1 / 46

USC CSci530 Computer Security Systems Lecture notes – Spring 2012

USC CSci530 Computer Security Systems Lecture notes – Spring 2012. Dr. Jelena Mirkovic University of Southern California Information Sciences Institute. Who gets in. If you wish to enroll and do not have D clearance yet, send an email to CSci530@usc.edu with: Your name

ayla
Download Presentation

USC CSci530 Computer Security Systems Lecture notes – Spring 2012

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. USC CSci530Computer Security Systems Lecture notes – Spring 2012 Dr. Jelena Mirkovic University of Southern California Information Sciences Institute

  2. Who gets in • If you wish to enroll and do not have D clearance yet, send an email to CSci530@usc.edu with: • Your name • Which prerequisites you have completed • A phone number • Request to receive a D clearance • I will let you know within a day or two

  3. Class home page • http://ccss.usc.edu/530 • Syllabus • Assignments • News • Lecture notes (also on DEN) • Keep checking it!

  4. Lab • http://ccss.usc.edu/530L • 1 of the 4 units • Instructor is David Morgan • Instruction 4 – 4:50 Fridays in RTH105 • WebCast via DEN • Hands on work in the lab – exercising the theoretical knowledge from class • Some labs will be done remotely using DETER testbed

  5. Paper Reports • Four reports, due as noted online • Each discusses a paper of your choice from a few top security conferences/journals • Summary of the paper and its critique • Your ideas on the topic • 2-4 pages, submitted via DEN • You can submit reports early if you like • One report from each student will be chosen for presentation in class • Total 20% of your grade, 4% each

  6. Quizzes • 4 quizzes • Done before each DETER exercise • Repeated after the exercise • You MUST take each quiz • Total 5% of your grade

  7. Administration • Class e-mail: csci530@usc.edu (TA and inst) • Instructor • Dr. Jelena Mirkovic • Office hours Fri 12:30-1:30pm or by apptin SAL 234 • Contact via email (on class web page) • TA • Melina Demertzi • Office hours Tu and We 10-11 am • Contact via email (on class web page)

  8. Administration • Grading: • Paper reports/presentations: 20% • Lab:  20% • Quizzes: 5% • Participation:  5% • Midterm Exam: 20% • Final Exam: 30% • Grades assigned using an absolute curve:

  9. DEN • DEN system will host the class discussion board • To gain access and log inhttps://mapp.usc.edu/ • Contact webclass@usc.edu if you have difficulty with the system • I will check the discussion board once daily but if you want a reliable response from me email me directly

  10. Class Participation • Class participation is important • Ask and answer questions in class • Ask, answer, participate on-line • Class participation carries 5% of your grade • If I don’t remember you from class, I look in the web discussion forum to check participation • Did you ask good questions • Did you provide good answers • Did you make good points in discussions • For DEN students, discussion board is the primary means of class participation • You can also call into the class if you like

  11. Academic Integrity • What is and is not OK • I encourage you to work with others to learn the material but everyone must DO their work ALONE • Do not to turn in the work of others • Do not give others your work to use as their own • Do not plagiarize from others (published or not) • Do not try to deceive the instructors • See the Web site • More guidelines on academic integrity • Links to university resources • Don’t just assume you know what is acceptable.

  12. What Does Security Mean?

  13. What Does Security Mean?… In Real Life • No one should be able to: • Break into my house • Attack me • Steal my TV • Use my house to throw water balloons on people • Damage my furniture • Pretend to be my friend Bob and fool me • Waste my time with irrelevant things • Prevent me from going to my favorite restaurant • Destroy my road, bridge, city ..

  14. What Does Security Mean?…wrt Computers and Nets • No one should be able to: • Break into my computer • Attack my computer • Steal my information • Use my computer to attack others • Damage my computer or data • Use my resources without my permission • Mess with my physical world • I want to talk to Alice • Pretend to be Alice or myself or our computers • Prevent me from communicating with Alice

  15. Computer vs. Network Security • An isolated computer has a security risk? • Computer security aims to protect a single, connected, machine • Networking = communication at all times and in all scenarios!!! • Network security aims to protect the communication and all its participants • Security = robustness or fault tolerance? Computer security Network security

  16. What Are the Threats? • Breaking into my computer • Hackers • Break a password or sniff it off the network • Exploit a vulnerability • Use social engineering • Impersonate someone I trust • Viruses and worms A vulnerability is a bug in the software that createsunexpected computer behavior when exploited, suchas enabling access without login, running unauthorizedcode or crashing the computer. An exploitis an input to the buggy program that makesuse of the existing vulnerability.

  17. What Are the Threats? • Attacking my computer • Denial-of-service attacks • Viruses and some worms A DOS attack aims to disrupt a service by either exploiting a vulnerability or by sending a lot ofbogus messages to a computer offering a service A virus is a self-replicating program that requiresuser action to activate such as clicking on E-mail,downloading an infected file or inserting an infectedfloppy, CD, etc ..A worm is a self-replicating program that does notrequire user action to activate. It propagates itselfover the network, infects any vulnerable machine itfinds and then spreads from it further.

  18. What Are the Threats? • Stealing my information • From my computer or from communication • I will use cryptography! • There are many ways to break ciphers • There are many ways to divulge partial information (e.g. who do you talk to) • I would also like to hide who I talk to and when • I will use anonymization techniques • Anonymization hinders other security approaches that build models of normal traffic patterns

  19. What Are the Threats? • Using my machine to attack others • E-mail viruses • Worms • Denial-of-service attacks (including reflector attacks) • Spam, phishing

  20. What Are the Threats? • Damaging my computer or data • I have to prevent break-ins • I will also use cryptography to detect tampering • I must replicate data to recover from tampering • Denial-of-service attacks and worms can sometimes damage computers

  21. What Are the Threats? • Taking up my resources with irrelevant messages • Denial-of-service attacks • Spam mail (takes time to read and fills space) • Malicious mail (may contain a virus) • Viruses and worms

  22. What Are the Threats? • Messing up with my physical world • Cyber-physical attacks or collateral victims • Power systems, traffic control, utilities • Travel agencies • Medical devices • Smart vehicles

  23. What Are the Threats? • Pretending to be Alice or myself or our computers • I want to be sure who I am talking to (authentication and digital signatures) • It is hard to impersonate a computer in two-way communication, such as TCP • But it has been done • Plain IP spoofing seems an extremely hard problem to solve IP spoofing means putting a fake IP address in thesender field of IP packets.

  24. What Are the Threats? • Preventing me from communicating with Alice • Alice could be attacked • Routers could be overloaded or tampered with • DNS servers could be attacked

  25. The Three Aspects of Security • Confidentiality (C) • Keep data secret from non-participants • Integrity (I) • Aka “authenticity” • Keep data from being modified • Keep it functioning properly • Availability (A) • Keep the system running and reachable

  26. What Does Security Mean?…wrt Computers and Nets • No one should be able to: • Break into my computer – A, C, I • Attack my computer – A, C, I • Steal my information - C • Use my computer to attack others – I? • Damage my computer or data - I • Use my resources without my permission – A • Mess with my physical world – I, A • I want to talk to Alice • Pretend to be Alice or myself or our computers – C, I • Prevent me from communicating with Alice - A

  27. Orthogonal Aspects • Policy • Deciding what confidentiality, integrity and availability mean • Mechanism • Implementing the policy

  28. What Are the Challenges? • Your security frequently depends on others • Tragedy of commons • A good solution must • Handle the problem to a great extent • Handle future variations of the problem, too • Be inexpensive • Have economic incentive • Require a few deployment points • Require non-specific deployment points

  29. What Are the Challenges? • Fighting a live enemy • Security is an adversarial field • No problem is likely to be completely solved • New advances lead to improvement of attack techniques • Researchers must play a double game

  30. What Are the Challenges? • Attack patterns change • Often there is scarce attack data • Testing security systems requires reproducing or simulating legitimate and traffic • No agreement about realistic traffic patterns • No agreement about metrics • There is no standardized evaluation procedure • Some security problems require a lot of resources to be reproduced realistically

  31. Practical Considerations • Risk analysis and risk management • How important it is to enforce a policy • Which threats matter • Legislation may play a role • The role of trust • Assumptions are necessary • Human factors • The weakest link

  32. In The Shoes of an Attacker • Motivation • Bragging Rights • Profit (Spam, Scam, Phishing, Extortion) • Revenge / to inflict damage • Terrorism, politics • Risk to the attacker • Usually small • Can play a defensive role

  33. Why We Aren’t Secure • Buggy code • Protocol design failures • Weak crypto • Social engineering/human factor • Insider threats • Poor configuration • Incorrect policy specification • Stolen keys or identities • Misplaced incentives (DoS, spoofing, tragedy of commons)

  34. The Role Of Policy • Policy defines what is allowed and how the system and security mechanisms should act • Policy is enforced by mechanism which interprets and enforces it, e.g. • Firewalls • IDS • Access control lists • Implemented as • Software (which must be implemented correctly and without vulnerabilities)

  35. Some Security Mechanisms • VPNs • Intrusion Detection • Intrusion Response • Virus scanners • Policy managers • Trusted hw • Encryption • Checksums • Key management • Authentication • Authorization • Accounting • Firewalls

  36. Today’s Security Deployment • Most deployment of security services today handles the easy stuff, implementing security at a single point in the network, or at a single layer in the protocol stack: • Firewalls, VPN’s • IPSec • SSL • Virus scanners • Intrusion detection

  37. A More Difficult Problem • Unfortunately, security isn’t that easy. It must be better integrated with the application. • At the level at which it must ultimately be specified, security policies pertain to application level objects, and identify application level entities (users).

  38. Loosely Managed Systems • Security is made even more difficult to implement since today’s systems lack a central point of control. • Home machines unmanaged • Networks managed by different organizations. • A single function touches machines managed by different parties. • Clouds • Who is in control?

  39. Cryptography

  40. What Is Cryptography? • Goal: Protect private communication in the public world • Alice and Bob are shouting messages in a crowded room • Everyone can hear what they are saying but no one can understand (except them) • We have to scramble the messages so they look like nonsense or alternatively like innocent text • Only Alice and Bob know how to get the real messages out of the scramble

  41. Cryptography Is Also Useful For … • Authentication • Bob should be able to verify that Alice has created the message • Integrity checking • Bob should be able to verify that message has not been modified • Non-repudiation • Alice cannot deny that she indeed sent the message

  42. Cryptography Is Also Useful For … • Exchanging a secret with someone you have never met, shouting in a room full of people • Proving to someone you know some secret without giving it away • Sending secret messages to any m out of n people so only those m can retrieve messages and the rest n-m cannot • Sending a secret message so that it can be retrieved only if m out of npeople agree to retrieve it

  43. So, How Do We Scramble Messages? • Alice could give a message covertly “Meeting at the old place” • Doesn’t work for arbitrary messages and • Doesn’t work if Alice and Bob don’t know each other • Alice could hide her message in some other text – steganography • Alice could change the message in a secret way • Bob has to learn a new algorithm • Secret algorithms can be broken by bad guys Good cryptography assumes knowledge of algorithm by anyone, secret lies in a key!!!

  44. Sample Crypto Scheme: Ceasar’s Cipher • Substitute each letter with a letter which is 3 letters later in the alphabet • HELLO becomes KHOOR • Instead of using number 3 we could use n[1,25]. nwould be our key • How can we break this cipher? Can you decipher this: Bpqakzgxbwozixpgammuazmitmiag. Emeivbuwzm!

  45. Sample Crypto Scheme: Ceasar’s Cipher • We can also choose a mapping for each letter:(H is A, E is M, L is K, O is Y). This mapping would be our key. This is monoalphabeticcipher. • HELLO becomes AMKKY • How can we break this cipher?

  46. Types Of Cryptographic Functions • Symmetric key crypto: one key • We will call this secret key or shared key • Both Alice and Bob know the same key • Asymmetric key crypto: two keys • Alice has public key and private key • Everyone knows Alice’s public key but only Alice knows her private key • One can encrypt with public key and decrypt with private key or vice versa • Hash functions: no key • Output depends on input in non-linear fashion

More Related