1 / 51

An Overview of Computer and Network Security

An Overview of Computer and Network Security. CS535, TE/CS 536 Network Security Spring 2005 – Lecture 2. A Motivating Example. Requirements of an e-Commerce site Performance # of current transactions Usability Easy to follow GUIs, convenience Security

terah
Download Presentation

An Overview of Computer and Network Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. An Overview of Computer and Network Security CS535, TE/CS 536 Network Security Spring 2005 – Lecture 2

  2. A Motivating Example • Requirements of an e-Commerce site • Performance • # of current transactions • Usability • Easy to follow GUIs, convenience • Security • Secure transmission and storage of customer financial/personal data • Protect the Web servers and the enterprise network from illegitimate access • Provide continuous/uninterrupted services

  3. OSI of ISO Internet Stack Application Presentation Application Layer Session Transport Transport Network Internet Data Link Data Link Physical Physical The Internet

  4. Protocols • Application layer • HTTP, FTP, Telnet, SMTP, DNS • Transport layer • TCP, UDP • Internetworking layer • IP, ICMP, ARP, RARP • Network interface (data link) layer • Ethernet, PPP • Physical layer

  5. Layered Store-and-forward User A User B Application Transport Network Link

  6. Problems in implementing security • Vulnerabilities arise from– • weak design (of system or protocols) • compromised entity • Heterogeneous networking technologies add to security complexity • Higher-speed communication puts more information at risk in given time period

  7. The Definition • Security the possibility of successful yet undetected theft, tampering, and disruption of information and services is kept low or tolerable

  8. Basic Security Services • Authentication assurance that the communicating entity genuine • Data Confidentiality protection of data from unauthorized access • Data Integrity trustworthiness of data or resources (no modification or replay) • Availability ability to use the information or resource upon demand by an authorized entity • Non-repudiation protection against denial by sending or receiving entities of having communication

  9. Security Threats and Attacks • A threat is a potential violation of security. • Flaws in design, implementation, and operation. • An attack is any action that violates security. • An adversary • Passive and active attacks

  10. Eavesdropping - Message Interception (Attack on Confidentiality) • Unauthorized access to information • Packet sniffers and wiretappers • Illicit copying of files and programs R S Eavesdropper

  11. Integrity Attack - Tampering With Messages • Stop the flow of the message • Delay and optionally modify the message • Release the message again (replay) R S Perpetrator

  12. Authenticity Attack - Fabrication • Unauthorized assumption of other’s identity • Generate and distribute objects under this identity R S Masquerader: from S

  13. R S Attack on Availability • Destroy hardware (cutting fiber) or software • Modify software in a subtle way • Corrupt packets in transit • Blatant denial of service (DoS): • Crashing the server • Overwhelm the server (use up its resource)

  14. Impact of Attacks • Theft of confidential information • Unauthorized use of • Network bandwidth • Computing resource • Spread of false information • Disruption of legitimate services All attacks can be related and are dangerous!

  15. Close-knit Attack Family Active Attacks Passive attacks re-target jam/cut it sniff for content capture & modify re-target traffic analysis - who is talking pretend

  16. Security Models of organizations • No security or security through obscurity • Host security • Application level • Problem: many hosts • Network security • Control access to hosts and services Organizations can be Targets of opportunity (TOO) or Targets of choice (TOC)

  17. Security Policy and Mechanisms • Policy: a statement of what is/is not allowed. • Mechanism: a procedure, tool, or method of enforcing a policy. Implements functions that help prevent, detect, and respond to recovery from security attacks. • Security functions are typically made available to users as a set of security servicesthrough APIs or integrated interfaces.

  18. Parameters of security policy(Operational Issues) • Cost-Benefit Analysis • Risk Analysis • Laws and Custom • People issues: e.g. change password every month? • Security architecture ; e.g. a layered approach.

  19. Security Threats and Vulnerabilities TE/CS 536 Network Security Dr. Haroon Atique Babri, UMT Spring 2005 – Lecture 3 Adapted from Dr. Wenke Lee, Georgia Tech

  20. The Security Life-Cycle • Threats • Policy • Specification • Design • Implementation • Operation and Maintenance

  21. Taxonomy of Threats • Viruses and Worms • Web features, e.g. cookies (see text) • IP layer attacks • TCP layer attacks

  22. Viruses • A small piece of software that attaches itself to a program (e.g. a spreadsheet) or document. • Each time the program runs, the virus runs. • When a virus runs, it looks for other any executable files in any directory and infects them and/or does something bad.

  23. Virus – what does it look like Start of original code … X-1 X jump to Y X+1 … end of original code … Y first statement of virus code … statement X in original code Y+n jump to X+1

  24. The Rise of Viruses • The spread of PCs in late 1980s • Use of modem accessible computer bulletin boards to down load programs (or Trojan horses), e.g. games, spreadsheets. • Floppy disks

  25. Types of Viruses • Executable • Infection phase: (1)Designed to get executed first when the host program runs. (2) Looks into memory, and if it finds another program on the disk, it adds its code to it. (3) The virus then launches the host program • Attack phase: activated by some sort of trigger, e.g. date, does something bad.

  26. Types of Viruses • Boot sector viruses • Boot sector is a small program that tells the computer how to load the rest of OS. • Transmitted through floppies • Good news: Huge sizes of today’s programs require CDs + Today’s OS protect the boot sector. • Bad news: with CD-RW becoming common, viruses now can spread across CDs

  27. E-mail Viruses • Moves around in e-mail messages, replicate by automatically mailing itself to people in the victim’s e-mail address book. • Melissa (3/99): spread as a Word doc uploaded to an Internet newsgroup. • ILOVEYOU (5/00): code as an attachment; double clicking allowed it to execute; took advantage of VBA built in Microsoft Word.

  28. Worms • A small piece of software that normally uses computer networks and security holes to replicate itself. • A copy of the worm scans the network for another machine that has a specific security hole, e.g. buffer overflow. • It copies itself to the new machine using the security hole and …

  29. Worm – how it spreads (1) • Log into another machine by guessing passwords. • Account name/passwords might be stored in script files to allow a naïve user to access remote resources remotely.

  30. Worm – how it spreads (2) • A copy of the worm scans the network for another machine that has a specific security hole, e.g. buffer overflow. • It copies itself to the new machine using the security hole and …

  31. Famous Worms • Code Red: each copy scanned the Internet for Win NT or Win 2000 servers without the MS security patch installed, and copied itself to the server. Code Red was designed to do 3 things: • Replicate itself for first 20 days of each month • Replace Web pages on servers with a page: “Hacked by Chinese” • Launch attack on www.whitehouse.gov • Slammer: see handout

  32. What to do • Virus checkers • check all files for the instruction sequences of known viruses • Polymorphic virus: changes order of instructions, or changes to functionally similar instructions each time it copies itself. • Take a snapshot of disk storage by recording file lengths or taking message digests of files • Virus can compress the program and then add itself to maintain original length.

  33. What to do • Use security features provided by a language • Java sandbox • MS security patches ?

  34. IP packet attacks (1) • Packet sniffing or snooping • Prevention: data encryption • link to link • source to destination.

  35. IP Packet Attacks (2) - • IP Spoofing • A common first step to many threats. • Source IP address cannot be trusted! SRC: source DST: destination IP Header IP Payload SRC: 128.59.10.8 DST: 130.207.7.237 Is it really from Columbia University?

  36. From: XYZ Lahore To: ABC Sialkot Similar to Mail (or E-mail) Mail maybe better in the sense that there is a stamp put on the envelope at the location (e.g., town) of collection...

  37. Most Routers Only Care About Destination Address src:128.59.10.8 dst:130.207.7.237 128.59.10.xx Rtr Columbia 130.207.xx.xx Rtr Georgia Tech 36.190.0.xx Rtr src:128.59.10.8 dst:130.207.7.237 Stanford

  38. IP Attacks (3) • Attack packets with spoofed IP address help hide the attacking source. • A smurfattack launched with your host IP address could bring your host and network to their knees. • Higher protocol layers (e.g., TCP) help to protect applications from direct harm, but not enough.

  39. Current IPv4 Infrastructure • No authentication for the source • Various approaches exist to address the problem: • Router/firewall filtering • TCP handshake

  40. Router Filtering • Decide whether this packet, with certain source IP address, should come from this side of network. • Not standard - local policy. Hey, you shouldn’t be here! Rtr 36.190.0.xx src:128.59.10.8 dst:130.207.7.237 Stanford

  41. Router Filtering • Very effective for some networks (ISP should always do that!) • At least be sure that this packet is from some particular subnet • Problems: • Hard to handle frequent add/delete hosts/subnets or mobileIP • Upsets customers should legitimate packets get discarded • Need to trust other routers

  42. TCP Handshake server client SYN seq=x SYN seq=y, ACK x+1 ACK y+1 connection established

  43. TCP Handshake seq=y, ACK x+1 128.59.10.xx Rtr Columbia 130.207.xx.xx Rtr Georgia Tech 36.190.0.xx Rtr x The handshake prevents the attacker from establishing a TCP connection pretending to be 128.59.10.8 src:128.59.10.8 dst:130.207.7.237 Stanford

  44. TCP Handshake • Very effective for stopping most such attacks but vulnerable • Problems: • The attacker can succeed if “y” can be predicted • Other DoS attacks are still possible (e.g., TCP SYN-flood)

  45. IP Spoofing & SYN Flood • IP spoofing: X sends SYN message to victim R using S’s IP • R sends an acknowledgment (SYN-ACK) to client S but does not received the ACK message (half-open connection). • Half-open connections data structure on the victim server R eventually fills. R unable to accept new connections until the table is emptied out. • Normally a timeout for half-open connections allows R to recover. However, X can continue sending IP-spoofed packets requesting new connections faster than R can expire the pending connections.

  46. icmp echo request icmp echo reply icmp echo request to a broadcast address: from victim attacker icmp echo request from all hosts to victim victim ping smurf

  47. Smurf Attack • Generate ping stream (ICMP echo request) to a network broadcast address with a spoofedsource IP set to a victim host • Every host on the ping target network will generate a ping reply (ICMP echo reply) stream, all towards the victim host • Amplified ping reply stream can easily overwhelm the victim’s network connection

More Related