Class 02 Definitions History and Overview-1.02

8/3/2019 Class 02 Definitions History and Overview-1.02

1/25

COMP 3705

Security:

Definitions, History, and Overview


2/25

COMP 3705 Topics in Network Security

Types of Security

Physical

Communications

Emissions

Computer

Network


3/25


Physical security

People have been concerned aboutsecurity for a long time, long before

computers existed. The first concern was physical security.

Door locks

Guards Moats


4/25


Communications Security

Large problem during the RomanEmpire was Communications security.

Solution: The Caesar cipher. Later on

Enigma machine

Military code words (Navajo speakers)
http://en.wikipedia.org/wiki/Enigma_machinehttp://en.wikipedia.org/wiki/Enigma_machine


5/25


Emissions Security

A current moving through a wire creates amagnetic field or emission.

First problem was with telegraph wires.

In computers: Circuit boards

Chips

Displays (CRT/LCD) Network cables

TEMPEST
http://en.wikipedia.org/wiki/TEMPESThttp://en.wikipedia.org/wiki/TEMPEST


6/25


Computer Security

Computer security is complex.

Work by David Bell and Leonard La

Padula leads to the US Department ofDefence (DoD) Trusted ComputerSystem Evaluation Criteriaor OrangeBookin 1985

Many levels ranging from D (lowest) toA (highest)


7/25


Computer Security (cont.)

Problem is that certification is a slowprocess.

Computers change quickly. Thus, impractical.


8/25


Network Security

Network security combines all othertypes of security.

Mix of different systems, applications,and users.

Systems theory

Very difficult


9/25


Network Security (cont.)

Another attempt at certification: TrustedNetwork Interpretationor Red Bookin 1987.

Extended the Orange Book.

Too difficult to implement.

Both superseded by the Common Criteria.

See http://www.commoncriteriaportal.org/
http://www.commoncriteriaportal.org/public/consumer/index.php?menu=4http://www.commoncriteriaportal.org/public/consumer/index.php?menu=4


10/25


Security Types Review

Physical

Communications

Emissions

Computer

Network


11/25


Five Ws of Security

Who

What

Where When

Why

And How!


12/25


Who would want to attack?

Hacker (White Hat, Black Hat, Grey Hat)

Cracker

Amateur Script Kiddie

Disgruntled employee

Someone who stumbles across an opportunity

Organized crime

We will use attacker to refer to all


13/25


What can be attacked?

Confidentiality Difficult in groups

Integrity In what way?

Many things can be legitimately modified.

Availability

Usable Sufficient capacity

Completes in a reasonable time


14/25


What can be attacked? (cont.)

Terminology

Vulnerability

Threat (exploit) Control (countermeasure)

A threatis blocked by controlof a

vulnerability


15/25


What can be attacked? (cont.)

Example

CVE-2005-2127 reports a vulnerabilityin

Internet Explorer. The threatis a denial of service (attack on

availability).

Microsoft reports that the threatto thisvulnerabilityis controlledby a patch thatthey have issued.
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2127http://www.microsoft.com/technet/security/bulletin/ms05-052.mspxhttp://www.microsoft.com/technet/security/bulletin/ms05-052.mspxhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2127http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2127http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2127http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2127http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2127


16/25


Where does the attackhappen?

Hardware (requires physical access)

Software

Theft (Confidentiality)

Modification (Integrity)

Deletion (Availability)

Data


17/25


When can you expect anattack?

Principle of easiest penetration

Principle of adequate protection

Cost balance

Timeliness


18/25


Why does an attack happen?

Internal attacks Disgruntled employee

Accidents External attacks

Competitors (technical, financial, damage)

Controversial business

High profile (piggyback)H4G1S and NASA Re: Kevin Mitnick
http://www.2600.com/hackedphiles/nasa/nasa/index2.htmlhttp://www.2600.com/hackedphiles/nasa/nasa/index2.html


19/25


How is an attack made?

Interception

Interruption

Modification

Fabrication


20/25


Example - Identify the 5 Ws

Bob works for SpeedyGraphic Design. Theexecutives just got big

raises, while hardworking Bob getsnothing. To get back atthem, he deletes all the

project files for animportant client.


21/25


Social Engineering

From the Jargon File:

social engineering: n.Term used among crackers and samurai for

cracking techniques that rely on weaknesses inwetware rather than software; the aim is to trickpeople into revealing passwords or otherinformation that compromises a target system'ssecurity. Classic scams include phoning up a mark

who has the required information and posing as afield service tech or a fellow employee with anurgent access problem. See also the tiger teamstory in the patch entry, and rubber-hosecryptanalysis.
http://catb.org/~esr/jargon/html/frames.htmlhttp://catb.org/~esr/jargon/html/C/cracker.htmlhttp://catb.org/~esr/jargon/html/S/samurai.htmlhttp://catb.org/~esr/jargon/html/W/wetware.htmlhttp://catb.org/~esr/jargon/html/T/tiger-team.htmlhttp://catb.org/~esr/jargon/html/P/patch.htmlhttp://catb.org/~esr/jargon/html/R/rubber-hose-cryptanalysis.htmlhttp://catb.org/~esr/jargon/html/R/rubber-hose-cryptanalysis.htmlhttp://catb.org/~esr/jargon/html/R/rubber-hose-cryptanalysis.htmlhttp://catb.org/~esr/jargon/html/R/rubber-hose-cryptanalysis.htmlhttp://catb.org/~esr/jargon/html/R/rubber-hose-cryptanalysis.htmlhttp://catb.org/~esr/jargon/html/R/rubber-hose-cryptanalysis.htmlhttp://catb.org/~esr/jargon/html/P/patch.htmlhttp://catb.org/~esr/jargon/html/T/tiger-team.htmlhttp://catb.org/~esr/jargon/html/W/wetware.htmlhttp://catb.org/~esr/jargon/html/S/samurai.htmlhttp://catb.org/~esr/jargon/html/C/cracker.htmlhttp://catb.org/~esr/jargon/html/frames.html


22/25


Questions?


23/25


Review

Types of security

Physical

Communications Emissions

Computer

Network


24/25


Review (cont.)

Who would want to attack?

What can be attacked?

Where does the attack happen?

When can you expect an attack?

Why does an attack happen?

How is an attack made?


25/25


Next class

Definitions Quiz!

Network protocols

Network hardware and topology

Routing

Class 02 Definitions History and Overview-1.02

Documents

Transcript of Class 02 Definitions History and Overview-1.02