CHRIST APOSTOLIC

UNIVERSITY COLLEGE.
SCHOOL OF TECHNOLOGY
COMPUTER INFORMATION SECURITY
LEVEL 300
BY
MR ANDRENE ADDY
 INFORMATION SECURITY

The security problem in computing

The meaning of computer security The meaning of the term
computer security has evolved in recent years.
Before the problem of data security became widely publicized in the
media, most people’s idea of computer security focused on the physical
machine.
Traditionally, computer facilities have been physically protected for three
reasons:
• To prevent theft of or damage to the hardware
• To prevent theft of or damage to the information
• To prevent disruption of service
 INFORMATION SECURITY
Definition:
Computer security is security applied to computing devices such as computers
and smartphones, as well as computer networks such as private and public
networks, including the whole Internet.
The field covers all the processes and mechanisms by which digital
equipment, information and services are protected from unintended or
unauthorized access, change or destruction, and are of growing importance in
line with the increasing reliance on computer systems of most societies
worldwide.
It includes physical security to prevent theft of equipment, and information
security to protect the data on that equipment. It is sometimes referred to as
"cyber security" or "IT security", though these terms generally do not refer to
physical security (locks and such).
 INFORMATION SECURITY
Some important terms used in computer security are:
Vulnerability: Vulnerability is a weakness which allows an attacker to reduce a
system's information assurance.
Vulnerability is the intersection of three elements: a system susceptibility or
flaw, attacker access to the flaw, and attacker capability to exploit the flaw.
To exploit vulnerability, an attacker must have at least one applicable tool or
technique that can connect to a system weakness. In this frame, vulnerability is
also known as the attack surface.
Vulnerability management is the cyclical practice of identifying, classifying,
remediating, and mitigating vulnerabilities. This practice generally refers to
software vulnerabilities in computing systems.
 INFORMATION SECURITY
Backdoors A backdoor in a computer system, is a method of bypassing normal
authentication, securing remote access to a computer, obtaining access to
plaintext, and so on, while attempting to remain undetected The backdoor may
take the form of an installed program (e.g., Back Orifice), or could be a
modification to an existing program or hardware device. It may also fake
information about disk and memory usage
Denial-of-service attack Unlike other exploits, denials of service attacks are not
used to gain unauthorized access or control of a system. They are instead
designed to render it unusable.
 Attackers can deny service to individual victims, such as by deliberately
entering a wrong password enough consecutive times to cause the victim
account to be locked, or they may overload the capabilities of a machine or
network and block all users at once.
 INFORMATION SECURITY
 These types of attack are, in practice, very hard to prevent, because the behaviour of
whole networks needs to be analyzed, not only the behaviour of small pieces of code.
 Distributed denial of service (DDoS) attacks are common, where a large number of
compromised hosts (commonly referred to as "zombie computers", used as part of a
botnet with, for example; a worm, trojan horse, or backdoor exploit to control them)
are used to flood a target system with network requests, thus attempting to render it
unusable through resource exhaustion
Direct-access attacks An unauthorized user gaining physical access to a computer (or
part thereof) can perform many functions, install different types of devices to
compromise security, including operating system modifications, software worms, key
loggers, and covert listening devices.
.
 INFORMATION SECURITY
 The attacker can also easily download large quantities of data onto backup media, for
instance CD-R/DVD-R, tape; or portable devices such as key drives, digital cameras or
digital audio players. Another common technique is to boot an operating system
contained on a CD-ROM or other bootable media and read the data from the hard
drive(s) this way.
 The only way to defeat this is to encrypt the storage media and store the key separate
from the system. Direct-access attacks are the only type of threat to Standalone
computers (never connect to internet), in most cases.
Eavesdropping: Eavesdropping is the act of surreptitiously listening to a private
conversation, typically between hosts on a network. For instance, programs such as
Carnivore and NarusInsight have been used by the FBI and NSA to eavesdrop on the
systems of internet service providers.
 INFORMATION SECURITY
 Spoofing: Spoofing of user identity describes a situation in which one person or
program successfully masquerades as another by falsifying data and thereby gaining an
illegitimate advantage.
 Tampering: Tampering describes an intentional modification of products in a way that
would make them harmful to the consumer.
 Repudiation: Repudiation describes a situation where the authenticity of a signature is
being challenged.
 Information disclosure Information Disclosure (Privacy breach or Data leak)
describes a situation where information, thought as secure, is released in an untrusted
environment. Elevation of privilege Elevation of Privilege describes a situation where a
person or a program want to gain elevated privileges or access to resources that are
normally restricted to him/it.
 INFORMATION SECURITY
Elevation of privilege: Elevation of Privilege describes a situation where a person or a
program want to gain elevated privileges or access to resources that are normally
restricted to him/it.
Exploits: An exploit is a piece of software, a chunk of data, or sequence of commands
that takes advantage of a software "bug" or "glitch" in order to cause unintended or
unanticipated behavior to occur on computer software, hardware, or something
electronic (usually computerized).
 This frequently includes such things as gaining control of a computer system or
allowing privilege escalation or a denial of service attack. The term "exploit"
generally refers to small programs designed to take advantage of a software flaw that
has been discovered, either remote or local. The code from the exploit program is
frequently reused in Trojan horses and computer viruses.
 INFORMATION SECURITY

Indirect attacks: An indirect attack is an attack launched by a third-party

computer. By using someone else's computer to launch an attack, it
becomes far more difficult to track down the actual attacker.
There have also been cases where attackers took advantage of public
anonymizing systems, such as the tor onion router system. Computer
crime:
Computer crime: Refers to any crime that involves a computer and a
network.
 INFORMATION SECURITY
Top 10 Cyber Crime Prevention Tips
 1. Use Strong Passwords Use different user ID / password combinations for different
accounts and avoid writing them down. Make the passwords more complicated by combining
letters, numbers, special characters (minimum 10 characters in total) and change them on a
regular basis.
 2. Secure your computer
 Activate your firewall: Firewalls are the first line of cyber defense; they block connections to
unknown or bogus sites and will keep out some types of viruses and hackers. o
 Use anti-virus/malware software Prevent viruses from infecting your computer by installing and
regularly updating anti-virus software. o Block spyware attacks Prevent spyware from infiltrating
your computer by installing and updating anti-spyware software.
 Block spyware attacks Prevent spyware from infiltrating your computer by installing and
updating anti-spyware software.
 INFORMATION SECURITY
3. Be Social-Media Savvy Make sure your social networking profiles (e.g. Facebook,
Twitter, Youtube, MSN, etc.) are set to private. Check your security settings. Be
careful what information you post online. Once it is on the Internet, it is there forever!
 4. Secure your Mobile Devices: Be aware that your mobile device is vulnerable to
viruses and hackers. Download applications from trusted sources.
 5. Install the latest operating system updates Keep your applications and operating
system (e.g. Windows, Mac, Linux) current with the latest system updates. Turn on
automatic updates to prevent potential attacks on older software
 6. Protect your Data Use encryption for your most sensitive files such as tax
returns or financial records, make regular back-ups of all your important data,
and store it in another location.
 INFORMATION SECURITY
 7. Secure your wireless network Wi-Fi (wireless) networks at home are vulnerable
to intrusion if they are not properly secured. Review and modify default settings.
Public Wi-Fi, a.k.a. “Hot Spots”, are also vulnerable. Avoid conducting financial or
corporate transactions on these networks.
 8. Protect your e-identity Be cautious when giving out personal information such as
your name, address, phone number or financial information on the Internet. Make
sure that websites are secure (e.g. when making online purchases) or that you’ve
enabled privacy settings (e.g. when accessing/using social networking sites).
 9. Avoid being scammed Always think before you click on a link or file of unknown
origin. Don’t feel pressured by any emails. Check the source of the message. When in
doubt, verify the source. Never reply to emails that ask you to verify your information
or confirm your user ID or password.
 INFORMATION SECURITY
10. Call the right person for help Don’t panic! If you are a victim, if you encounter
illegal Internet content (e.g. child exploitation) or if you suspect a computer crime,
identity theft or a commercial scam, report this to your local police. If you need help
with maintenance or software installation on your computer, consult with your
service provider or a certified computer technician
 INFORMATION SECURITY
Principle security
There are five principles of security. They are as follows:
 Confidentiality: The principle of confidentiality specifies that only the sender
and the intended recipient should be able to access the content of the message.

 Integrity: The confidential information sent by A to B which is accessed by C

without the permission or knowledge of A and B
 INFORMATION SECURITY
 Authentication: Authentication mechanism helps in establishing proof of
identification.  Non-repudiation:
 Access control: Access control specifies and control who can access what.
 Availability: It means that assets are accessible to authorized parties at
appropriate times.
 Attacks We want our security system to make sure that no data are disclosed to
unauthorized parties.
 Data should not be modified in illegitimate ways
 Legitimate user can access the data
 INFORMATION SECURITY
Types of attacks: Attacks are grouped into two types:
 Passive attacks: does not involve any modification to the contents of an
original message

 Active attacks: the contents of the original message are modified in some
ways.
 INFORMATION SECURITY
ELEMENTARY CRYPTOGRAPHY: SUBSTITUTION CIPHER
 Encryption is the process of encoding a message so that its meaning is not
obvious;
 Decryption is the reverse process, transforming an encrypted message back
into its normal, original form.
 Alternatively, the terms encode and decode or encipher and decipher are used
instead of encrypt and decrypt.
 That is, we say that we encode, encrypt, or encipher the original message to
hide its meaning.
 Then, we decode, decrypt, or decipher it to reveal the original message. A
system for encryption and decryption is called a cryptosystem.
 INFORMATION SECURITY
The original form of a message is known as plaintext, and the encrypted
form is called cipher text. For convenience, we denote a plaintext
message P as a sequence of individual characters P =<p1,p2 ……pm> .
Similarly, cipher text is written as C = <c1,c2, ……….cm>
 INFORMATION SECURITY
 For instance, the plaintext message "I want cookies" can be denoted as the message
string . . It can be transformed into cipher text C =<c1,c2 ……c14>, and
the encryption algorithm tells us how the transformation is done.
 We use this formal notation to describe the transformations between plaintext
and cipher text. For example: we write C = E (P) and P = D(C), where C
represents the cipher text, E is the encryption rule, P is the plaintext, and D is
the decryption rule.
P = D (E(P))
 INFORMATION SECURITY
 In other words, we want to be able to convert the message to protect it from an
intruder, but we also want to be able to get the original message back so that the
receiver can read it properly.
 The cryptosystem involves a set of rules for how to encrypt the plaintext and how to
decrypt the cipher text.
 The encryption and decryption rules, called algorithms, often use a device called a
key, denoted by K, so that the resulting cipher text depends on the original plaintext
message, the algorithm, and the key value.
 We write this dependence as C =E (K, P). Essentially, E is a set of encryption
algorithms, and the key K selects one specific algorithm from the set.
 INFORMATION SECURITY
 There are many types of encryption. In the next sections we look at two simple forms
of encryption: substitutions in which one letter is exchanged for another and
transpositions, in which the order of the letters is rearranged.
 Cryptanalyst: cryptanalyst is a person who studies encryption and encrypted
message and tries to find the hidden meanings (to break an encryption).
 Confusion: it is a technique for ensuring that ciphertext has no clue about the original
message.
 Diffusion: it increases the redundancy of the plaintext by spreading it across rows
and columns.
 INFORMATION SECURITY
Substitutions Cipher: It basically consists of substituting every plaintext character for a
different cipher text character. It is of two types
I. Mono alphabetic substitution cipher
II. II. Poly alphabetic substitution cipher
Mono alphabetic substitution cipher: Relationship between cipher text symbol and plain text
symbol is 1:1.
1. Additive cipher: Key value is added to plain text and numeric value of key ranges from 0 –
25.
Example: Plain text(P)- H E L LO (H=7,E=4,L=11,L=11,O=14) Key
(K)=15
Cipher text (C)= 7+15,4+15,11+15,11+15,14+15
= 22,19, 26,26,(29%26)=3
= W T A AD
 INFORMATION SECURITY
2. Affine cipher:
 INFORMATION SECURITY
Polyalphabetic substitution cipher In polyalphabetic cipher each occurrence of a
character may have different substitution. The relationship between characters in
plain text and cipher text is 1 to many.
 Auto key cipher
 Playfair cipher
 Vigegeire cipher
 Hill cipher
Auto key cipher:
 In this cipher, key is stream of subkeys in which subkey is used to encrypt the
corresponding character in the plain text.
 Here 1st subkey is predefined and 2nd subkey is the value of the 1 st character of
the plain text 3rd subkey is the value of the 2nd plain text and so on.
 INFORMATION SECURITY
Auto key cipher
PASSWORDS AUTHENTICATION
There are three main concerns with the use of passwords for authentication:
 Will the user disclose the password to another person intentionally,
accidentally, or because they were deceived?
 Will the user be able to regularly enter the password correctly?
Will users be able to remember their passwords or will they have to record
them somewhere or choose easily guessed passwords?
When an attacker obtains a password directly from its user by deceit the attack
is known as social engineering.
 PASSWORDS AUTHENTICATION
Attacks on passwords can be broadly classified as:
 A targeted attack on one account: The attacker tries to obtain a particular user’s
password. Attempt to penetrate any account on a system: The attacker tries to steal any
password for the system, for example, by a dictionary attack. • Attempt to penetrate any
account on any system: This is when an attacker is seeking access to any system within a
given domain.
 Service denial attack: An attacker may want to prevent a specific user from using the
system.
 Access control lists are used to simplify access rights management by storing the access
control matrix a column at a time along with the resource to which the column refers.
 ACLs are widely used in environments where the users manage the security of their own
files such as UNIX systems
 ACCESS CONTROL LISTS

Their advantages are:

 Easy to understand
 Easily answer the question "who has what kind of access to this resource"
 Work well in distributed systems; Rights stored together with resources

Their main disadvantage is:

May be inefficient. Determining rights may require searching a long list
 ASSIGNMENT 1 (10 marks)
Suppose the following groups are defined to shorten a system’s access control lists:
– Group1: Alice, Bob, Cynthia, David, Eve
– Group2: Alice, Bob, Cynthia
– Group3: Bob, Cynthia
Suppose the access control list for File 1 is:
– File 1: Group 1, R; Group 2, RW
If Alice wants to write to File 1 giving your reasoning state whether Alice will be allowed to do so if:
The first relevant entry policy is applied
ii) The any permission in list policy is applied
Suppose the access control list for
File 2 is: – File 2: Group 3, RWE
Show how the need for a Group 3 for File 2 can be removed using access none.
 THE PRINCIPLE OF LEAST PRIVILEGE
The principle of least privilege requires that a user be given no more
privilege than necessary to perform a job.
Ensuring least privilege requires identifying what the user's job is,
determining the minimum set of privileges required to perform that job,
and restricting the user to a domain with those privileges and nothing
more.
By denying to subjects transactions that are not necessary for the
performance of their duties, those denied privileges cannot be used to
circumvent the organizational security policy.
 HOW CAPABILITY LISTS ARE USED TO
REPRESENT ACCESS CONTROL MATRICES
Capability lists register per principal what rights the principal has to the listed
resources.
The main problem with capability lists is that changing the status of a resource
which can be difficult because it can be hard to find out which users have
permission to access the resource.
For example, changing a program’s status so that no user may execute it can be
difficult because it can be hard to find out which users have permission to
execute the program.
 This equally applies to changing a files status and can be a problem when
investigating an incident or preparing evidence of a crime.
 HOW CAPABILITY LISTS ARE NOW
COMMONLY IMPLEMENTED IN THE FORM
OF ATTRIBUTE CERTIFICATES
Attribute certificates are closely related to public key certificates. Attribute
certification in essence is a way of extending authentication-oriented use of
Public Key Infrastructure (PKI) to support tasks related to authorization.
Attribute Certificates provide a solution to certify binding of attributes to a
given subject.
Difference between attribute certificates and Public key certificates
 An attributes certificates is a structure similar to public key certificates, with the difference that the attributes
certificates does not contain a key. An attributes can contain attributes that specify group membership, roles,
security clearances or other authorization information associated with the certificate holder.
 Public key certificates consists of a public key PLUS a user ID of the key owner, and this whole block is
signed by a trusted third party.
 GOALS AND IDEAL PASSWORD
AUTHENTICATION SCHEME
An ideal password authentication scheme should achieve the following goals:
1 The passwords or verification tables are not stored in the system.
2 The passwords can be chosen and changed freely by the users.
3 The passwords cannot be revealed by the administrator of the server.
4 The passwords are not transmitted in plain text over the network.
5 The length of a password must be appropriate for memorization.
6 The scheme must be efficient and practical.
7 Any unauthorized login can be quickly detected when a user inputs a wrong password.
8 A session key is established during the password authentication process to provide confidentiality of
communication.
9 The ID should be dynamically changed for each login session to avoid partial information leakage about the
user’s login message.
10 The proposed scheme is still secure even if the secret key of the authentication server is leaked out or
stolen.
TYPES OF IDENTITY AUTHENTICATION TASKS
In general, there are three types of identity authentication tasks which are:

Identity authentication for something known, such as a password;

 Identity authentication for something possessed, such as a smart card;

 Identity authentication for some personal characteristics, such as

fingerprints
 LOGIC AUTHENTICATION ROLE
The logic of authentication formally describes the operation of an
authentication protocol.
 It does this by formally describing the knowledge and the beliefs of the
legitimate parties involved in authentication, and while analyzing the
authentication protocol step by step, describes how their knowledge and
beliefs change at each step.
After the analysis, all the final states of the protocol are set out
 MAN-IN-THE-MIDDLE ATTACK ON A WI-FI
NETWORK
What is man-in-the-middle attack
 An attack where the adversary positions himself in between the user and the
system so that he can intercept and alter data travelling between them.

A man-in-the-middle attack on a Wi-Fi network can be defeated by requiring

mutual authentication between the corporate user and the access point and
providing protection against replay attacks. The security methods for Wi-Fi
called Wireless Protected Access (WPA) and Robust Security Network
 THE SCOPE OF KEY MANAGEMENT
Key management includes all aspects of the keying relationships:

 User initialisation Generation and distribution of keying material

 Controlling key material use

 Backing up Archiving and updating keying material

 ASSIGNMENT (2) (10 marks)
Shannon proposed two measures of security: unicity distance and cover
time. Explain how each of these concepts seeks to provide an indication of
the security of a cipher system and outline the theoretical concept which
has now superseded the notion of cover time
 PROGRAM SECURITY
SECURE PROGRAM
 Consider what we mean when we say that a program is "secure." We know that
security implies some degree of trust that the program enforces expected
confidentiality, integrity, and availability
 That is, to understand program security, we can examine programs to see whether
they behave as their designers intended or users expected. We call such unexpected
behavior a program security flaw. it is inappropriate program behaviour
caused by a program vulnerability.
 Program security flaws can derive from any kind of software fault.
 The flaws can result from problems in a single code component or from the failure
of several programs or program pieces to interact compatibly through a shared
interface.
 PROGRAM SECURITY
The security flaws can reflect code that was intentionally designed or
coded to be malicious or code that was simply developed in a sloppy or
misguided way.
Thus, it makes sense to divide program flaws into two separate logical
categories: inadvertent human errors versus malicious,
intentionally induced flaws
Types of Flaws
Landwehr et al. present a taxonomy of program flaws, dividing them first
into intentional and inadvertent flaws. They further divide intentional
flaws into malicious and non malicious one
 PROGRAM SECURITY
In the taxonomy, the inadvertent flaws fall into six categories:
 validation error (incomplete or inconsistent): permission checks
 domain error: controlled access to data
 serialization and aliasing: program flow order
 inadequate identification and authentication: basis for authorization
 boundary condition violation: failure on first or last case
 other exploitable logic error
 PROGRAM SECURITY
NON MALICIOUS PROGRAM ERRORS
 Being human, programmers and other developers make many mistakes, most of
which are unintentional and non malicious. Many such errors cause program
malfunctions but do not lead to more serious security vulnerabilities.
 We are going to consider three classic error types that have enabled many
recent security breaches. We explain each type, why it is relevant to security, and
how it can be prevented or mitigated.
Buffer Overflows
 A buffer overflow is the computing equivalent of trying to pour two liters of
water into a one liter pitcher: Some water is going to spill out and make a mess.
And in computing, what a mess these errors have made!
 PROGRAM SECURITY
Definition
 A buffer (or array or string) is a space in which data can be held. A buffer resides in
memory. Because memory is finite, a buffer's capacity is finite.
 For this reason, in many programming languages the programmer must declare
the buffer's maximum size so that the compiler can set aside that amount of space.
 Let us look at an example to see how buffer overflows can happen. Suppose a C
language program contains the declaration:
char sample[10];
 The compiler sets aside 10 bytes to store this buffer, one byte for each of the ten
elements of the array, sample[0] through sample[9]. Now we execute the statement:
sample[10] = 'A';
 PROGRAM SECURITY
 The subscript is out of bounds (that is, it does not fall between 0 and 9), so we
have a problem.
 The nicest outcome (from a security perspective) is for the compiler to detect
the problem and mark the error during compilation.
VIRUS AND OTHER MALICIOUS CODE
 Programs are seldom security threats. The programs operate on data, taking
action only when data and state changes trigger it.
 Much of the work done by a program is invisible to users, so they are not likely to
be aware of any malicious activity.
 PROGRAM SECURITY
Why Worry About Malicious Code?
 None of us likes the unexpected, especially in our programs.
 Malicious code behaves in unexpected ways,
 We think of the malicious code as lurking inside our system.
Malicious Code Can Do Much (Harm)
 Malicious code can do anything any other program can, such as writing a
message on a computer screen, stopping a running program, generating a
sound, or erasing a stored file.
 Or malicious code can do nothing at all right now; it can be planted to lie
dormant, undetected, until some event triggers the code to act.
 PROGRAM SECURITY
 The trigger can be a time or date, an interval (for example, after 30 minutes), an event
(for example, when a particular program is executed), a condition (for example, when
communication occurs on a modem), a count (for example, the fifth time something
happens),
 Some combination of these, or a random situation. In fact, malicious code can do
different things each time, or nothing most of the time with something dramatic on
occasion.
 Malicious code runs under the user's authority. Thus, malicious code can touch
everything the user can touch, and in the same ways.
 Users typically have complete control over their own program code and data files; they can
read, write, modify, append, and even delete them.
 And well they should. But malicious code can do the same, without the user's permission
or even knowledge.
 PROGRAM SECURITY
Kinds of Malicious Code
 PROGRAM SECURITY
TARGETED MALICIOUS PROGRAM
 Another class of malicious code is written for a particular system, for a
particular application, and for a particular purpose.
Trapdoors
 A trapdoor is an undocumented entry point to a module. The trapdoor is
inserted during code development, perhaps to test the module, to provide
"hooks" by which to connect future modifications or enhancements or to allow
access if the module should fail in the future.
 In addition to these legitimate uses, trapdoors can allow a programmer access to
a program once it is placed in production.
 PROGRAM SECURITY
Salami Attack
 This approach gets its name from the way odd bits of meat and fat are fused together in
a sausage or salami.
 In the same way, a salami attack merges bits of seemingly inconsequential data to
yield powerful results.
 For example, programs often disregard small amounts of money in their
computations, as when there are fractional pennies as interest or tax is calculated.
 Such programs may be subject to a salami attack, because the small amounts are
shaved from each computation and accumulated elsewhere such as the programmer's
bank account!
 The shaved amount is so small that an individual case is unlikely to be noticed, and the
accumulation can be done so that the books still balance overall.
 PROGRAM SECURITY
Covert Channels: Programs That Leak Information
 Programs that communicate information to people who should not receive it.
The communication travels unnoticed, accompanying other, perfectly proper,
communications.
 The general name for these extraordinary paths of communication is covert
channels.
Timing Channels.
 Timing channels, pass information by using the speed at which things happen.
Actually, timing channels are shared resource channels in which the shared
resource is time.
THANK YOU