Science Current Events | Science News | Brightsurf.com
 

TUM researchers develop defense software

August 18, 2014

Today, a group of journalists has reported the existence of the "Hacienda" spy program. According to this report, five western intelligence agencies are using the Hacienda software to identify vulnerable servers across the world in order to control them and use them for their own purposes. Scientists at the Technische Universität München (TUM) have developed free software that can help prevent this kind of identification and thus the subsequent capture of systems.

Port scanners are programs that search the Internet for systems that exhibit potential vulnerabilities. According to the report published today by journalists at Heise Online, Hacienda is one such port scanning program. The report says that this program is being put into service by the "Five Eyes," a federation of the secret services of the USA, Canada, the UK, Australia and New Zealand. "The goal is to identify as many servers as possible in other countries that can be remotely controlled," explains Dr. Christian Grothoff, Emmy Noether research group leader at the TUM Chair for Network Architectures and Services.

New free software "TCP Stealth"

Grothoff and his students at TUM have developed the "TCP Stealth" defense software, which can inhibit the identification of systems through both Hacienda and similar cyberattack software and, as a result, the undirected and massive takeover of computers worldwide, as Grothoff explains. "TCP Stealth" is free software that has as its prerequisites particular system requirements and computer expertise, for example, use of the GNU/Linux operating system. In order to make broader usage possible in the future, the software will need further development.

But even now, through "TCP Stealth," the researchers are already putting an additional defensive tool into the hands of system administrators, as firewalls, virtual private networks (VPNs) and other existing techniques provide only limited protection against such cyberattacks.

The connection between a user and a server on the Internet occurs using the so-called Transmission Control Protocol (TCP). The user's computer first has to identify itself to a service by sending a data packet to the server. "This is the user asking, 'Are you there?'" explains Grothoff. The service then answers the user's request; within this response alone, there is often information transmitted that adversaries can use for an attack.

Secret token is transmitted invisibly

The free software developed by TUM researchers is based on the following concept: There exists a number that is only known to the client computer and the server. On the basis of this number, a secret token is generated, which is transmitted invisibly while building the initial connection with the server. If the token is incorrect, the system simply doesn't answer, and the service appears to be dead. While similar defensive measures are already known, the protection capabilities of the new software is higher than that of extant techniques.

In particular, in contrast to existing defensive software, "TCP Stealth" also protects against a further variant of this kind of cyberattack. The attack occurs when an adversary interposes himself between the user and the server into an already existing connection. The data sent by the user to the server is then captured and replaced with other information. This is analogous to pulling an envelope from the mailbox after it has been deposited, removing the contents from that envelope, and replacing them with a different letter.

In order to prevent this, a verification code is also sent while building the initial connection. The server can then use this to detect whether or not it has received the correct data.

Experts who would like to review, deploy or further develop the software can download it at https://gnunet.org/knock.

Technische Universität München (TUM)


Related Software Current Events and Software News Articles


Better combustion for power generation
In the United States, the use of natural gas for electricity generation continues to grow. The driving forces behind this development?

Many patients continue using opioids months after joint replacement
Many patients undergoing hip or knee replacement are still taking prescription opioid pain medications up to six months after surgery, reports a study in PAIN®, the official publication of the International Association for the Study of Pain® (IASP). The journal is published by Wolters Kluwer.

'On-the-fly' 3-D print system prints what you design, as you design it
3-D printing has become a powerful tool for engineers and designers, allowing them to do "rapid prototyping" by creating a physical copy of a proposed design.

Metagenomics pathogen detection tool could change how infectious diseases are diagnosed
Scientists at the University of Utah, ARUP Laboratories, and IDbyDNA, Inc., have developed ultra-fast, meta-genomics analysis software called Taxonomer that dramatically improves the accuracy and speed of pathogen detection.

Revealing the nature of magnetic interactions in manganese oxide
For nearly 60 years, scientists have been trying to determine how manganese oxide (MnO) achieves its long-range magnetic order of alternating up and down electron spins.

Does discrimination contribute to lower rates of flu vaccination in racial/ethnic minorities?
Yearly flu shots are strongly recommended for adults with certain chronic illnesses, but patients of racial/ethnic minority groups are less likely to receive them.

New technique controls autonomous vehicles on a dirt track
A Georgia Institute of Technology research team has devised a novel way to help keep a driverless vehicle under control as it maneuvers at the edge of its handling limits.

Research points to possible new prevention strategies for ovarian cancer
The discovery of early changes in the cells of the Fallopian tubes of women carrying the BRCA genetic mutation could open the way for new preventative strategies for ovarian cancer, reducing the need for invasive surgery, according to research published today in science journal Nature Communications.

Crowd-augmented cognition
Crowdsourcing has brought us Wikipedia and ways to understand how HIV proteins fold. It also provides an increasingly effective means for teams to write software, perform research or accomplish small repetitive digital tasks.

More than 1,200 new planets confirmed using new technique for verifying Kepler data
Scientists from Princeton University and NASA have confirmed that 1,284 objects observed outside Earth's solar system by NASA's Kepler spacecraft are indeed planets.
More Software Current Events and Software News Articles

Code: The Hidden Language of Computer Hardware and Software

Code: The Hidden Language of Computer Hardware and Software
by Charles Petzold (Author)


What do flashlights, the British invasion, black cats, and seesaws have to do with computers? In CODE, they show us the ingenious ways we manipulate language and invent new means of communicating with each other. And through CODE, we see how this ingenuity and our very human compulsion to communicate have driven the technological innovations of the past two centuries.
Using everyday objects and familiar language systems such as Braille and Morse code, author Charles Petzold weaves an illuminating narrative for anyone who’s ever wondered about the secret inner life of computers and other smart machines.
It’s a cleverly illustrated and eminently comprehensible story—and along the way, you’ll discover you’ve gained a real context for understanding today’s world of...

Python Programming For Beginners: Learn The Fundamentals of Python in 7 Days

Python Programming For Beginners: Learn The Fundamentals of Python in 7 Days
by Michael Knapp (Author), Python Programming (Introduction)


Do you want to learn Python in an easy and faster way? Learn Python Programming NOW! Welcome to this training for the Kindle book Python Programming for Beginners: Learn the Fundamentals of Python in 7 Days. Through this book, you are going to learn everything you need to know in order to start using Python in a way that is going to make your work more productive and valuable. Knowing how to use Python is not something that is going to be required for all jobs, but if you are looking for an ethical hacking job, a technical job, or a programming job, it is expected because Python is one of the most used programming languages out there due to the fact that it is user-friendly and it uses dynamic typing. When you have Python under your belt, you are making yourself a valuable...

Clean Architecture: A Craftsman's Guide to Software Structure and Design (Robert C. Martin Series)

Clean Architecture: A Craftsman's Guide to Software Structure and Design (Robert C. Martin Series)
by Robert C. Martin (Author)


Building upon the success of best-sellers The Clean Coder and Clean Code, legendary software craftsman Robert C. "Uncle Bob" Martin shows how to bring greater professionalism and discipline to application architecture and design.   As with his other books, Martin's Clean Architecture doesn't merely present multiple choices and options, and say "use your best judgment": it tells you what choices to make, and why those choices are critical to your success. Martin offers direct, no-nonsense answers to key architecture and design questions like: What are the best high level structures for different kinds of applications, including web, database, thick-client, console, and embedded apps? What are the core principles of software architecture? What is the role of the architect, and what...

Soft Skills: The software developer's life manual

Soft Skills: The software developer's life manual
by John Sonmez (Author)


SummarySoft Skills: The software developer's life manual is a unique guide, offering techniques and practices for a more satisfying life as a professional software developer. In it, developer and life coach John Sonmez addresses a wide range of important "soft" topics, from career and productivity to personal finance and investing, and even fitness and relationships, all from a developer-centric viewpoint.Forewords by Robert C. Martin (Uncle Bob) and Scott Hanselman.Purchase of the print book includes a free eBook in PDF, Kindle, and ePub formats from Manning Publications.About the BookFor most software developers, coding is the fun part. The hard bits are dealing with clients, peers, and managers, staying productive, achieving financial security, keeping yourself in shape, and finding...

Python Programming for Intermediates: Learn the Fundamentals of Python in 7 Days

Python Programming for Intermediates: Learn the Fundamentals of Python in 7 Days
by Michael Knapp (Author), Python Programming (Introduction)


Do you want to learn Python in an easy and faster way? Start learning Python right Now! Welcome to this training for the Kindle edition of Python for Intermediates. This book is going to go more in depth than the previous beginner’s book did in showing you how you can use Python to its fullest advantage. In the beginner’s book, you learned some of the basic functions of Python and the various pieces of code that you are going to be able to input into Python so that you can make that function work properly. However, in this book, you are going to learn about other functions and pieces of the code that will work with the functions that you already know. It is here that you are going to be taking another step towards being able to program your own applications, websites, and...

The Software Engineer's Guide to Freelance Consulting: The new book that encompasses finding and maintaining clients as a software developer, tax and legal tips, and everything in between.

The Software Engineer's Guide to Freelance Consulting: The new book that encompasses finding and maintaining clients as a software developer, tax and legal tips, and everything in between.
by Zack Burt (Author), Jay El-Kaake (Author)


The Software Engineer's Guide to Freelance Consulting will help teach you to be an effective freelance software consultant, which will enable you make more money, dedicate more time to hobbies, spend more time with your loved-ones and even discover new businesses. Table of Contents: Chapter 1: Finding Clients We will literally map out the skills that are most important for you to develop and thrive in the business of software consulting. We will give you the step-by-step concrete paths to not only achieving competence, but we will also explain some of the abstract theory. Chapter 2: Choosing a Rate How do some people charge $2/hr and others $500/hr? Where do you fit in? In this chapter we help you choose, justify and even increase your existing rate. Chapter 3: Keeping...

Design Patterns: Elements of Reusable Object-Oriented Software

Design Patterns: Elements of Reusable Object-Oriented Software
by Erich Gamma (Author), Richard Helm (Author), Ralph Johnson (Author), John Vlissides (Author), Grady Booch (Foreword)


These texts cover the design of object-oriented software and examine how to investigate requirements, create solutions and then translate designs into code, showing developers how to make practical use of the most significant recent developments. A summary of UML notation is included.

Clean Code: A Handbook of Agile Software Craftsmanship

Clean Code: A Handbook of Agile Software Craftsmanship
by Robert C. Martin (Author)


Even bad code can function. But if code isn’t clean, it can bring a development organization to its knees. Every year, countless hours and significant resources are lost because of poorly written code. But it doesn’t have to be that way.

Noted software expert Robert C. Martin presents a revolutionary paradigm with Clean Code: A Handbook of Agile Software Craftsmanship . Martin has teamed up with his colleagues from Object Mentor to distill their best agile practice of cleaning code “on the fly” into a book that will instill within you the values of a software craftsman and make you a better programmer—but only if you work at it.

What kind of work will you be doing? You’ll be reading code—lots of code. And you will be challenged to think about what’s right...

Quicken Willmaker Plus 2017 Edition: Book & Software Kit

Quicken Willmaker Plus 2017 Edition: Book & Software Kit
by Editors of Nolo (Author)


NOW AVAILABLE FOR MAC

Quicken WillMaker Plus 2017 is the easiest ways to create your estate plan, whether it's your first time or you want to update a previous plan. You'll be guided through the process from beginning to end with practical and relevant legal information so that you can make the best decisions for you and your family.
A customized estate plan, including a will, health care directive and other essential documents
An easy-to-use interview format that lets you complete documents at your own pace
A user-friendly legal manual answers common questions
A team of lawyer-editors working to ensure each document reflects the laws of your state* Quicken WillMaker Plus 2017 is the original will-writing software, written and updated regularly by Nolo's...

Software Defined Radio: for Amateur Radio Operators and Short Wave Listeners

Software Defined Radio: for Amateur Radio Operators and Short Wave Listeners
by Andrew Barron (Author)


This book is intended for Amateur Radio Operators, Short Wave Listeners, and anyone interested in radio as a hobby. It includes sections on how different types of software defined radios work, the advantages of using them, and how they are tested. It also covers future trends including the development of Direct Fourier Conversion. There is a big section with tips for PowerSDR users and sections about other commonly used SDR software, plus a comparison of the basic specifications of 65 different SDR receivers and transceivers. The book is not a textbook or a reference book. It is written in an easy to read conversational style. I explain the basics without getting too technical. There are no pages of software code or complex mathematics. I find that simple diagrams can often make things...

© 2017 BrightSurf.com