Future of Security
-
Upload
sandra4211 -
Category
Documents
-
view
474 -
download
2
description
Transcript of Future of Security
CIT 380: Securing Computer Systems Slide #1
CIT 380: Securing Computer Systems
Future of Security
CIT 380: Securing Computer Systems Slide #2
Topics
1. Future Threats
2. Security in Hardware
3. Software Security
4. Economics of Security
5. Security and Usability
6. Privacy
CIT 380: Securing Computer Systems Slide #3
Increasing Attack Sophistication
CIT 380: Securing Computer Systems Slide #4
More Data Breaches
CIT 380: Securing Computer Systems Slide #5
Threats: MalwareChinese honeypot project collected malware
– 2000-4000 samples/day from botnetsFor samples seen the first time,
– 5 of 9 anti-virus detected 70% or less.– 1 anti-virus (Kaspersky) detected 92%
For samples 30 days old,– No anti-virus detected more than 94%
Botnet activities– 28% spreading to new victims– 25% DDOS– 10% information theft– 14% self-update
CIT 380: Securing Computer Systems Slide #6
Threats: Virtual Attacks• Second Life denial of service attack Nov 19
– Rings multiplied when interacted with.– Heavy database load resulted in DoS attack.
Threats: Virtual Attacks
• Third attack since September 2006.
• Incident response faster than in prior attacks.
CIT 380: Securing Computer Systems Slide #7
CIT 380: Securing Computer Systems Slide #8
Threats: Offline ImpactDavis-Besse nuclear power plant
Slammer infected Plant Process Computer and Safety Parameter Display System (Jan 2003.)
Analog backups unaffected.Infected contractor’s network, then moved through T1
line that bypassed plant firewall.Seattle 911 system
Slammer disabled computer systems.Dispatchers reverted to manual systems.
2003 BlackoutBlaster infected First Energy systems.
CIT 380: Securing Computer Systems Slide #9
Threats: Spear Phishing
• Context-aware phishing attacks
• Establish credibility by knowledge of data– Use personal data from social networks.– Use stolen data from Monster.com, TJMaxx.– IU study, 72% responded to targeted attack, only
16% responded to msg from a random IU user.
Threats: Spear Phishing
• Create an opportunity– DoS user account with too many failed logins.– Contact user to help them “fix” the problem.
CIT 380: Securing Computer Systems Slide #10
CIT 380: Securing Computer Systems Slide #11
Threats: Vishing
Voice Phishing– Send e-mail with phone number. Call into
software voice mail system which uses recordings of real bank’s voice mail system.
• Free PBX software makes this easy to do.
• E-mails are targeted, including customer’s name.
Threats: Vishing
– Call victims directly using VOIP for cheap, anonymous international calls.
• Caller-ID spoofing.
• Attacker often knows CC number, wants 3-digit.
CIT 380: Securing Computer Systems Slide #12
CIT 380: Securing Computer Systems Slide #13
Underground Economy
Specialization and division of labor– Botherd (Botnet manager/renter)– Developer– Phishers and Spammers– Cashers and Confirmers
Marketplaces– $500 for CC number + PIN– $80-300 for personal info (SSN, etc.)– Millions of CCs, bank accounts, IDs traded.
CIT 380: Securing Computer Systems Slide #14
Hardware Security: Biometrics
Biometrics will become more common.– Laptop fingerprint readers to login.– USB drive fingerprint readers to access.– Voice print / eye scan used to login.– Disney: fingerprint-based TicketTag system– Fingerprints used to check nightclub goers.
CIT 380: Securing Computer Systems Slide #15
Hardware Security Features1. Memory Curtaining
Hardware-enforced memory protection to prevent programs from accessing each others’ memory, including OS.
2. Secure I/OSecure path from keyboard to application that cannot be snooped on by keyloggers or spyware.
3. Sealed Storage1. Generates keys based on program + hardware.2. Only that program on that computer can access data.
4. Remote AttestationHardware generation of certificate attesting to identity of software that currently runs on PC.
CIT 380: Securing Computer Systems Slide #16
Problems with Remote Attestation
Core Problem– If third parties know what software you’re
using, they can refuse to interact with you if you’re running software they don’t want.
Examples– Web sites could force you to run IE.– Of a specific version vulnerable to their
adware.– Vendor lock-in: prevent interoperability of IM
clients or Samba with Windows servers.
CIT 380: Securing Computer Systems Slide #17
Software Security
The problem with security: Bad design, code.
Trinity of Trouble will expand– Connectivity: business critical processes will use
wireless networking.– Complexity: software will continue to get larger.– Extensibility: more mobile code will be used,
and SOA will be used for extensibility on server side.
CIT 380: Securing Computer Systems Slide #18
Economics of Security
The problem with security: Bad incentives.– Systems are especially prone to failure when
security person doesn’t experience cost of failure.
– Security problems are an externality.– Security techniques can distort markets (DRM.)– Hidden costs of ownership
• $99 MS Windows + $99 Antivirus, firewall, etc.
CIT 380: Securing Computer Systems Slide #19
Security IncentivesBanks
– In US, banks liable for ATM fraud.• There is relatively little ATM fraud in US.
– In UK, customers liable for ATM fraud.• Banks ignored security since customer complaints
were assumed to be lies or mistakes.Medical Records
– Medical providers dislike security because it requires time and limits sharing.
– Patients want their medical records private.
Security IncentivesHome Users
– Should you pay for antivirus software when the virus likely won’t damage your data but instead attack someone else?
CIT 380: Securing Computer Systems Slide #20
CIT 380: Securing Computer Systems Slide #21
Security as Externality
Externality: Cost or benefit of an economic transfer that someone who is not a party to the transaction bears, e.g. air pollution, vaccination.
Security attacks often result in externalities.– Backscatter from DDOS attacks.– Botnet that does little damage to zombie PC can
do extensive damage to its targets.
CIT 380: Securing Computer Systems Slide #22
Network Externality
Network externality: the more users a network has, the more valuable it is.– Compatibility is more important
than security in building a market.
– Excessive security (DRM) can allow dominant player to lock in users.
Problem: How to migrate to more secure network protocols?
CIT 380: Securing Computer Systems Slide #23
Security and Markets: Asymmetric Information
The Market for Lemons– Ex: Used Car Market
• 50 good used cars worth $3000.
• 50 lemons worth $1000 each.
• Sellers know the difference, buyers do not.
• What will price will the market bear?
– Software market suffers from info asymmetry.
CIT 380: Securing Computer Systems Slide #24
Security and Markets: Insurance
Computer security rarely applies insurance.– Different organizations IT risk is correlated
with other organizations. A Microsoft Windows virus is like a major hurricane, affecting many networks at once.
– Software vendors aren’t responsible for risk of vulnerabilities in their software. Who would insure them if they were?
CIT 380: Securing Computer Systems Slide #25
Security and Markets: DRM
Security technologies can distort markets.– Infinite supply of digital goods drives price to 0.– Copyright grants limited monopolies to prevent.– DRM gives owners complete market control.
• Eliminate resale.
• Eliminate transfer to other media.
• Eliminate any use owner dislikes.
CIT 380: Securing Computer Systems Slide #26
Economics of Privacy
Tech increases ability to discriminate prices.– Data mining can be used to individuals’
willingness to pay.– Features can be disabled easily to create a range
of product prices to extract the most money.– Complex, changing prices for airlines,
software.
Economics of Privacy
Data breach law gives incentive for privacy.– Stock prices fall after data breaches revealed.
CIT 380: Securing Computer Systems Slide #27
CIT 380: Securing Computer Systems Slide #28
Security and Usability
The problem with security: Bad interfaces.– Semantic attacks such as phishing depend on
difference between how user perceives communication and the actual effect of the communication.
– How can we bridge the gap between user’s mental model and the model of how systems actually work?
CIT 380: Securing Computer Systems Slide #29
Security and Usability
passpet
• http://passpet.org/
CIT 380: Securing Computer Systems Slide #30
Figure 2. Passpet
CIT 380: Securing Computer Systems Slide #31
Future of Privacy: Tracking
The problem with privacy: Computers.
Portable computing devices => tracking– Cell phone: current location, path travelled– RFID tags
Ubiquitous video cameras => tracking– Average Londoner has picture taken 300/day
CIT 380: Securing Computer Systems Slide #32
Future of Privacy: Wholesale Surveillance
Don’t look at a suspicious person, look at everyone.– NSA phone/email surveillance; Echelon– Satellite photography– Cameras + OCR track license plates in London.– Auto toll-pay systems and cell phones track cars.– Credit card and Paypal purchases
Quantity has a Quality all its own– Changes balance between police power and rights of the
people.– Past compromises: random license plates instead of
owner’s name.
CIT 380: Securing Computer Systems Slide #33
References1. Ross Anderson and Tyler Moore, “Economics of Security,” Science, Oct 27, 2006.2. Team Cymru, “The Underground Economy: Priceless,” USENIX,
http://www.usenix.org/publications/login/2006-12/openpdfs/cymru.pdf, 2006.3. Jason Franklin and Vern Paxson, “An Inquiry into the Nature and Causes of the Wealth
of Internet Miscreants,” ACM CCS, http://www.cs.cmu.edu/~jfrankli/acmccs07/ccs07_franklin_eCrime.pdf, 2007.
4. Robert Lemos, “Second life plagued by 'grey goo' attack,” The Register http://www.theregister.co.uk/2006/11/24/secondlife_greygoo_attack/, Nov 24, 2006.
5. Gary McGraw and Greg Hoglund, Exploiting Software: How to Break Code, Addison-Wesley, 2004.
6. Peter Neumann, (moderator), Risks Digest, http://catless.ncl.ac.uk/Risks/7. Bruce Schneier, Beyond Fear, Copernicus Books, 2003.8. Bruce Schneier, “Future of Privacy,”
http://www.schneier.com/blog/archives/2006/03/the_future_of_p.html, 2006.9. Seth Schoen, “Trusted Computing: Promise and Risk,”
http://www.eff.org/Infrastructure/trusted_computing/20031001_tc.php, 2003.10. Jon Schwartz, “Phishing attacks now using phone calls,” USA Today, Nov 26, 2006.11. Ken Thompson, “Reflections on Trusting Trust”, Communication of the ACM, Vol. 27, No. 8,
August 1984, pp. 761-763 (http://www.acm.org/classics/sep95/)12. Jianwei Zhuge et. al., “Characterizing the IRC-based Botnet Phenomenon,”
http://honeyblog.org/junkyard/reports/botnet-china-TR.pdf, 2007.