Science Current Events | Science News | Brightsurf.com
 

TUM researchers develop defense software

August 18, 2014

Today, a group of journalists has reported the existence of the "Hacienda" spy program. According to this report, five western intelligence agencies are using the Hacienda software to identify vulnerable servers across the world in order to control them and use them for their own purposes. Scientists at the Technische Universität München (TUM) have developed free software that can help prevent this kind of identification and thus the subsequent capture of systems.

Port scanners are programs that search the Internet for systems that exhibit potential vulnerabilities. According to the report published today by journalists at Heise Online, Hacienda is one such port scanning program. The report says that this program is being put into service by the "Five Eyes," a federation of the secret services of the USA, Canada, the UK, Australia and New Zealand. "The goal is to identify as many servers as possible in other countries that can be remotely controlled," explains Dr. Christian Grothoff, Emmy Noether research group leader at the TUM Chair for Network Architectures and Services.

New free software "TCP Stealth"

Grothoff and his students at TUM have developed the "TCP Stealth" defense software, which can inhibit the identification of systems through both Hacienda and similar cyberattack software and, as a result, the undirected and massive takeover of computers worldwide, as Grothoff explains. "TCP Stealth" is free software that has as its prerequisites particular system requirements and computer expertise, for example, use of the GNU/Linux operating system. In order to make broader usage possible in the future, the software will need further development.

But even now, through "TCP Stealth," the researchers are already putting an additional defensive tool into the hands of system administrators, as firewalls, virtual private networks (VPNs) and other existing techniques provide only limited protection against such cyberattacks.

The connection between a user and a server on the Internet occurs using the so-called Transmission Control Protocol (TCP). The user's computer first has to identify itself to a service by sending a data packet to the server. "This is the user asking, 'Are you there?'" explains Grothoff. The service then answers the user's request; within this response alone, there is often information transmitted that adversaries can use for an attack.

Secret token is transmitted invisibly

The free software developed by TUM researchers is based on the following concept: There exists a number that is only known to the client computer and the server. On the basis of this number, a secret token is generated, which is transmitted invisibly while building the initial connection with the server. If the token is incorrect, the system simply doesn't answer, and the service appears to be dead. While similar defensive measures are already known, the protection capabilities of the new software is higher than that of extant techniques.

In particular, in contrast to existing defensive software, "TCP Stealth" also protects against a further variant of this kind of cyberattack. The attack occurs when an adversary interposes himself between the user and the server into an already existing connection. The data sent by the user to the server is then captured and replaced with other information. This is analogous to pulling an envelope from the mailbox after it has been deposited, removing the contents from that envelope, and replacing them with a different letter.

In order to prevent this, a verification code is also sent while building the initial connection. The server can then use this to detect whether or not it has received the correct data.

Experts who would like to review, deploy or further develop the software can download it at https://gnunet.org/knock.

Technische Universität München (TUM)


Related Software Current Events and Software News Articles


Better combustion for power generation
In the United States, the use of natural gas for electricity generation continues to grow. The driving forces behind this development?

Many patients continue using opioids months after joint replacement
Many patients undergoing hip or knee replacement are still taking prescription opioid pain medications up to six months after surgery, reports a study in PAIN®, the official publication of the International Association for the Study of Pain® (IASP). The journal is published by Wolters Kluwer.

'On-the-fly' 3-D print system prints what you design, as you design it
3-D printing has become a powerful tool for engineers and designers, allowing them to do "rapid prototyping" by creating a physical copy of a proposed design.

Metagenomics pathogen detection tool could change how infectious diseases are diagnosed
Scientists at the University of Utah, ARUP Laboratories, and IDbyDNA, Inc., have developed ultra-fast, meta-genomics analysis software called Taxonomer that dramatically improves the accuracy and speed of pathogen detection.

Revealing the nature of magnetic interactions in manganese oxide
For nearly 60 years, scientists have been trying to determine how manganese oxide (MnO) achieves its long-range magnetic order of alternating up and down electron spins.

Does discrimination contribute to lower rates of flu vaccination in racial/ethnic minorities?
Yearly flu shots are strongly recommended for adults with certain chronic illnesses, but patients of racial/ethnic minority groups are less likely to receive them.

New technique controls autonomous vehicles on a dirt track
A Georgia Institute of Technology research team has devised a novel way to help keep a driverless vehicle under control as it maneuvers at the edge of its handling limits.

Research points to possible new prevention strategies for ovarian cancer
The discovery of early changes in the cells of the Fallopian tubes of women carrying the BRCA genetic mutation could open the way for new preventative strategies for ovarian cancer, reducing the need for invasive surgery, according to research published today in science journal Nature Communications.

Crowd-augmented cognition
Crowdsourcing has brought us Wikipedia and ways to understand how HIV proteins fold. It also provides an increasingly effective means for teams to write software, perform research or accomplish small repetitive digital tasks.

More than 1,200 new planets confirmed using new technique for verifying Kepler data
Scientists from Princeton University and NASA have confirmed that 1,284 objects observed outside Earth's solar system by NASA's Kepler spacecraft are indeed planets.
More Software Current Events and Software News Articles

Clean Code: A Handbook of Agile Software Craftsmanship

Clean Code: A Handbook of Agile Software Craftsmanship
by Robert C. Martin (Author)


Even bad code can function. But if code isn’t clean, it can bring a development organization to its knees. Every year, countless hours and significant resources are lost because of poorly written code. But it doesn’t have to be that way.

Noted software expert Robert C. Martin presents a revolutionary paradigm with Clean Code: A Handbook of Agile Software Craftsmanship . Martin has teamed up with his colleagues from Object Mentor to distill their best agile practice of cleaning code “on the fly” into a book that will instill within you the values of a software craftsman and make you a better programmer—but only if you work at it.

What kind of work will you be doing? You’ll be reading code—lots of code. And you will be challenged to think about what’s right...

An introduction to software development

An introduction to software development
by The Open University


This 6-hour free course discussed the engineering nature of software development, its challenges and some fundamental ways to meet them.

Code: The Hidden Language of Computer Hardware and Software

Code: The Hidden Language of Computer Hardware and Software
by Charles Petzold (Author)


What do flashlights, the British invasion, black cats, and seesaws have to do with computers? In CODE, they show us the ingenious ways we manipulate language and invent new means of communicating with each other. And through CODE, we see how this ingenuity and our very human compulsion to communicate have driven the technological innovations of the past two centuries.
Using everyday objects and familiar language systems such as Braille and Morse code, author Charles Petzold weaves an illuminating narrative for anyone who’s ever wondered about the secret inner life of computers and other smart machines.
It’s a cleverly illustrated and eminently comprehensible story—and along the way, you’ll discover you’ve gained a real context for understanding today’s world of...

Software development for enterprise systems

Software development for enterprise systems
by The Open University


This 8-hour free course taght about current development practices for enterprise systems and developed relevant skills to apply them.

Soft Skills: The software developer's life manual

Soft Skills: The software developer's life manual
by John Sonmez (Author)


SummarySoft Skills: The software developer's life manual is a unique guide, offering techniques and practices for a more satisfying life as a professional software developer. In it, developer and life coach John Sonmez addresses a wide range of important "soft" topics, from career and productivity to personal finance and investing, and even fitness and relationships, all from a developer-centric viewpoint.Forewords by Robert C. Martin (Uncle Bob) and Scott Hanselman.Purchase of the print book includes a free eBook in PDF, Kindle, and ePub formats from Manning Publications.About the BookFor most software developers, coding is the fun part. The hard bits are dealing with clients, peers, and managers, staying productive, achieving financial security, keeping yourself in shape, and finding...

Software Requirements (3rd Edition) (Developer Best Practices)

Software Requirements (3rd Edition) (Developer Best Practices)
by Karl Wiegers (Author), Joy Beatty (Author)


Now in its third edition, this classic guide to software requirements engineering has been fully updated with new topics, examples, and guidance. Two leaders in the requirements community have teamed up to deliver a contemporary set of practices covering the full range of requirements development and management activities on software projects. Describes practical, effective, field-tested techniques for managing the requirements engineering process from end to end. Provides examples demonstrating how requirements "good practices" can lead to fewer change requests, higher customer satisfaction, and lower development costs. Fully updated with contemporary examples and many new practices and techniques. Describes how to apply effective requirements practices to agile projects and numerous...

Java Programming: Your Step by Step Guide to Easily Learn Java in 7 Days

Java Programming: Your Step by Step Guide to Easily Learn Java in 7 Days
by iCode Academy (Author)


Are You Ready To Learn Java Easily? Java is actually a decent programming language developed at Sun Microsystems. It was originally used for Internet applications or applets. Those applets are embedded on web pages and run in the browser. Java uses a special format known as byte code instead of an ordinary machine code. Java is not limited to Internet applications. It is technically a complete general object-oriented programming language which can be used to develop all sorts of applications. The syntax of Java is very much similar to the syntax of C++ but removes its error-prone features and complications. Throughout the eBook, we will discuss the basics of how Java programs are compiled, simple expressions and declarations, classes, objects, and statements, until you are able...

How Software Works: The Magic Behind Encryption, CGI, Search Engines, and Other Everyday Technologies

How Software Works: The Magic Behind Encryption, CGI, Search Engines, and Other Everyday Technologies
by V. Anton Spraul (Author)


We use software every day to perform all kinds of magical, powerful tasks. It's the force behind stunning CGI graphics, safe online shopping, and speedy Google searches. Software drives the modern world, but its inner workings remain a mystery to many. How Software Works explains how computers perform common-yet-amazing tasks that we take for granted every day. Inside you'll learn: How data is encryptedHow passwords are used and protectedHow computer graphics are createdHow video is compressed for streaming and storageHow data is searched (and found) in huge databasesHow programs can work together on the same problem without conflictHow data travels over the Internet How Software Works breaks down these processes with patient explanations and intuitive diagrams so that anyone can...

Design Patterns: Elements of Reusable Object-Oriented Software

Design Patterns: Elements of Reusable Object-Oriented Software
by Erich Gamma (Author), Richard Helm (Author), Ralph Johnson (Author), John Vlissides (Author), Grady Booch (Foreword)


These texts cover the design of object-oriented software and examine how to investigate requirements, create solutions and then translate designs into code, showing developers how to make practical use of the most significant recent developments. A summary of UML notation is included.

Software

Software
by Rudy Rucker (Author)


It was Cobb Anderson who built the"boppers"--the first robots with real brains. Now, in 2020, Cobb is just another aged "pheezer" with a bad heart, drinking and grooving an the old tunes in Florida retirement hell. His "bops" have came a long way, though, rebelling against their subjugation to set up their own society an the moon. And now they're offering creator Cobb immortality but at a stiff price: his body his soul ... and his world.It was Cobb Anderson who built the "boppers"--the first robots with real brains. Now, in 2020, Cobb is just another aged pheezer with a bad heart, drinking and grooving on the old tunes in Florida retirement hell. His "bops" have come a long way, though, rebelling against their subjugation to set up their own society on the moon. And now they're offering...

© 2017 BrightSurf.com