Professional Documents
Culture Documents
Computer and Network Security: Dr. Ron Rymon Efi Arazi School of Computer Science IDC, Herzliya. 2010/11
Computer and Network Security: Dr. Ron Rymon Efi Arazi School of Computer Science IDC, Herzliya. 2010/11
Introduction
Dr. Ron Rymon Efi Arazi School of Computer Science IDC, Herzliya. 2010/11
Todays Lecture
Introduction
A Few Nightmare Scenarios Statistics and Impact Course Plan and Administrativia Models of Computer Security
Examples
Threats Attacks Security Mechanisms Security Needs and Services
Confidentiality of information stored on computers Confidentiality of information communications Control of our computers and networks Ensuring the integrity of information Identifying/authenticating communication partners Protecting information services (enterprise, www) Protecting information and people privacy Protecting digital rights and property Protecting computer-operated physical infrastructure
hand-held devices, electronic voting, electronic payment, border control, job entry, etc.
The Adversaries
For Profit Organized crime Fraudsters Information thieves Marketers Spies (military, commercial) Enemy states & terrorists
Vandals Commercial and political reasons Mostly, nut cases and irresponsible kids (script kiddies)
Joy riders Technically skilled Psychologically challenged Again, mostly kids Insiders!
Viruses, worms, etc. Password cracking Intrusion and penetration attacks Eavesdropping attacks (esp. wireless) Communication hijacking attacks Denial of service attacks OS/Application vulnerability attacks Trojan horses, viruses/worms, spyware, keyloggers Server and access point impersonation Phishing and phraud Clickjacking Social Engineering More.
Encryption Anti-virus software Spam filters Firewalls Intrusion detection/prevention software Strong authentication Access control Authorization management Application security gateways and filters Patch management systems Electronic signatures Disaster Recovery and more
EDUCATION!!
this to hack into a NY bank and steal account data; then extorts the bank
2004 Code of Win2K and NT stolen from Microsoft partner 2004 Code of Cisco IOS stolen 2006 - 25% of companies reported attempted penetration (really, close to 100%) 2006 25% of computers believed infected
2007 - Theft of laptops and PDAs is top security concern for CIOs 2008 Identity theft is top concern for individuals (1 in 6 Americans last year!) 2009 Data Leakage is a key concern for security and compliance officers 2010 Where are our (virtualized) systems? Who has access to them?
70% of all cases are internal work profit, revenge, and ignorance
Code Red (2001) leaves back door on infected machines infected 359,000 IIS servers in 14 hours, 2000 per minute at the peak
SQL Slammer (2003) generated huge traffic from infected network In 2004, there were 112,000 known viruses Today, most malware is commercially motivated Professional and uses multiple infection mechanisms (time to infection is down to FIVE minutes in 2008) Soldiers in the botnets army (~25% of all computers are infected) Steal information, e.g., identity, passwords, credit cards Serve for commercial spam Many recent attacks aimed at virtualization platforms Next, significant risk to mobile devices, VOIP systems
Massive defacing 2001- hacker group defaces 679 sites in 1 minute 2003 - Blackhat defacing competition: winner must deface 6000 sites asap
2007 US government sites pointing to Viagra and porn sites
1996 - Panix (ISP) suffers a DoS SYN attack 1999 - Melissa crashes e-mail servers (replicates to Outlook contacts) 2000 - Mafiaboy attack crashes Yahoo, CNN, Amazon for 3 hours 2003 - RIAA site is attacked 2004 - MyDoom (email virus) attacks Microsoft, SCO sites 2007 - Estonia infrastructure attacked by Russian hackers
27% of companies running web services reported DoS attacks The Knesset, Israeli PM and other ministries are constantly attacked
authenticate
Today, Spam makes up >80% of email traffic Started with Internet economic model of direct marketing fails Spoofing mail address, headers, names, etc Cause significant economic damage
Unprotected e-mail became almost unusable for simple e-mail users Proposed solutions are both technological and legal New comprehensive email solutions include: anti-virus/worms, fraud, spam, content policy, privacy, and confidentiality Microsoft initiative, Challenge-response mechanisms, Caller-ID
Course Plan
Cryptography
history, conventional, public-key, key dist/mgmt
Identity Authentication
Signatures, challenge-response, identity authentication
Access Control
Kerberos, Firewalls, PKI
Application Security
Email security, Spam, VoIP, Cellphones
Course Materials
Course site
http://www1.idc.ac.il/compsec
Main Textbook
Network Security Essentials: Applications and Standards / William Stallings (old edition OK)
Highly recommended
Applied Cryptography / Bruce Schneier
Administrativia
Lecturer: Dr. Ron Rymon Teaching Assistant: Ilan Atias Lectures: Sunday 9:15-11:45am, C109 Secondary slot: Tue evening, 6pm (if needed) Office Hours: by appointment Credits: 3 Open to CS MSc, and BSc (2nd and 3rd year) students Grade: 70% exam, 30% other (project, in-class quizes, homework) Must pass the exam Must turn in all work, in time
Bob
Example
Alice
Trusted Server
Bob
Sign/ Encrypt
PrivK(Alice)
Decrypt
PrivK(Bob) Sign/ Encrypt
Decrypt
Encrypt
Decrypt
Authorization Must be authorized to gain access to specific data, other computing resources.
E.g., file systems, firewalls, application authorization model Various levels of granularity
security needs
Security Attack: An attempt to compromise the security of systems or
information
Example: Eavesdropping on communication Security Service: Use of one or more mechanisms to enhance the
Examples of Attacks
Attacks can be Active, e.g., intrusion, or Passive, e.g,
eavesdropping
Examples of attacks:
Intrusion Eavesdropping Impersonation Viruses / Worms Denial of service Man-in-the-middle Reflection attack Replay attack Password cracking Data/code modification Fraudulent attribution Repudiation
Security Mechanisms
Specific use of certain algorithms, protocols, and
underlying technology