International journal of advanced smart convergence

  • 제8권2호
  • /
  • Pages.77-87
  • /
  • 2019
  • /
  • 2288-2847(pISSN)
  • /
  • 2288-2855(eISSN)
한국인터넷방송통신학회 (The Institute of Internet, Broadcasting and Communication)
권호 표지
DOI QR코드

DOI QR Code

Piosk : A Practical Kiosk To Prevent Information Leakage

  • Lee, Suchul (Dept. Computer Science and Information Engineering, Korea National University of Transportation) ;
  • Lee, Sungil (National Security Research Institute) ;
  • Oh, Hayoung (Ajou University) ;
  • Han, Seokmin (Dept. Computer Science and Information Engineering, Korea National University of Transportation)
  • 투고 : 2019.04.02
  • 심사 : 2019.04.17
  • 발행 : 2019.06.30
PDF 다운로드
⟨ 이전 논문 다음 논문 ⟩

초록

One of important concerns in information security is to control information flow. It is whether to protect confidential information from being leaked, or to protect trusted information from being tainted. In this paper, we present Piosk (Physical blockage of Information flow Kiosk) that addresses both the problems practically. Piosk can forestall and prevent the leakage of information, and defend inner tangible assets against a variety of malwares as well. When a visitor who carries a re-writable portable storage device, must insert the device into Piosk installed next to the security gate. Then, Piosk scans the device at the very moment, and detects & repairs malicious codes that might be exist. After that, Piosk writes the contents (including sanitized ones) on a new read-only portable device such as a compact disk. By doing so, the leakage of internal information through both insiders and outsiders can be prevented physically. We have designed and prototyped Piosk. The experimental verification of the Piosk prototype implementation reveals that, Piosk can accurately detect every malware at the same detection level as Virus Total and effectively prevent the leakage of internal information. In addition, we compare Piosk with the state-of-the-art methods and describe the special advantages of Piosk over existing methods.

키워드

OTNBCL_2019_v8n2_77_f0001.png 이미지

Figure 1. Piosk's overall architecture.

OTNBCL_2019_v8n2_77_f0002.png 이미지

Figure 2. Piosk use case

OTNBCL_2019_v8n2_77_f0003.png 이미지

Figure 3. Piosk prototype implementation and its detailed specification.

OTNBCL_2019_v8n2_77_f0004.png 이미지

Figure 4. Four exemplary GUI screenshots for Piosk and its administrative system.

Table 1 Comparison of Piosk with other security kiosks

OTNBCL_2019_v8n2_77_t0001.png 이미지

참고문헌

  1. Korea Electric Power Corporation (KEPCO). http://home.kepco.co.kr
  2. Talukder, K. Asoke, and M. Chaitanya. Architecting secure software systems. Auerbach publications, 2008.
  3. Security Paper Limited. http://www.security-papers.com/
  4. Ransomware. https://en.wikipedia.org/wiki/Ransomware
  5. Advanced persistent threat https://en.wikipedia.org/wiki/Advanced_persistent_threat
  6. Trojan horse. https://en.wikipedia.org/wiki/Trojan_Horse
  7. Free antivirus protection that never quits. https://www.avast.com
  8. V3 Internet Security, Greater Business comes with Greater Security. http://global.ahnlab.com
  9. A. Wool, "A quantitative study of firewall configuration errors," Computer, vol. 37, no. 6, pp. 62-67, 2004. DOI: https://doi.org/10.1109/MC.2004.2
  10. Y. Qi, B. Yang, B. Xu, and J. Li, "Towards system-level optimization for high performance unified threat management", IEEE 3rd International Conference on Networking and Services 2007. DOI: https://doi.org/10.1109/ICNS.2007.126
  11. Virus Total. https://www.virustotal.com/
  12. T. Ristenpart, E. Tromer, H. Shacham, and S. Savage, "Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds", ACM conference on Computer and communications security 2009. DOI: https://doi.org/10.1145/1653662.1653687
  13. J. McLean, "Security models and information flow", IEEE Symposium on Security and Privacy, 1990. DOI: https://doi.org/10.1109/RISP.1990.63849
  14. B. Kopf and D. Basin, "An information-theoretic model for adaptive side-channel attacks", 14th ACM Conference on Computer and Communications Security. DOI: https://doi.org/10.1145/1315245.1315282
  15. S. Mario, C. Kostas, P. Catuscia, and S. Geoffrey, "Measuring Information Leakage Using Generalized Gain Functions", IEEE 25th Computer Security Foundations Symposium 2012. DOI: https://doi.org/10.1109/CSF.2012.26
  16. J. Demme, R. Martin, A. Waksman, and S. Sethumadhavan, "Side-channel vulnerability factor: A metric for measuring information leakage", ACM SIGARCH Computer Architecture News 2012, 40(3), 106-117. DOI: https://doi.org/10.1109/ISCA.2012.6237010
  17. H. Takabi, J. B. Joshi, and G. J. Ahn, "Security and privacy challenges in cloud computing environments" IEEE Symposium on Security and Privacy 2010. DOI: https://doi.org/10.1109/MSP.2010.186
  18. A. Sharma and K. S. Sanjay, "Evolution and detection of polymorphic and metamorphic malwares: A survey." arXiv preprint arXiv: 1406.7061 (2014). https://doi.org/10.5120/15544-4098
  19. C. Willems, H. Thorsten, and F. Felix, "Toward automated dynamic malware analysis using cwsandbox", IEEE Symposium on Security and Privacy 2007. DOI: https://doi.org/10.1109/MSP.2007.45
  20. S. Lee, S. Kim, S. Lee, H. Yoon, D. Lee, J. Choi, and J. Lee, "LARGen: automatic signature generation for Mal wares using latent Dirichlet allocation", IEEE Transactions on Dependable and Secure Computing Vol.15 No.5 2018. DOI: https://doi.org/10.1109/TDSC.2016.2609907
  21. A. Dinaburg, P. Royal, M. Sharif, and W. Lee, "Ether: malware analysis via hardware virtualization extensions", 15th ACM conference on Computer and communications security 2008. DOI: https://doi.org/10.1145/1455770.1455779
  22. R. E. Knoedler, T. B. Freese, R. M. Parker, and J. E. Janicke, "Security gate with walk through feature", U.S. Patent No. 5,272,840 (1993). Washington, DC: U.S. Patent and Trademark Office.
  23. MetaDefender, Opswat, https://www.opswat.com/products/metadefender
  24. California Cyber Security Kiosk, https://www.olea.com/product/california-cyber-security-kiosk/
  25. ODIX kiosk, File sanitization system, https://odix.com/odix-kiosk/
  26. D. Maiorca, G. Giacinto, and C. Igino, "Looking at the bag is not enough to find the bomb: an evasion of structural methods for malicious pdf files detection", ACM SIGSAC symposium on Information, computer and communications security 2013. DOI: https://doi.org/10.1145/2484313.2484327
  27. Z. Wang, Z. Tang, K. Zhou, R. Zhang, Z. Qi, and H. Guan, "DsVD: an effective low-overhead dynamic soft- ware vulnerability discoverer", IEEE International Symposium on Autonomous Decentralized Systems 2011. DOI: https://doi.org/10.1109/ISADS.2011.56
  28. T. Schreck, B. Stefan, and G. Jan, "BISSAM: Automatic vulnerability identification of office documents", Springer International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment 2012. DOI: https://doi.org/10.1007/978-3-642-37300-8_12
  29. L. Gong, M. Mueller, H. Prafullchandra, and R. Schemers, "Going beyond the sandbox: An overview of the new security architecture in the Java development kit 1.2", USENIX Symposium on Internet Technologies and Systems 1997.
  30. Sigcheck v2.60. Microsoft, https://docs.microsoft.com/ko-kr/sysinternals/downloads/sigcheck
  31. Scan Virus Total offline to preserve privacy, GitHub. https://github.com/teeknofil/Virus-Total-Never-Analyzed
  32. VirusTotal offline analysis, GitHub, https://github.com/cuckoosandbox/cuckoo/issues/2052
  33. CVE Details, The ultimate security vulnerability datasource. https://www.cvedetails.com/vulnerability-list/vendor_id-26/product_id-32238/Microsoft-Windows-10.html
  34. Gooroom OS. https://www.gooroom.kr/
  35. S. F. Fruhauf and T. Jerome, "Secure universal serial bus (USB) storage device and method." U.S. Patent No. 8,528,096. 3 Sep. 2013.