Lecture 01-introduction

Network Security
Dr. Nguyen Tuan Nam
ntnam@fit.hcmus.edu.vn

2
What to Be Covered
Nguyen Tuan Nam/NetSec/Win2010
Cryptography
Authentication
Standard
Electronic mail
Others

3
Assignment & Grading
Textbook
Network Security – Private Communication in a Public World, 2nd
edition, Charlie Kaufman, Radia Perlman, Mike Speciner, Prentice Hall
2 exams
Midterm
On the 5th week (4 weeks from today)
 25%
Final exam (or final project)
 45%
Term projects (20%)
Class participation (10%)
Students are responsible to attend classes and take notes (extra
credit)
Fun and creative

4
Terminology
Hacker
Not for the vandals that break into computer systems
Steal money, people’s time
Called intruder, bad guy and imposter (Trudy)
Instead, master programmers
Incorruptly honest
Not motivated by money
Careful not to harm anyone
Secret key cryptography (instead of
symmetric cryptography)
Public key cryptography (instead of
asymmetric cryptography)

5
Terminology
Privacy
Keeping communication from being seen by anyone
other than the intended recipients
Other books use confidentiality
Alice and Bob: Alice’s computer and Bob’s
computer
User Alice and user Bob: human

6
Why so many Terminology?
Speaker: Isn’t it terrifying that on the Internet
we have no privacy?
A: You mean confidentiality?
B: Why do security types insist on inventing
their own language?
C: It’s a denial-of-service attack

7
Notation
Symbol Description
⊕ Bitwise-exclusive-or
| Concatenation
K{message} Message encrypted with secret key K
{message}Bob Message encrypted with Bob’s public
key
[message]Bob Message signed with Bob’s private key

Primer on Networking
Dr. Nguyen Tuan Nam
ntnam@fit.hcmus.edu.vn

9
OSI Reference Model
Not the only way to construct a network
Designed by the ISO (International Standard
Organization)
Too big a task for single committee  subdivide the problem
among several committees  7 layers
Each layer
Uses the services of the layer below
Adds functionality
Provides services to the layer above
Note: real networks seldom neatly fit into the seven-
layer model

10
OSI Reference Model
Application
Presentation
Session
Transport
Network
Data link
Physical

12
Directory Service
Directory or Naming Service
Instead of one directory, it is structured as a
tree
of directory
Hierarchical name
Prevent the directory from getting unreasonable
large
Why is it important to security?

13
Replicated Services
Convenient to have 2 or more computers
performing the same function (due to
performance)
Overloaded
Distance
Availability
Why is it so important to security?

14
Packet Switching
In a network, message is generally broken into
smaller chunks
Each chunk (packet) is sent independently
Why?
Messages from various sources can be interleaved
on the same link
Error recovery is done on the chunk
Buffer management in the routers is simpler if
the size of packets has a reasonable upper limit

15
Network Component
Clients
Servers
Dumb terminal
Terminal server

16
Active vs. Passive Attacks
Passive attack where the intruder
 Eavesdrops but does NOT modify the
message stream in anyway
Active attack where the intruder
 May transmit messages
 Replay old messages
 Modify messages in transit
 Delete selected messages
 Ex: man-in-the-middle attack

17
Layers and Cryptography
Encryption and integrity protection are done
On the original message
Infrastructure does not need to know, just forward the message
Infrastructure and the one that keeps the crypto. protected message
need not be trusted
Any corruption or lost
On each chunk of the message
End-to-end
Hop-by-hop
Packet switches must be trusted (by definition, the packet switches
see the plaintext)

18
Authorization
Authentication proves who you are
Authorization defines what you are allowed to
do
Access control list (ACL)
Who is allow to do what with a resource
Capability model
For each user, what he/she is allowed to do

19
Tempest
Biggest concern: eavesdrop and modify/inject
messages
Magic of physics: movement of electrons can be measured
from a surprising distance away
Can eavesdrop without even needing to physically access the
link
Wireless, shared medium
US military Tempest program
 Measures how far away an intruder must be before
eavesdropping is impossble
That distance is known as the device’s control zone
Control zone is the region that must be physically guarded to
keep out intruders
ban kinh an toan. vao vung nay nghe
len duoc

20
Key Escrow for Careless Users
 Prudent to keep your key in a safe place
When misplace your own key  still scan retrieve a copy
of the key
A database of keys
Only be reconstructed with the cooperation of
several independent machines
Some applications don’t require recoverable key
Can be reset by third party (administrator)
User may want different keys for different uses
Only some of the keys are escrowed

21
Viruses, Worms, Trojan Horses
Trojan horse
Instructions hidden inside an otherwise useful program that
do bad thing
Usually used when the malicious instructions are installed at
the time the program is written
Viruses
A set of instructions that, when executed, inserts copies
of itself into other programs
Worms
A program that replicates itself by installing copies of
itself on other machines across a network

22
Viruses, Worms, Trojan Horses
 Trapdoor
An undocumented entry point intentionally written into a
program
For debugging purposes, which can be exploited as a security
flaw
Logic bomb
Malicious instructions that trigger on some event in the
future
Zombie
Malicious instructions installed on a system that can be
remotely triggered to carry out some attack
Large number of zombies

23
Where Do They Come From?
Trapdoor
May be intentionally installed to facilitate troubleshooting
The rest
Written by bad guys
Problem
 Halting problem
Impossible to tell what an arbitrary program will do
Nobody looks
No access to the source code
Even if you did have access to the code, won’t bother reading it at all

lL .S . e n a .b l e s C h i n e s e h a c k i n g o f G -
o o g l eB .y B .r u c e S c:h:ne:ie r S p e c i a l t o
C
J a n . = u y 2 3 , 2 0 1 0 .:5:2 0 p .m . E S T
S T O R Y l l l G H L I G H T S
GDCJL!!;le sa.y:. h a c k e r : . -::ron,_ C1:L-i=a.
g o t i n t o i t -s. G:tn.a..i l -s.yst e n 1
B ru--ce Sc:ho.e:i.er ·s;ay:. ha.ck:a:r :.
e x p l o i tee: :'.ea.t u.:re ! ;ru-t i n t o ::.yst e n 1
a t b e h e s t o c U .S . :gove :r n . m = n t
'"'i.o'h=n gove:r:n=J.21l. t :. e t acoe;s.c:. t o
p r i . v a t e co:t:n:I7Lu.:n.i e a .t:i01:L-s." th e y
i n v i t e .a.lrro.-s.e" h e sa.:y-;s;
• G o v t :.u:rvce:i.1 1 a nc e
:an<TJc:o:c.t :rol off" I n t e:r:o.cet a r e
flou.:r:i:.hin._gc, h s ·s;ay-s.
-
E d n o r "s n .o:Le.- B r u ce. S c h n e l ,e r · is a. securizy t e c h n o.logist ·a.n.d a:ui"ho:r o f
' B e:y o n c l F e a r.- T h i n k i ng S,ens i b. ). A b.ou.t S e c u r i ' IJV i.n a n Uncer:ta.i.n "R,..or:ld . '""
l ?e. a d 1'1<!0re. o f h i s 1-'Yitt.ng a t h t t p .- 1.'1l1.'w.schneie.r..co .n ,..
(C · il.1-) - - 'G o o g le m a d e h e adl.li.:ne s -.;, h e n lt '.<V e n it p u b l ic ;.;r l l i t h e fa c t l l iat
rC h i n es e h a ckretrs h a d p en""'ltlr.a ltred :s.o m re o f lts ,s,en.- o es= su c h .as G m a i l=i n .a
p o l it i c a l ly m o t i -alte d a He:m.p lt a li: i n t rel lig e n o e g a ltfu.<eri:ng _T h e n e".vs h ere s.:n'·lt
·ltfu.a lt C h i n e s e h a c k e rs e:n gag re i n ·ltbes e .ac lti.v ilties O:lf ·ltfu.a lt ·ltbei:lf .atttremp lts .a:lfre
"ltre c h n ic a l ly !S!O pfu.is ltic a ltred - - ". re k n re'i.<V tfu.a lt .abre a d y - - lt' s tfu.att ·itfu.""' U _S_
g o v re£:nme ntt inadl.v re r lte:nttly .a i d e d ·ltbre h a ck e:lfs _
In o r.d e.r ·Ito o o m p y "."'io>'ilth g o v re:lf:l!1.lme:n·lt se a£c h 'i.<V.a:lf:lf.a:nt s o n U !S!e:lf d a t a =G o o g l e
C:lfe at red a b a cl ud o o r a c c e s s .::y;:;;ltr e m i n ·lto 1G m .ail .ac o o u n t s _T h is fre a ltu:lfre s
"'""'"h at tt1hl.e 1C h i n e s e b a ckretrs e xp lo te d ·Ito g a i n .ac o es s _
•
.h

25
What Does a Virus Look Like?
Replace any instruction (at location x), by a
jump to some free space in memory (location y)
Write the virus program starting at location y
Place the instruction that was originally at
location x at the end of the virus program
Jump to x+1

26
Viruses
Do some damage
Might replicate itself by looking for any executable files
and infecting them
Once an infected program is run
The virus is executed again
Do more damage
Replicate itself to more programs
Usually spread silently until some triggering event
If damage to fast, wouldn’t spread as far

27
How Does a Digital Pest Appear on
Your Computer?
Running an infected program
Forum
Program: planted by employees or intruders
Email with attached program
Sometimes you don’t realize you are running
a program
 Postscript
 Autorun (CD-ROMs, USB flash drives)

28
What Is This?
 main(t,_,a ) char * a; { return! 0<t? t<3? main(-79,-13,a+ main(-87,1-_, main(-
86, 0, a+1 ) +a)): 1, t<_? main( t+1, _, a ) :3, main ( -94, -27+t, a ) &&t == 2
?_ <13 ? main ( 2, _+1, "%s %d %dn" ) :9:16: t<0? t<-72? main( _, t,
"@n'+,#'/*{}w+/w#cdnr/+,{}r/*de}+,/*{*+,/w{%+,/w#q#n+,/#{l,+,
/n{n+,/+#n+,/#;#q#n+,/+k#;*+,/'r :'d*'3,}{w+K w'K:'+}e#';dq#'l
q#'+d'K#!/+k#;q#'r}eKK#}w'r}eKK{nl]'/#;#q#n'){)#}w'){){nl]'/+#n';d
}rw' i;# ){nl]!/n{n#'; r{#w'r nc{nl]'/#{l,+'K {rw' iK{;[{nl]'/w#q#n'wk nw'
iwk{KK{nl]!/w{%'l##w#' i; :{nl]'/*{q#'ld;r'}{nlwb!/*de}'c ;;{nl'-
{}rw]'/+,}##'*}#nc,',#nw]'/+kd'+e}+;#'rdq#w! nr'/ ') }+}{rl#'{n' ')#
}'+}##(!!/") : t<-50? _==*a ? putchar(31[a]): main(-65,_,a+1) : main((*a ==
'/') + t, _, a + 1 ) : 0<t? main ( 2, 2 , "%s") :*a=='/'|| main(0, main(-
61,*a, "!ek;dc i@bK'(q)-[w]*%n+r3#l,{}:nuwloca-O;m
.vpbks,fxntdCeghiry")
,a+1);}

29
 [mm@noise]$ xmas On the first day of Christmas my true love gave to me a partridge
in a pear tree. On the second day of Christmas my true love gave to me two turtle
doves and a partridge in a pear tree. On the third day of Christmas my true love gave
to me three french hens, two turtle doves and a partridge in a pear tree. On the fourth
day of Christmas my true love gave to me four calling birds, three french hens, two
turtle doves and a partridge in a pear tree. On the fifth day of Christmas my true love
gave to me five gold rings; four calling birds, three french hens, two turtle doves and a
partridge in a pear tree. On the sixth day of Christmas my true love gave to me six
geese a-laying, five gold rings; four calling birds, three french hens, two turtle doves and
a partridge in a pear tree. On the seventh day of Christmas my true love gave to me
seven swans a-swimming, six geese a-laying, five gold rings; four calling birds, three
french hens, two turtle doves and a partridge in a pear tree. On the eigth day of
Christmas my true love gave to me eight maids a-milking, seven swans a-
swimming, six geese a-laying, five gold rings; four calling birds, three french hens, two
turtle doves and a partridge in a pear tree. On the ninth day of Christmas my true love
gave to me nine ladies dancing, eight maids a-milking, seven swans a-swimming, six
a partridge in a pear tree. On the tenth day of Christmas my true love gave to me ten
lords a-leaping, nine ladies dancing, eight maids a-milking, seven swans a-swimming, six
a partridge in a pear tree. On the eleventh day of Christmas my true love gave to me
eleven pipers piping, ten lords a-leaping, nine ladies dancing, eight maids a-
milking, seven swans a- swimming, six geese a-laying, five gold rings; four calling
birds, three french hens, two turtle doves and a partridge in a pear tree. On the twelfth
day of Christmas my true love gave to me twelve drummers drumming, eleven pipers
piping, ten lords a-leaping, nine ladies dancing, eight maids a-milking, seven swans a-
swimming, six geese a-laying, five gold rings; four calling birds, three french hens, two
turtle doves and a partridge in a pear tree.

30
Virus Checker
 A race between good and bad
 Patterns of command
 Knows the instruction sequence for lots of types of viruses
 Checks all the files on disk and instruction in memory for those patterns
 Raises a warning if it finds a match
 Needs to be updated periodically for new patterns file
 Hooks into the OS and inspects files before they are written to disk
 Polymorphic virus: each time it copies itself
 Changes the order of its instructions
 Changes to functionally similar instructions
 Encryption with a variable key
 Poly = many; morphic = form
 Heuristic virus checkers only require certain crucial piece parts of code to match  still enough patterns
left even in polymorphic code
 Constrains the mutation rate
 Any other approaches?
 Metamorphic virus
 Snapshot of disk storage
 Goat or bait files

31
Nonresident vs. Resident Viruses
 Nonresident viruses: can be thought of
 Finder module
 Replication module
 Resident viruses
 Replication module is loaded into the memory
 This module is executed each time the OS is called to perform a certain operation
 Fast infector
Infect as many files as possible
Pros and cons?
 Slow infector
Infect host infrequently
Does not seem very successful
 Stealth mode
 Anti-virus software can be misused if it cannot detect the virus in the memory
Given that there is no Infallible method to test a program for hidden
bad side effects  what can we do?

32
What Can We Do Today?
Don’t run software from suspicious sources
Frequently run virus checkers
Run programs in the most limited possible
environment
 Separate disks
Separate VMs
Watch out for warnings
Frequent backups
External devices

33
Mandatory (Nondiscretionary)
Access Control
Discretionary
Someone who owns a resource can make a decision as to who is allowed
to use (access) it
Philosophy: users and the programs they run are good guys
Nondiscretionary access controls
Enforce a policy where users might be allowed to use information
themselves
But might not be allowed to make a copy of it available to someone else
Even owners of the resources has to follow the policy
Philosophy:
Users are careless + programs they run can’t be trusted
System must prevent users from accidentally or intentionally giving info to
someone else
Confine information within a security perimeter

34
Levels of Security
Simplified description of the US DoD as an example
Security level
Unclassified < confidential < secret < top secret
A set of categories (compartments)
CRYPTO, INTEL, NUCLEAR
A clearance
(SECRET; {INTEL, NUCLEAR})
Given 2 security labels (X, S1) and (Y, S2)  (X, S1) is at least as
sensitive as (Y, S2) iff
X ≥ Y and S2 is a subset of S1
Example: (TOP_SECRET, {CRYPTO, COMSEC}) > (SECRET,
{CRYPTO})
TRAN
2013-09-09 01:43:30
--------------------------------------------
doc duoc thong tin do minh tao ra hoac
level thap hon.
doc dc thong tin cap cao hon dam bao
cap duoikhong doc duoc

35
Mandatory Access Control Rules
A human can only run a process that has a security
label below or equal to that of the human’s label
A human can only read information marked with a
security label below or equal to that of the process
A process can only write information marked with a
security label above or equal to that of the process
Will it be enough to protect sensitive data?

36
Covert Channel
Timing channel
Create some signal/behavior to represent 0 or 1 per unit of
time
Noise
Storage channel
The use of shared resources (memory, sound card)
No general way to prevent all the covert channels
Introduce enough noise to reduce the bandwidth of the
covert channel (assuming the secret data is large)

37
Legal Issues
Patents
Most cryptographic techniques are covered by
patents and historically this has slowed their
deployment
Export controls
The US government used to impose severe
restrictions on export of encryption
Why?

Lecture 01-introduction

Recommandé

Recommandé

Contenu connexe

Similaire à Lecture 01-introduction

Similaire à Lecture 01-introduction (20)

Dernier

Dernier (20)

Lecture 01-introduction