Professional Documents
Culture Documents
Informaton Security
Slide 2
Business Needs First, Technology Needs Last
Informaton security performs four important
functons for an organizaton:
– Protects the organizaton’s ability to functon
– Enables the safe operaton of applicatons
implemented on the organizaton’s IT systems
– Protects the data the organizaton collects and
uses
– Safeguards the technology assets in use at the
organizaton
Slide 3
Protectng the Ability to Functon
• Management is responsible
• Informaton security is
– a management issue
– a people issue
• Communites of interest must argue for
informaton security in terms of impact
and cost
Slide 4
Enabling Safe Operaton
Slide 5
What security is about in general?
• Security is about protection of assets
– D. Gollmann, Computer Security, Wiley
• Prevention
– take measures that prevent your assets from being
damaged (or stolen)
• Detection
– take measures so that you can detect when, how, and
by whom an asset has been damaged
• Reaction
– take measures so that you can recover your assets
6
Real world example
• Prevention
– locks at doors, window bars, secure the walls
around the property, hire a guard
• Detection
– missing items, burglar alarms, closed circuit TV
• Reaction
– attack on burglar (not recommended )
7
Internet shopping example
• Prevention
– encrypt your order and card number, enforce merchants
to do some extra checks, using PIN even for Internet
transactions, don’t send card number via Internet
• Detection
– an unauthorized transaction appears on your credit card
statement
• Reaction
– complain, dispute, ask for a new card number, sue (if
you can find of course )
– Or, pay and forget (a glass of cold water)
8
Information security in past & present
• Traditional Information Security
– keep the cabinets locked
– put them in a secure room
– human guards
– electronic surveillance systems
– in general: physical and administrative
mechanisms
• Modern World
– Data are in computers
– Computers are interconnected
9
Terminology
• Computer Security
– 2 main focuses: Information and Computer itself
– tools and mechanisms to protect data in a computer
(actually an automated information system), even if
the computers/system are connected to a network
– tools and mechanisms to protect the information
system itself (hardware, software, firmware)
• Against?
– against hackers (intrusion)
– against viruses
– against denial of service attacks
– etc. (all types of malicious behavior)
10
Terminology
• Network and Internet Security
– measures to prevent, detect, and correct
security violations that involve the transmission of
information in a network or interconnected networks
11
Security Objectives: CIA Triad and Beyond
Computer Security Objectives
Confdentality
Data confdentality
Assures that priiate or confdental informaton is not made available or
disclosed to unauthorized individuals
Priiacy
Assures that indiiiduals control or infuence what informaton related to them
may be collected and stored and by whom and to whom that informaton may
be disclosed
Integrity
Data integrity
Assures that informaton changed only in a specifed and authorized manner
System integrity
Assures that a system performs its intended functon in an unimpaired manner,
free from deliberate or inadvertent unauthorized manipulaton of the system
Aiailability
Assures that systems work promptly and service is not denied to
authorized users
Additional concepts:
Authentcity Accountability
Verifying that users are Being able to trace the
who they say they are and responsible
that each input arriiing at party/process/entty in
the system came from a case of a security incident
trusted source or acton.
Services, Mechanisms, Attacks
• 3 aspects of information security:
– security attacks (and threats)
• actions that (may) compromise security
– security services
• services counter to attacks
– security mechanisms
• used by services
• e.g. secrecy is a service, encryption (a.k.a.
encipherment) is a mechanism
15
Attacks
• Attacks on computer systems
– break-in to destroy information
– break-in to steal information
– blocking to operate properly
– malicious software
• wide spectrum of problems
• Source of attacks
– Insiders
– Outsiders
16
Attacks
• Network Security
– Active attacks
– Passive attacks
• Passive attacks
– interception of the messages
– What can the attacker do?
• use information internally
– hard to understand
• release the content
– can be understood
• traffic analysis
– hard to avoid
– Hard to detect, try to prevent
17
Attacks
• Active attacks
– Attacker actively manipulates
the communication
– Masquerade
• pretend as someone else
• possibly to get more
privileges
– Replay
• passively capture data
and send later
– Denial-of-service
• prevention the normal use of
servers, end users, or network
itself
18
Attacks
• Active attacks (cont’d)
– deny
• repudiate sending/receiving a message later
– modification
• change the content of a message
19
Security Services
• to prevent or detect attacks
• to enhance the security
• replicate functions of physical
documents
– e.g.
• have signatures, dates
• need protection from disclosure, tampering, or
destruction
• notarize
• record
20
Basic Security Services
Authentcaton
– assurance that the communicatng entty is the one it claims to be
– peer entty authentcaton
• mutual confdence in the identtes of the partes iniolied in a connecton
– Data-origin authentcaton
• assurance about the source of the receiied data
Access Control
– preienton of the unauthorized use of a resource
– to achieie this, each entty trying to gain access must frst be
identfed and authentcated, so that access rights can be tailored
to the indiiidual
21
Basic Security Services
• Data Confidentiality
– protection of data from unauthorized disclosure
(against eavesdropping)
– traffic flow confidentiality is one step ahead
• this requires that an attacker not be able to observe the
source and destination, frequency, length, or other
characteristics of the traffic on a communications facility
• Data Integrity
– assurance that data received are exactly as sent
by an authorized sender
– i.e. no modification, insertion, deletion, or replay
22
Basic Security Services
• Non-Repudiation
– protection against denial by one of the
parties in a communication
– Origin non-repudiation
• proof that the message was sent by the
specified party
– Destination non-repudiation
• proof that the message was received by the
specified party
23
Attack Surface Categories
Network atack surface
– Refers to iulnerabilites oier an enterprise network,
wide-area network, or the Internet
• E.g. DoS, intruders exploitng network protocol iulnerabilites
Sofware atack surface
– Refers to iulnerabilites in applicaton, utlity, or
operatng system code
Human atack surface
– Refers to iulnerabilites created by personnel or
outsiders
– E.g. social engineering, insider traitors
Atacks
• An atack is the deliberate act that exploits
vulnerability
• It is accomplished by a threat-agent to damage or
steal an organizaton’s informaton or physical asset
– An exploit is a technique to compromise a system
– A iulnerability is an identfed weakness of a controlled
system whose controls are not present or are no longer
efectie
– An atack is then the use of an exploit to achieie the
compromise of a controlled system
Slide 25
Malicious Code
• This kind of atack includes the
executon of viruses, worms, Trojan
horses, and actve web scripts with
the intent to destroy or steal
informaton
• The state of the art in atacking
systems in 2002 is the multivector
worm using up to six atack vectors
to exploit a iariety of iulnerabilites
in commonly found informaton
system deiices
Slide 26
Slide 27
Atack Descriptons
• IP Scan and Atack – Compromised system scans
random or local range of IP addresses and targets any
of seieral iulnerabilites known to hackers or lef
oier from preiious exploits
• Web Browsing - If the infected system has write
access to any Web pages, it makes all Web content
fles infectous, so that users who browse to those
pages become infected
• Virus - Each infected machine infects certain
common executable or script fles on all computers
to which it can write with iirus code that can cause
infecton
Slide 28
Atack Descriptons
• Unprotected Shares - using fle shares to copy iiral
component to all reachable locatons
• Mass Mail - sending e-mail infectons to addresses found
in address book
• Simple Network Management Protocol - SNMP
iulnerabilites used to compromise and infect
• Hoaxes - A more deiious approach to atacking
computer systems is the transmission of a iirus hoax,
with a real iirus atached
Slide 29
Atack Descriptons
• Back Doors - Using a known or preiiously unknown and
newly discoiered access mechanism, an atacker can gain
access to a system or network resource
• Password Crack - Atemptng to reierse calculate a password
• Brute Force - The applicaton of computng and network
resources to try eiery possible combinaton of optons of a
password
• Dictonary - The dictonary password atack narrows the feld
by selectng specifc accounts to atack and uses a list of
commonly used passwords (the dictonaryy to guide guesses
Slide 30
Atack Descriptons
• Denialiofiservice (DoS) –
– atacker sends a large number of connecton or informaton
requests to a target
– so many requests are made that the target system cannot
handle them successfully along with other, legitmate requests
for seriice
– may result in a system crash, or merely an inability to perform
ordinary functons
• Distributed Denialiofiservice (DDoS) - an atack in which
a coordinated stream of requests is launched against a
target from many locatons at the same tme
Slide 31
Slide 32
Atack Descriptons
• Spoofng - technique used to gain unauthorized
access whereby the intruder sends messages to a
computer with an IP address indicatng that the
message is coming from a trusted host
• ManiinitheiMiddle - an atacker snifs packets from
the network, modifes them, and inserts them back
into the network
• Spam - unsolicited commercial e-mail - while many
consider spam a nuisance rather than an atack, it is
emerging as a iector for some atacks
Slide 33
Slide 34
Slide 35
Atack Descriptons
• Mailibombing - another form of e-mail atack that is
also a DoS, in which an atacker routes large quanttes
of e-mail to the target
• Snifers - a program and/or deiice that can monitor data
traieling oier a network. Snifers can be used both for
legitmate network management functons and for
stealing informaton from a network
• Social Engineering - within the context of informaton
security, the process of using social skills to coniince
people to reieal access credentals or other ialuable
informaton to the atacker
Slide 36
Atack Descriptons
• Bufer Overfow –
– applicaton error occurs when more data is sent to a bufer
than it can handle
– when the bufer oierfows, the atacker can make the target
system execute instructons, or the atacker can take adiantage
of some other unintended consequence of the failure
– Usually the atacker fll the oierfow bufer with executable
program code to eleiate the atacker’s permission to that of an
administrator.
Slide 37
Atack Descriptons
• Ping of Death Atacks ii
– A type of DoS atack
– Atacker creates an ICMP packet that is larger
than the maximum allowed 65,535 bytes.
– The large packet is fragmented into smaller
packets and reassembled at its destnaton.
– Destnaton user cannot handle the
reassembled oiersized papcket, thereby
causing the system to crash or freeze.
Slide 38
Atack Descriptons
• “People are the weakest link. You can haie
the best technology; frewalls, intrusion-
detecton systems, biometric deiices ... and
somebody can call an unsuspectng employee.
That's all she wrote, baby. They got
eierything.”
• “brick atack” – the best confgured frewall in
the world can’t stand up to a well placed brick
Slide 39
Atack Descriptons
• Timing Atack –
– relatiely new
– works by exploring the contents of a web browser’s cache
– can allow collecton of informaton on access to password-protected
sites
– another atack by the same name iniolies atemptng to intercept
cryptographic elements to determine keys and encrypton algorithms
Slide 40
Department of Information Technology
Phishing
Phishing