1

Security in Computing

Module 1Introduction

What Is Security?

• “The quality or state of being secure—to be free from danger”

2

Security - Years back

• Physical security– Information was primarily on paper– Lock and key– Safe transmission

• Administrative security– Control access to materials– Personnel screening– Auditing

3

Why Do We Need Security?

• Increased reliance on Information technology with or with out the use of networks

• The use of IT has changed our lives drastically.

• We depend on E-mail, Internet banking, and several other governmental activities that use IT

4

Why Do We Need Security?

• Increased use of E-Commerce and the World wide web on the Internet as a vast repository of various kinds of information (immigration databases, flight tickets, stock markets etc.)

5

Why Do We Need Security?

• Protect sensitive resources– Prevent loss– Prevent damage

• In the context of information systems– Prevent unauthorized users from

reading information (loss)• Guarantee confidentiality

6

– Prevent unauthorized users from tampering with information (damage)• Guarantee integrity

• Computing Systems:– Hardware, software, storage media,

data & people

7

What is Computer Security?

• Wikipedia: Computer security is the effort to create a secure computing platform, designed so that agents (users or programs) cannot perform actions that they are not allowed to perform, but can perform the actions that they are allowed to.

• A computer is secure if you can depend on it and its software to behave as you expect.

8

• “Measures and tools to protect data and thwart hackers is called Computer Security”.

Network security or internet security- security measures needed to protect data during their transmission

9

Some differences between traditional security and

information security

• Information can be stolen - but you still have it

• Confidential information may be copied and sold - but the theft might not be detected

• The criminals may be on the other side of the world

10

What features should a computer security system

provide?

• Confidentiality– Concealment of information or resources– the protection of information from

unauthorized or accidental disclosure

• Integrity– Trustworthiness of data or resources– assures information is as entered and

intended; that the information has not been incorrectly modified, corrupted or destroyed.

11

What features should a computer security system

provide?

• Availability– Ability to use information or

resources.– assures that assets are available

when needed to support the organizational enterprise on a timely and reliable basis.

12

Security GoalsSecurity Goals

Integrity

Confidentiality

Availability

Secure

13

Attacks, Services and Attacks, Services and MechanismsMechanisms

• Security Attack: Any action that compromises the security of information.

• Security Mechanism: A mechanism that is designed to detect, prevent, or recover from a security attack.

• Security Service: A service that enhances the security of data processing systems and information transfers. A security service makes use of one or more security mechanisms

14

Security Attacks

• Vulnerability• Threats• Attacks

15

Security AttacksSecurity Attacks

16

Security AttacksSecurity Attacks

• Interruption: This is an attack on availability– Destruction of hardware device– Malfunction of OS file manager– Physically breaking communication

line– Disrupting traffic

17

Interruption

18

Security Attacks (continued)

• Interception: This is an attack on confidentiality– Overhearing, eavesdropping over a

communication line

19

Security Attacks (continued)

Interception

20

Security Attacks (continued)

• Modification: This is an attack on integrity– Corrupting transmitted data or

tampering with it before it reaches its destination

21

Security Attacks (continued)

Modification

22

Security Attacks (continued)

• Fabrication: This is an attack on authenticity– Faking data as if it were created by a

legitimate and authentic party

23

Security Attacks (continued)

Fabrication

24

Passive and active attacks• Passive attacks

– No modification of content or fabrication– Eavesdropping to learn contents or other

information (transfer patterns, traffic flows etc.)

• Active attacks– Modification of content and/or participation in

communication to• Impersonate legitimate parties• Modify the content in transit• Launch denial of service attacks

25

26

Passive and active attacks• Passive attacks:eavesdropping on, or

monitoring of, transmissions to:– obtain message contents, or– monitor traffic flows

• Active attacks:modification of data stream to:– masquerade of one entity as some other– replay previous messages– modify messages in transit– denial of service

27

28

Passive Attacks and Active Attacks

Passive Attacks

29

Passive Attacks

30

31

Active Attacks

• Active attacks involve some sort of modification of the data stream or the creation of a false stream.

• Four sub-categories:– Masquerade– Replay– Modification of Messages– Denial of service

32

Masquerade

• An entity pretends to be another.• For the purpose of doing some

other form of attack.• Spoofing,impersonation.

33

Replay

• First passive capture of data and then its retransmission to produce an unauthorized effect.

34

Modification of Messages

• Some portion of a legitimate message is altered or messages are delayed or reordered to produce an unauthorized effect.

35

Denial of Service - DOS

• Prevents the normal use or management of communication facilities.

• Such attacks have become very common on the Internet especially against web servers.

• On the Internet remotely located hackers can crash the TCP/IP software by exploiting known vulnerabilities in various implementations.

• One has to constantly look out for software updates and security patches to protect against these attacks.

Active Attacks

36

Active Attacks

37

Problems

• Passive attacks– Difficult to detect– Protection approach - prevention

• Active attacks– Easy to detect but difficult to prevent– Recovery

38

Network Security

Computer networks are widely used to connect computers at distant locations.

Raises additional security problems:o Data in transmission must be

protected.o Network connectivity exposes each

computer to more vulnerabilities.

39

Model for Network Security

• Two components:– Security related transformation

• Encryption• Additional codes

– Secret information • Encryption key

• May need a trusted third part to assist

40

41

Model for Network Security

• Basic tasks in designing security service:– Design an algorithm that opponent

cannot defeat– Generate the secret information to be

used with the algorithm– Develop methods for distributing secret

information– Specify a protocol to be used

42

Computer Criminals• Amateurs: regular users, who exploit the

vulnerabilities of the computer system– Motivation: easy access to vulnerable

resources• Crackers: attempt to access computing

facilities for which they do not have the authorization– Motivation: enjoy challenge, curiosity

• Career criminals: professionals who understand the computer system and its vulnerabilities– Motivation: personal gain (e.g., financial)

43

44

• Hackers• Crackers

Malicious Software

45

46

Virus Virus lifecycle:1. Dormant phase: the virus is idle. (not

all viruses have this stage)2. Propagation phase: the virus places

an identical copy of itself into other programs of into certain system areas.

3. Triggering phase: the virus is activated to perform the function for which it was created.

4. Execution phase: the function is performed. The function may be harmless or damaging.

Functional structure of Virus

47

VIRUS

Anti-detection routine

Search Copy

48

How Viruses Append

Originalprogram

Virus code

Originalprogram

Virus code

Virus appended to program

+ =

49

How Viruses Append

Originalprogram

Virus code

Originalprogram

Virus code Part a

Virus surrounding a program

+ =

Virus code Part b

50

How Viruses Append

Originalprogram

Virus code

Originalprogram

Virus-1

Virus integrated into program

+ =

Virus-2

Virus-3Virus-4

Home for Viruses

• High risk virus properties: – Hard to detect– Hard to destroy– Spread infection widely– Can re-infect– Easy to create – Machine & OS independent

• Earlier – repeated execution of code so that virus could multiply

51

Home for Viruses

• One-Time execution– E-mail attachment

• Boot Sector viruses• Memory –Resident viruses• Application programs

– Macro

• Libraries

52

Types of viruses

• Parasitic virus: Most common form. Attaches itself to a file and replicates when the infected program is executed.(File virus-executable files)

• Memory resident virus: Lodged in main memory as part of a resident system program. Virus may infect every program that executes.

53

Types of viruses• Boot Sector Viruses:

– Infects the boot record and spreads when system is booted.

– Gains control of machine before the virus detection tools.

– Very hard to notice– Carrier files: AUTOEXEC.BAT,

CONFIG.SYS,IO.SYS

• Multipartite Viruses: infects both(files & boot sector)

54

Types of viruses

• Stealth virus: a form of virus explicitly designed to hide from detection by antivirus software.

• Polymorphic virus: a virus that mutates with every infection, making detection by the “signature” of the virus difficult.

55

Example

• Code red worm signature

56

Types of viruses

• Macro viruses: infect macro-enabled documents, especially the Microsoft Office suite of applications -Word and Excel. When opened, an infected document executes a macro automatically or the user does so accidentally. Then infects other documents on the disk.

• Email virus

57

Other Malicious Programs• Virus - A hidden, self-replicating section of computer software,

usually malicious logic, that propagates by infecting (i.e., inserting a copy of itself into and becoming part of) another program. A virus cannot run by itself; it requires that its host program be run to make the virus active.

• Worm - A computer program that can run independently, can propagate a complete working version of itself onto other hosts on a network, and may consume computer resources destructively.

• Trojan horse - A computer program that appears to have a useful function, but also has a hidden and potentially malicious function that evades security mechanisms, sometimes by exploiting legitimate authorizations of a system entity that invokes the program.

58

Other Malicious Programs• Logic bomb - Malicious [program] logic that activates when

specified conditions are met. Usually intended to cause denial of service or otherwise damage system resources.

• Time bomb – is a logic bomb whose trigger is a time or date.

• Trapdoor or backdoor - A hidden computer flaw known to an intruder, or a hidden computer mechanism (usually software) installed by an intruder, who can activate the trap door to gain access to the computer without being blocked by security services or mechanisms.

• Zombie – A program that secretly takes over another Internet attached computer and then uses that computer to launch attacks. Difficult to trace zombie’s creator. Used for DoS attacks

• Rabbit59

Services and Mechanisms

• A security policy is a statement of what is and what is not allowed.

• A security service is a measure to address a threat – E.g. authenticate individuals to prevent

unauthorized access

• A security mechanism is a means to provide a service – E.g. encryption, cryptographic protocols

60

Security Services• A security service is a service

provided by the protocol layer of a communicating system (X.800)

• 5 Categories– Authentication– Access Control– Data Confidentiality– Data Integrity– Nonrepudiation – (Availability)

61

Security Services

• Security services (X.800) falls under five categories:

• Authentication:The assurance that the communicating entity is the one that it claims to be– Peer Entity Authentication– Data-Origin Authentication

62

Security Services• Access Control : The prevention of

unauthorized use of a resource - Who can access, Under what conditions, What they are allowed to do

• Data Confidentiality :The protection of data from unauthorized disclosure– Connection Confidentiality– Connectionless Confidentiality– Selective-Field Confidentiality– Traffic-flow Confidentiality

63

Security Services

• Data Integrity: The assurance that data received are exactly as sent by an authorized entity (i.e. contain no modification, insertion, deletion, or replay)– Connection Integrity with Recovery– Connection Integrity without Recovery– Selective-Field Connection Integrity– Connectionless Integrity– Selective-Field Connectionless Integrity

64

Security Services

• NonRepudiation: Provides protection against denial by one of the entities involved in a communication of having participated in all or part of the communication– NonRepudiation, origin– NonRepudiation, destination

65

Security Services Examples

• Authentication– Ensuring the proper identification of entities and origins of

data before communication• Access control

– Preventing unauthorized access to system resources• Data confidentiality

– Preventing disclosure to unauthorized parties• Data integrity

– Preventing corruption of data• Non-repudiation

– Collecting proof to prevent denial of participation in transaction or communication

• Availability– Protection against denial-of-service

66

Security Mechanisms• Security Mechanisms :A mechanism

that is designed to detect, prevent or recover from a security attack.

• Two types– Specific mechanisms existing to provide

certain security services• E.g. encryption used for authentication

– Pervasive mechanisms which are general mechanisms incorporated into the system and not specific to a service

• E.g. security audit trail

67

Specific Security Mechanisms

•  1. Specific Security Mechanisms• May be incorporated into the appropriate protocol layer

in order to provide some of the OSI security services

– Encipherment– Digital Signature– Access Control– Data Integrity– Authentication Exchange– Traffic Padding– Routing Control– Notarization

68

Pervasive Security Mechanisms

• Pervasive Security Mechanisms

Mechanisms those are not specific to any particular OSI security service or protocol layer.

• Trusted Functionality– That which is perceived to be true by some criteria

• Security Label– The marking of (bound to) a resource that names or

designates the security attributes of the resource

69

Pervasive Security Mechanisms

• Event Detection– Intrusion detection– Detection of specific hacks (detector hardware)– Too many log in attempts

• Security Audit Trail– Logging of all system events

• Security Recovery– Recovery based on requests from security

mechanisms and/or event handling.

70

Methods of DefenseMethods of Defense

• Encryption• Software Controls

– (access limitations in a data base, in operating system protect each user from other users)

• Hardware Controls – (smartcard)

• Policies – (frequent changes of passwords)

• Physical Controls71