New cybersecurity tool checks for weaknesses in software components for internet traffic
A new cybersecurity tool, named NoPASARAN, has been developed by researchers at King Abdullah University of Science and Technology (KAUST) to check for weaknesses in the software components of internet traffic. The tool can detect the invisible third-party software elements, such as network middleboxes, which may interfere with the data being sent between two remote devices. These middleboxes enhance efficiency and security, but may also include code that does not meet international standards, is too complex or is poorly configured. Malicious hackers can also impersonate these middleboxes to steal or modify data, making it a serious security risk. NoPASARAN is a simple, modular and scalable tool that is easy for users to apply without specialist knowledge of how Transmission Control Protocol (TCP) and Domain Name Server (DNS) protocols work.
Internet’s modular design presents security risks
The internet was designed as a modular system, with each data transmission component assigned a specific task and enclosed within a layer of protection called encapsulation. During the transmission of data, the data packets are concealed and should not be altered. However, the middleboxes —semi-active components— that may encounter the data packets, are typically hidden from users. These middleboxes enhance efficiency and security, but also present the security risks.
“In security, we say that the more complex a system is, the more vulnerabilities it has,” explains Ilies Benhabbour, a Ph.D. student working alongside Marc Dacier. “To ensure the security of the internet, it is important to identify and eliminate the vulnerabilities as much as possible.”
NoPASARAN to the rescue
Several tools exist for detecting semi-active components, but they tend to be cumbersome and are tailored only to a few specific internet protocols. In response to this challenge, Benhabbour and Dacier developed a new cybersecurity tool named NoPASARAN. The tool is simple, modular and scalable to many situations, which can be applied to more test cases. NoPASARAN identifies invisible proxy machines that may intercept and read traffic without the users’ knowledge.
The research team has applied NoPASARAN to two test cases so far, TCP and DNS protocols, which are the most commonly used protocols for internet communication. TCP is the ubiquitous communications standard for delivering information through networks, while the DNS protocol serves as the internet’s “phonebook.”
Enhancing Transparency
NoPASARAN can enhance transparency throughout the internet and assist nonexperts in identifying network-related problems. Benhabbour and Dacier plan to make the tool globally accessible to anyone. The tool can be used to improve the security of online banking, cloud computing, and the Internet of Things (IoT) applications that rely on internet security.
Conclusion
The development of NoPASARAN underscores the critical importance of cybersecurity, not only in safeguarding the privacy and integrity of personal data but also in ensuring the security of the global economy and society as a whole. The increasing complexity of internet traffic presents new security challenges, and tools such as NoPASARAN can help mitigate these risks by detecting the vulnerabilities that can be exploited by hackers. As we rely more on the internet in our daily lives, cybersecurity must remain a top priority for anyone who uses it. Only with constant vigilance and ongoing improvements to cybersecurity can we maintain trust in the internet and keep our data secure.
<< photo by Dan Nelson >>
You might want to read !
- Embedding Security by Design: A Shared Responsibility in Today’s Tech Landscape
- “Revolutionizing Software Distribution: Inside the New SBOM Hub for Transparency and Security”
- The Dual Life of a Sysadmin: From IT Professional to Cybercriminal Mastermind
- Why the launch of OX-GPT is a significant advancement for AppSec?
- Exploring Google’s New Rating System for Android Security and Device Vulnerability Reports