ECEG-6530

Computer (and Network) Security

Design Principles ,
Computer Viruses & Worms

1
Design Principles - Overview
 Eight principles underlying design and
implementation of security mechanisms
 Described in an article by Saltzer and
Schroeder (1975)
– Still generally applicable today!

2
Key point I
 Simplicity
– Make designs/mechanisms easy to understand
– Less chance of error
– Example: (potentially) faulty implementation of
sendmail
– Example: (potential) inconsistencies in security
policy

3
Key point II
 Restriction
– Minimize the “power” of an entity
• E.g., only allow access to information it needs
• E.g., only allow necessary communication; restrict
type of communication allowed
– Less chance of harm!

4
Design Principles
1. Principle of Least Privilege
2. Principle of Fail-Safe Defaults
3. Principle of Economy of Mechanism
4. Principle of Complete Mediation
5. Principle of Open Design
6. Principle of Separation of Privilege
7. Principle of Least Common Mechanism
8. Principle of Psychological Acceptability

5
Principle 1
 “Principle of least privilege”
– A subject should be given only the privileges it
needs to accomplish its task
– The function of a subject (not its identity)
should determine this
• I.e., if a subject needs certain privileges only to
complete a specific task, it should relinquish those
rights upon completion of the task

6
In practice…
 Systems are often not designed with the
necessary granularity
– E.g., “append” may not be distinct from “write”
– E.g., in UNIX, no access controls for root
• Anyone who can make backup files can also delete
files

7
Principle 2
 “Principle of Fail-Safe Defaults”
– Unless a subject is given explicit access to an
object, it should be denied access
– I.e., the default is no access
– E.g., a process reporting an error message
should not try to expand its rights in an attempt
to correct the error

8
Principle 3
 “Economy of Mechanism”
– Security mechanisms should be as simple as
possible…
– …but no simpler!

9
Consequences
 If design/implementation are simple, less
chance for error
 Software testing is also simpler
 Software interfaces especially suspect
– Typically make assumptions about the
input/output format of the other module
– E.g., finger protocol

10
Principle 4
 “Principle of Complete Mediation”
– All accesses to objects should be checked to
ensure they are allowed
– OS should mediate any request to read an
object --- even on the second such request by
the same subject!

11
Insecure examples…
– In UNIX, when a process tries to read a file, the
system checks access rights
– If allowed, it gives the process a file descriptor
– This file descriptor can be presented to the
kernel for access
– Note that if permissions are subsequently
disallowed, the process still has the valid file
descriptor!
• Insufficient mediation

12
Principle 5
 “Open Design”
– No “security through obscurity”
– Security of a system should not depend on the
secrecy of its implementation
• Of course, secret keys do not violate this principle!

13
Principle 6
 “Separation of Privilege”
– A system should not grant permission based on
a single condition
– E.g., require more than one sys admin to
implement a critical command

14
Principle 7
 “Principle of Least Common Mechanism”
– Minimize mechanisms depended upon by all
users
– Shared mechanisms are a potential information
path, and should not compromise security
– Any mechanism serving all users must satisfy
all users, a difficult task to achieve…

15
Principle 8
 “Psychological Acceptability”
– Security mechanisms should not make access to
the resource more difficult
– If mechanisms are too cumbersome, they will
not be used!
– Even if they are used, they may be used
incorrectly
– Password example…

16
Principles in Practice

17
Computer Viruses and Worms

18
Overview
 Types of infection
 Definitions
 Difference between virus and worm
 Origins
 Types of viruses
 Worms

19
Overview Cont…
 Melissa virus
 I love you virus
 Code red (worm)
 Symptoms of an infection
 Protection measures
 Conclusion

20
Types of Infection
 VIRUSES
 E-MAIL VIRUSES
 WORMS
 TROJAN HORSES

21
Viruses
A virus is a small piece of
software that piggybacks on
real programs.

2 main characteristics of
viruses
 It must execute itself.
 It must replicate itself.

22
Virus
Virus might attach itself to a program such
as spreadsheet. Each time the spreadsheet
program runs, the virus runs too and
replicate itself.

23
E-mail Viruses
 Moves around in e-mail messages
 Usually replicate itself by automatically
mailing itself to dozens of people in the
victim’s email address book.
 Example “MELISSA VIRUS”
 Example “I LOVE YOU VIRUS”

24
WORMS
 Small piece of software that uses computer
networks and security holes to replicate itself.
 Copy of the worm scans the network for another
machine that has a specific security hole.
 Copy itself to the new machine using the
security hole and start replicating.
 Example “CODE RED”

25
Trojan Horses
 A simple computer program
 It claim to be a game
 Erase your hard disk
 No way to replicate itself.

26
Difference between Virus and Worm
The difference between a worm and a virus is
that a virus does not have a propagation
vector. i.e., it will only effect one host and
does not propagate to other hosts. Worms
propagate and infect other computers.
Majority of threats are actually worms that
propagate to other hosts.

27
Why do people do it ?
 For some people creating viruses seems to
be thrill.
 Thrill of watching things blow up.

28
Viruses
 Viruses show us how vulnerable we are
 A properly engineered virus can have an
amazing effect on the Internet
 They show how sophisticated and
interconnected human beings have become.

29
Types of Viruses
– File infector virus
• Infect program files
– Boot sector virus
• Infect the system area of a disk
– Master boot record virus
• infect disks in the same manner as boot sector viruses. The
difference between these two virus types is where the viral code is
located.
– Multi-partite virus
• infect both boot records and program files
– Macro virus
• infect data files. Examples: Microsoft Office Word, Excel,
PowerPoint and Access files

30
Melissa Virus (March 1999)
Melissa virus spread in Microsoft Word documents
sent via e-mail.
How it works ?
 Created the virus as word document
 Uploaded to an internet newsgroup
 Anyone who download the document and opened
it would trigger the virus.
 Send friendly email messages to first 50 people in
person’s address book.
31
Melissa Virus
Melissa Virus was the fastest spreading virus
ever seen.
Forced a number of large companies to shut
down their e-mail systems.

32
I Love You Virus (May,2000)
 Contained a piece of code as an attachment.
 Double Click on the attachment triggered
the code.
 Sent copies of itself to everyone in the
victim’s address book
 Started corrupting files on the victim’s
machine.

33
Code Red (Worm)
 Code Red made huge headlines in 2001
 It slowed down internet traffic when it
began to replicate itself.
 Each copy of the worm scanned the internet
for Windows NT or Windows 2000 that
don’t have security patch installed.
 Each time it found an unsecured server, the
worm copied itself to that server.
34
Code Red Worm
Designed to do three things
 Replicate itself for the first 20 days of each
month.
 Replace web pages on infected servers with
a page that declares “Hacked by Chinese”
 Launch a concreted attack on the White
House Web server

35
Symptoms of Infection
 Programs take longer to load than normal.
 Computer’s hard drive constantly runs out
of free space.
 The floppy disk drive or hard drive runs
when you are not using it.
 New files keep appearing on the system and
you don’t know where it come frm.

36
Symptoms of Infection Cont..
 Strange sounds or beeping noises come
from the computer.
 Strange graphics are displayed on your
computer monitor.
 Unable to access the hard drive when
booting from the floppy drive.
 Program sizes keep changing.

37
Protection
 TO protect yourself you need to be
“Proactive” about Security issues. Being
reactive won’t solve anything; Specially at
crunch time and deadlines!! In matter of
fact it can make the problem much more
complex to solve, and the situation much
worse, resulting in a complete Nightmare!!
 Best Measures are the preventative ones.

38
Protection Measures
 You need to basically to do four steps to
keep your computer and your data secure:
1. Get the latest Anti-Virus Software.
2. Make sure you have the latest security
patches and hot fixes using Windows
Update.
3. Use a Host-Based Firewall.
4. BACKUP your Important Files.

39
Conclusion
Be aware of the new infections out there.
Take precaution measures.
Always backup your data.
Keep up-to-date on new Anti virus software.
Simply avoid programs from unknown
sources.

40