CS 473 / 5714

Network Security
Spring 2024
Lecture 1
Mobin Javed

1
Introductions…

2
 Instructor: Mobin Javed
• 15 years back: An UG student taking a security clas

• Director: Security and Internet Analytics (SIA) Grou

• Protecting Enterprise Networks (Defense)

• Measuring Censorship, Information Leakage, and Cybercrime

• Adversarial Machine Learning (Attacks + Defense)

• Usable Security and Privacy

• Collaborations:

• Virginia Tech, ICSI Berkeley, University of Saarland, CISPA Germany

 **TAs**

Zoha Hayat Seemal Tausif Emaan Atique

Mughees
4 ur Rehman Saad Sher Alam
 Plan for Today
• Course Staff Introductions [~5 mins]

• Securing the Internet Today [~20 mins]

• Course Outline, Logistics, Grading [~15 mins]

• Foundations of Secure Systems: CIAA [20 mins]

• SIA Intro [Time Permitting]

5
How many of you feel you
are NOT secure on the
Internet?

6
Today’s Security
Landscape…

7
What are we trying to
Secure?

8
Data, Communications,
& Infrastructure

9
Online Transactions

10
Money

11
Content: Text, Audio,
Video
12
13
14
15
Democracy

16
 Today’s Security
Landscape…

Translated into Recent

Events …
17
18
19
20
21
22
23
24
25
Why does security
continue to be a
problem?

26
 Course Objectives
• Goal 1: Develop a concrete understanding of the
fundamentals of computer security

• Goal 2: Develop an understanding of the security

landscape and the on-going work in this eld

• Goal 3: Improve your online security practices

27

fi
 Course Overview

1. Web Securit 2. Network Securit 3. Usable Securit

[02 lectures + 01 lab] [07 lectures] [02 lectures]

4. Software Securit 5. Cryptography

[02 lectures + 01 lab] [08 lectures+ 02 labs]

28
y

 Grading
Labs: 12%
HWs: 20%
Quizzes: 25%
Midterm: 15%
Final: 25%
Class Participation: 03%
Labs: In-lecture labs led by the TAs

Quizzes: In-lecture unannounced timed quizzes

Class Participation: Unannounced in-lecture class activities + announced

activities for asynchronous modules
29
LMS / Online Discussion
• Course content will be uploaded on LMS. All
materials will be organized on the main Syllabus
page.

• All course communication will be through Slack:

• Announcements

• Online discussion

30
 Note on TAs / Email
Communication
We have assigned each student a Primary TA

You should bug the secondary TAs in case

your Primary TA is unavailable

All course queries should be routed through the TAs/

Slack
(The instructor may not be able to answer individual
emails due to the volume)

31
 Ethics
• We will be covering attacks in the class, some of
them quite nasty

• However, you must NOT undertake these attacks in

any fashion other than with informed consent of all
involved and affected parties

• Ask the instructors if you have any doubt

• Failure to comply will result in grade deduction /

disciplinary action
32
Questions

33
Foundations of Secure
Systems

34
1. Con dentiality

35
fi
 Con dentiality
■ Goal: To Keep the contents of communication or data
on storage secret
■ Example: Alice and Bob want their communications to
be secret from Eve
■ Eve is able to see the bits
■ On an ethernet network that uses a hub, each computer is capable of
seeing all the network traffic generated by any other computer
■ Ethereal, tcpdump, dsniff
■ Promiscuous mode
■ Key – a secret shared between Alice & Bob
■ Sometimes accomplished with
■ Cryptography, Steganography

36
fi
2.Data Integrity

37
 Data Integrity
■ Data Integrity = No Corruption
■ Man in the middle attack:
■ Has Mallory tampered with the message that Alice sends to
Bob?
■ Integrity Check: Add redundancy to data/messages
■ Techniques:
■ Hashing (MD5, SHA-1, …), Checksums (CRC…)
■ Codes that are functions of the message being sent are appended
■ Message Authentication Codes (MACs)

38
 Expired Crypto

■ Crypto, like food, can be expired

■ Expired food can make you feel ill
■ Expired crypto can expose your data
■ Examples: MD5, DES, WEP
■ http://www.mscs.dal.ca/~selinger/md5collision/

39
3. Authentication

40
 Authentication
• The act of Identity Veri cation

• How can Bob be sure he is communicating with Alice?

• Three general ways to authenticate:

• Something you know (e.g., passwords)

• Something you have (e.g., tokens)

• Something you are (e.g., biometrics)

41
fi
 Authentication
(a) Something you KNOW
■ Bob asks for a secret that only Alice knows.
■ Example: Passwords
■ Pros:
■ Simple to implement
■ Simple for users to understand
■ Cons:
■ Easy to crack (unless users choose strong ones)
■ Passwords are reused many times
■ Numerous opportunities for the attacker to listen in
■ One-time Passwords (OTP): different password used each time,
but it is difficult for user to remember all of them
■ A device could be used that could keep track of all the
passwords that a user would need to use.

42
 Authentication
(b) Something you HAVE
■ OTP Cards : generates new password each time user logs in
■ SecureID offered by RSA security
■ The OTP card is a One Time Password generator. When the code
button is pushed a new dynamic password is displayed on the card.
■ Smart Card:
■ tamper-resistant
■ stores secret information
■ entered into a card-reader
■ reader must be trusted
■ attacks have been carried out using rogue card readers
■ Token / Key
■ ATM Card
■ Not tamper resistant
■ Magnetic tape reader can copy contents which can be moved to an empty card
■ Strength of authentication in this case depends on difficulty of forging

43
 Authentication
(c) Something you ARE
■ Biometrics

■ Pros: “raises the bar”

■ Cons: false negatives/positives, social acceptance, key
management
■ false positive: authentic user rejected
■ false negative: impostor accepted
■ Cannot revoke the key in case of a compromise ☺

44
4. Availability

45
 Availability
■ If a system is made unavailable through an attack, a
company may lose its ability to earn revenue.
■ One example of such an attack is denial of service.
■ Goal of DoS (Denial of Service) attacks are to reduce
availability
■ Malware used to send excessive traffic to victim site
■ Overwhelmed servers can’t process legitimate traffic
■ Distributed denial of service attacks.
■ Solutions:
■ Add redundancy to remove single point of failure
■ Impose “limits” that legitimate users can use

46
5. Authorization

47
 Authorization
■ It is the act of checking whether a user has
permission to conduct some action
■ ATM example
■ Alice wants to draw more than the daily limit
■ Is a “subject” (Alice) allowed to access an “object”
(open a file, delete a file etc)?
■ Access Control List: mechanism used by many
operating systems to determine whether users are
authorized to conduct different actions

48
6. Accountability

49
 Accountability
■ Key security goal
■ Able to determine the attacker or principal in case
something goes wrong.
■ Logging & Audit Trails
■ Requirements:
■ Secure Timestamping
■ Data integrity in logs & audit trails, must not be able to change trails, or be
able to detect changes to logs
■ Otherwise attacker can cover their tracks

50
7. Non-Repudiation

51
 Non-Repudiation
■ Undeniability of a transaction by any of the parties
involved
■ Alice wants to prove to Trent that she did
communicate with Bob
■ Generate evidence / receipts (digitally signed
statements)

52
 Key Security Concepts
• Con dentiality

• Data Integrity

• Authentication

• Availability

• Authorization

• Accountability

• Non-Repudiation
These will come up again and again, so internalise them
53
fi
Questions?

54
Next Lecture: Web
Security

55