Announcement r Project dates adjusted (correct those on the syllabus handed out last time) r Sign-up...
-
date post
21-Dec-2015 -
Category
Documents
-
view
215 -
download
2
Transcript of Announcement r Project dates adjusted (correct those on the syllabus handed out last time) r Sign-up...
Announcement
Project dates adjusted (correct those on the syllabus handed out last time)
Sign-up for the paper presentation at the end of next week (after proj assignment) Ashish and Stephan volunteer for the next
week Projects will be online soon, find your
partners
Overview
Integrity Key distribution and certification Mobile malcode
Overview Viruses Worms Automatic updates
History of Viruses (if time allowed)
Digital Signatures
Cryptographic technique analogous to hand-written signatures.
sender (Bob) digitally signs document, establishing he is document owner/creator.
verifiable, nonforgeable: recipient (Alice) can prove to someone that Bob, and no one else (including Alice), must have signed document
Digital Signatures
Simple digital signature for message m: Bob signs m by encrypting with his private
key KB, creating “signed” message, KB(m)--
Dear Alice
Oh, how I have missed you. I think of you all the time! …(blah blah blah)
Bob
Bob’s message, m
Public keyencryptionalgorithm
Bob’s privatekey
K B-
Bob’s message, m, signed
(encrypted) with his private key
K B-(m)
Digital Signatures (more) Suppose Alice receives msg m, digital signature KB(m)
Alice verifies m signed by Bob by applying Bob’s public key KB to KB(m) then checks KB(KB(m) ) = m.
If KB(KB(m) ) = m, whoever signed m must have used
Bob’s private key.
+ +
-
-
- -
+
Alice thus verifies that: Bob signed m. No one else signed m. Bob signed m and not m’.
Non-repudiation: Alice can take m, and signature KB(m) to court and
prove that Bob signed m. -
Message Digests
Computationally expensive to public-key-encrypt long messages
Goal: fixed-length, easy- to-compute digital “fingerprint”
apply hash function H to m, get fixed size message digest, H(m).
Hash function properties: many-to-1 produces fixed-size msg
digest (fingerprint) given message digest x,
computationally infeasible to find m such that x = H(m)
large message
m
H: HashFunction
H(m)
Internet checksum: poor crypto hash function
Internet checksum has some properties of hash function:
produces fixed length digest (16-bit sum) of message
is many-to-oneBut given message with given hash value, it is easy to find another message with same hash value:
I O U 10 0 . 99 B O B
49 4F 55 3130 30 2E 3939 42 D2 42
message ASCII format
B2 C1 D2 AC
I O U 90 0 . 19 B O B
49 4F 55 3930 30 2E 3139 42 D2 42
message ASCII format
B2 C1 D2 ACdifferent messagesbut identical checksums!
large message
mH: Hashfunction H(m)
digitalsignature(encrypt)
Bob’s private
key K B-
+
Bob sends digitally signed message:
Alice verifies signature and integrity of digitally signed message:
KB(H(m))-
encrypted msg digest
KB(H(m))-
encrypted msg digest
large message
m
H: Hashfunction
H(m)
digitalsignature(decrypt)
H(m)
Bob’s public
key K B+
equal ?
Digital signature = signed message digest
Hash Function Algorithms
MD5 hash function widely used (RFC 1321) computes 128-bit message digest in 4-step
process. arbitrary 128-bit string x, appears difficult to
construct msg m whose MD5 hash is equal to x.
SHA-1 is also used US standard [NIST, FIPS PUB 180-1]
160-bit message digest SHA-2 is the new variant
Is the collective name of one-way hash functions developed by the NIST: SHA-256, SHA-384, and SHA-512
Overview
Integrity Key distribution and certification Mobile malcode
Overview Viruses Worms Automatic updates
Trusted Intermediaries
Symmetric key problem:
How do two entities establish shared secret key over network?
Solution: trusted key distribution
center (KDC) acting as intermediary between entities
Public key problem: When Alice obtains
Bob’s public key (from web site, e-mail, diskette), how does she know it is Bob’s public key, not Trudy’s?
Solution: trusted certification
authority (CA)
Key Distribution Center (KDC)
Alice, Bob need shared symmetric key. KDC: server shares different secret key with each
registered user (many users) Alice, Bob know own symmetric keys, KA-KDC KB-KDC ,
for communicating with KDC.
KB-KDC
KX-KDC
KY-KDC
KZ-KDC
KP-KDC
KB-KDC
KA-KDC
KA-KDC
KP-KDC
KDC
Key Distribution Center (KDC)
Aliceknows
R1
Bob knows to use R1 to communicate with Alice
Alice and Bob communicate: using R1 as session key for shared symmetric
encryption
Q: How does KDC allow Bob, Alice to determine shared symmetric secret key to communicate with each other?
KDC generate
s R1
KB-KDC(A,R1)
KA-KDC(A,B)
KA-KDC(R1, KB-KDC(A,R1) )
Certification Authorities
Certification authority (CA): binds public key to particular entity, E.
E (person, router) registers its public key with CA. E provides “proof of identity” to CA. CA creates certificate binding E to its public key. certificate containing E’s public key digitally signed by
CA – CA says “this is E’s public key”Bob’s public
key K B+
Bob’s identifying informatio
n
digitalsignature(encrypt)
CA private
key K CA-
K B+
certificate for Bob’s public
key, signed by CA
Certification Authorities When Alice wants Bob’s public key:
gets Bob’s certificate (Bob or elsewhere). apply CA’s public key to Bob’s certificate,
get Bob’s public key
Bob’s public
key K B+
digitalsignature(decrypt)
CA public
key K CA+
K B+
Overview
Integrity Key distribution and certification Mobile malcode
Overview Viruses Worms Automatic updates
Mobile Malcode Overview Malicious programs which spread from
machine to machine without the consent of the owners/operators/users Windows Automatic Update is (effectively)
consensual Many strains possible
Viruses Worms Compromised Auto-updates
• No user action required, very dangerous
Viruses Definition from RFC 1135: A virus is a piece of
code that inserts itself into a host, including operating systems, to propagate. It cannot run independently. It requires that its host program be run to activate it.
On execution Search for valid target files
• Usually executable files• Often only infect uninfected files
Insert a copy into targeted files• When the target is executed, the virus starts running
Only spread when contaminated files are moved from machine to machine
Mature defenses available
1988: Less than 10 known viruses 1990: New virus found every day 1993: 10-30 new viruses per week 1999: 45,000 viruses and variants
Source: McAfee
Virus Growth
0
10000
20000
30000
40000
50000
60000
1988 1990 1993 1999
Virus Infectables Executable files: .com, .exe, .bat Macros
With macro languages the line between pure data files and executable files is blurring
An infected file might be attached to an E-mail E-mail programs may use other programs (e.g.,
word) with macros to display incoming mail System sector viruses
Infect control sectors on a disk• DOS boot sectors• Partition (MBR) sectors
System sector viruses spread easily via floppy disk infections
Virus Infectables (cont’d) Companion viruses
Create a .com files for each .exe files DOS runs COM files before EXE files Relatively easy to find and eliminate
Cluster viruses Change the DOS directory info so that directory
entries point to the virus code instead of the real program
Even though every program on the disk may be "infected“, there is only one copy of the virus on the disk
Anatomy of a Virus
Two primary components Propagation mechanism Payload
Propagation Method by which the virus spreads itself. Old days: single PC, transferred to other
hosts by ways of floppy diskettes. Nowadays: Internet.
Structure of A Virus
Virus() { infectExecutable(); if (triggered()) { doDamage(); } jump to main of infected program;}
void infectExecutable() { file = choose an uninfected executable file; prepend V to file; }
void doDamage() { ... }int triggered() { return (some test? 1 : 0); }
Variable Viruses Polymorphic viruses
Change with each infection• Executables virus code changing (macros: var name,
line spacing, etc.)• Control flow permutations (rearrange code with goto’s)
Attempt to defeat scanners Virus writing tool kits have been created to
"simplify" creation of new viruses Current tool kits create viruses that can be
detected easily with existing scanner technology
But just a matter of time …
Virus Detection/Evasion Look for changes in
size Check time stamp on
file Look for bad behavior
False alarm prone
Look for patterns (byte streams) in virus code that are unique
Look for changes in file checksum
Compression of virus and target code
Modify time stamp to original
Do bad thing insidiously
Change patterns – polymorphism
Rearrange data in the file
Disable anti-virus programs
More on Virus Detection Scanning
Depend on prior knowledge of a virus Check programs before execution Need to be regularly updated
Integrity Checking Read entire disk and record integrity data that
acts as a signature for the files and system sectors
Analyze the nature of the changes to differentiate file corruption caused by a bug from corruption caused by a virus
Use cryptographic computation technique instead of simple checksum
More on Virus Detection Interception
Monitoring for system-level routines that perform destructive acts
Good for detecting logic bomb and Trojoran horse Cannot depend entirely upon behavior monitors
as they are easily bypassed. Combination of all three techniques can
detect most viruses
Logic Bomb:
Logic Bomb: A logic bomb executes when specific conditions occur.
Triggers for logic bombs can include change in a file, by a particular series of keystrokes, or at a specific time or date.
Trojan Horse
Programs that appear to have one function but actually perform another function.
Modern Trojan Horse: resemble a program that the user wishes to run - a game, a spreadsheet, or an editor.
While the program appears to be doing what the user wants, it is also doing something else unrelated to its advertised purpose, and without the user's knowledge.
Virus Recovery Extricate the virus from the infected file to
leave the original behind Remove the redirection to the virus code Recover the file from backup Delete the files and move on with life
Email-Borne Viruses/Worms The logic/code is contained in an email,
usually as an executable attachment Some mail agents execute content automatically Upon execution
• Search for email addresses in address book, emails• Send out copies of itself to all the addresses it can find
Taxonomy: are they viruses or worms? Email viruses: when human or human-agents
asynchronously trigger the worm Email worms: when they are fully automatic
Worms
Autonomous, active code that can replicate to remote hosts without any triggering Typically, a worm is a process not a file
Because they propagate autonomously, they can spread much more quickly than viruses!
Much of the class focuses on worms Speed and general lack of user interaction
make them the most significant threats
Compromised Auto-updates Auto-update program: At a given time, call to
central server If new programs are available, download and install
• Probably a good thing when correctly implemented
Hijack the auto-update May be trivial
• DNS cache poisoning or router redirection May be very difficult
• Capture the code-signing and the server’s private keys
Present a fake update to the world Unlike other mobile malcode, it only travels a
single step: from server to the clients
Malcode Attributes
Virus Email-borne Virus
Worm Email-borne Worm
Auto-Update
Autonomous
X X X
Triggered
X X X
Domain/Universe
File/ File system
Email User /Email Users
Host/Network
Email User /Email Users
Host/Network
Overview
Integrity Key distribution and certification Mobile malcode
Overview Viruses Worms Automatic updates
A History of Viruses
First Wild Viruses Apple I/II/III: 1981
Three viruses for the Apple machines emerged in 1981 Boot sector viruses
Floppies of that time had the disk operating system (DOS) on them by default Wrote it without malice
Fred Cohen’s Work: 1983 First documented work with viruses
Cohen’s PhD advisor, Leo Adelman, coined the term “virus”
Virus: “a program that can infect other programs by modifying them to include a … version of itself”
Viruses can quickly (~30 min) spread through a networked file system
Dissertation (1986) conclusion: "universal" detection of a virus is undecidable Gave insights to some heuristic detection
mechanisms that are widely used now No 100% guaranteed detection for virus/worm
First PC Virus: Pakistani Brain Virus (1986)
Written by Pakistani brothers to protect their copyright Claim: infect only machines that had an
unlicensed copy of their software Boot sector, memory resident Printed“Welcome to the Dungeon (c) 1986 Basit * Amjad
(pvt) Ltd. BRAIN COMPUTER SERVICES 730 NIZAB BLOCK ALLAMA IQBAL TOWN LAHORE-PAKISTAN
PHONE :430791,443248,280530. Beware of this VIRUS.... Contact us for
vaccination ............. !!"
Destructive Virus: Chernobyl (1998)
Designed to inflict harm Flash BIOS: would cause permanent hardware
damage to vulnerable motherboards Also overwrote first 2K sectors of each disk
• Typically resulted in a loss of data and made it unbootable
Previously believed that being benign was necessary for virus longevity Chernobyl provided evidence to the contrary
Early Mail Virus: Happy99 (1999)
One of the earliest viruses that propagated automatically when an infected attachment is executed
Did not infect files, only email user accounts
Email sent from infected person to others in address book (novelty at the time)
Early Macro Virus: Melissa (1999)
Microsoft Word 97 Macro virus Target first 50 entries in Outlook’s address
book Adjusted subject “Important messages
from ______” Points to attachment as a document
requested Contains a list of porn sites
Macro security was greatly increased with Melissa