CP5603 Lecture 11 2011-09-27 Revision
-
Upload
nguyen-huu-tuan -
Category
Documents
-
view
219 -
download
0
Transcript of CP5603 Lecture 11 2011-09-27 Revision
-
8/4/2019 CP5603 Lecture 11 2011-09-27 Revision
1/70
CP5603E-Security
Lecture 11Revision
Tuesday 27 September 2011
-
8/4/2019 CP5603 Lecture 11 2011-09-27 Revision
2/70
Last lecture is only revision, will be quick.
Final exam! Check the exam timetable.
Final Exam
-
8/4/2019 CP5603 Lecture 11 2011-09-27 Revision
3/70
Internet History
1957: Russia launches Sputnik.
U.S. Government creates the Defense
Advanced Research Projects Agency (DARPA).
1967: starts to develop a datanetwork that can survive a
nuclear war.
A mesh of connections
so that as bases get nuked, network traffic
can travel around the damage.
-
8/4/2019 CP5603 Lecture 11 2011-09-27 Revision
4/70
Key Security Concepts
The CIA Triad
If its secret, you cant get to it or change it.
If you can get to it or change it, its not secret.
-
8/4/2019 CP5603 Lecture 11 2011-09-27 Revision
5/70
5
Balancing Security and Access
-
8/4/2019 CP5603 Lecture 11 2011-09-27 Revision
6/70
5 Most Common Passwords
0
0.05
0.1
0.15
0.2
0.25
% of all accounts
-
8/4/2019 CP5603 Lecture 11 2011-09-27 Revision
7/70
Passwords Are Encrypted
Encryption: the original password getsmessed up, so nobody can read it.
This happens when a password is saved to
disk or sent over a network.
-
8/4/2019 CP5603 Lecture 11 2011-09-27 Revision
8/70
Sniffing Encrypted Passwords
Internet Bank User Internet Bank Web Site
Intruder
Encrypted Password Encrypted Password
-
8/4/2019 CP5603 Lecture 11 2011-09-27 Revision
9/70
What Is IP Spoofing?
To spoof = to pretend to be someone else.
IP spoofing you pretend to be another computer,
take over their IP number.
Pretend to be 2 other computers.
All traffic between the two
computers can be routed
through your computer.
Example: firewall and the email
server so you can read emails.
-
8/4/2019 CP5603 Lecture 11 2011-09-27 Revision
10/70
Source: www.ethereal.com
-
8/4/2019 CP5603 Lecture 11 2011-09-27 Revision
11/70
Dictionary-Based Password Crackers
No way to turn an encrypted password backinto the password.
But you can encrypt any word
encrypted word = encrypted password? Encrypt every word in the dictionary!
There is free software to do this.
Then compare encrypted password to encrypted
dictionary word.
If you find a match, you are in!
-
8/4/2019 CP5603 Lecture 11 2011-09-27 Revision
12/70
Dictionary-Based Password Crackers
Encrypted password: A5Ibo25Gj
Encrypt every word in the dictionary!
Aardman Y5iR4Bz2
Aardvark 8Ip5TyUkl
Abba tL519vh59
Abcama Q0h2nv8s
Petunia
A5Ibo25Gj Yes!
-
8/4/2019 CP5603 Lecture 11 2011-09-27 Revision
13/70
Dictionary-Based Password Crackers
Word lists can be from:A dictionary.
List of names of people and places.
All the words on the victims hard drive. Software will also:
Add numbers to the front and
back of each word.
Do upper / lower case.
petunia, petunia1, 1petunia, Petunia,
Petunia1, 1Petunia, etc.
-
8/4/2019 CP5603 Lecture 11 2011-09-27 Revision
14/70
FBI Dictionary-Based Cracker
The FBI has a program for findingpasswords:
Uses all the words on the victims criminals
hard drive. Has a 50% success rate.
Runs as a screensaver, so all the idle office
PCs are running it. So dont use a password that is
similar to any word in in any
file or email.
-
8/4/2019 CP5603 Lecture 11 2011-09-27 Revision
15/70
Threats and Attacks
-
8/4/2019 CP5603 Lecture 11 2011-09-27 Revision
16/7016
Threats Threat: an object, person, or other entity
that represents a constant danger to anasset
Management must be informed of the
different threats facing the organization
The 2006 CSI/FBI survey found:
72 percent of organizations reported cyber
security breaches within the last 12 months
52 percent of respondents identified
unauthorized computer use
-
8/4/2019 CP5603 Lecture 11 2011-09-27 Revision
17/7017
Threats to Information Security
-
8/4/2019 CP5603 Lecture 11 2011-09-27 Revision
18/7018
Figure 2-1 Acts of Human Error or Failure
-
8/4/2019 CP5603 Lecture 11 2011-09-27 Revision
19/7019
New York City with no electricity
-
8/4/2019 CP5603 Lecture 11 2011-09-27 Revision
20/7020
Attacks
Act or action that exploits a vulnerability(i.e., a weakness) in a controlled system
Accomplished by a threat agent thatdamages or steals the organizationsinformation
-
8/4/2019 CP5603 Lecture 11 2011-09-27 Revision
21/70
Types of AttacksWe can distinguish 2 types of attacks:
Active attack: attempts to alter systemresources or affect their operation
Passive attack: attempts to learn or
make use of information from thesystem, but does not change a system
Can also classify attacks by their origin:
Inside attack: Initiated by an entityinside the organization (an "insider).
Outside attack: Initiated from outside
the organization (an outsider).
-
8/4/2019 CP5603 Lecture 11 2011-09-27 Revision
22/70
A Passive Attack: the USS Jimmy Carter
-
8/4/2019 CP5603 Lecture 11 2011-09-27 Revision
23/70
USS Jimmy Carter
A submarine with a gap in the pressure hull.
Lets it land on top of an undersea cable
and pull the cable inside, to attach a listening
device to the cable.
http://news.zdnet.com/2100-9595_22-529826.html
How legal is this?
Should you go to jail for
copying DVDs?
-
8/4/2019 CP5603 Lecture 11 2011-09-27 Revision
24/70
24
-
8/4/2019 CP5603 Lecture 11 2011-09-27 Revision
25/70
25
Figure 2-9 - Denial-of-Service Attacks
-
8/4/2019 CP5603 Lecture 11 2011-09-27 Revision
26/70
26
-
8/4/2019 CP5603 Lecture 11 2011-09-27 Revision
27/70
27
Figure 2-11 - Man-in-the-Middle
-
8/4/2019 CP5603 Lecture 11 2011-09-27 Revision
28/70
Laws, Ethics, Policies
-
8/4/2019 CP5603 Lecture 11 2011-09-27 Revision
29/70
29
The Differences Between Laws and Ethics
1. Laws: rules that mandate or prohibitcertain actions or behaviours.
Enforced by violence!
Even if you didnt know the law.
2. Ethics: define socially acceptablebehavior.
Not really enforced.
Except by social pressure.
You might not be invited to the best dinners.
-
8/4/2019 CP5603 Lecture 11 2011-09-27 Revision
30/70
30
The Differences Between Policy and Law
Another difference:
Law if you didnt know the law,you still go to prison.
Policy if you didnt know thepolicy, its okay.
-
8/4/2019 CP5603 Lecture 11 2011-09-27 Revision
31/70
31
The Differences Between Policy and Law
Do you think itsokay to go to jailfor breaking a law
you didnt know?
Every week,
50 pages ofnew laws arecreated inAustralia.
-
8/4/2019 CP5603 Lecture 11 2011-09-27 Revision
32/70
32
Digital Millennium Copyright Act (DMCA)
A law from the U.S. Federal government.
Supposed to reduce piracy and copyright
infringement.
-
8/4/2019 CP5603 Lecture 11 2011-09-27 Revision
33/70
In the U.S., its illegal to break
technology-based protection.
Even if bought a legal copy, you
Cant copy a DVD that you bought.
Cant possess open-source software forplaying a DVD that you bought.
Cant play your legal DVD with Linux.
Linux distributions used in the U.S. dont
come with DVD playing software.
Is this fair?
Digital Millennium Copyright Act
-
8/4/2019 CP5603 Lecture 11 2011-09-27 Revision
34/70
34
Risk Control Strategies
Once ranked vulnerability risk worksheetcomplete, must choose one of four strategies to
control each risk:
1. Apply safeguards (avoidance)
2. Transfer the risk (transference)
3. Reduce impact (mitigation)
4. Understand consequences and accept risk
(acceptance)
-
8/4/2019 CP5603 Lecture 11 2011-09-27 Revision
35/70
35
1. Avoidance
Attempts to prevent exploitation of the
vulnerability
Preferred approach; accomplished through
countering threats, removing asset
vulnerabilities, limiting asset access, and adding
protective safeguards
Three common methods of risk avoidance:
1. Application of policy
2. Training and education
3. Applying technology
-
8/4/2019 CP5603 Lecture 11 2011-09-27 Revision
36/70
36
2. Transference
Control approach that attempts to shift risk to otherassets, processes, or organizations
If lacking, organization should hire individuals/firmsthat provide security management and
administration expertise
Organization may then transfer risk associated with
management of complex systems to another
organization experienced in dealing with those risks
-
8/4/2019 CP5603 Lecture 11 2011-09-27 Revision
37/70
37
3. Mitigation
Attempts to reduce impact of vulnerabilityexploitation through planning and preparation
Approach includes three types of plans:
Incident response plan (IRP)
Disaster recovery plan (DRP)
Business continuity plan (BCP)
-
8/4/2019 CP5603 Lecture 11 2011-09-27 Revision
38/70
38
3. Mitigation (continued)
DRP is most common mitigation procedure
The actions to take while incident is in progress is
defined in IRP
BCP encompasses continuation of business
activities if catastrophic event occurs
-
8/4/2019 CP5603 Lecture 11 2011-09-27 Revision
39/70
39
4. Acceptance
Doing nothing to protect a vulnerability andaccepting the outcome of its exploitation
Valid only when the particular function, service,
information, or asset does not justify cost of
protection use cost-benefit?
Risk appetite describes the degree to whichorganization is willing to accept risk as trade-off to
the expense of applying controls
-
8/4/2019 CP5603 Lecture 11 2011-09-27 Revision
40/70
40
4. Acceptance: Dinosaurs and Meteors
There is a tiny chance that your nuclear reactor
will destroy the city. Should you turn it off?
-
8/4/2019 CP5603 Lecture 11 2011-09-27 Revision
41/70
Acceptance: Risk MatrixFrequency of Losses helps quantify probability
4 - Catastroph ic C B A A
3 - C ritical D C B A
2 - Ma rginal D D C B
1 - Negligable D D D C
1- U nlikely 2 - Occasion al 3 - Pro bab le 4 - Fr equ ent
I n c re a s in g F r e q u e n c y
In
creasing
Conseque
nce
EFU Risk Management
-
8/4/2019 CP5603 Lecture 11 2011-09-27 Revision
42/70
42
Key Technology Components
Firewall: device that selectively discriminates
against information flowing into or out oforganization
Demilitarized Zone (DMZ): no-mans landbetween inside and outside networks where some
organizations place Web servers
Intrusion Detection Systems (IDSs): in effort to
detect unauthorized activity within inner network,
or on individual machines, organization may wish
to implement an IDS
-
8/4/2019 CP5603 Lecture 11 2011-09-27 Revision
43/70
43
Figure 5-18 Key Components
-
8/4/2019 CP5603 Lecture 11 2011-09-27 Revision
44/70
44
-
8/4/2019 CP5603 Lecture 11 2011-09-27 Revision
45/70
45
137.219.16.23
-
8/4/2019 CP5603 Lecture 11 2011-09-27 Revision
46/70
46
Dual-Connection Routers
The filtering routers have 2 connections: External filtering router:
Public IP address is 137.219.16.23
DMZ IP address is 10.10.10.2
Internal filtering router:
DMZ IP address is 10.10.10.3
Local IP address is 192.168.2.1
User PCs have addresses in 192.168.*.*with gateway 192.168.2.1 to the Internet.
-
8/4/2019 CP5603 Lecture 11 2011-09-27 Revision
47/70
47
Port numbers go up to 65536.
1024 and above are open to any program.
Usually for replies from servers.
N t k B d IDPS (NIDPS)
-
8/4/2019 CP5603 Lecture 11 2011-09-27 Revision
48/70
48
Network-Based IDPS (NIDPS)
Resides on a computer or appliance connected to
segment of an organizations network. Separate from any computer used for work.
Looks for signs of attacks
When examining packets, the
NIDPS looks for attack patterns.
Installed at a place in the network where it watchestraffic going in and out of particular segment.
e.g., between the web server and the gateway.
-
8/4/2019 CP5603 Lecture 11 2011-09-27 Revision
49/70
49
-
8/4/2019 CP5603 Lecture 11 2011-09-27 Revision
50/70
Access Control
-
8/4/2019 CP5603 Lecture 11 2011-09-27 Revision
51/70
51
Need 2 Or More Access Controls
Any single access control device can be defeated:
Fingerprint: point a gun at their head and tell them
to swipe their finger.
Password can be copied.
Security guard can be bribed.
With 2 access control devices, then its much harder
to defeat both of them at the same time.
-
8/4/2019 CP5603 Lecture 11 2011-09-27 Revision
52/70
Biometrics: Accuracy and Cost
Accurate results cost more money.
-
8/4/2019 CP5603 Lecture 11 2011-09-27 Revision
53/70
53
-
8/4/2019 CP5603 Lecture 11 2011-09-27 Revision
54/70
Encryption
Plaintext the original information.
Ciphertext mixed up, to make it unreadable.
A cipher is another word for a code.
Encryption algorithms are complicated
but you need a key to encrypt
and a key to decrypt.
DecryptionNetworkEncryptionplaintext plaintextciphertextciphertext
Shared Secret-Key
Sender Receiver
-
8/4/2019 CP5603 Lecture 11 2011-09-27 Revision
55/70
Caesar Cipher
A type of substitution cipher:
Each letter in the plaintext is replaced by aletter some fixed number of positions down thealphabet.
For example, with a shift (or key) of 3A D
B E
C F and so on.Plain: ABCDEFGHIJKLMNOPQRSTUVWXYZ
Cipher: DEFGHIJKLMNOPQRSTUVWXYZABC
Plaintext: THE QUICK BROWN FOX JUMPS OVER THE LAZY DOG
Ciphertext: WKH TXLFN EURZQ IRA MXPSV RYHU WKH ODCB GRJ
-
8/4/2019 CP5603 Lecture 11 2011-09-27 Revision
56/70
56
Cipher Methods (continued)
Cryptosystems typically made up of algorithms,
data handling techniques, and procedures
Substitution cipher: substitute one value for
another
Monoalphabetic substitution: uses only one
alphabet
Polyalphabetic substitution: more advanced; uses
two or more alphabets
Vigenre cipher: advanced cipher type that uses
simple polyalphabeticcode; made up of 26 distinct
cipher alphabets
-
8/4/2019 CP5603 Lecture 11 2011-09-27 Revision
57/70
57
Vigenre
cipher:
Uses all 26
possible
substitutes.
Polyalphabetic
A different onefor each letter.
E ti
-
8/4/2019 CP5603 Lecture 11 2011-09-27 Revision
58/70
Encryption
The sender encrypts the messages using a key before
sending them out to the network The receiver uses the corresponding key to decrypt.
If the keys are secret, nobody else can read messages.
Problem: how to distribute keys? You need a trusted third party to send the keys.
E ti /D ti K
-
8/4/2019 CP5603 Lecture 11 2011-09-27 Revision
59/70
Encryption/Decryption Keys
Public-key cipher two different keys: A private key for you.
A public key for everyone else.
Public-key encryption gets around the key problem!
You never send the private key.
Only send the public key. You can tell everyone about the public key.
Put it on your business card.
P bli K E ti /D ti
-
8/4/2019 CP5603 Lecture 11 2011-09-27 Revision
60/70
Public-Key Encryption/Decryption
Advantage
Easy to distribute public key
More scalable with less keys, 2N keys for N users
Disadvantage
Complex algorithm (very CPU intensive, but not really a problemfor modern computers)
Still need authentication for the public key (phone to check)
plaintext
plaintextciphertextciphertext
ReceiversPublic
Sender
Receiver
To the public
ReceiversPrivate
DecryptionNetworkEncryption
P bli K C fid ti lit
-
8/4/2019 CP5603 Lecture 11 2011-09-27 Revision
61/70
Public-Key Confidentiality
John sends to Sueencrypt with Sues public key.
Sue use her private key to decrypt.
P bli K A thentication
-
8/4/2019 CP5603 Lecture 11 2011-09-27 Revision
62/70
Public-KeyAuthentication
Authentication how do you know that John really
sent this message?
1. John encrypts a message using his private key.
i.e., John signs the message.
2. John sends the encrypted message to Sue.3. Sue decrypts the received message using Johns
public key.
Everyone can decrypt the message since Johnspublic key is knownnot confidential!
Everyone knows that the message can only besent by John, since only John knows his own
Authentication + Confidentiality
-
8/4/2019 CP5603 Lecture 11 2011-09-27 Revision
63/70
Authentication + Confidentiality
To provide both
authentication andconfidentiality, youneed to encrypt twice.
You use your private
key and someoneelses public key.
Creates a uniqueshared key.
Two ways tocreate the sharedkey.
-
8/4/2019 CP5603 Lecture 11 2011-09-27 Revision
64/70
64
Hybrid Cryptography Systems
Pure asymmetric key encryption not widely used
Use asymmetric encryption to share a unique, once-
only symetric key hybrid.
Diffie-Hellman Key Exchange method:
most common hybrid system; provided foundation for subsequent
developments in public-key encryption
-
8/4/2019 CP5603 Lecture 11 2011-09-27 Revision
65/70
65
Physical Security
Seven major sources of physical loss:1. Extreme temperature (e.g., fires)
2. Gases
3. Liquids
4. Living organisms (insects, fungus)
5. Projectiles (e.g., bullets, falling objects)
6. Movement
7. Energy anomalies
-
8/4/2019 CP5603 Lecture 11 2011-09-27 Revision
66/70
66
This Happens More Often Than Crocodiles
The most commonphysicalsecurity problem.
-
8/4/2019 CP5603 Lecture 11 2011-09-27 Revision
67/70
67
Fire Security and Safety
Fires cause more property damage, personalinjury, and death than any other physical threat.
Not guns or flood or lightning or crocodiles.
C
-
8/4/2019 CP5603 Lecture 11 2011-09-27 Revision
68/70
68
Heating, Ventilation, and Air Conditioning
Areas within heating, ventilation, and airconditioning (HVAC) systems that can causedamage to information systems include:
Temperature
Filtration (e.g., dust)
Humidity
Static electricity
E Sh ff
-
8/4/2019 CP5603 Lecture 11 2011-09-27 Revision
69/70
69
Emergency Shutoff
Important physical security feature:
an off switch.
Most computer roomsand wiring closets have
an emergency poweroff button.
E i thi lik thi
-
8/4/2019 CP5603 Lecture 11 2011-09-27 Revision
70/70
Exam is something like this
15 multiple-choice questions 15 marks
10 short-answer questions 35 marks
120 minutes (plus 10 minutes for reading)
120 minutes 50 marks
= 2.4 minutes per mark. Allow about 35 minutes for multiple choice
and 85 minutes for the short answer.