Measuring security allows us to understand whether security is improving, evaluate interventions, and provide evidence to regulators. Measuring security includes the measurement of the security of isolated systems or devices, and of entire ecosystems – including cybercrime within those systems.
This talk will focus on two pieces of security measurement work: Firstly measuring the relative vulnerability of Android devices from different providers. Between 2011 and 2015 70% of Android devices were exposed to known critical vulnerabilities due to a lack of updates. There was wide variation between manufacturers, who we found were the main bottleneck. We developed the FUM metric to measure the difference in security between different providers, the average score was 2.9 out of 10.
Secondly I will describe our measurements of UDP reflection attacks over 1000 days using reflection honeypots and describe a technique for estimating the total number of UDP reflection attacks given only partial data.
Daniel Thomas is a Research Associate at the University of Cambridge and an Honorary Research Associate at Peterhouse, Cambridge. He is a member of the Digital Technology Group, the Security Group, and the Cambridge Cloud Cybercrime Centre. His interests are in measuring security and cybercrime so that we can monitor improvement, evaluate interventions, and inform regulators. He maintains the Android vulnerabilities website, information on the deployed version distribution of Android and help with the Device Analyzer project.
The SRM seminars are the joint seminars of the Security and Trust of Software Systems and Applied Security and Information Assurance research groups, supported by the Laboratory of Algorithmics, Cryptology and Security and the Interdisciplinary Centre for Security, Reliability and Trust.