1
UNIVERSITY OF MASSACHUSETTS AMHERST •• CMPSCI 120 Fall 2010
Some material adapted from Web 101 Copyright © 2007 Pearson Education, Inc. Publishing as Pearson Addison-Wesley
Viruses, Trojan Horses, and WormsSome software is a security risk, often all called “viruses”, butthere are 3 different classes:
Virusesprogram or code that replicates; i.e., infects another program,boot sector, partition sector, or document that supports macros,by inserting itself or attaching itself to that medium
most only replicate, but many do a large amount of damageWorms
program that makes copies of itself; for example, from one diskdrive to another, or by copying itself using email or anothertransport mechanism and spreads through a network
some worms run over several computers; others communicateamong themselves over the network
may do damage and compromise the security of the computermay be malicious or may take up system resources, causing aslowdown in performance
see Symantec Security Response Glossary
UNIVERSITY OF MASSACHUSETTS AMHERST •• CMPSCI 120 Fall 2010
Some material adapted from Web 101 Copyright © 2007 Pearson Education, Inc. Publishing as Pearson Addison-Wesley
see Symantec Security Response Glossary
Viruses, Trojan Horses, and Worms
Some software is a security risk, often allcalled “viruses”, but there are 3 differentclasses:Trojan horses
program that slips into a computer under theguise of another program but neither replicatesnor copies itselfoften, someone emails you a Trojan Horse, e.g.,a game that when you run it, you also run theTrojan horsea Trojan horse does not email itselfcauses damage or compromises the security ofthe computer, e.g., could record your keystrokesor allow someone to access your computer
2
UNIVERSITY OF MASSACHUSETTS AMHERST •• CMPSCI 120 Fall 2010
What are the risks?Client-side Vulnerabilities:
C1. Web BrowsersC2. Office SoftwareC3. Email ClientsC4. Media Players
Server-side Vulnerabilities:S1. Web ApplicationsS2. Windows ServicesS3. Unix and Mac OSServices
S4. Backup SoftwareS5. Anti-virus SoftwareS6. Management ServersS7. Database Software
Security Policy & Personnel:H1. Excessive User Rights andUnauthorized Devices
H2. Phishing/Spear PhishingH3. Unencrypted Laptops andRemovable Media
Application Abuse:A1. Instant MessagingA2. Peer-to-Peer Programs
Network Devices:N1. VoIP Servers and Phones
SANS Top-20 2007 Security Risks
All systems at risk!!
UNIVERSITY OF MASSACHUSETTS AMHERST •• CMPSCI 120 Fall 2010
What actions can be taken?How do you know your computer isinfected?there is no particular waybe aware of any unusual or unexpectedbehaviors
If your computer gets infected withmalicious code, there are steps you cantake to recover.the fastest and easiest way to detect andremove malicious programs from yourcomputer is to run a virus removal programon a regular schedule.companies like Symantec, McAfee, and othersprovide virus removal tools
3
UNIVERSITY OF MASSACHUSETTS AMHERST •• CMPSCI 120 Fall 2010
What actions can be taken?Minimize the damage
if you have access to an IT department, contactthem immediatelyif you are on your home computer or a laptop,disconnect your computer from the internet prevents access to your computer to perform taskssuch as locating personal data, manipulating ordeleting files, or using your computer to attackother computers.
Remove the malicious codeuse anti-virus software, update the virusdefinitions (if possible), and perform a manualscan of your entire systemreinstall your operating system, usually with asystem restore disk and install all of theappropriate patches to fix known vulnerabilities
UNIVERSITY OF MASSACHUSETTS AMHERST •• CMPSCI 120 Fall 2010
Some material adapted from Web 101 Copyright © 2007 Pearson Education, Inc. Publishing as Pearson Addison-Wesley
Take control & secure your computer
Use antivirus software and keep it updatedscan files on computer, disks, CDs, email anddownloaded filesif you need to work without a virus scanner, youshould manually scan each file before opening orexecuting it
Keep bootable disks out of your drive unless you areactively working with the files on the diskSome viruses can hide on the boot sector on a diskThese are triggered when the computer starts up andaccesses the disk
Use a firewall on your home computer (especially if youuse a broadband connection)
Encrypt all files that contain sensitive information orstore them offline on removable media
4
UNIVERSITY OF MASSACHUSETTS AMHERST •• CMPSCI 120 Fall 2010
Some material adapted from Web 101 Copyright © 2007 Pearson Education, Inc. Publishing as Pearson Addison-Wesley
E-Mail VirusesE-mail is the number one source of computer viruses
attachments are the most common culpritsome attachments contain scripts
a script is a small program written in a scripting language (e.g.Visual Basic)
Microsoft Word documents are a popular source of viruses
Mailers that render (html) messages into Web-likedisplays are susceptible to script attackssome messages contain scripts if the script is automatically executed, it can cause harm
You can take precautions:configure your mailer to not open attachments automaticallyconfigure your mailer to not display html automaticallysave attachments and scan them firstdon’t open a document that contains a macro
UNIVERSITY OF MASSACHUSETTS AMHERST •• CMPSCI 120 Fall 2010
Some material adapted from Web 101 Copyright © 2007 Pearson Education, Inc. Publishing as Pearson Addison-Wesley
ThreatsCERT
Microsoft - Multiple Vulnerabilities November 9, 2010Oracle Multiple Vulnerabilities October 14, 2010Microsoft - Multiple Vulnerabilities October 12, 2010Adobe Reader and Acrobat Affected by MultipleVulnerabilities October 6, 2010Adobe Flash Vulnerabilities September 20, 2010
McAfeeGlobal Threat Level = “Elevated”
Critical Security-related updates have been released bymultiple vendors (Microsoft, Adobe, Oracle, VMWare)."Low" malware activity observations around the PWS-Zbot, FakeAlert and Pinkslipbot families. October 18, 2010
5
UNIVERSITY OF MASSACHUSETTS AMHERST •• CMPSCI 120 Fall 2010
ThreatsSome threats can contain a blend of different types ofattacks
W32/Nimda worm (2001)spread through a variety of means (via email, opennetwork shares and browsing of compromised web sites)exploiting vulnerabilities in Microsoft Windows andbackdoors left by Code Red II and Sadmind worms
Conficker (2009)spreading through low security networks, memory sticks,and PCs without current security updates
infects nearly 20 million Microsoft server systems runningeverything from Windows 2000 to Windows Vista andWindows Server 2008, including French air force, RoyalNavy warships and submarines, Sheffield Hospital network,UK Ministry of Defence, German Bundeswehr all affected
Microsoft has allocated $250,000 to identify its creator
UNIVERSITY OF MASSACHUSETTS AMHERST •• CMPSCI 120 Fall 2010
Denial-of-service attackDenial-of-service attack (DoSattack) or distributed denial-of-service attack (DDoS attack)an attempt to make a computerresource unavailable to itsintended users.
common method of attackinvolves saturating the target(victim) machine with externalcommunications requests
Denial-of-service attacks areconsidered violations of theIAB's Internet Proper Use Policy also commonly constituteviolations of the laws of individualnations
6
UNIVERSITY OF MASSACHUSETTS AMHERST •• CMPSCI 120 Fall 2010
Summary of ThreatsAdWare, Spyware
displays commercial advertisements, mostly a nuisance, but alsocan install tracking software
monitors usage and/or keystrokes and sends data to remote user,dangerous
Pharmingredirects valid URLs to bogus sites, dangerous
Phishing, Spear Phishingemails requests for personal information, dangerous
Rootkitundetectable modifications to the OS that permit remote,surreptitious access to your computer, very dangerous
Spamunsolicited e-mail, low (unless you open an attachment)
DangerousTrojan Horse, Virus, Worm
Some material adapted from Web 101 Copyright © 2007 Pearson Education, Inc. Publishing as Pearson Addison-Wesley
UNIVERSITY OF MASSACHUSETTS AMHERST •• CMPSCI 120 Fall 2010
SecuritySecurity Goals Goals
Integrity
Confidentiality
Availability
Computer and Information Security
Concealmentof informationor resources
Ability to useinformation orresources
Trustworthinessof data orresources
Adapted from COM 260 slides developed by S. Jane Fritz St. Joseph's College
7
UNIVERSITY OF MASSACHUSETTS AMHERST •• CMPSCI 120 Fall 2010
Why do we need security?Increased reliance onInformation Technology:e-mail, e-banking, e-commerce,e-trading, etc.
Supply chains, servicesarchitectures
Critical infrastructureFinance and marketsHealthcareResearchDefenseEntertainment
securewalled
environments that
provide alldigital
services.
a bewilderinglywide array ofniche offeringsand a DigitalEcosystemdominated byintermediaries
organicgrassrootscommunities aspowerhouses ofeconomicvaluecreation
UNIVERSITY OF MASSACHUSETTS AMHERST •• CMPSCI 120 Fall 2010
Security ConcernsDamage to any IT-based system or activitycan result in severe disruption of services andlossesSystems connected by networks are moreprone to attacks and also suffer more as aresult of the attacks than stand-alone systems(Reasons?)Concerns such as the following are common
How do I know the party I am talking on thenetwork is really the one I want to talk?How can I be assured that no one else is listeningand learning the data that I send over a networkCan I ever stay relaxed that no hacker can entermy network and play havoc?
Adapted from COM 260 slides developed by S. Jane Fritz St. Joseph's College
8
UNIVERSITY OF MASSACHUSETTS AMHERST •• CMPSCI 120 Fall 2010
ISO 7 Layer Model
1
2
3
4
5
6
7
How to transmit “bits”Physical
How to organize data into frames & transmitData Link
How addresses are assigned and packets areforwarded
Network
How to provide reliable delivery (errorchecking, sequencing, etc.)
Transport
How to establish communicationSession
How to represent & display dataPresentation
How application uses networkApplication
FunctionsLayer
UNIVERSITY OF MASSACHUSETTS AMHERST •• CMPSCI 120 Fall 2010
IP
TCP
email,Web,NFS
RPC
802.11
Only as secure as the single weakest layer…
Physical
Data Link
Network
Transport
Session
Presentation
Application
OSI Network Stack and Attacks
Physical
Data Link
Network
Transport
Session
Presentation
ApplicationSendmail, FTP, NFS bugs, chosen-protocol and
version-rollback attacks
RPC worms, portmapper exploits
Network port scanning is aninformation gathering process,and when performed byunknown individuals it isconsidered a prelude to attack
SYN flooding, RIP attacks,sequence number prediction
A SYN synchronization packet issent to a receiving application,which acknowledges receipt ofthe packet with a SYN-ACK, towhich the sending applicationresponds with an ACK. In a SYNflood attack, the hacker sendsa large volume of SYN packets toa victim.
IP smurfing and otheraddress spoofing attacks
A smurf program builds anetwork packet that appearsto originate from anotheraddress (spoofing) andcontains a ping message thatis addressed to an IPbroadcast address, the echoresponses to the pingmessage are sent back to the"victim" address.
WEP attacksA key recovery attack onWEP intercepts a numberof packets to recover thesecret key.
9
UNIVERSITY OF MASSACHUSETTS AMHERST •• CMPSCI 120 Fall 2010
Attacks, Services and Mechanisms
Security Attack: Any action thatcompromises the security ofinformation.Security Mechanism: A mechanism thatis designed to detect, prevent, orrecover from a security attack.Security Service: A service thatenhances the security of dataprocessing systems and informationtransfers. A security service makes useof one or more security mechanisms
UNIVERSITY OF MASSACHUSETTS AMHERST •• CMPSCI 120 Fall 2010
Security Attacks
Interruption: Thisis an attack onavailabilityDisrupting trafficPhysically
breakingcommunicationline
Modification:This is an attackon integrityCorrupting
transmitted dataor tamperingwith it before itreaches itsdestination
Interception: Thisis an attack onconfidentialityOverhearing,
eavesdroppingover acommunicationline
Fabrication: Thisis an attack onauthenticityFaking data as if
it were createdby a legitimateand authenticparty
10
UNIVERSITY OF MASSACHUSETTS AMHERST •• CMPSCI 120 Fall 2010
Threats and AttacksAttack - an assault on system security- anintelligent act that is a deliberate attemptto evade security services and violate thesecurity policy of a system.Threat - a potential for violation of securityor a possible danger that might exploit avulnerabilityDisclosure – unauthorized access toinformationDeception – acceptance of false dataDisruption- interruption or prevention ofcorrect operationUsurpation- unauthorized control of somepart of a system
ExamplesSnooping intercepting information (“passive”wiretapping)Modification or alteration of information by“active” wiretappingMasquerading or spoofingRepudiation of originDelay or denial of service
UNIVERSITY OF MASSACHUSETTS AMHERST •• CMPSCI 120 Fall 2010
Friends and enemies: Alice, Bob, Eve
well-known in network security worldBob, Alice (lovers!) want to communicate “securely”Eve (intruder) may intercept, delete, add messages
securesender
securereceiver
channel data, controlmessages
data data
Alice Bob
Eve
Passive Attacks: Eve readsAlice’s message to Bob oranalyzes traffic between Bob &Alice
Active Attacks: Evemasquerades as Alice andsends messages to Bob
11
UNIVERSITY OF MASSACHUSETTS AMHERST •• CMPSCI 120 Fall 2010
Authentication
Fails!
Alice’s IP
Alice’s IP
Fails!
UNIVERSITY OF MASSACHUSETTS AMHERST •• CMPSCI 120 Fall 2010
AuthenticationAlice sends the message, "I am Alice,"to Bob
Bob chooses a nonce, R, and sends itto Alice
Alice encrypts the nonce using Aliceand Bob's symmetric secret key, KA-B., and sends the encrypted nonce, KA-B(R) back to Bob.
the fact that Alice knows KA-B anduses it to encrypt a value that letsBob know that the message hereceives was generated by Alice. Thenonce is used to insure that Alice is"live.”
Bob decrypts the received message.If the decrypted nonce equals thenonce he sent Alice, then Alice isauthenticated.
12
UNIVERSITY OF MASSACHUSETTS AMHERST •• CMPSCI 120 Fall 2010
Who might Bob, Alice be?… well, real-life Bobs and Alices! Web browser/server for electronic
transactions (e.g., on-line purchases) on-line banking client/server DNS servers routers exchanging routing table
updates other examples?
UNIVERSITY OF MASSACHUSETTS AMHERST •• CMPSCI 120 Fall 2010
The language of cryptography
m plaintext messageKA(m) ciphertext, encrypted
with key KA
m = KB(KA(m))
plaintext plaintextciphertext
KA
encryptionalgorithm
decryption algorithm
Alice’sencryptionkey
Bob’sdecryptionkey
KB
13
UNIVERSITY OF MASSACHUSETTS AMHERST •• CMPSCI 120 Fall 2010
Types of Cryptography
Crypto often uses keys:Algorithm is known toeveryone
Only “keys” are secret Symmetric key cryptography
Involves the use one key Public key cryptography
Involves the use of two keys
UNIVERSITY OF MASSACHUSETTS AMHERST •• CMPSCI 120 Fall 2010
Bob and Alice share same (symmetric) key: KS
key is knowing substitution pattern in monoalphabetic substitution cipherQ: how do Bob and Alice agree on key value?
KS (m) m = KS(KS(m))
Symmetric key cryptography
plaintext plaintextciphertext
KS
encryptionalgorithm
decryption algorithm
Alice’sencryptionkey
Bob’sdecryptionkey
KSAlice Bob
message, m
14
UNIVERSITY OF MASSACHUSETTS AMHERST •• CMPSCI 120 Fall 2010
Bob
Public key cryptography
plaintextmessage, m
ciphertextencryptionalgorithm
decryption algorithm
Bob’s publickey
plaintextmessageK (m)
B+
K B+
Bob’s privatekey
K B-
m = K (K (m))B+
B-
Alice
UNIVERSITY OF MASSACHUSETTS AMHERST •• CMPSCI 120 Fall 2010
Privacy
An important issue todayIndividuals feelUncomfortable: ownership of informationUnsafe: information can be misused (e.g., identity thefts)
Enterprises need toKeep their customers feel safeMaintain good reputationsProtect themselves from any legal disputeObey legal regulations
15
UNIVERSITY OF MASSACHUSETTS AMHERST •• CMPSCI 120 Fall 2010
DefinitionPrivacy is the ability of a person to control theavailability of information about and exposure of him- orherself. It is related to being able to function in societyanonymously (including pseudonymous or blindcredential identification).
Types of privacy giving raise to special concerns:Political privacyConsumer privacyMedical privacyInformation technology end-user privacy; also calleddata privacyPrivate property
UNIVERSITY OF MASSACHUSETTS AMHERST •• CMPSCI 120 Fall 2010
Data PrivacyData Privacy problems exist wherever uniquelyidentifiable data relating to a person orpersons are collected and stored, in digitalform or otherwise. Improper or non-existentdisclosure control can be the root cause forprivacy issues.The most common sources of data that areaffected by data privacy issues are:Health informationCriminal justiceFinancial informationGenetic information
16
UNIVERSITY OF MASSACHUSETTS AMHERST •• CMPSCI 120 Fall 2010
Data PrivacyThe challenge in data privacy is to share datawhile protecting the personally identifiableinformation.Consider the example of health data which arecollected from hospitals in a district; it isstandard practice to share this only in aggregateformThe idea of sharing the data in aggregate form isto ensure that only non-identifiable data areshared.
The legal protection of the right to privacy ingeneral and of data privacy in particular variesgreatly around the world.
UNIVERSITY OF MASSACHUSETTS AMHERST •• CMPSCI 120 Fall 2010
Data vs Information
Protecting information means to protectnot only the data directly representingthe informationInformation must be protected alsoagainst transmissions through:Covert channelsInferenceIt is typical of database systemsIt refers to the derivation of sensitiveinformation from non-sensitive data
17
UNIVERSITY OF MASSACHUSETTS AMHERST •• CMPSCI 120 Fall 2010
Inference - Example
7021MISMIgor
507CSMHomer
6823MBAFGala
8116MISFFlora
668CSMErrol
7522MISMDon
7016CSFCarol
5815CSMBill
638MBAFAlma
Grade AveUnitsProgramSexName
UNIVERSITY OF MASSACHUSETTS AMHERST •• CMPSCI 120 Fall 2010
Inference - ExampleAssume that there is a policy stating that theaverage grade of a single student cannot bedisclosed; however statistical summaries can bedisclosed
Suppose that an attacker knows that Carol is afemale CS student
By combining the results of the followinglegitimate queries:Q1: SELECT Count (*) FROM Students WHERE Sex=‘F’ AND Programme = ‘CS’Q2: SELECT Avg (Grade Ave) FROM Students WHERESex =‘F’ AND Programme = ‘CS’The attacker learns from Q1 that there is only one femalestudent so the value 70 returned by Q2 is precisely heraverage grade
18
UNIVERSITY OF MASSACHUSETTS AMHERST •• CMPSCI 120 Fall 2010
Technologies with Privacy Concerns
Biometrics (DNA, fingerprints, iris)and face recognitionVideo surveillance, ubiquitousnetworks and sensorsCellular phonesPersonal RobotsDNA sequences, Genomic Data
UNIVERSITY OF MASSACHUSETTS AMHERST •• CMPSCI 120 Fall 2010
ApproachesAnonymization Techniques
Have been investigated in the areas of networks(see the Anonymity Terminology by AndreasPfitzman) and databases (see the notion of k-anonymity by L. Sweeney)
Privacy-Preserving Data MiningP3P policies
Are tailored to the specification of privacypractices by organizations and to thespecification user privacy preferences
Hippocratic DatabasesAre tailored to support privacy policies
Fine-Grained Access Control TechniquesPrivate Information Retrieval Techniques
19
UNIVERSITY OF MASSACHUSETTS AMHERST •• CMPSCI 120 Fall 2010
Privacy vs Security
Privacy is not just confidentialityand integrity of user dataPrivacy includes otherrequirements:Support for user preferencesSupport for obligation executionUsabilityProof of compliance
Top Related