Computer Security Instructor: Dr. Bo Sun 1
17 Slides284.50 KB
Computer Security Instructor: Dr. Bo Sun 1
Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security – – – – – Basic security concept Cryptography Authentication Standards Network Security 2
Course Outline Basic Security Concepts: – Confidentiality, integrity, availability – others Cryptography – Secret Key Cryptography: DES, IDEA, AES, etc. – Public Key Cryptography: RSA, Diffi-Hellman, Digital signature, Elliptic Curve, etc. – Modes of Operation: ECB, CBC etc. – Hashes and Message Digests: MD5, SHA-1 etc. Authentication – Basic concepts of Authentication Systems – Password Authentication – Security handshake pitfalls 3
Course Outline cont’d Network and Distributed Systems – – – – – – Kerberos Public Key Infrastructure IPsec SSL/TLS Email security Firewall 4
Introduction 5
Security Attacks 6
Security Attacks 7
Classify Security Attacks as passive attacks - eavesdropping on, or monitoring of, transmissions to: – obtain message contents, or – monitor traffic flows active attacks – modification of data stream to: – – – – masquerade of one entity as some other: man-in-the-middle replay previous messages modify messages in transit denial of service 8
Information Security Concerns DDoS Worm Attacks (e.g. code red) Exploitation of software bugs (e.g. buffer overflow) Monitoring and capture of network traffic Masquerade of authorized users . http://www.cert.org/ 9
Contributing Factors Lack of awareness of threats and risks of information systems Wide-open network policies – Many Internet sites allow wide-open Internet access Vast majority of network traffic is unencrypted Lack of security in TCP/IP Complexity of security management and administration Exploitation of software bugs: e.g. Sendmail bugs Cracker skills keep improving 10
Security Objectives Confidentiality (Secrecy): Prevent/Detect/Deter improper disclosure of information Availability: Integrity: Prevent/Detect/Deter improper modification of information Prevent/Detect/Deter improper denial of access to services provided by the system 11
Security Mechanisms Layered Protection Intrusion Prevention (Encryption, Authentication, etc.): Not Enough Intrusion Detection Intrusion Tolerance Weakest Point Security Failure Access Control 12
Security Services Confidentiality: protection of any information from being exposed to unintended entities. – Information content – Parties involved – Where they are, how they communicate, how often, etc. Authentication: assurance that an entity of concern or the origin of a communication is authentic - it’s what it claims to be or from Integrity: assurance that the information has not been tampered with 13
Security Services Non-repudiation: offer of evidence that a party is indeed the sender or a receiver of certain information Access control: facilities to determine and enforce who is allowed access to what resources, hosts, software, network connections Security management: facilities for coordinating users’ service requirements and mechanism implementations throughout the enterprise network and across the internet – Trust model – Trust communication protocol – Trust management infrastructure 14
The Internet OSI of ISO Application Internet Stack Presentation Session Upper Layers Transport Transport Network Internet Data Link Data Link Physical Physical 15
Layered Store-and-forward User A User B Application Transport Network Link 16
Virus, Worms, and Trojan Horses Trojan horse: instructions hidden inside an otherwise useful program that do bad things Virus: a set of instructions that, when executed, inserts copies of itself into other programs. Worm: a program that replicates itself by installing copies of itself on other machines across a network. Trapdoor: an undocumented entry point, which can be exploited as a security flaw Zombie: malicious instructions installed on a system that can be remotely triggered to carry out some attack with les traceability because the attack comes from another victim. . 17