Security

Md. Azizul Hakim

 The Security Problem
● System secure if resources used and accessed as intended
under all circumstances
● Unachievable
● Intruders (crackers) attempt to breach security
● Threat is potential security violation
● Attack is attempt to breach security
● Attack can be accidental or malicious
● Easier to protect against accidental than malicious misuse
 Security Violation Categories
● Breach of confidentiality
● Unauthorized reading of data
● Breach of integrity
● Unauthorized modification of data
● Breach of availability
● Unauthorized destruction of data
● Theft of service
● Unauthorized use of resources
● Denial of service (DOS)
● Prevention of legitimate use
 Security Violation Methods
● Masquerading (breach authentication)
● Pretending to be an authorized user to escalate privileges
● Replay attack
● As is or with message modification
● Man-in-the-middle attack
● Intruder sits in data flow, masquerading as sender to
receiver and vice versa
● Session hijacking
● Intercept an already-established session to bypass
authentication
Standard Security Attacks
 Security Measure Levels
● Impossible to have absolute security, but make cost to
perpetrator sufficiently high to deter most intruders
● Security must occur at four levels to be effective:
● Physical
4 Data centers, servers, connected terminals
● Human
4 Avoid social engineering, phishing, dumpster diving
● Operating System
4 Protection mechanisms, debugging
● Network
4 Intercepted communications, interruption, DOS
● Security is as weak as the weakest link in the chain
 Program Threats
● Many variations, many names
● Trojan Horse
● Code segment that misuses its environment
● Exploits mechanisms for allowing programs written by users to be
executed by other users
● Spyware, pop-up browser windows, covert channels
● Up to 80% of spam delivered by spyware-infected systems
● Trap Door
● Specific user identifier or password that circumvents normal
security procedures
● Could be included in a compiler
● How to detect them?
 Program Threats (Cont.)
● Logic Bomb
● Program that initiates a security incident under certain
circumstances
● Stack and Buffer Overflow
● Exploits a bug in a program (overflow either the stack or
memory buffers)
● Failure to check bounds on inputs, arguments
● Write past arguments on the stack into the return address
on stack
● When routine returns from call, returns to hacked address
4 Pointed to code loaded onto stack that executes
malicious code
● Unauthorized user or privilege escalation
 C Program with Buffer-overflow Condition
#include <stdio.h>
#define BUFFER SIZE 256
int main(int argc, char *argv[])
{
char buffer[BUFFER SIZE];
if (argc < 2)
return -1;
else {
strcpy(buffer,argv[1]);
return 0;
}
}
Layout of Typical Stack Frame
 Modified Shell Code
#include <stdio.h>
int main(int argc, char *argv[])
{
execvp(‘‘\bin\sh’’,‘‘\bin \sh’’, NULL);
return 0;
}
Hypothetical Stack Frame

Before attack After attack

 Great Programming Required?
● For the first step of determining the bug, and second step of
writing exploit code, yes
● Script kiddies can run pre-written exploit code to attack a given
system
● Attack code can get a shell with the processes’ owner’s
permissions
● Or open a network port, delete files, download a program, etc
● Depending on bug, attack can be executed across a network
using allowed connections, bypassing firewalls
● Buffer overflow can be disabled by disabling stack execution or
adding bit to page table to indicate “non-executable” state
● Available in SPARC and x86
● But still have security exploits
 Program Threats (Cont.)
● Viruses
● Code fragment embedded in legitimate program
● Self-replicating, designed to infect other computers
● Very specific to CPU architecture, operating system, applications
● Usually borne via email or as a macro
● Visual Basic Macro to reformat hard drive
Sub AutoOpen()
Dim oFS
Set oFS = CreateObject(’’Scripting.FileSystemObject’’)
vs = Shell(’’c:command.com /k format c:’’,vbHide)
End Sub
 Program Threats (Cont.)
● Virus dropper inserts virus onto the system
● Many categories of viruses, literally many thousands of viruses
● File / parasitic
● Boot / memory
● Macro
● Source code
● Polymorphic to avoid having a virus signature
● Encrypted
● Stealth
● Tunneling
● Multipartite
● Armored
A Boot-sector Computer Virus
 The Threat Continues
● Attacks still common, still occurring
● Attacks moved over time from science experiments to tools of
organized crime
● Targeting specific companies
● Creating botnets to use as tool for spam and DDOS delivery
● Keystroke logger to grab passwords, credit card numbers
● Why is Windows the target for most attacks?
● Most common
● Everyone is an administrator
4 Licensing required?
● Monoculture considered harmful
 System and Network Threats
● Some systems “open” rather than secure by default
● Reduce attack surface
● But harder to use, more knowledge needed to administer
● Network threats harder to detect, prevent
● Protection systems weaker
● More difficult to have a shared secret on which to base access
● No physical limits once system attached to internet
4 Or on network with system attached to internet
● Even determining location of connecting system difficult
4 IP address is only knowledge
 System and Network Threats (Cont.)
● Worms – use spawn mechanism; standalone program
● Internet worm
● Exploited UNIX networking features (remote access) and bugs
in finger and sendmail programs
● Exploited trust-relationship mechanism used by rsh to access
friendly systems without use of password
● Grappling hook program uploaded main worm program
4 99 lines of C code
● Hooked system then uploaded main code, tried to attack
connected systems
● Also tried to break into other users accounts on local system via
password guessing
● If target system already infected, abort, except for every 7th time
The Morris Internet Worm
 System and Network Threats (Cont.)
● Port scanning
● Automated attempt to connect to a range of ports on one
or a range of IP addresses
● Detection of answering service protocol
● Detection of OS and version running on system
● nmap scans all ports in a given IP range for a response
● nessus has a database of protocols and bugs (and
exploits) to apply against a system
● Frequently launched from zombie systems
4 To decrease trace-ability
 System and Network Threats (Cont.)
● Denial of Service
● Overload the targeted computer preventing it from doing any
useful work
● Distributed denial-of-service (DDOS) come from multiple
sites at once
● Consider the start of the IP-connection handshake (SYN)
4 How many started-connections can the OS handle?
● Consider traffic to a web site
4 How can you tell the difference between being a target
and being really popular?
● Accidental – CS students writing bad fork() code
● Purposeful – extortion, punishment
 Cryptography as a Security Tool
● Broadest security tool available
● Internal to a given computer, source and destination of
messages can be known and protected
4 OS creates, manages, protects process IDs,
communication ports
● Source and destination of messages on network cannot be
trusted without cryptography
4 Local network – IP address?
– Consider unauthorized host added
4 WAN / Internet – how to establish authenticity
– Not via IP address
 Cryptography
● Means to constrain potential senders (sources) and / or
receivers (destinations) of messages
● Based on secrets (keys)
● Enables
4 Confirmation of source
4 Receipt only by certain destination
4 Trust relationship between sender and receiver
 Encryption
● Constrains the set of possible receivers of a message
● Encryption algorithm consists of
● Set K of keys
● Set M of Messages
● Set C of ciphertexts (encrypted messages)
● A function E : K → (M→C). That is, for each k ∈ K, Ek is a
function for generating ciphertexts from messages
4 Both E and Ek for any k should be efficiently computable
functions
● A function D : K → (C → M). That is, for each k ∈ K, Dk is a
function for generating messages from ciphertexts
4 Both D and Dk for any k should be efficiently computable
functions
 Encryption (Cont.)
● An encryption algorithm must provide this essential
property: Given a ciphertext c ∈ C, a computer can
compute m such that Ek(m) = c only if it possesses k
● Thus, a computer holding k can decrypt ciphertexts to
the plaintexts used to produce them, but a computer
not holding k cannot decrypt ciphertexts
● Since ciphertexts are generally exposed (for example,
sent on the network), it is important that it be infeasible
to derive k from the ciphertexts
 Symmetric Encryption
● Same key used to encrypt and decrypt
● Therefore k must be kept secret
● DES was most commonly used symmetric block-encryption algorithm (created
by US Govt)
● Encrypts a block of data at a time
● Keys too short so now considered insecure
● Triple-DES considered more secure
● Algorithm used 3 times using 2 or 3 keys
● For example
● 2001 NIST adopted new block cipher - Advanced Encryption Standard (AES)
● Keys of 128, 192, or 256 bits, works on 128 bit blocks
● RC4 is most common symmetric stream cipher, but known to have
vulnerabilities
● Encrypts/decrypts a stream of bytes (i.e., wireless transmission)
Secure Communication over Insecure Medium
 Asymmetric Encryption
● Public-key encryption based on each user having two keys:
● public key – published key used to encrypt data
● private key – key known only to individual user used to
decrypt data
● Must be an encryption scheme that can be made public
without making it easy to figure out the decryption scheme
● Most common is RSA block cipher
● Efficient algorithm for testing whether or not a number is
prime
● No efficient algorithm is know for finding the prime factors
of a number
 Asymmetric Encryption (Cont.)
● Formally, it is computationally infeasible to derive kd,N from
ke,N, and so ke need not be kept secret and can be widely
disseminated
● ke is the public key
● kd is the private key
● N is the product of two large, randomly chosen prime
numbers p and q (for example, p and q are 512 bits each)
● Encryption algorithm is Eke,N(m) = mke mod N, where ke
satisfies kekd mod (p−1)(q −1) = 1
● The decryption algorithm is then Dkd,N(c) = ckd mod N
 Asymmetric Encryption Example
● For example. make p = 7and q = 13
● We then calculate N = 7∗13 = 91 and (p−1)(q−1) = 72
● We next select ke relatively prime to 72 and< 72, yielding 5
● Finally, we calculate kd such that kekd mod 72 = 1, yielding 29
● We how have our keys
● Public key, ke,N = 5, 91
● Private key, kd,N = 29, 91
● Encrypting the message 69 with the public key results in the
cyphertext 62
● Cyphertext can be decoded with the private key
● Public key can be distributed in cleartext to anyone who
wants to communicate with holder of public key
Encryption using RSA Asymmetric Cryptography
 Cryptography (Cont.)

● Note symmetric cryptography based on transformations,

asymmetric based on mathematical functions
● Asymmetric much more compute intensive
● Typically not used for bulk data encryption
 Authentication
● Constraining set of potential senders of a message
● Complementary to encryption
● Also can prove message unmodified
● Algorithm components
● A set K of keys
● A set M of messages
● A set A of authenticators
● A function S : K → (M→ A)
4 That is, for each k ∈ K, S is a function for generating
k
authenticators from messages
4 Both S and Sk for any k should be efficiently computable
functions
● A function V : K → (M × A→ {true, false}). That is, for each k ∈ K,
Vk is a function for verifying authenticators on messages
 Authentication (Cont.)
● For a message m, a computer can generate an authenticator
a ∈ A such that Vk(m, a) = true only if it possesses k
● Thus, computer holding k can generate authenticators on
messages so that any other computer possessing k can
verify them
● Computer not holding k cannot generate authenticators on
messages that can be verified using Vk
● Since authenticators are generally exposed (for example,
they are sent on the network with the messages themselves),
it must not be feasible to derive k from the authenticators
● Practically, if Vk(m,a) = true then we know m has not been
modified and that send of message has k
● If we share k with only one entity, know where the
message originated
 Authentication – Hash Functions
● Basis of authentication
● Creates small, fixed-size block of data message digest (hash
value) from m
● Hash Function H must be collision resistant on m
● Must be infeasible to find an m’ ≠ m such that H(m) = H(m’)
● If H(m) = H(m’), then m = m’
● The message has not been modified
● Common message-digest functions include MD5, which
produces a 128-bit hash, and SHA-1, which outputs a 160-bit
hash
● Not useful as authenticators
● For example H(m) can be sent with a message
4 But if H is known someone could modify m to m’ and recompute
 Authentication - MAC
● Symmetric encryption used in message-authentication code
(MAC) authentication algorithm
● Cryptographic checksum generated from message using secret
key
● Can securely authenticate short values
● If used to authenticate H(m) for an H that is collision resistant,
then obtain a way to securely authenticate long message by
hashing them first
● Note that k is needed to compute both Sk and Vk, so anyone
able to compute one can compute the other
 Authentication – Digital Signature
● Based on asymmetric keys and digital signature algorithm
● Authenticators produced are digital signatures
● Very useful – anyone can verify authenticity of a message
● In a digital-signature algorithm, computationally infeasible to
derive ks from kv
● V is a one-way function
● Thus, kv is the public key and ks is the private key
● Consider the RSA digital-signature algorithm
● Similar to the RSA encryption algorithm, but the key use is
reversed
● Digital signature of message Sks (m) = H(m)ks mod N
● The key ks again is a pair (d, N), where N is the product of
two large, randomly chosen prime numbers p and q
 Authentication (Cont.)
● Why authentication if a subset of encryption?
● Fewer computations (except for RSA digital signatures)
● Authenticator usually shorter than message
● Sometimes want authentication but not confidentiality
4 Signed patches et al
● Can be basis for non-repudiation
 Key Distribution
● Delivery of symmetric key is huge challenge
● Sometimes done out-of-band
● Asymmetric keys can proliferate – stored on key ring
● Even asymmetric key distribution needs care –
man-in-the-middle attack
 Digital Certificates
● Proof of who or what owns a public key
● Public key digitally signed a trusted party
● Trusted party receives proof of identification from entity and
certifies that public key belongs to entity
● Certificate authority are trusted party – their public keys
included with web browser distributions
● They vouch for other authorities via digitally signing their
keys, and so on
Man-in-the-middle Attack on Asymmetric Cryptography
 Implementation of Cryptography
● Can be done at various
layers of ISO Reference
Model
● SSL at the Transport layer
● Network layer is typically
IPSec
4 IKE for key exchange
4 Basis of Virtual Private
Networks (VPNs) Source:
http://en.wikipedia.org/wiki/OSI_mo
del

● Why not just at lowest level?

● Sometimes need more
knowledge than available at
low levels
 Encryption Example - SSL
● Insertion of cryptography at one layer of the ISO network model
(the transport layer)
● SSL – Secure Socket Layer (also called TLS)
● Cryptographic protocol that limits two computers to only
exchange messages with each other
● Very complicated, with many variations
● Used between web servers and browsers for secure
communication (credit card numbers)
● The server is verified with a certificate assuring client is talking to
correct server
● Asymmetric cryptography used to establish a secure session key
(symmetric encryption) for bulk of communication during session
● Communication between each computer then uses symmetric key
cryptography
● More details in textbook
 User Authentication
● Crucial to identify user correctly, as protection systems depend on user ID
● User identity most often established through passwords, can be
considered a special case of either keys or capabilities
● Passwords must be kept secret
● Frequent change of passwords
● History to avoid repeats
● Use of “non-guessable” passwords
● Log all invalid access attempts (but not the passwords themselves)
● Unauthorized transfer
● Passwords may also either be encrypted or allowed to be used only once
● Does encrypting passwords solve the exposure problem?
4 Might solve sniffing
4 Consider shoulder surfing
4 Consider Trojan horse keystroke logger
4 How are passwords stored at authenticating site?
 Passwords
● Encrypt to avoid having to keep secret
● But keep secret anyway (i.e. Unix uses superuser-only readably file
/etc/shadow)
● Use algorithm easy to compute but difficult to invert
● Only encrypted password stored, never decrypted
● Add “salt” to avoid the same password being encrypted to the same value
● One-time passwords
● Use a function based on a seed to compute a password, both user and
computer
● Hardware device / calculator / key fob to generate the password
4 Changes very frequently
● Biometrics
● Some physical attribute (fingerprint, hand scan)
● Multi-factor authentication
 Implementing Security Defenses
● Defense in depth is most common security theory – multiple layers of security
● Security policy describes what is being secured
● Vulnerability assessment compares real state of system / network compared to
security policy
● Intrusion detection endeavors to detect attempted or successful intrusions
● Signature-based detection spots known bad patterns
● Anomaly detection spots differences from normal behavior
4 Can detect zero-day attacks
● False-positives and false-negatives a problem
● Virus protection
● Searching all programs or programs at execution for known virus patterns
● Or run in sandbox so can’t damage system
● Auditing, accounting, and logging of all or specific system or network activities
● Practice safe computing – avoid sources of infection, download from only
 Firewalling to Protect Systems and Networks

● A network firewall is placed between trusted and untrusted hosts

● The firewall limits network access between these two security
domains
● Can be tunneled or spoofed
● Tunneling allows disallowed protocol to travel within allowed
protocol (i.e., telnet inside of HTTP)
● Firewall rules typically based on host name or IP address
which can be spoofed
● Personal firewall is software layer on given host
● Can monitor / limit traffic to and from the host
● Application proxy firewall understands application protocol and
can control them (i.e., SMTP)
● System-call firewall monitors all important system calls and
apply rules to them (i.e., this program can execute that system call)
Network Security Through Domain Separation Via Firewall
 Computer Security Classifications
● U.S. Department of Defense outlines four divisions of computer
security: A, B, C, and D
● D – Minimal security
● C – Provides discretionary protection through auditing
● Divided into C1 and C2
4 C1 identifies cooperating users with the same level of
protection
4 C2 allows user-level access control
● B – All the properties of C, however each object may have
unique sensitivity labels
● Divided into B1, B2, and B3
● A – Uses formal design and verification techniques to ensure
security
 Example: Windows 7
● Security is based on user accounts
● Each user has unique security ID
● Login to ID creates security access token
4 Includes security ID for user, for user’s groups, and special
privileges
4 Every process gets copy of token
4 System checks token to determine if access allowed or denied
● Uses a subject model to ensure access security
● A subject tracks and manages permissions for each program that a
user runs
● Each object in Windows has a security attribute defined by a security
descriptor
● For example, a file has a security descriptor that indicates the
access permissions for all users
 Example: Windows 7 (Cont.)
● Win added mandatory integrity controls – assigns integrity
label to each securable object and subject
● Subject must have access requested in discretionary
access-control list to gain access to object
● Security attributes described by security descriptor
● Owner ID, group security ID, discretionary access-control
list, system access-control list