptop, PC or desktop in any apartment without much hassles of moving network cables around the home. The easy of using your desktop or laptop in any room of your convenient without clattered loose cables is beautiful and appealing. But, with this leisure comes a concern.

The concern is how many home Wi-fi's are secure? I want to believe that all home wi-fi's are secure, but unfortunately, most of these connections are not secure. Some of the connections have no security mechanisms, no authentication and no encryption either. There are countless home wi-fi connections that are open, allowing anyone to use the connection. And consequently, allowing home laptops, PCs or desktops to be easily hacked and compromised. Not only would these computers be compromised, the attacker can then use the home wi-fi to step up multiple attack points to invade and penetrate other computers, leaving the liability of any abuse to the home wi-fi owner.

Here are easy things to do to secure you wi-fi connection.
1) Ask your wireless broadband provider to assign a secureID to your connection, and provide you with the password. Once you've logged on for the first time, please change the password to a new password you can remember. Make sure not to write your password on a piece of paper or in a book or folder.
2) Setup your connection not to accept any incoming wireless connection without a password. That is, do not accept insecure communications.
3) Install a personal firewall on your desktop, laptop or PC, and ensure it's properly setup to monitor activities that go on in your computer. Also, the firewall must be configured to inspect your wireless connection. Always check firewall logs to ensure that you're aware of what may be going on behind the scene.
4) Ensure you change your wireless connection password regularly.
5) Ensure you have an intrusion detection system running on your computer or laptop. IDS help to alert you what maybe happening behind the scenes.

Thanks, and hope this will offer some assistance to some home users.

IEEE International Conference on Intelligence and Security Informatics (ISI 2010)

IEEE International Conference on Intelligence and Security Informatics (ISI 2010)

May 23-26, 2010
The Fairmont Waterfront Hotel, Vancouver, B.C., Canada

WEB: http://conferences.irmacs.sfu.ca/isi2010/
THEME: Public Safety and Security
HOST: The IRMACS Centre, Simon Fraser University, British Columbia, Canada


Intelligence and Security Informatics (ISI) research is an interdisciplinary research field involving academic researchers in information technologies, computer science, public policy, bioinformatics, medical informatics, and social and behavior studies as well as local, state, and federal law enforcement and intelligence experts, and information technology industry consultants and practitioners to support counterterrorism and homeland security missions of anticipation, interdiction, prevention, preparedness and response to terrorist acts. The annual IEEE International ISI Conference series (http://www.isiconference.org\) was started in 2003, and the first seven meetings were held in Tucson, AZ (twice); Atlanta,
GA; San Diego, CA; New Brunswick, NJ; Taipei, Taiwan; and Dallas, TX. Proceedings of these ISI meetings and workshops have been published by IEEE Press and in the Springer Lecture Notes in Computer Science (LNCS) series.

ISI 2010 will be organized in four main streams focusing on
- Information Sharing and Data/Text Mining,
- Infrastructure Protection and Emergency Responses,
- Terrorism Informatics, and
- Computational Criminology.

For detailed information on Topics, see the ISI 2010 website at
http://conferences.irmacs.sfu.ca/isi2010/. Instructions and template
information can soon be found on the Submissions page.

WORKSHOPS: In conjunction with ISI 2010, the National Center for Border Security and Immigration (BORDERS) at the University of Arizona will hold its Second Annual Workshop on "Challenges and Solutions at the Northern Border - 2010" on May 26. MITACS (Mathematics of Information Technology and Complex Systems) will hold a workshop on "Modeling Complex Adaptive Dynamic Social Systems" on May 23.

HOTEL AND LOCATION: Vancouver is a scenic destination, a dynamic and multicultural city set in a spectacular natural environment where the Coast Mountain range meets the Pacific Ocean. Majestic mountains, sparkling ocean and a cosmopolitan flair make it a perfect meeting and convention destination with exceptional cuisine, first-class hotels and outstanding facilities, consistently rated as one of the top 10
meeting and convention destinations year after year. Special room rates at The Fairmont Waterfront (for a limited number of rooms) will be available for participants of ISI 2010.

Program Co-Chairs:
Donald E. Brown (The Univ. of Virginia, USA)
Ke Wang (Simon Fraser Univ., Canada)
Christopher C. Yang (Drexel Univ., USA)
Daniel Zeng (The Univ. of Arizona & Chinese Academy of Sciences)
Workshop Co-Chairs:
Antonio Badia (Univ. of Louisville, USA)
Elyse Golob, DHS National Center for Border Security and Immigration, The Univ. of Arizona, USA
Jay F. Nunamaker, The Univ. of Arizona, USA
Publicity Co-Chairs
Bhavani Thuraisingham (The Univ. of Texas at Dallas, USA)
Sharad Mehrotra (The Univ. of California at Irvine, USA)
Finance and Registration Co-Chairs
Pam, Borghardt (The IRMACS Centre, Simon Fraser Univ., Canada)
Catherine Larson (The Univ. of Arizona, USA)

General Co-Chairs:
Patricia L. Brantingham (Simon Fraser Univ., Canada)
Hsinchun Chen (The Univ. of Arizona, USA)
Uwe Glässer (Simon Fraser Univ., Canada)

IMPORTANT DATES: The paper submission due date for the main ISI 2010
event is January 29, 2010. Notification of acceptance: March 12, 2010;
Camera ready copy due: March 30, 2010. The due date for Tutorial/
Workshop proposals is Feb. 10, 2010.

PAPER SUBMISSION: Submission file formats are PDF and Microsoft
Word. Required Word/LaTeX templates (IEEE two-column format) can be
found at the conference Web site. Long (6,000 words, 6 pages max.) and
short (3000 words, 3 pages max.) papers in English must be submitted
electronically via the conference Web site. The accepted papers from
ISI 2010 and its affiliated workshops will be published by the IEEE
Press in a formal Proceedings. IEEE ISI Proceedings are EI-indexed.

Authors who wish to present a poster and/or demo may submit a 1-page
extended abstract, which, if selected, will appear in
Proceedings. Proposals for tutorials and special-topic workshops in
any areas of Intelligence and Security Informatics research and
practice are welcome. Such events will be an integral part of the
ISI-2010 conference program. Proposals in PDF or Microsoft Word not
exceeding 3 pages should be emailed to the conference organizing
committee at zeng@email.arizona.edu by February 10, 2010 and contain
the following information.
- Title of tutorial/workshop
- Preferred duration
- Information about instructor(s)/organizer(s)
- Objectives to be achieved
- Scope of topics to be covered
- Target audience and evidence of interest (for tutorials)
- Target audience and the list of potential presenters/contributors (for workshops)

PROGRAM COMMITTEE

Using email to send sensitive information

Electronic mail (email) is the use of an application such (MS Outlook, MS Mail, Eudora, etc) to send online mail. Email is very fast and can be used to communicate to people far and wide. Hence, email has become an essential part of our everyday communications life.

We use email to send and share sensitive documents, photos, contracts, bank details, user credentials etc. Some of these documents may already be in the public domain, such as photos, which we may already have in some social networking site that are shared with friends and family. Unfortunately, some of the other documents we send via email may be sensitive, contractual or of competitive value. For example, marketing information that is still of competitive value, contracts that have been signed or accepted, bank login that can be used to transfer/withdraw funds from an account. It is pertinent to note that when any of this information gets to the wrong hands, our valued assets can be compromised leading to stealing of funds, marketing information or business contracts. Therefore, it is important that we protect our email communications, or the content of the email we send, as at when necessary.

Recommendations:
To share/send sensitive information of information or information of competitive value such as bank details, contracts, marketing information etc via email, the email content must be secure. Here are ways to send secure emails:

1) Use secure mail. Secure mail is an email client that uses digital keys for encrypting and signing of the email. For example, PGP (Pretty Good Privacy) is an email client that provides digital signature and encryption. Digital signature helps to proof that you’re the one who sent the email, but it does not protect the content from abuse of misuse. Encryption is used to protect the content of the email, by transforming the content into an unreadable form till when the message arrives to the intended recipient. Another secure email client is S/Mail for secure mail. Some of these secure email applications are not free, but free legitimate versions exist on the web. There is open source PGP available that one can download and install.

2) Use WINZIP. WINZIP is an application used to compress and decompress files/documents, but it also provides security through encryption. It is an improvise way of sharing sensitive information via email. First, you need to winzip the document you intend to send. While zipping the information, you go for the option of encrypt before zipping. This will allow you to use a key to encrypt the document before sending it across. When the recipient receives the email, he/she would require you to share the key with them. So you will need to send them the key either via text/phone call or a second email.

Tips:

1) If you can’t afford secure mail, and don’t want to use Winzip; then form the good habit of sending all sensitive documents in multiple parts emails. For example, send the first part of the document that does not contain the sensitive bits. After few minutes, send another part, and after several minutes send the remaining parts. What you achieve with this technique is reducing the possibility of anyone who intercepts the message to have the whole content intact; except the person who is the intended recipient. Note that this technique is not future-proof, because a motivated attacker may be able to intercept all the messages by continuously monitoring your communication-link until the attacker gets all the messages. But this chance is very remote unless the attacker is an insider who’s able to monitor communications path before they exit your default gateway into the big web.

Caveat: Some email message containing zip files may be trapped by firewalls and may never get to the recipient. Please check that your firewall or your recipient’s firewall does not trap zipped files.

Concepts in Numerical Methods now on Amazon!

Concepts in Numerical Methods is now available at most reputable offline and online bookstores including Amazon. Please do get a copy, it's worth a read!

Concepts in Numerical Methods

I've no date in mind when this book will be in the market, but one thing is certain, it will be published and distributed before end of September 2009. Just a couple of months away ...

If you're in school and pursuing a degree in Mathematics, Physics or Engineering, I strongly recommend getting a copy of this useful resource material. It teaches many concepts in Numerical maths. It uses real-world examples, solved tutorials, algorithms and representational graphs to demonstrate usefulness and applicaation of each topic discussed. There are practice questions for the reader to solve at her study time. It's an excellent resource book for students and relevant to other readers as a refernce manual.

Managing Security Threats & Vulnerabilities for SMEs

Managing security threats and vulnerabilities in assets are two fundamental challenges for SMEs. Vulnerabilities in assets are weaknesses in assets or the absence of security procedures, technical controls, or physical controls that
could be exploited to harm or predispose assets to harm [1]. Harm to assets occurs in various forms, such as interruption, destruction, disclosure, modification of data, including denial of service. For example, in 2001, the Code Red incident exploited a buffer overflow in a library module of Microsoft Windows' Internet Information Server. This allowed it to infect hundreds of thousands of computers [2], causing millions of dollars of damage. The Slammer [3], MSBlast [4], and Sasser [5] worms all exploited known vulnerabilities in computer systems.

There are also accounts of security threats (for instance, Computer worms) used as attack agents in denial of service (DoS) [6], and distributed denial of service (DDoS)[7] attacks. These types of threats affect the confidentiality, integrity, reliability and availability of computer network services.

In this respect, what ways can security be properly managed in an Enterprise? What may provide valid and appropriate options? Answers to these questions are provided in the article.... Please download a copy from this link. Your comments are useful and highly appreciated, please leave a comment. Thanks.

This discussion is shown in a presentation, please download the presentation in DPF.

References:
[1] Computer Security Handbook: The NIST handbook, Special
Publication 800-12, pp.62
[2] D. Moore, C. Shannon, and J. Brown (2002) “Code-Red: a case study on the spread and victims of an Internet Worm”, Proceedings of the ACM/USENIX Internet Measurement Workshop, France, November, 2002
[3] C. C. Zou, L. Gao, W. Gong, D. Towsley (2003), “Monitoring and Early Warning for Internet Worms”, Proceedings of the 10th ACM Conference on Computer and Communications Security, Washington, DC, USA, October 27-31 2003
[4] Microsoft Security Bulletin MS03-026, (2003) “Buffer Overrun In RPC Interface Could Allow Code Execution (823980)”, July 2003: [Online]:
http://www.microsoft.com/technet/security/bulletin/MS03-026.mspx
[5] W32.Sasser.worm (2004), April 2004: [Online]: http://securityresponse.symantec.com/avcenter/venc/data/w32.sass
er.worm.html
[6] CERT/CC (2001), “Microsoft Internet Information Server 4.0 (IIS) vulnerable to DoS when URL Redirecting is enabled”; [Online]: http://www.kb.cert.org/vuls/id/544555,

Security Awareness (SA002-09): Intrusion Detection Systems

Intrusion detection systems (IDSes) are used to monitor systems and networks for security policy abuse, compromise and abnormal behaviour. Different types of IDSes exist, such as host-based, network-based and hybrid.

Host-based IDSes are installed on systems such as PDAs, Laptops, workstations, PCs and servers to monitor system behaviours.

Network-based IDSes are appliances that monitor the entire network for policy violation, network behaviour and abnormal traffic thresholds and ongoing malicious activities.

Giving the nature of recent attacks on end user systems, such as PCs, laptops and also due to the growing proliferation of viruses and computer worms, it is a recommended best security practice for end users to install personal intrusion detection systems on their laptops, workstations or PCs. In as much as it's a good security practice to have a personal IDS installed on an end-user system, but it is a waste of time if an IDS log is not checked and analysed regularly. It is important that IDS logs are regularly checked and analysed.

To enhance the security posture of systems and networks, the following is recommended:

1) Spend time to check IDS logs and alerts, this will help you identify ongoing activities and attacks that may have happened undetected.
2) Identify resources that are frequently seen on the logs and what this event is about.
3) Set your IDS to be always on.
4) Configure your IDS to always inform you about a software download or a request that is about to change registry settings.
5) Configure your IDS to always inform you when a request that is about to change registry settings.
6) Configure your IDS to always alert you when a certain threshold is reached or exceeded.
7) Configure your IDS to automatically download latest signatures or patches; this will enable your IDS to remain up to date with software development.

Enterprise-wide Security Attack Detection

With the growing number of security incidents, a requirement is to provide adequate security protection to computer networks. To protect computer networks from security attacks, a current approach is to deploy countermeasures, such as firewalls at the network perimeter, intrusion detection systems (IDSes) within the network and virus scanners on end user systems. Whilst these countermeasures provide a degree of protection, they struggle to detect emerging security threats. Emerging security attacks appear to be distributed and coordinated, while the defences offered by these countermeasures operate in isolation from one another. Each countermeasure possesses only fragments of evidence about the overall state of the network and consequently its response may be both delayed and limited in scope.

To accurately detect enterprise-wide security attacks that are perceived on various networks today or on multiple complex security domains an integrated security framework is proposed, discussed and tested. This innovative security framework is well presented in this book – “Security Framework for Attack Detection in Computer Networks”. This well written book is highly recommended for all security practitioners, analysts, consultants, engineers and decision makers at various levels.

Understanding Risks to Cloud Computing

A major concern with the cloud is that the cloud provider offers the software, platform and infrastructure to the user. On top of that, the actual data/information of the user also resides with the provider. The risk with this model of service is that users risk having their information abused, stolen, unlawfully distributed, compromised or harmed. What is the guarantee that the user’s information/data is not sold to her competitor? What ethical constraints exist to prohibit, prevent or protect the user in this new model of service? Another important risk to consider when using the cloud is with the ownership of the information or data residing on the provider’s system. When a user puts her information in the hands of the provider, what control has the user over the data? Its confidentiality or integrity.

When we consider small to medium-sized organisations or end users, one can discuss risks associated with cloud services pretty easily. What happens to the government, the enterprise in relation to the cloud? Can the cloud be used for government marked information? For example, ‘strictest in confidence’ document, say for the CIA, MI5 or the MoD. I certainly do not think so, especially at this current stage of the cloud. In this respect, maybe cloud computing is not ideal for all facets of the society. Certainly, I can’t imagine any organisation with security in mind who would hand strictest in confidence, on ‘in confidence’ information to the cloud, without a second thought.

Again, whose security policies are used for operating the cloud? Is that of the enterprise, the government or the MCSP? If the policy is the end users’ then how would the MCSP marry diverse security policies from myriad heterogeneous users of very diverse background, from diverse countries and of very diverse legal and socio-cultural value systems.

What of data location? The data an end user had created on an MCSP’s system, where does this data reside? Location of end user data is of great importance. For example, the EU Border legislation (Safe Harbour) stipulates countries where EU private and personal data can and can not reside, which borders it can and can not traverse. With the infrastructure as a service, the cloud provider can use dynamically localised infrastructures that exist outside the EU or US terrorises. This may contravene or abuse fundamental privacy and legislative issues, especially if the end user was not away of where her information is stored. This applies specifically to EU and US customers, SMEs, government and Enterprise who may wish to use the cloud for delivering service, and I believe other countries have other legislation that should be considered when using the cloud. Some kind of information can be easily abused with cloud computing, for instance personal medical data (health record data) are subjected to strict compliance act such as HIPPA. A significant concern is that personal medical data can be easily circumvented with SaaS or IaaS models of the cloud. These highlights some inherent risks that exist with cloud computing.