CS363Week 1 - Wednesday

Last time

What did we talk about last time? Course overview Terminology

Threats Vulnerabilities Attacks Controls

CIA

Questions?

Security tidbit: In communist China, algorithms analyze you!

In the U.S., credit scores affect your life a great deal: mortgages, car loans, credit card interest rates, etc.

China is considering a "social credit" system, kind of like a Yelp! rating for…you

Each person will have a single number stating how good you are

China is evaluating eight companies that are issuing social credit as a pilot-program

Security tidbit continued The most high-profile project is run by Sesame Credit,

the financial wing of Alibaba Alibaba is the world's largest online shopping platform Kind of a cross between Amazon and eBay Your Sesame Credit social credit is kind of like your eBay

rating, but they also judge you based on the products you buy Chinese citizens with good credit scores praise the

system's convenience Security expert Bruce Schneier highlights the dangers of

secret algorithms to judge worth, especially when Liking the wrong thing on Facebook could lower your credit

Follow the story: http://www.bbc.com/news/world-asia-china-34592186

CIA

The basics of computer security:

Confidentiality

IntegrityAvailability

Confidentiality

You don’t want other people to be able to read your stuff Some of your stuff, anyway

Cryptography, the art of encoding information so that it is only readable by those knowing a secret (key or password), is a principle tool used here

Confidentiality is also called secrecy or privacy

Integrity

You don’t want people to mess up your stuff

You want to know: That your important data cannot be easily

changed That outside data you consider trustworthy

cannot be easily changed either There are many different ways that data

can be messed up, and every application has different priorities

Availability

You want to be able to use your stuff Many attacks are based on denial of

service, simply stopping a system from functioning correctly

Availability can mean any of the following: The service is present in usable form There is enough capacity for authorized users The service is making reasonable progress The service completes in an acceptable period

of time

Two other useful properties CIA covers a huge amount of ground,

but there are other properties that are not directly under that umbrella:

Authentication is being able to confirm the identity of a sender

Nonrepudiation is the flip side: being unable to deny that you sent something

Threats

There are many ways to classify threats

Nonhuman threats: natural disasters, hardware failures, etc.

Human threats: spilling a soft drink, entering the wrong data by mistake, intentionally hacking a system

Malicious vs. non-malicious Random vs. directed

Harm

• Someone read something they weren’t supposed to

Interception

• Something became unavailable or unusable

Interruption

• Someone changed something they weren’t supposed to

Modification

• Someone created fake thingsFabrication

Malicious, human-caused threats often involve one or more of the following kind of harm:

Advanced persistent threat An advanced persistent threat is

one that is organized, well-funded, and calculated to do maximum damage

These threats are getting more media coverage today as possibilities for terrorism or cyber warfare

Attacks on these threats come from governments, terrorist groups, and organized crime

Vulnerabilities

Hardware vulnerabilities

Adding or removing devices Intercepting the traffic to devices or

flooding them with too much traffic Physical attacks such as water, fire,

electricity, food particles, mice chewing through cables, dust, and blunt force trauma

These vulnerabilities can be exploited intentionally or unintentionally

Software vulnerabilities

Software deletion Accidental or otherwise

Software modification Accidental software changes due to

hardware errors or software bugs Trojan horses Viruses Trapdoors Information leaks

Software theft

Data vulnerabilities

Data confidentiality Wire tapping Van Eck phreaking Shoulder surfing Looking through trash

Data integrity Intercepting data and passing it along

with parts changed

Goals

Mechanisms are intended to accomplish one or more goals: Prevent an attack Detect an attack Recover from an attack

Other issues Networks can multiply the problems of computer

security by making data easy to intercept and change

Physical access to computer systems can allow people to use hardware and software for unauthorized benign or malignant purposes

People are problematic Someone has to design security systems, and they can’t

always be trusted Sometimes people are needed but unavailable People leave (or are fired) with valuable information People behave unpredictably People can be bribed

Attackers

Individuals Most computer criminals are amateurs

They commit crimes of opportunity Time-stealing is common

Disgruntled or recently fired employees can use their knowledge of a system to attack it

A malicious hacker is called a cracker Many crackers attempt to gain access to

other people’s computer systems for the fun or challenge of it They often brag about their exploits

Organized crime Most professional crackers are trained computer

scientists who have turned to crime In the early days of hacking and viruses,

destroying hardware, software, or data was the goal

Professional crackers now look to make money by stealing valuable data

There are connections to organized crime Many attacks come from Russia, Asia, and Brazil Professionals want to remain undetected so that

they can keep stealing data

Terrorists Modern terrorists are often computer savvy Four common forms of terrorist computer

usage are: Targets of attacks

Denial-of-service and defacement of websites Methods of attack

Using computers to launch an attack Enablers of attacks

Coordinating or initiating other forms of terrorism through websites, e-mail, etc.

Enhancers of attacksUsing the Internet to spread propaganda and recruit agents

Harm and risk

Harm is the bad thing that happens when the threat occurs

Risk management is about choosing which threats to control and which not to Remember that this is usually a financial

decisionResidual risk is the risk that is still

not controlled after risk management

Risk perception

What's the chance that a huge meteor will hit during our lifetimes? Small! Likelihood is the chance that a threat

will happen What will happen if a huge meteor

hits? Terrible things! Impact is the damage of a threat

Humans overestimate the likelihood of rare, dreaded events

Method, opportunity, motive As with traditional crime, a computer

attacker must have three things:• Skills and tools to perform

the attackMethod• Time and access to

accomplish the attackOpportunit

y• A reason to perform the

attackMotive

Controls

Controls There are five common ways of controlling attacks,

many of which can be used togetherPrevent• Remove the vulnerability from the system

Deter• Make the attack harder to execute

Deflect• Make another target more attractive (perhaps a decoy)

Detect• Discover that the attack happened, immediately or

laterRecover• Recover from the effects of the attack

Effects of controls

Many different controls can be used to achieve the five methods of defense

Physical controls

Physical controls can be inexpensive and effective Locks on doors Security guards Backup copies of data Planning for natural disasters and fires

Simple controls are often the best Attackers will always look for a weak

point in your defenses

Technical controls Software controls:

Passwords OS and network controls▪ Tools to protect users from each other

Independent control programs▪ Application programs that protect against specific vulnerabilities

Development controls▪ Quality control for creating software so that vulnerabilities are

not introduced Hardware controls

Smart cards on satellite or cable television set-top boxes Fingerprint or other biometric readers Firewalls

Encryption Encryption is the scrambling of data

Often a key or some other secret information is used to do the scrambling

Without knowledge of the secret, the data becomes useless

Modern encryption is one of the most powerful tools for preserving computer security

Most modern attacks do not depend on breaking encryption but on circumventing it

Encryption The process of encryption takes plaintext as

an input and produces ciphertext as an output

Plaintext (or cleartext) is not necessarily human readable, but its contents are not protected in any way

Using cryptography, we can build protocols to support confidentiality and integrity (and even availability indirectly)

As useful as it is, encryption is not a panacea

Procedural controls Human beings ultimately get involved It is important to have policies and

procedures to guide their actions, such as: Change passwords regularly Don’t give people your password Don’t allow coworkers access to data they

should not have Laws are important policies with

consequences, but they react slowly to the rapid changes in technology

Effectiveness of controls Many issues impact the effectiveness of controls

Awareness of problemUsers must be convinced that it is worth using the controls

Likelihood of useThe controls must be easy enough to use that the task performed is not seriously affected

Overlapping controlsOverlapping controls or defense in depth can help, but sometimes the controls negatively impact each other

Periodic reviewConditions change, and controls must be reviewed periodically and updated when needed

Sign up for Presentations

Upcoming

Next time…

Authentication Passwords Biometrics

Reminders

Read Section 2.1