SC3010

Computer Security

Lecture 1: Introduction

Tianwei Zhang
Teaching Staff Members
Lecturers:
 Asst. Prof. Zhang Tianwei (1st half, course coordinator):
[email protected]
 Dr. Tay Kian Boon (2nd half): [email protected]

2
What is Computer Security
Allow intended use of computer systems

Prevent unwanted use that may cause harm

Why is there unwanted use of computer systems?

3
Attack Motivation – Financial Profit
Steal personal data and sell them to the black market

4
Attack Motivation – Financial Profit
Steal credit card information or bank accounts
 Malware targeting different devices: ATM, POS machine, website…

5
Attack Motivation – Financial Profit
Ransomware
 Inject into the computer, encrypt the data and request for ransom

WannaCry ransomware
6
Attack Motivation – Politics
Government actors
Private activism

7
Emerging Security Issues with New
Technologies and Situations
Zoom’s Security and Privacy Issues

8
Emerging Security Issues with New
Technologies and Situations
Covid-19 pandemic meets new security challenges

9
 Singapore Cyber Landscape 2022

10
https://www.csa.gov.sg/Tips-Resource/publications/2023/singapore-cyber-landscape-2022
 Singapore Cyber Landscape 2022

11
https://www.csa.gov.sg/Tips-Resource/publications/2023/singapore-cyber-landscape-2022
 Singapore Cyber Landscape 2022

12
https://www.csa.gov.sg/Tips-Resource/publications/2023/singapore-cyber-landscape-2022
 Singapore Cyber Landscape 2022

13
https://www.csa.gov.sg/Tips-Resource/publications/2023/singapore-cyber-landscape-2022
 Computer System Security
Provide a protected environment for data and their processing
Standalone computer
Standalone computer single user
single user multiprogram
monoprogram
Physical security
Physical security
Process protection

Standalone computer Networked computer

multiple user Physical security
Physical security Process protection
Process protection Data protection
Data protection User authentication
User authentication Communication
protection
14
Why is Security so Hard
“Security engineering is about
building systems to remain
dependable in the face of malice,
error, or mischance.”
-- Rose Anderson
15
“Security involves making sure
things work, not in the presence of
random faults, but in the face of an
intelligent and malicious adversary
trying to ensure that things fail in
the worst possible way at the worst
possible time … again and again.
It is truly programming Satan’s
computer.”
-- Bruce Schneier
System Security Failures
Secure information systems may be broken because:
 Cryptographic algorithms are broken
 Security features are not designed correctly
 Security features are not used correctly
 Security components are not implemented correctly
 Security components are not configured properly
 Security is not managed properly
 Threat environment may change and assumption invalid

16
Learning Outcome
Understand vulnerabilities associated with computer systems, and
how they can be mitigated.

Understand security mechanisms in modern computer systems, its

role and its importance.

Understand techniques for implementing security policies

17
Administrative Matters
Each week we have:
 A two-hour lecture (8:30 – 10:30am Tuesday, physical at LT19A)
 A one-hour tutorial (9:30 – 10:30am Monday, physical at LT1), starting from
week 3

Course materials will be made available through NTULearn

18
Assessment
2 Quizzes (40% each)
 Quiz 1: week 7
 Quiz 2: week 13
 Those who are validly absent must take make up quiz. Failure to do so will
get 0 marks.

19
Assessment
Project (20%)
 Groups of 4 students
 Each group does 2 case studies about real-world computer security
incidents.
 The project will be either submission of video presentation, or live
presentation (week 14), determined by the lecturer later
 All members must do the presentation & understand BOTH projects.
 We will do random group allocation. Allocation results will be released by
the end of August

20
Assessment
Project judge criterion
 Real-world computer security incidents, better to have significant impacts.
 The cases should be related to the content discussed in this course
 Technical depth: describe the technical details about the mechanism of the
incidents. It is recommended to perform code analysis for the vulnerabilities.
Having demos will be a plus.
 Clear presentation. Able to correctly answer the questions.

21
Schedule
Week Tutorial Lecture Instructor
1 Introduction
2 Software Security I
3 Software Security I Software Security II
4 Software Security II Software Security III Zhang Tianwei
5 Software Security III OS Security I
6 OS Security I OS Security II
7 OS Security II Quiz 1
8-12 Passwords & Authentication
Mobile security
Computer Security Case studies Tay Kian Boon
Introduction to Cryptography
13 Quiz 2

22
References
No required textbooks. If you want extra reading:
 D. Gollmann, Computer Security (3rd ed.), John Wiley & Sons, 2011.
 M. Bishop, Computer Security: Art and Science, Addison- Wesley, 2003.
 R. Anderson, Security Engineering, 2008.
 Erickson, Hacking: the art of exploitation, 2nd Edition, 2008.

23
Basics of Computer Security
 Trust and Trusted Computing Base

 Threat Model

 Security Properties

 Security Strategies

 Design Principles of Computer Security

24
Trust
The degree to which an entity is expected to behave:
 What the entity is expected to do: anti-malware can detect malicious
programs; system can prevent illegal account login, etc.
 What the entity is expected not to do: the website will not expose your
private data to third parties; an application will not inject virus into your
system.

Security cannot be established in a computer system if no entities

are trusted.

It is important to make clear what should be trusted. Otherwise,

the designed security solutions may fail in practice.

25
Trusted Computing Base (TCB)
A set of system components (e.g., software, OS, firmware, hardware) that
need to be trusted to ensure the security of the computer system

Components outside of the TCB can be malicious and misbehave.

When we design a security solution, we need to

 Assume all the components inside the TCB are secure with valid justifications.
 Prevent any damages from any components outside of the TCB.

Size of TCB
 A system with a smaller TCB is more trustworthy (we do not need to make
too many assumptions, which may be violated)
 Designing a secure system with a smaller TCB is more challenging (we
need to consider more malicious entities)
26
Threat Model
Describe the adversaries in consideration
 What is trusted and what is not trusted.
 For the untrusted entities, what resources, capabilities and knowledge they
have; what actions they can perform.
 What security properties the system aim to achieve.

An example: phishing email – a malicious email with malware as the

attachment
 What is trusted: hardware and OS
 What is not trusted: the email attachment.
 Adversarial capabilities: running malicious code in your computer.
 Security properties: protect the computer system such that the malware
cannot steal the sensitive data, or tamper with other processes.

27
Security Properties
The security goals that we aim to achieve for the system.

Common security properties (CIA model)

 Confidentiality (C): prevent unauthorized disclosure of information.
Sensitive information should not be leaked to unauthorized parties
 Integrity (I): prevent unauthorized modification of information. Critical
system state and code cannot be altered by malicious parties
 Availability (A): prevent unauthorized withholding of information or
resources. The resources should be always available for authorized users
Eavesdropping, Intercept packets,
Packet sniffing, Disrupt services
Modify and release
Illegal copying

28
Security Properties
Other properties
 Accountability: actions of an entity can be traced and identified
 Non-repudiation: unforgeable evidence that specific actions occur
 Authenticity: ensure the communicated entity is the correct entity.

29
Security Strategies
Prevention
 Take measures that prevent your system from being damaged

Detection
 Take measures so that you can detect when, how, and by whom your
system has been damaged.

Reaction
 Take measures so that you can recover your system or to recover from a
damage to your system.

30
Design Principles of Computer Security
Principle of least privilege
 An entity should be given the minimal permissions to complete its task.
 Give the privilege when needed, and revoke the privilege after use
 If granting unnecessary permissions, a malicious entity could abuse those
permissions to perform the attack.

Principle of separation of privilege

 Separation of duty: for multiple entities working together, it is better to
distribute privileges to different entities.
 A single malicious party cannot get all the privileges to perform the attack.

Defense in depth
 Multiple types of defenses should be layered together
 Increase the difficulty of attacking the entire system.

31