Knowing that a software is being monitored to ensure correct behaviour contributes to our peace of mind. At the University of Malta, we have been exploring the use of software monitors within financial transactions, tax fraud detection, business intelligence and other areas. 

Naturally, given the additional overheads incurred by monitoring, this is only worth employing when the stakes are high enough. And when the stakes are even higher, the next question is: How do we ensure that the monitor itself is safe? What if malicious actors manage to meddle with the monitoring component? 

There are many ways in which the monitor can be attacked: directly influencing its behaviour is perhaps the most obvious one of them but certainly not the only one. If the observations of the monitor are somehow tampered with, then the output of the monitor might be compromised. Yet another way an attacker might suppress monitoring alarms is by modifying the monitor output itself. Monitoring logs are crucial for any subsequent investigation following a security incident. 

In ongoing research, we are looking into ways of protecting the monitor: as a first precaution, we run the monitor in a safer environment, as separate as possible from the rest of the system. If intruders successfully infiltrate the main system, we wouldn’t want them to automatically get access to the monitoring system. Yet, if attackers manage to gain full control of the software system, there is little that can be done to stop them from corrupting the monitoring system as well.

The trick is to use cryptography: we generate a key in the form of a long random sequence of characters

In our latest work, we are storing our monitoring system output within a tamper-evident file system. What this means is that even if all else fails and the attacker can modify the monitoring system output, at least our file system would be able to distinguish between genuine and tampered monitor output.

How is this even possible? The trick is to use cryptography: we generate a key in the form of a long random sequence of characters. We keep a copy of this key in the safest place possible and intertwine this random key with the monitor output when it is being stored. This intertwining gives us the ability to audit the monitoring data at a later stage (e.g. during incident response). Using the safely-kept key copy, we can go through the monitoring system output entry by entry and confirm which entries, if any, have been modified by the attacker.

This is a very bleak scenario, of course, but one which we still need to cater for when the security stakes are high enough.

In the next phase of our research, we are prototyping the system to work alongside other security mechanisms developed for a recently completed NATO-funded project for secure communications in the quantum era.

Christian Colombo, Robert Abela and Axel Curmi are computer scientists at the Computer Science Department within the Faculty of ICT, University of Malta.

Sound Bites

•        A new study provides the first evidence that the Arctic’s frozen soil is the dominant force shaping Earth’s northernmost rivers, confining them to smaller areas and shallower valleys than rivers to the south. But as climate change weakens Arctic permafrost, the researchers calculate that every one degree Celsius of global warming could release as much carbon as 35 million cars emit in a year as polar waterways expand and churn up the thawing soil.

•        Phonetic information ‒ the smallest sound elements of speech ‒ may not be the basis of language learning in babies as previously thought. Babies don’t begin to process phonetic information reliably until seven months old, which researchers say is too late to form the foundation of language. Instead, babies learn from rhythmic information ‒ the changing emphasis of syllables in speech ‒ which unlike phonetic information, can be heard in the womb. Thus reading nursery rhymes and singing to babies may help them to learn language.

For more soundbites listen to Radio Mocha www.fb.com/RadioMochaMalta/.

DID YOU KNOW?

•        Butterflies have taste receptors on their feet to help them find their host plants and locate food.

•        Adult butterflies can only feed on liquids, usually nectar.

•        Butterflies cannot regulate their own body temperature.

•        Once it emerges from its chrysalis, an adult butterfly has only two to four weeks to live.

•        Butterflies can see a range of colours, including ultraviolet colours which are invisible to the human eye.

For more trivia, see: www.um.edu.mt/think.

 

Sign up to our free newsletters

Get the best updates straight to your inbox:
Please select at least one mailing list.

You can unsubscribe at any time by clicking the link in the footer of our emails. We use Mailchimp as our marketing platform. By subscribing, you acknowledge that your information will be transferred to Mailchimp for processing.