Security

Chapter 16

Sections 16.1 to 16.6 inclusive

1
 Objectives

◼ Discuss security threats and attacks

◼ Explain the fundamentals of encryption, authentication, and hashing

◼ Examine the uses of cryptography in computing

◼ Describe the various countermeasures to security attacks

2
 Outline

◼ The Security Problem

◼ Program Threats

◼ System and Network Threats

◼ Cryptography as a Security Tool

◼ User Authentication

◼ Implementing Security Defenses

3
 - The Security Problem …

◼ Computer resources include the information stored in the system (both data
and code), as well as the CPU, memory, secondary storage, tertiary storage,
and networking that compose the computer facility.
◼ Security involves guarding computer resources against unauthorized access,
malicious destruction or alteration, and accidental introduction of
inconsistency.
◼ We say that a system is secure if its resources are used and accessed as
authorized under all circumstances.
◼ Unfortunately, total security cannot be achieved. Nonetheless, we must have
mechanisms to make security breaches a rare occurrence, rather than the
norm.

4
 - The Security Problem

◼ Note that in our discussion of security, we use the terms:

◼ Intruders, hackers, attackers: for those attempting to breach security.

◼ Threat: for a potential security violation

◼ Attack: for an attempt to breach security

◼ Attack can be accidental or malicious

◼ Easier to protect against accidental than malicious misuse

5
 -- Security Violations

◼ Categories:

◼ Breach of confidentiality: Unauthorized reading of data

◼ Breach of integrity: Unauthorized modification of data

◼ Breach of availability: Unauthorized distraction of data

◼ Theft of service: Unauthorized use of resources

◼ Denial of service (DoS): Preventing legitimate use of the system

6
 --- Most Common Methods of attack

◼ Masquerading:
◼ in which one participant in a communication pretends to be someone else
◼ It is breach of authentication, which is the correctness of identification

◼ Replay attack: Consists of the malicious or fraudulent repeat of a valid data

transmission.
◼ For example, in a repeat of a request to transfer money.

◼ Session hijacking: in which an active communication session is intercepted.

◼ Man-in-the-middle attack: in which an attacker sits in the data flow of a

communication, masquerading as the sender to the receiver, and vice versa. Can
be done by session hijacking.

◼ Privilege escalation gives attackers more privileges than they are supposed to
have.

7
Standard Security Attacks

8
 -- Security Measure Levels

◼ Impossible to have absolute security, but make cost to perpetrator sufficiently

high to deter most intruders
◼ Security must occur at four levels to be effective:
◼ Application
◼ Operating System
◼ Network
◼ Physical
◼ Another level than can be considered is Human.
◼ Avoid social engineering, phishing , dumpster diving
◼ Security as weak as the weakest chain.
◼ In the remainder of this chapter, we address security at the network and OS
levels.
9
Four-layered Model of Security

10
 - Program Threats …

◼ Malware:
◼ software designed to exploit, disable or damage computer systems.
◼ There are many ways to perform such activities, and the major variations are:
◼ Trojan horse
◼ spyware
◼ Ransomware
◼ trap door
◼ logic bomb
◼ code-injection attack: An attack that modifies otherwise well-behaved executable
code.

11
 - Program Threats …

◼ Trojan Horse: A program that acts in a malicious manner, rather than simply
performing its stated function.

◼ Ransomware: A class of malware that disables computer access (frequently by

encrypting files or the entire system) until a ransom is paid.

◼ Spyware: A Trojan horse variation in which the installed malware gathers

information about a person or organization.

◼ Trap Door: A back-door daemon left behind after a successful attack to allow
continued access by the attacker.

◼ Logic Bomb: A remote-access tool designed to operate only when a specific set
of logical conditions is met.

12
 … - Program Threats …

◼ Virus: A fragment of code embedded in a legitimate program that, when

executed, can replicate itself; may modify or destroy files and cause system
crashes and program malfunctions.
◼ Many categories of viruses, literally many thousands of viruses
◼ File
◼ Boot
◼ Macro
◼ Source code
◼ Polymorphic (mutates)
◼ Encrypted
◼ Stealth (hides from anti-virus)
◼ Tunneling
◼ Multipartite
◼ Armored
13
 … - Program Threats

◼ Worm
◼ A program that spreads malware between computers without intervention
from humans.
◼ Rarely requires any user action to propagate
◼ Does not need to be attached to another program or file to spread
◼ Once a virus or worm is released, it can spread rapidly, often infecting
millions of computers worldwide within minutes or hours

14
 - System and Network Threats

◼ Attacking network traffic

◼ sniffing: An attack in which the attacker monitors network traffic to obtain
useful information.
◼ spoof: The imitation of a legitimate identifier (such as an IP address) by an
illegitimate user or system.
◼ Port scanning: Automated attempt to connect to a range of ports on one or a
range of IP addresses
◼ is not itself an attack but is a means for a hacker to detect a system's
vulnerabilities to attack

◼ Denial of Service
◼ Overload the targeted computer preventing it from doing any useful work
◼ Distributed denial-of-service (DDOS) come from multiple sites at once

15
 - Cryptography as a security tool …

◼ Broadest security tool available

◼ Source and destination of messages cannot be trusted without cryptography

◼ Means to constrain potential senders (sources) and / or receivers (destinations)

of messages

◼ Based on secrets (keys)

◼ Symmetric

◼ Asymmetric

16
 … - Cryptography as a security tool

◼ Keys are generally distributed selectively to computers in the network.

◼ A sender can encode its message using the key so that only the computer with a
certain key can decode the message.

◼ A recipient of a message verify that the message was created by some computer
possessing a certain key .

◼ Important: It should be computationally infeasible to derive the key from

messages used to generate and from any other public information.

17
Secure Communication over Insecure Medium

18
 -- Encryption

◼ Encryption is used to keep sensitive data and information more secure when
transmitted over unreliable links as an OS may not offer sufficient protection for
such highly sensitive data.

◼ Encrypt clear text (readable form) into cipher text (internal form).

◼ Properties of good encryption technique:

◼ Relatively simple for authorized users to encrypt and decrypt data.
◼ Encryption scheme depends not on the secrecy of the algorithm but on a
parameter of the algorithm called the encryption key.
◼ Extremely difficult for an intruder to determine the encryption key.

19
 -- Symmetric Cryptography …

◼ Uses the same secret key to encrypt and decrypt a message

◼ Sender

◼ Encrypts a message using the secret key

◼ Sends encrypted message to the intended recipient

◼ Recipient

◼ Decrypts the message using the same secret key

20
… -- Symmetric …

21
 … --Symmetric

◼ Limitation of symmetric (secret-key) cryptography

◼ Before two parties can communicate securely, they must find a secure way to
exchange the secret key

◼ Can be done by courier or a key distribution center (KDC)

◼ KDCs generate session keys to clients

◼ Examples of secret-key cryptography:

◼ DES

◼ 3DES

◼ AES

22
--- Distributing a session key with a key distribution center

23
 -- Asymmetric (public-key ) Cryptography …

◼ Solves the problem of securely exchanging symmetric keys

◼ Asymmetric: Employs two inversely related keys:

◼ Public key: Freely distributed
◼ Private key: Kept secret by its owner

◼ If the public key encrypts a message, only the corresponding private key
can decrypt it

24
… -- Asymmetric Cryptography …

25
 … -- Asymmetric Cryptography …

◼ If the decryption key is the sender’s public key and the encryption key is the
sender’s private key, the sender of the message can be authenticated
◼ Message should be encrypted first using the receiver’s public key, then with
the sender’s secret key
◼ Public key provides confidentiality
◼ Secret key provides authentication

◼ Examples of public-key cryptography:

◼ RSA
◼ Pretty Good Privacy (PGP)

26
 - Secure Communication …

◼ Five fundamental requirements for a successful, secure communication

◼ Privacy: Ensuring that the information transmitted over the Internet has not
been viewed by a third party

◼ Integrity: Ensuring that the information sent or received has not been altered

◼ Authentication: Verifying the identities of the sender and receiver

◼ Authorization: Managing access to protected resources on the basis of user

credentials

◼ Nonrepudiation: Ensuring that a sender cannot deny having sent a message,

and a receiver cannot deny having received it.

27
 -- key Management

◼ Maintaining the secrecy of private keys is essential to the maintenance of

cryptographic system security

◼ Most security breaches result from poor key management rather than cryptanalytic
attacks
◼ For example: The mishandling of private keys, resulting in key theft

◼ Key generation
◼ The process by which keys are created
◼ Important to use a key-generation program that can generate a large number
of keys as randomly as possible
◼ Key security is improved when key length is large enough that brute-force
cracking is computationally infeasible

28
 -- Key Agreement protocol …

◼ public-key algorithms: Most often employed to exchange secret keys securely

◼ Key agreement protocol: The process by which two parties can exchange keys over
an unsecure medium
◼ Digital envelopes
◼ Authenticates sender

◼ Digital signatures (using the SHA-1 and MD5 hash algorithms)

◼ To make sure that the message wasn’t changed in the insecure medium

29
--- Digital Envelop

30
 --- Digital Signatures

◼ The electronic equivalents of written signatures

◼ Developed to address the absence of authentication and integrity in public-key
(Asymmetric) cryptography
◼ Sender Hashes the message to produce message digest
◼ Encrypts the message digest and the message before sending
◼ Difficult to forge
◼ Hash value uniquely identifies a message
◼ Examples
◼ Secure Hash Algorithm (SHA-1)
◼ MD5 Message Digest Algorithm
◼ Digital Signature Algorithm (DSA)

31
 - User Authentication ...

◼ Identifying users and the actions they are allowed to perform

◼ A user can be identified by:

◼ a unique characteristic of the person (e.g., fingerprints, voiceprints, retina scans
and signatures)
◼ ownership of an item (e.g., badges, identification cards, keys and smart cards)
◼ user knowledge (e.g., passwords, personal identification numbers (PINs) and
lock combinations)

32
 -- Basic Authentication

◼ Simple password protection

◼ Most common authentication scheme
◼ The user chooses a password, memorizes it and presents it to the system to gain
admission to a resource or system
◼ Weaknesses of password protection
◼ Users tend to choose passwords that are easy to remember
◼ For example: the name of a spouse or pet
◼ Someone who has obtained personal information about the user might try to log in
several times using passwords that are characteristic of the user
◼ Several repeated attempts might result in a security breach
◼ Password salting
◼ Technique that inserts characters at various positions in the password before
encryption
◼ Can thwart attempts at recovering passwords from password files

33
--- Password Salting

34
 …- User Authentication

◼ Encrypted password

◼ One time password

◼ Biometrics: Uses unique personal information to identify a user

◼ Fingerprints
◼ Eyeball iris scans
◼ Face scans

◼ Smart cards
◼ Often designed to resemble a credit card
◼ Can serve many different functions, from authentication to data storage
◼ Most popular: memory cards and microprocessor cards

35
 - Implementing Security Defenses

◼ Firewalls

◼ Intrusion detection systems

◼ Antivirus software

◼ Security patches

◼ Secure file systems

◼ Many others

36
 -- Firewalls

◼ Firewalls
◼ Protect a local area network (LAN) from intruders outside the network
◼ Police inbound and outbound traffic for the LAN

◼ Types of firewalls
◼ Packet-filtering firewall : Inspects packets for inconsistencies such as
incorrect source address
◼ Application-level gateways: Inspect packets for malicious payloads (code)

37
Network Security Through Domain Separation Via Firewall

38
 -- Intrusion-Detection Systems (IDSs)

◼ IDSs monitor networks and application log files

◼ Logs record information about system behavior, such as:
◼ The time at which operating system services are requested
◼ The name of the process that requests them
◼ Examine log files to alert system administrators of suspicious application
and/or system behavior
◼ If an application exhibits erratic or malicious behavior, an IDS can halt the
execution of that process

◼ Host-based IDs: Specially used to detect Trojan horse

◼ Network-based IDs: Mainly used to detect denial of service (Dos)

39
 -- Antivirus Software …

◼ Antivirus software

◼ Attempts to protect a computer from a virus and/or identify and remove

viruses on that computer

◼ Various techniques used to detect and remove viruses from a system

◼ None can offer complete protection

40
 … -- Antivirus Software

◼ Signature-scanning virus detection

◼ Relies on knowledge about the structure of the computer virus’s code

◼ Uses a known virus list

◼ Can be particularly ineffective against variants and polymorphic viruses

◼ Heuristic scanning

◼ Can prevent the spread of viruses by detecting and suspending any program
exhibiting virus-like behavior:
◼ Replication, residence in memory and/or destructive code

◼ Primary strength: it can detect viruses that have not yet been identified

41
 -- Security Patches

◼ Security patches
◼ Code releases that address security flaws
◼ Simply releasing a patch for a security flaw is insufficient to improve security
◼ Developers should address security flaws by:
◼ Notifying their users quickly
◼ Providing software that facilitates the process of applying security patches
◼ Example: Hotfixes
◼ Microsoft Automatic Updates

42
 -- Secure File Systems

◼ Secure file systems

◼ Protect sensitive data regardless of how the data is accessed

◼ Encrypting File System (EFS)

◼ Uses cryptography to protect files and folders in an NTFS file system
◼ Uses secret-key and public-key encryption to secure files

43
 -- Others

◼ Auditing, accounting, and logging of all or specific system or network

activities

◼ Example
◼ Tripwire

44
45