1 / 45

CMSC 414 Computer and Network Security

This course provides an introduction to computer and network security, covering topics such as cryptography, network and system security, privacy, and more. It includes readings, homework assignments, labs, and class participation. The syllabus is subject to change.

jcamp
Download Presentation

CMSC 414 Computer and Network Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. CMSC 414Computer and Network Security Jonathan Katz

  2. Course Organization

  3. Administrative • Me • TA • Contact information, office hours, listed on course webpage

  4. Course webpage http://www.cs.umd.edu/~jkatz/security/f09 • Syllabus • Subject to change… • Assigned readings and videos • Will try to post by Friday for the following week • Read in advance and come prepared to discuss • Additional (optional) readings • Homeworks distributed from the course webpage • Check frequently for announcements

  5. Class readings • Material posted on the course webpage is fair game for the exams, even if not covered in class • Material covered in class is fair game for the exams, even if not listed on the webpage

  6. Textbook • No required text • Several good texts out there • Will list on the course webpage • Will supplement lectures with other readings (distributed on class webpage)

  7. Course requirements • Homeworks • 3-5 programming assignments • Possibly 1-2 written assignments • I expect students have access to a computer/laptop capable of running a hypervisor • VM player for Windows/linux (free download) • VMware Fusion for MACs ($49.99 for academic license), other free options may be available • Occasional in-class exercises

  8. Labs (tentative) • Crypto • Building a secure protocol • Buffer overflow • Web security

  9. Piazza http://piazza.com • For your benefit • Questions about lecture/readings • Homework questions • News items • I encourage you to post links to news of interest!

  10. Class participation • Please!

  11. Syllabus (tentative)

  12. Syllabus I • Introduction… • A broad perspective on security • Cryptography • The basics (take CMSC 456 or read my book for more) • If you took 456 with me, you can skip • Cryptography is not the whole solution… • …but it is an important part of the solution • Along the way, we will see why cryptography can’t solve all security problems

  13. Syllabus II • Network security I • Identity, PKI • Authentication and key exchange protocols • Password and biometric authentication • Anonymity and pseudonymity • Privacy

  14. Syllabus II • System security • General principles • Security policies • Access control • OS security • “Trusted computing” • Programming language security • Buffer overflows, input validation errors • Viruses/worms • Web security

  15. Syllabus IV • Privacy/anonymity • Database security • Anonymous communication • Privacy in social networks • Network security in the real world • Some real-world protocols (IPSec/SSL) • Security of network infrastructure (routing, DNS, TCP/IP, DDos attacks, …)

  16. Overview

  17. Introduction and overview • What is computer/network security? Why is it important? • Course philosophy and goals • A broad perspective on “computer security”

  18. Computer security is important… • Several high-profile hacks in past years • Number of vulnerabilities/attacks increasing • Cyberwarfare • Increasing gov’t and academic interest • Just read the news…

  19. Cybercrime • e.g., botnets • Washington Post, “Invasion of the Computer Snatchers” (2006): • High-school dropout • Breaks into 2000 computers in 6 hours (while sleeping) • $6,800 per month; 2 minutes of work per day • $2B industry (annual)

  20. Thoughts • Why is the problem so difficult? • What can be done about it?

  21. “Security” • Most of computer science is concerned with achieving desired behavior • Security is concerned with preventing undesired behavior • Different way of thinking! • An enemy/opponent/hacker/adversary who is actively and maliciously trying to circumvent any protective measures you put in place

  22. One illustration of the difference • Software testing determines whether a given program implements a desired functionality • Test I/O characteristics • Q/A • How do you test whether a program does not allow for undesired functionality? • Penetration testing helps, but only up to a point

  23. Why is computer security so hard? • Computer networks are “systems of systems” • Your system may be secure, then the environment changes • Too many things dependent on a small number of systems • Society is unwilling to trade off features for security • Ease of attacks • Cheap • Distributed, automated • Anonymous • Insider threats • Security not built in from the beginning • Humans in the loop… • Computers ubiquitous…

  24. Computers are everywhere… • …and can always be attacked • Electronic banking, social networks, e-voting • iPods, iPhones, PDAs, RFID transponders • Automobiles • Appliances, TVs • (Implantable) medical devices • Cameras, picture frames(!) • See http://www.securityfocus.com/news/11499

  25. A naïve view password

  26. forgot password? In reality… • Where does security end? password

  27. One good attack • Use public records to figure out someone’s password, or to get it from tech support • E.g., hacked email account of Sarah Palin • The password-recovery mechanism is part of the system! • The password-recovery mechanism may be the most vulnerable point to attack

  28. Computer security is not just about computers • What is “the system”? • Physical security • Social engineering • Bribes for passwords • Phishing • “External” means of getting information • Legal records, trash cans • User education… • Security is a process, not a product…(!)

  29. Security is interdisciplinary • Draws on all areas of CS • Theory (especially cryptography) • Networking • Programming languages/compilers • Operating systems • Databases • AI/learning theory • Computer architecture / hardware • HCI, psychology

  30. Security mindset • Learn to think with a “security mindset” in general • What is “the system”? • How could this system be attacked? • What is the weakest point of attack? • How could this system be defended? • What threats am I trying to address? • How effective will a given countermeasure be? • What is the trade-off between security, cost, and usability?

  31. An example: airline security • Ask: what is the cost (economic and otherwise) of current airline security? • Ask: do existing rules (e.g., banning liquids) make sense? • Ask: are the tradeoffs worth it? • (Why do we not apply the same rules to train travel?) • (Would spending money elsewhere be more effective?) • Ask: how would you get on a plane if you were on the no-fly list? • (I will not give you the answer – you can find it online) • This is a thought experiment only!

  32. Computer security is not just about “security” • Prevention… • Detection, response, audit • How do you know when you are being attacked? • How quickly can you stop the attack? • Attribution: can you identify the attacker(s)? • Can you prevent the attack from recurring? • Recovery • Can be much more important than prevention • Economics, insurance, risk management… • Security is a process, not a product…

  33. A naïve view • Achieve “absolute” security

  34. In reality… • Absolute security is easy to achieve! • How…? • Absolute security is impossible to achieve! • Why…? • Good security is about risk management

  35. Security as a trade-off • The goal is not (usually) “to make the system as secure as possible”… • …but instead, “to make the system as secure as possible within certain constraints” (cost, usability, convenience) • Military vs. personal networks • Must understand the existing constraints • E.g., passwords…

  36. Cost-benefit analysis • Important to evaluate what level of security is necessary/appropriate • Cost of mounting a particular attack vs. value of attack to an adversary • Cost of damages from an attack vs. cost of defending against the attack • Likelihood of a particular attack • Sometimes the best security is to make sure you are not the easiest target for an attacker…

  37. “More” security not always better • “No point in putting a higher post in the ground when the enemy can go around it” • Need to identify the weakest link • Security of a system is only as good as the security at its weakest point… • Security is not a “magic bullet” • Security is a process, not a product

  38. Summary • “The system” is not just a computer or a network • Prevention is not the only goal • Cost-benefit analysis • Detection, response, recovery • Nevertheless…in this course, we will focus on computer security, and primarily on prevention • If you want to be a security expert, you need to keep the rest in mind

  39. Philosophy of this course • We are not going to be able to cover everything • We are not going to be able to even mention everything • Main goals • A sampling of many different aspects of security • The security “mindset” • Become familiar with basic acronyms (RSA, SSL, PGP, etc.), and “buzzwords” (phishing, …) • Become an educated security consumer • Try to keep it interesting with real-world examples and “hacking” projects

  40. Course goals • You will not be a security expert after this class (after this class, you should realize why it would be dangerous to think you are) • But you should have a better appreciation of the threats, and how to address some of them

  41. “Trusting trust”

  42. “Trusting trust” • Consider a compiler that embeds a trapdoor into anything it compiles • How to catch? • Read source code? (What if replaced?) • Re-compile compiler? • What if the compiler embeds the trojan code whenever it compiles a compiler? • (That’s nasty…)

  43. Change compiler source S compiler(S) { if (match(S, "login-pattern")) { compile (login-backdoor) return } if (match(S, "compiler-pattern")) { compile (compiler-backdoor) return } .... /* compile as usual */ }

  44. “Trusting trust” • Whom do you trust? • Does one really need to be this paranoid?? • Probably not • Sometimes, yes • Shows that security is complex…and essentially impossible • Comes back to risk/benefit trade-off

  45. Assigned readings • Thompson’s article • “Inside the Twisted Mind of the Security Professional” • “We are All Security Customers” • “Information Security and Externalities” • Chapter 1 of “Security Engineering”

More Related