0% found this document useful (0 votes)
66 views23 pages

Security: Concept, Threats (User, Data), Measures

Security involves protecting systems, data, and users from threats. Key aspects of security include identifying vulnerabilities, threats from adversaries, and implementing appropriate countermeasures. Computer security aims for integrity, confidentiality, reliability, and authentication. Common attacks involve networks, web applications, operating systems, and social engineering. Organizations should employ multiple layers of security across physical, personal, operational, communications, and network domains.

Uploaded by

pariyal malik
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
66 views23 pages

Security: Concept, Threats (User, Data), Measures

Security involves protecting systems, data, and users from threats. Key aspects of security include identifying vulnerabilities, threats from adversaries, and implementing appropriate countermeasures. Computer security aims for integrity, confidentiality, reliability, and authentication. Common attacks involve networks, web applications, operating systems, and social engineering. Organizations should employ multiple layers of security across physical, personal, operational, communications, and network domains.

Uploaded by

pariyal malik
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
You are on page 1/ 23

Security

Concept, Threats (User, Data), Measures.

Lecture 7
What Is Security?
• “The quality or state of being secure--to be free
from danger”
• To be protected from adversaries
• A successful organization should have multiple
layers of security in place:
– Physical security
– Personal security
– Operations security
– Communications security
– Network security
Computer Security
• Computer and Network security was not at all
well known, even about 12 years ago
• Today, it is something everyone is aware of the
need, but not sure what is really means
• Interesting topic of threats, countermeasures,
risks, stories, events and paranoia
– With some mathematics, algorithms, designs and
software issues mixed in
– Yet, not enough people, even security specialists
understand the issues and implications
Security? What is that?
• Lock the doors and windows and you are secure
– NOT
• Call the police when you feel insecure
– Really?
• Computers are powerful, programmable machines
– Whoever programs them controls them (and not you)
• Networks are ubiquitous
– Carries genuine as well as malicious traffic
• End result: Complete computer security is
unattainable, it is a cat and mouse game
– Similar to crime vs. law enforcement
Goals of Computer Security
• Integrity:
– Guarantee that the data is what we expect
• Confidentiality
– The information must just be accessible to the
authorized people
• Reliability
– Computers should work without having unexpected
problems
• Authentication
– Guarantee that only authorized persons can access to
the resources
Security Basics
• What does it mean to be secure?
– “Include protection of information from theft or corruption, or the
preservation of availability, as defined in the security policy.” - The
Wikipedia
• Types of Security
– Network Security
– System and software security
– Physical Security
• Very little in computing is inherently secure, you must
protect yourself!
– Software cannot protect software (maybe hardware can)
– Networks can be protected better than software
Some Types of Attacks
• What are some common attacks?
– Network Attacks
• Packet sniffing, man-in-the-middle, DNS hacking
– Web attacks
• Phishing, SQL Injection, Cross Site Scripting Need to know:
Networking,
– OS, applications and software attacks Web
• Virus, Trojan, Worms, Rootkits, Buffer Overflow Programming,
Operating
– Social Engineering Systems,
• (NOT social networking) Programming
languages and
• Not all hackers are evil wrongdoers trying to steal compilers.
your info
– Ethical Hackers, Consultants, Penetration testers,
Researchers
Network Attacks
• Packet Sniffing
– Internet traffic consists of data “packets”, and these
can be “sniffed”
– Leads to other attacks such as
password sniffing, cookie
stealing session hijacking,
information stealing
• Man in the Middle
– Insert a router in the path between client and server,
and change the packets as they pass through
• DNS hijacking
Need to know:
– Insert malicious routes into DNS tables to send trafficNetworking
for genuine sites to malicious sites protocols,
routing, TCP-IP
Web Attacks
• Phishing
– An evil website pretends to be a trusted website
– Example:
• You type, by mistake, “mibank.com” instead of “mybank.com”
• mibank.com designs the site to look like mybank.com so the
user types in their info as usual
• BAD! Now an evil person has your info!
• SQL Injection
– Interesting Video showing an example
• Cross Site Scripting
– Writing a complex Javascript program that steals data left by
other sites that you have visited in same browsing session
Need to know:
Web
Programming,
Javascript,
SQL
Virus
• Definition
– Piece of code that automatically reproduces itself. It’s
attached to other programs or files, but requires user
intervention to propagate.
Infection
• Infection (targets/carriers)
– Executable files
– Boot sectors
– Documents (macros), scripts (web pages), etc. Propagation

• Propagation
is made by the user. The mechanisms are storage
elements, mails, downloaded files or shared folders
Payload
Need to know:
Computer
Architecture,
programming
Worm
Infection
• Definition
– Piece of code that automatically reproduces itself
Propagation
over the network. It doesn’t need the user
engine
intervention to propagate (autonomous).
• Infection Target
– Via buffer overflow, file sharing, configuration Selection
algorithm
errors and other vulnerabilities.
• Target selection algorithm Scanning
– Email addresses, DNS, IP, network neighborhood engine

• Payload
– Malicious programs
Payload
– Backdoor, DDoS agent, etc.
Backdoor, trojan, rootkits
• Goal
– The goal of backdoor, Trojan and rootkits is to take possession of a machine
subsequently through an infection made via a backdoor.

• Backdoor
– A backdoor is a program placed by a black-hacker that allows him to access
a system. A backdoor have many functionalities such as keyboard-sniffer,
display spying, etc.

• Trojan
– A Trojan is a software that seems useful or benign, but is actually hiding a
malicious functionality.

• Rootkits (the ultimate virus)


– Rootkits operate like backdoor and Trojan, but also modify existing programs
in the operating system. That allows a black-hacker to control the system
without being detected. A rootkit can be in user-mode or in kernel-mode.
Social Engineering

• Why is this social engineering?


– Manipulating a person or persons into divulging confidential information

• I am not dumb, so does this really apply to me?


– YES! Attackers are ALSO not dumb.
– Social Engineers are coming up with much better and much more
elaborate schemes to attack users.
– Even corporate executives can be tricked into revealing VERY secret info

• What can I do to protect myself?


– NEVER give out your password to ANYBODY.
– Any system administrator should have the ability to change your
password without having to know an old password
Need to know:
How to win friends (victims) and influence (scam)
people (not CS).
Password Attacks
• Password Guessing
– Ineffective except in targeted cases
• Dictionary Attacks
– Password are stored in computers as hashes, and these hashes
can sometimes get exposed
– Check all known words with the stored hashes
• Rainbow Tables
– Trade off storage and computation – uses a large number of pre-
computed hashes without having a dictionary
– Innovative algorithm, that can find passwords fast!
• e.g. 14 character alphanumeric passwords are found in about 4-10
minutes of computing using a 1GB rainbow table

Need to know:
Data structures, algorithms, cryptography
Combine 2 unrelated Mail + phone = m@!lf0n3
words
Abbreviate a phrase My favorite color is blue=
Mfciblue
Music lyric Happy birthday to you,
happy birthday to you,
happy birthday dear John,
happy birthday to you.

hb2uhb2uhbdJhb2u
Computer Security Issues
• Vulnerability is a point where a system is
susceptible to attack.
• A threat is a possible danger to the system.
The danger might be a person (a system cracker
or a spy), a thing (a faulty piece of equipment),
or an event (a fire or a flood) that might exploit a
vulnerability of the system.
• Countermeasures are techniques for protecting
your system
Vulnerabilities in Systems
• How do viruses, rootkits enter a system?
– Even without the user doing something “stupid”
• There are vulnerabilities in most software systems.
– Buffer Overflow is the most dangerous and common one
• How does it work?
– All programs run from memory.
– Some programs allow access to reserved memory locations
when given incorrect input.
– Hackers find out where to place incorrect input and take control.
– Easy to abuse by hackers, allows a hacker complete access to
all resources
Need to know:
Assembly and machine level programming
How can you achieve security?
• Many techniques exist for ensuring computer and
network security
– Cryptography
– Secure networks
– Antivirus software
– Firewalls
• In addition, users have to practice “safe computing”
– Not downloading from unsafe websites
– Not opening attachments
– Not trusting what you see on websites
– Avoiding Scams
Cryptography
• Simply – secret codes
• Encryption
– Converting data to unreadable codes to prevent anyone form
accessing this information
– Need a “key” to find the original data – keys take a few million-
trillion years to guess
• Public keys
– An ingenious system of proving you know your password without
disclosing your password. Also used for digital signatures
– Used heavily in SSL connections
• Hashing
Need to know:
– Creating fingerprints of documents Mathematics, number
theory, cryptographic
protocols
Cryptographic Protocols

Asymmetric encryption
Symmetric encryption

Public Key Infrastructure

Authentication
Why Care?
• Online banking, trading, purchasing may be insecure
– Credit card and identity theft
• Personal files could be corrupted
– All school work, music, videos, etc. may be lost
• Computer may become too slow to run
– If you aren't part of the solution you are part of the problem
• Pwn2Own contest - 2008
– Mac (Leopard) fell first via Safari, Vista took time but was
hacked via Flash Player, Ubuntu stood ground.
• Upon discovery, vulnerabilities can be used against
many computers connected to the internet.
Useful Links
National Cyber Security Alliance
http://www.staysafeonline.info/

National Institute of Standards and Technology:


http://csrc.nist.gov/sec-cert/
Recent News
High Profile Computer Compromise
High Profile Computer Compromise

A lot of Schools have great security resource pages, for example UC


Davis and the University of Iowa websites:
http://security.ucdavis.edu/security101.cfm
http://cio.uiowa.edu/itsecurity/
Thank You…
I very much appreciate your time and
interest.

You might also like