Computer and

Network Security

6/26/2019
Introduction and Overview

● What is computer/network security?

● Why is it important?
● Course philosophy and goals
● Course organization and information
● High-level overview of topics
● A broad perspective on “computer
security”
“Security”
● Most of computer science is concerned
with achieving desired behavior
● Security is concerned with preventing
undesired behavior

○ Different way of thinking!

○ An enemy/opponent/hacker/adversary who is
actively and maliciously trying to circumvent any

protective measures you put in place

One illustration of the difference

● Software testing determines whether a

given program implements a desired
functionality
○ Test I/O characteristics
○ Q/A
● How do you test whether a program does
not allow for undesired functionality?

○ Penetration testing helps, but only up to a

point
Security is interdisciplinary
● Draws on all areas of CS
○ Theory (especially cryptography)
○ Networking
○ Operating systems
○ Databases
○ AI/learning theory
○ Computer architecture/hardware
○ Programming languages/compilers
○ HCI, psychology
We are winning the security
battle
● Strong cryptography
● Firewalls, intrusion detection, virus
scanners
● Buffer overflow detection/prevention
● User education
Really??!

Security incidents
(reported)
Philosophy of this course
● We are not going to be able to cover
everything
○ We are not going to be able to even mention
everything
You will not be a security expert after this class
● Main goals(after this class, you should realize why it
○ A samplingwould be dangerous to think you are)
of many different aspects of security
○ The security “mindset”
You should have a better appreciation of
○ Become familiar with basic acronyms (RSA, SSL, PGP,
security
etc.), and “buzzwords” (phishing,
issues after this …)
class
○ Become an educated security consumer
○ Try to keep it interesting with real-world examples and
“hacking” projects
Textbook
● Recommended text:
○ “Network Security…” by Kaufman, Perlman, and Speciner (most recent
edition)
Class participation and readings

● Research papers and news articles will be

posted on the Google Classroom
○ Read these before class and come prepared
to discuss
● Material from these readings is fair game
for the exams, even if not covered in class

● Several readings already assigned

Syllabus
(tentative)
Syllabus

● Introduction…
○ Is security achievable…?
○ A broad perspective on security
● Cryptography
○ The basics
○ Cryptography is not the whole solution…
○ …but it is an important part of the solution
○ Along the way, we will see why cryptography
can’t solve all security problems
Syllabus

● System security
○ General principles
○ Security policies
○ Access control
○ OS security
○ “Trusted computing”
● Programming language security
○ Buffer overflows, input validation errors
○ Viruses/worms
Syllabus

● Network security
○ Identity, PKI
○ Authentication and key exchange protocols
○ Password and biometric authentication
○ Anonymity and pseudonymity

○ Privacy
○ Some real-world protocols (IPSec/SSL)
○ Attacks on network infrastructure (routing, DNS, DDos )
○ Wireless security
Syllabus

● Miscellaneous
○ Database security
○ Web security
○ Other topics (spam, …)
A High-Level Introduction
to Computer Security
A naïve view

● Computer security is about CIA:

○ Confidentiality, integrity, and availability

● These are important, but security is about

much more…
A naïve view

password
In reality…

● Where does security end?

password

forgot password?
One good attack
● Use public records to figure out
someone’s password
○ Or, e.g., their SSN, so can answer security
question…
● The problem is not (necessarily) that SSNs are
public
● The problem is that we “overload” SSNs, and use
them for more than they were intended
● Note: “the system” here is not just the
computer, nor is it just the network…
A naïve view

● Achieve “absolute” security

In reality…

● Absolute security is easy to achieve!

○ How…?

● Absolute security is impossible to achieve!

○ Why…?

● Good security is about risk management

Security as a trade-off

● The goal is not (usually) “to make the

system as secure as possible”…
● …but instead, “to make the system as
secure as possible within certain constraints” (cost,
usability, convenience)
● Must understand the existing constraints
○ E.g., passwords…
Cost-benefit analysis
● Important to evaluate what level of security
is necessary/appropriate
○ Cost of mounting a particular attack vs. value
of attack to an adversary
○ Cost of damages from an attack vs. cost of
defending against the attack
○ Likelihood of a particular attack

● Sometimes the best security is to make

sure you are not the easiest target for an
attacker…
“More” security not always better

● “No point in putting a higher post in the

ground when the enemy can go around it”
● Need to identify the weakest link
○ Security of a system is only as good as the
security at its weakest point…
● Security is not a “magic bullet”
● Security is a process, not a product
Computer Security is not just about
Security
● Detection, response, audit
○ How do you know when you are being attacked?
○ How quickly can you stop the attack?
○ Can you identify the attacker(s)?
○ Can you prevent the attack from recurring?
● Recovery
○ Can be much more important than prevention
● Economics, insurance, risk
management…
● Offensive techniques
● Security is a process, not a product…
 Computer Security is not
just about Computers
● What is “the system”?
● Physical security
● Social engineering
○ Bribes for passwords
○ Phishing
● “External” means of getting information
○ Legal records
○ Trash cans
● Security is a process, not a product…(!)
Security mindset

● Learn to think with a “security mindset” in

general
○ What is “the system”?
○ How could this system be attacked?
■ What is the weakest point of attack?
○ How could this system be defended?
■ What threats am I trying to address?
■ How effective will a given countermeasure be?
■ What is the trade-off between security, cost, and
usability?
ACTIVITY: Airline Security

● Ask: what is the cost (economic and

otherwise) of current airline security?
● Ask: do existing rules (e.g., banning liquids)
make sense?
● Ask: are the tradeoffs worth it?
○ (Why do we not apply the same rules to train
travel?)
○ (Would spending money elsewhere be more
effective?)
● Ask: how would you get on a plane if you were
on the no-fly list?
Summary
● “The system” is not just a computer or a
network
● Prevention is not the only goal
○ Cost-benefit analysis
○ Detection, response, recovery
● Nevertheless…in this course, we will focus
on computer security, and primarily on prevention
○ If you want to be a security expert, you need
to keep the rest in mind
Why is computer security
so hard?
● Computer networks are “systems of systems”
○ Your system may be secure, but then the surrounding
environment changes
● Too many things dependent on a small number of
systems
● Society is unwilling to trade off features for security
● Ease of attacks
○ Cheap
○ Distributed, automated
○ Anonymous
○ Insider threats
● Security not built in from the beginning
● Humans in the loop…
● Computers ubiquitous…
Computers are everywhere…
● …and can always be attacked
● Electronic banking, social networks, e-
voting
● iPods, iPhones, PDAs, RFID transponders

● Automobiles
● Appliances, TVs
● (Implantable) medical devices
● Cameras, picture frames(!)
○ See
http://www.securityfocus.com/news/11499
 “Trusting trust”
(or: how hard is security?)
“Trusting trust”
● Consider a compiler that embeds a
trapdoor into anything it compiles
● How to catch?
○ Read source code? (What if replaced?)
○ Re-compile compiler?
● What if the compiler embeds the trojan code whenever it
compiles a compiler?
○ (That’s nasty…)
“Trusting trust”
● Whom do you trust?
● Does one really need to be this
paranoid??
○ Probably not
○ Sometimes, yes
● Shows that security is complex…and
essentially impossible
● Comes back to risk/benefit trade-off
 Next
Meeting:
Cryptography