Appendix A

7-bit ASCII code

000 001 010 011 100 101 110 1110000 nul soh stx etx eat enq ack bel0001 bs ht nl vt np cr so si0010 dIe del de2 dc3 dc4 nak syn etbVVll can em SUD esc LS gs rs us0100 space ! " # $ % &

,

0101 ( ) * + , - /0110 0 1 2 3 4 5 6 70111 8 9 : ; < = > ?

1000 @ A B C 0 E F G1001 H I J K L M N 01010 P Q R S T U V W1011 X Y Z [ \ ]

A

- --1100 ,

a b c d e f g1101 h i j k 1 ill n 0

1110 P q r s t u v w1111 x y z { I ) - - del

Row numbers represent the 4-bit prefix, and the column numbers represent the 3-bit suf­fix. The first 32 ASCII codes and the last ASCII code are control codes, whIch are notdisplayable.

Appendix B

SMA-512 Constants (in hexadecimal)

i Ki i Ki i Ki0 428a2f98d728ae22 1 7137449123ef65cd 2 b5cOfbcfec4d3b2f':l ,~Q1 o o--u-a-, A -v rv c v- _0C r-'~Qh~-'Q r:; ~Qf'11 f'1hhn~r1n1Q

6 923f82a4afl94f9b 7 ablc5ed5da6d8118 8 d807aa98a30302429 12835b0145706fbe 10 243185be4ee4b28c 11 550c7dc3d5ffb4e212 72be5d74f27b896f 13 80deblfe3b1696bl 14 9bdc06a 725c7123515 c19bfl74cf692694 16 e49b69c1gef14ad2 17 efbe4786384f25e318 Ofc19dc68b8cd5b5 19 240calcc77ac9c65 20 2de92c6f592b027521 4a7484aa6ea6e483 22 5cbOa9dcbd41fbd4 23 76f988da831153b524 983e5152ee66dfab 25 a831c66d2db43210 26 b00327c898fb213f27 bf597fc7beefOee4 28 c6eOObf33da88fc2 29 d5a 7914 793 Oaa 72530 06ca6351e003826f 31 142929670aOe6e70 32 27b70a8546d22ffc33 2elb21385c26c926 34 4d2c6dfc5ac42aed 35 53380d139d95b3df36 650a73548baf63de 37 766aOabb3c77b2a8 38 81c2c92e47edaee639 92 722c851482353b 40 a2bfe8a14cfl 0364 41 a81a664bbc42300142 c24b8b70dOf89791 43 c76c5la30654be30 44 d192e819d6ef521845 d69906245565a910 46 f40e35855771202a 47 106aa07032bbdlb848 19a4cl16b8d2dOc8 49 le376c085141ab53 50 274877 4cdf8eeb9 951 34bObcb5e19b48a8 52 391cOcb3c5c95a63 53 4ed8aa4ae3418acb54 5b9cca4f7763e373 55 682e6ff3d6b2b8a3 56 748f82ee5defb2fc57 78a5636f43172f60 58 84c87814alfOab72 59 8cc702081a643gec60 90befffa23631e28 61 a4506cebde82bde9 62 bef9a3f7b2c6791563 c67178f2e372532b 64 ca273eceea26619c 65 d186b8c721cOc20766 eada7dd6cdeOeble 67 f57d4f7fee6ed178 68 06f067aa72176fba69 Oa637dc5a2c898a6 70 113f9804bef90dae 71 Ib710b35131c471b72 28db77f523047d84 73 32caab7b40c72493 74 3cgebeOa15c9bebc75 431d67c49cl00d4c 76 4cc5d4becb3e42b6 77 597f299cfc657e2a78 5fcb6fab3ad6faec 79 6c44198c4a475817

Appendix C

Data Compression using ZIP

ZIP is a simple matching algorithm using two sliding windows, called the base win­dow and the look-ahead window. These two windows are placed side-by-side on thedata file, where the look-ahead window goes ahead of the base window. ZIP scansthe entIre file by slIdmg these two wmdows and encodmg data on the fly. In par­tIcular, ZIP finds the longest prefix s of the data stnng contamed in the look-aheadwindow that also appears in the base window. This string in the look-ahead window(if found) is a copy of s in the base window, and so it can be uniquely identified bytwo attributes: (1) the distance between the location of the first character of s in thebase wmdow and the locatIOn of the first character m the look-ahead wmdow and(2) the length of s. If the space needed to hold the values of these two attnbutes ISsmaller than the space needed to hold s, we obtam a savmg of space.

To implement this idea, we will need to distinguish the binary values of the twoattributes from normal encodings of characters. Suppose the data file is encodedusmg the 8-blt ASCII code set. If the first bIt IS used as a panty bIt, then It could beeIther 0 or 1. The first bIt of the bmary strmg representmg the two attnbutes can alsobe eIther 0 or 1. Thus, to make a dlstmctIon, we add an extra bIt of 1 m front of eachASCII code to yield a 9-bit extended ASCII code and add an extra bit of 0 in frontof the binary string representing the two attributes. This simple encoding uniquelyidentifies the original data file.

In partIcular, let W1 denote the number of characters the base wmdow can hold,where 2d -1 < Wj < 2d for some d > 1. Let W2 denote the number of characters thelook-ahead window can hold, where 21- 1 < W2 ::; 2/ for some l with 1 ::; l::; d. Thisproduces a (d + l + 1)-bit binary encoding for s, where the first bit is 0 (used asan indicator), the next d bits represent the distance, and the last l bits represent thelength. For convenience, we will call this (d + l + 1)-bit code a location code.

A locatIOn code IS easIly dlstmgUlshable from any 9-blt extended ASCII codebecause a locatIOn code has a fixed length and an mdlcator 0 dIfferent from theindicator in a 9-bit extended ASCII code. In other words, given a compressed fileusing this encoding method, it can be uniquely and easily "uncompressed" back toits original ASCII format. The proof is left to the reader (see the Exercise). Thus, aslong as d +l + 1 < 8k, where k = lsi, ZIP may save space. ZIP then shifts both of the

354 C Data Compression using ZIP

base window and the look-ahead window to the right max{I, k} times and repeatsthe same procedure until the look-ahead window is shifted out of the data file.

For example, let WI = 18 and Wz = 7. Then d = 5 and I = 3. Let us consider thefollowing text string:

"a loop containing a loop is a nested loop"

Denote by nb, the binary representation of positive integer n. Running ZIP on thischaracter string produces the following output (see Fig. C.l ):

where each letter and space in the output string is encoded by a 9-bit extended ASCIIcode. For clarity, we do not spell out the location code in binary. The length of the"compressed" string in binary is therefore equal to 18 x 9 + 9 + 11 x 9 +9 = 279bIts, and the length of the ongmal character stnng encoded m the 8-blt ASCII codeset IS equal to 41 x 8 = 328 bIts. Thus, ZIP has compressed the ongmal data stnngto a shorter bmary string,

inputbase window look-ahead

a loop containing a loop is a nested loop

711

basewindQw

a loop containing a loop is a nested

16

output a loop containing 017b7b is a nested 016b5"

Fig. C.I A demonstration of a ZIP process

To decode a compressed file, ZIP scans It from the begmnIng, removes the lead­mg 1 from each 9-blt extended code, and replaces each 9-blt code WIth leadmg 0 bythe correspondmg character substrmg using the dIstance and length attnbutes.

Exercise

Show why the IO-bit code defined in Section C is easily distinguishable from theextended 9-bit ASCII code. That is, given a compressed file using this encodingmethod, show it can be uniquely and easily "uncompressed" back to its originalASCII format

AppendixD

Base64 Encoding

Base64 encoding represents a 6-bit binary string using a printable character (seeTable D.l), where a 6-bit value of 0 to 25 represents a upper-case letter A to Zcorrespondingly; a 6-bit value of 26 to 51 represents a lower-case letter a to z cor­respondingly; a 6-bit value of 52 to 61 represents a digit 0 to 9 correspondingly;and the last two 6-bit values of 62 and 63 represent H+" and HI" respectively. Trans­mitted in ASCII format, this means that every 6-bit string is replaced with an 8-bitstring.

Table D.I Base64 encoding

6-bitvalue 0 I 2 3 4 5 6 7 8 9 10 II 12 13 14 15 16 17 18 19character encoding ABC D E F G H I J K L M N 0 P Q R S T6-bit value 20 21 22 23 24 25 26 27 28 29 31 31 32 33 34 35 36 37 38 39character encoding U V W Z Y Z abc d e f g h i j k I ill n6-bit value 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59character encoding 0 p q r stu v w z y z 0 I 2 3 4 5 6 76-bit value 60 61 62 63character encoding 8 9 + /

In addition, Base64 encoding uses character "-" as a special indicator. UsingBase64 encoding, a binary string is converted to a character string as follows:

Case I: The binary data consists of only one byte. Pad it at the end with 16 O'sto extend it to a 24-bit string. This 24-bit string is then converted to a Base64 stringof four characters, wIth "==" beIng the last two characters. ThIS IndIcates that onlythe first two characters are to be decoded, and the suffix 0000 IS dIscarded.

Case 2: The binary data consists of only two bytes. Pad it at the end with eightO's to extend it to a 24-bit string. This 24-bit string is then converted to a Base64string of four characters, with "=" being the last character. This indicates that onlythe first three characters are to be decoded, and the suffix 00 IS dIscarded.

Case 3: The bInary data consists of at least three bytes. Place the first three bytesof the binary data into a 24-bit buffer, where the first byte is placed in the mostsignificant eight bits of the buffer, the second byte is placed in the middle, and the

356 D Base64 Encoding

third byte in the least significant eight bits. This 24-bit string is then converted to aBase64 string of four characters. Repeat this process until there is no byte left, thereis one byte left, or there are two bytes left. The conversion is completed if thereis no byte left. If there is one byte left, apply Case 1 to this byte to complete theconversion. If there are two bytes left, apply Case 2 to these two bytes to completethe conversion.

Given in Table D.2 are several examples of Base64 conversions.

Table D.2 Examples of Base64 conversions, where boldface bits are padding bits

binary string24-bit buffer

Base64 conversionbinary string24-bit buffer

Base64 conversionbinary string24-bit buffer

Base64 conversion

10110011 (one byte)101100 110000 000000 000000 (padding of two bytes)sw==10110011 00000101101100110000010100000000 (padding of one byte)swU=10110011 00000101 01100010101100110000010101 100010 (no padding)swVi

Decoding a Base64 string back to the original binary data is straightforward andis left to the reader (Exercise D).

The Base64 encoding was first used in the Privacy-enhanced Electronic Mail(PEM) protocol for transfernng electromc data.

Exercise

Describe how to decode Base64 strings back to their original binary strings.

Appendix E

Cracking WEP Keys using WEPCrack

This appendix describes an experiment to crack a WEP protected WLAN usingWEPCrack, an open-source WEP cracking tool. WEPCrack implements the RC4weak-key attack introduced in 2001 by Fluhrer, Mantin, and Shamir. It is written inthe Perl language. Stephen Brinton designed and implemented the experiments.

E.! System Setup

The expenment uses three computers and one WEP-enab1cd LInksys wIreless routeras an AP. One computer serves as an Apache Web server, which is connected to therouter via an Ethernet cable. The second computer is a WEP-enabled wireless laptopPC connected to the router. The router and the laptop computer share a I 04-bit secretWEP key K. ThIs computer contInuously requests Web pages from the Web serverfor the purpose of generatIng a large number of frames. The thIrd computer IS also alaptop PC eqUIpped WIth a WEP-enab1ed WIrelessnetwork Interface card (NrC) thatcan monitor network traffic. This computer runs WEPCrack to crack the WEP keyK. Fig. E. I shows the system setup of this experiment.

Web server_-wir-';-<;'~ 'l:':((((~.~. •••••• user requesting Web pages

.r>;~

r<;

attacker running WEPCrack

Fig. E.! WEPCrack Experiment system setup

358 E Cracking WEP Keys using WEPCrack

The experiment uses the following AP and wireless NICs:

AP

The AP used in the experiment was a WEP-enabled Linksys Wireless-B BroadbandRouter.

User's Network Card

Device:Driver:Vendor

Belkin F5D7010 54g Wireless Network cardndiswrapper (Belkin: bcmwI5.inf)Bmadman

Attacker's Network Card

Device:Device Name:

Driver:Vendor:

AR5212 802.11 abg (Netgate)athOath_pclAtheros Communications, Inc.

E.2 Experiment Details

WEPCrack cracks WEP keys by first collecting weak initialization vectors. AftersuffiCIent InformatIon about weak InItIahzatlOnvectors IS obtaIned, WEP Crack de­duces from It the WEP key used in the WLAN. It may take a number of hours tocollect information. After that, the actual cracking part may take only a few minutes.

Step 1: Initial Setup

Select a 104-bit WEP key for both the AP (the router) and the STA (the laptopcomputer that will continuously request Web pages from the Web server). In theexperiment, the WEP key is chosen as a 13-byte binary string

K = 96 6 91 24207 211 3992158724037234

Start the Apache server usmg the #rcapache2 start command. The STAstarts the requester program requester. c (see Section E.3) usmg

./reguester 172.16.1.1 80 GET /

E.2 Experiment Details 359

where 172 . 16 . 1 . 1 is the IP address of the Apache server. This produces contin­uous request and sending of a web page over the wireless connection.

Step 2: Attacker Setup

The attacker's laptop runs Linux. First run the ifconfig athO up commandto enable the laptop's NIC. Then run the iwconfig athO scan command tosearch for the AP within range and col1ect its MAC address, channel, and essidinformation. The iwconfig athO scan command returns the fol1owing out-put:

athO Scan completedCell 01 -- Address: 00:II:F5:ID:98:04ESSID: "Gates"Mode' MasterFrequency: 2.442 GHz (Channel 7)Quality = 43/94 Signal level = -52 dBmNoise level = -95 dBmEncryption Key: onBlt Rate'

Final1y, configure the NIC using the fol1owing commands:

lfconflg athO downlwconflg athO channel 11lwconflg athO ap 00:06:25:F3:CD:89iwconfig athO essid ResearchAPiwconfig athO mode monitorlfconflg athO up

Step 3: Collecting Weak Initialization Vectors

Start Wireshark and open the capture wmdow to capture WIreless frames. Thenrun the WEPCrack program pcap-get IV . p L using the fol1owing command:./pcap-getIV.pl -i athO. This may take several hours to run to col1ectsufficient information. This program produces a log file named IVFlle.log, whichcontams weak InttlaJtzatlOn vectors and encrypted outputs. They WI]] be used tohelp reveal the WEP key.

Step 4: Cracking

Run the WEPCrack.pl on IVFile.log to deduce the WEB-kep. After only a fewminutes of execution, WEPCrack arrived at the correct encryption key shown asbelow, where $ is the Linux prompt:

360 E Cracking WEP Keys using WEPCrack

$. /WEPCrack. p LKeysize = 13 [104 bits]96 6 91 24 207 211 39 92 158 7 240 37 234

E.3 Sample Code

The STA executes the following program, written by Stephen Brinton, to keep re­questing Web pages.

requester.h

1************************************************

Header name: request.h*************************************************1

#include <sys/types.h>#include <sys/socket.h>#include <netinet/in.h>#include <arpa/inet.h>#include <netdb.h>#include <stdio.h>#include <stdIib.h>#include <strinq.h>#include <fcntl.h>#include <sys/stat.h>#include <unistd.h>

II Maximum Sizes#define BUFSIZE 1024#define HOST NAME SIZE 256#define COMMAND NAME SIZE 3#define FILENAME_SIZE 256#define PORTNUMBER_SIZE 4

#define QLEN 128

requester.c

/***********************************************************

Fllename: reguester.c

Deslgner: Stephen Brlnton UML

E.3 Sample Code

Overview: This program will continuously request and print

Web pages Usage:

client host port number command filename

Example: ./requester www.cnn.com GET index.html

Function: make_socket() - makes a socket connection

************************************************************7

#include "requester.h"

int main(int argc, char *argv[])

int sd; II socket descriptor ID

int n; II number of characters tolfrom socket

char msg[BUFSIZE]; II buffer used to hold socket message

char host[HOST_NAME_SIZE]; II host address

char command[COMMAND_NAME_SIZE]; II command - GET or PUT

char filename[FILENAME_SIZE]; II filename to GETIPUT

char port_number [PORTNUMBER_SIZE] ;

II store portnumber from command line arguments

361

int portnumber; II portnumber to GETIPUT

II **** GATHER THE ARGUMENTS FROM THE COMMAND LINE ****

if (argc !~ 5) II check if there are 5 arguments

II print error message otherwise

fprlntf(stderr, "Error - Usage:

client host port_number command filename\n");

exit(l);

sprlntf(host,argv[l]);

sprlntf(port_number,argv[2]);

portnumber - atol(port_number);

sprintf(command,argv[3] );

sprintf(filename,argv[4]);

whlle(l)

if (strcmp("GET",command) !=o && strcmp("PUT",command) !=O)

fprlntf(stderr, "Error - Invalld command entered:

%s (Must be either PUT or GET)\n", command);

362 E Cracking WEP Keys using WEPCrack

exit(I);

// setup command to be sent through socket to host

if (strcmp("GET",command)~~O) II Process the GET command

sprintf(msg, "GET %s HTTP/l.0\r\nHost: %s\r\n\r\n",

filename,host);

if ((sd = make_socket (portnumber, host)== -1)

exit(I);

};

write(sd,msg,strlen(msg»;

else II PUT command

FILE* fptr;

lnt fd;

lnt bytes_read;

struct stat flle_lnfo;

char* buffer;

size_t length;

If ((fptr - fopen(fllename, "rb"» -- NULL)

fprintf(stderr, "Error - File Not Found\n");

close (sd);

exit(I);

fd - flleno(fptr);

fstat (fd, &file_info);

length = file_info.st_size;

if (!S_ISREG (file_info.st_mode)

fprintf(stderr, "Error

close (fd);

close(sd) ;

exit(I);

File is not regular\n");

sprintf (msg, "PUT /%s HTTP/l.0\r\nHost:

%s\r\nContent-type:

text/plain\r\nContent-length:

%d\r\n\r\n",filename,host,length);

if ((buffer=(char*)malloc(length+strlen(msg)))==NULL)

fprlntf(stderr, "Error Insufflclent

E.3 Sample Code

memory available to send file\n");

close (fd);

exit(l);

memcpy(buffer, msg, strlen(msg));

363

bytes_read-fread(buffer+strlen(msg),I,length,fptr);

close (fd);

if ((sd = make_socket (portnumber, host)== -1)

free(buffer);

exit(I);

Liwrite(sd,buffer,bytes_read+strlen(msg));

II **** READ AND DISPLAY MESSAGES FROM SOCKET ****

77 read from socket and keep doing it until nothing

77 remains in socket

n - recv(sd,msg,slzeof(msg),O);

while (n>O)

wrlte(l,msg,n);

n - recv(sd,msg,slzeof(msg),O);

close(sd);

II **** CLOSE CONNECTION ****

return(O);

/*****************************************************************

Function name: make_socket

Overview: This function setups a socket to be used by this client

****************************************************** * * * * * * * * * * * 1

lnt make_socket(lnt portnumber, char* host)

struct has tent *ptrh; II pointer used by gethostbyname

struct sockaddr In sad;

int sd; 77 socket descriptor ID

77 **** PREPARE THE ADDRESS TO BE USED IN MAKING THE CONNECTION

memset ((char *)&sad, O,sizeof(sad));

sad. sin_family = AF_INET;

sad.sin_port = htons((u_short)portnumber);

ptrh - gethostbyname(host);

If (((char *)ptrh) -- NULL)

364 E Cracking WEP Keys using WEPCrack

fprintf(stderr,"Error-Invalid host entered: \%s\n",host);

return 1·,

memcpy(&sad.sin addr, ptrh->h addr, ptrh->h length);

77 **** MAKE THE SOCKET ****

sd = socket(PF INET, SOCK STREAM, 0);

if (sd < 0)

fprintf(stderr, "Error - Socket creation failed\n");

return 1·,

1II **** CONNECT TO SERVER ****

if (connect (sd, (struct sockaddr *)&sad, sizeof(sad))<O)

fprintf(stderr, "Error - Connect failed\n");

return

return sd;

1·,

Appendix F

Acronyms

ACKACLAESAJAXAHALGAMSANSIAPARPASCIIASASICASPAVIDHCPCACBCCBC-MACCCMPCEOCERTCOlCIACIFSCHFCLGCOFFCOMCPU

Acknow ledgementAccess Control LIstAdvanced Encryption StandardAsynchronous JavaScript and XMLAuthentication HeaderApphcatlOn-Level Gateway; ApphcatlOn-Layer GatewayAnti MahclOus SoftwareAmencan NatIOnalStandard InstituteAccess PointAddress Resolution ProtocolAmencan Standard Code for InformatIOn InterchangeAuthentIcatIOn ServerApphcatlOn-Speclfic Integrated CIrcUItActive Server PageAudio- Video InterleavedDynamic Host Configuration ProtocolCertIficate AuthontyClpher-Block-Chammg ModeCipher-Block Chaining Massage Authentication CodeCounter Mode-CBC MAC ProtocolChief Executive OfficerComputer Emergency Response Team (USA)Common Gateway InterlaceCentral Intelhgence Agency (USA)Common Internet File SystemCryptographic Hash FunctionCIrcUIt-Level GatewayCommon Object FIle FormatComponent Object ModelCentral Processing Unit

366

CRCCTRDACDESDiFDISDLLDMZDoSDDoSDHCPDHBSDPFDSLDZEAPoLEBCDICECBECCECDHEFFELFESPESSIDFCSFATFTPGBGCHQGMKGUIHIHATHMACHBDHMMHTMLIATIBMICMPICVIDEAIDESIDPIDSIE

Cyclic Redundancy CheckCenterData Authentication CodeData Encryption StandardDistributed FirewaJlDigital Immune SystemDynamic Link LibraryDemilitarized ZoneDenial of ServiceDistributed Denial of ServiceDynamic Host Configuration ProtocolDouble-Homed Bastion SystemDynamic Packet FilterDigital Subscriber LineDemilitarized ZoneExtensible Authentication Protocol over LANExtended Bmary Coded DeCImal Interchange CodeElectronIc-Codebook ModeEllIptIc-Curve CryptographyElliptic-Curve Diffie-HeJlmanElectronic Frontier FoundationExecutable and Lmkmg FormatEncapsulatmg Secunty PayloadExtended Service Set IDentIfierFeistel Cipher SchemeFile AJlocation TableFile Transfer ProtocolGuojia Biaozhun (NatIOnal Standards, Chma)Bntlsh Government Communications HeadquartersGroup Master KeyGraphical User InterfaceHigh Interaction Honeypot Analysis ToolkitKeyed-Hash Message AuthentIcatIOn CodeHost-Based DetectionHIdden Markov ModelHypertext Markup LanguageImport Address TableInternatIOnal Busmess Machmes Corporation (USA)Internet Control Message ProtocolIntegnty Check ValueInternational Data Encryption AlgorithmIntrusion Detection Expert SystemIntrusion Detection PolicyIntruSIOn Detection SystemInternet Explorer

F Acronyms

F Acronyms

IECIEEEIETFlISIKE1MIMAPIPIPSIPsecIPv4IPv6ISAKMPISO

ISPITUJSONJVMJSPKDCKDPKGAKSALFSRMACMACMBSAMICMIDIMKPKCMPDUMSDULANNATNBDNBSNESSIENetBIOSNFS

NGVCKNICNIDSNIST

367

International Electrotechnical CommissionInstitute of Electrical and Electronics Engineers (USA)The Internet Engineering Task ForceInternet Information ServicesInternet Key ExchangeInstant MessagingInternet Mail Access ProtocolInternet ProtocolIntrusion Prevention SystemIP SecurityInternet Protocol version 4Internet Protocol version 6Internet Security Association and Key Management ProtocolInternational Standardization Organization;International Organization for StandardizationInternet Service ProviderInternatIOnal TelecommUnicatIOn UnionJavaScnpt Object NotationJava VIrtual MachmeJava Server PageKey Distribution CenterKey Determination ProtocolKey Generation AlgonthmKey Scheduhng AlgonthmLinear Feedback Shift RegistersMedia Access ControlMessage Authentication CodeMIcrosoft Basehne Secunty AnalyzerMessage Integnty CodeMusical Instrument Data InterfaceMultiple-Key Public-Key CryptographyMAC Protocol Data UnitMAC ServIce Data UnitLocal Area NetworkNetwork Address TranslatIOnNetwork-Based DetectionNational Bureau of Standards (USA)New European Schemes for SIgnatures, Integnty, and EncryptionNetwork BaSIC Input and Output SystemNetwork FIle System;National Science Foundation (USA)Next Generation Virus Creation KitNetwork Interface CardNetwork-based Intrusion Detection SystemNatIOnal Institute of Standards and Technology (USA)

368

NSANTFSOCBOFBOLEOSIPANPATPDAPEPEMPGPPHPPHTPIDPKAPKCPKIPKIXPMKPOPPOP3PRNGPTKP2PRADIUSRAMRSNRSNIERSNASASADSANSSASSCPSETSFTPSHASHBSSIVS/MIMESMTPSOHOSPDSPI

F Acronyms

National Security Agency (USA)New Technology File SystemOffset-Codebook ModeOutput-Feedback ModeObject Linking and EmbeddingOpen System InterconnectionPersonal Area NetworkPort Address TranslationPersonal Digital AssistantPortable ExecutablePrivacy-enhanced Electronic Mail ProtocolPretty Good PrivacyHypertext PreprocessorPseudo Hadamard TransformProcess IdentifierPublic-Key AuthorityPublIc-Key Cryptography; PublIc-Key CryptosystemPublIc-Key InfrastructureX.S09 Public-Key InfrastructurePairwise Master KeyPost Office ProtocolPost Office Protocol version 3Pseudo-Random Number GeneratorPairwise Transient KeyPeer-to-PeerRemote Authentication Dial-In User ServiceRandom Access MemoryRobust Security NetworkRobust Security Network InformatIOn ElementRobust Security Network AssociationSecurity AssociationSecurity Association DatabaseSysAdmIn, AudIt, Network, and Security Institute (USA)Secunty AssocIatIOn SelectorSecure Copy ProtocolSecure Electronic TransactionSecure File Transfer ProtocolSecure Hash AlgonthmSIngle-Homed BastIOn SystemSystem Integrity VenfierSecure/Multipurpose Internet Mail ExtensionSimple Mail Transfer ProtocolSma]] Office and Home OfficeSecurity PolIcy DatabaseSecurity Parameters Index; Stateful Packet Inspection

F Acronyms

SPFSRESSSHSSLSSPSTASYNTCPTCPv4TCPv6TelnetTGSTFTPTSCTKIPTLSTOSTTLUDPURLUnicodeVBVBSVoIPVPNWAPWi-FiWEPWKDCWLANWNWPAWPA2WPANWPKIWSNXML

Stateful Packet FilteringSinged ResponseSecure ShellSecure Sockets LayerSecure Simple Pairing(wireless endpoint) StationSynchronizationTransmission Control ProtocolTransmission Control Protocol version 4Transmission Control Protocol version 6Teletype networkTicket-Granting ServerTrivial File Transfer ProtocolTKIP Sequence CounterTemporal Key Integrity ProtocolTransport Layer SecurityTrusted Operatmg SystemTime-to-Live valueUser Datagram ProtocolUniform Resource LocatorUnification CodeVIsual BaSICVIsual BaSIC ScriptVOIce of IPVirtual Private NetworkWireless Access PointWireless FidelityWIred EqUIvalent PrivacyWIreless Key DlstnbutlOn CenterWireless Local-Area NetworkWireless NodeWi-Fi Protected AccessWI-FI Protected Access version 2WIreless Personal Area NetworkWIreless Pubhc-Key InfrastructureWireless Sensor NetworkExtensible Markup Language

369

References

1. Adams C and Farrell S (1999) Internet X.509 Public Key Infrastructure: Certificate Man­agement Protocols. RFC 2510

2. Agrawal M, Kayal N, and Saxena N (2004) PRIMES is in P. Annals of Mathematics160(2):781-793

3. Arkin 0 and Yarochkin F (2002) Xprobe v2.0: A "Fuzzy Approach to Remote Active Oper­atmg System Fmgerpnntmg. http://www . xprobe2. org.

4. Allen J (2001) The CERT Guide to System and Network Security Practices. Addison­Wesley, Massacusetts

5. Bace R (2000) Intrusion Detection. Macmillan Technical Publishing, Indiana6. Bace Rand Mell P (2001) Intrusion Detection Systems. NIST Special Publication

800-31.http://www . csrc. nist. gov Ipublications Inistpubs 180 0-31 I sp800-31.pdf

7. Barreto P and Rijmen V (2003) The WHIRLPOOL Hashing Function.8. Barrett D, Silverman R, and Byrnes R (2005) SSH: The Secure Shell (The Definitive Guide).

2nd ed. O'Reilly, California9. Bass S (2007) Top 25 Web Hoaxes and Pranks. PC World.

http://www.pcworld.com/printable/article/id.131340/printable.html

10. Barta M, Bonnell J, Enfield A, Esposito D, Francis B, Harrison R, Homer A, Jakab S, Li S,Murphy S, and UIIman C (1997) ProfessIOnal IE4 Programmmg, Wrox Press

II. Bellovin S (1999) Distributed firewalls. ;login: (the USENIX magazine) 39-47.12. Biham E and Shamir A (1993) A Differential Cryptoanalysis of the Data Encryption Stan­

dard. Snnger, New York13. Bluetooth Special Interest Group (2006) Simple pairing whitepaper. Version VlOrOO14. Bluetooth SpeCialInterest Group (2007) Bluetooth Protocol ArcllltectureIS. Bluetooth Specification Version 2.1 + EDR (2007) Volumes 0-416. Blum L, Blum M, and Shub M (1986) A simple unpredictable pseudo-random number gen­

erator. SIAM Journal on Computing 15:364-38317. Bonsov N, Goldberg I, and Wagner D (2001) Interceptmg mobile commumcalions: the m­

security of 802.11. In: Poceedings of the 7th Annual International Conference on MobileComputmg and Networkmg

18. Campbell K and Wiener M (1992) Proof that DES is not a group. In: Proceedings ofCrypto'92, 518-526. Springer-Verlag, Berlinbibitemmonograph Campbell P,Calvert B, and Boswell S (2003) Security Guide to NetworkSecurny Fundamentals. 2nd ed. Thompson Course technology, Massachusetts

19. Cappe 0, Moulines E, Ryden T (2005) Inference in Hidden Markov Models. Springer, 200520. CERT AdVISOry (200 I) "Code Red" worm exploltmg buffer overflow m IIS mdexmg service

DLL. CA-2001-19.http://www.cert.org/advisories/cA-2001-19.html

21. CERT Incident Note (2001) "Code Red II:" Another worm exploiting buffer overflow in IISmdexmg service DLL. IN-200l-09.http://www.cert.org/incident_notes/IN 2001 09.html

22. CERT Advisory (2001) Nimda worm. CA-2001-26.http://www.cert.org/advisories/CA-2001-26.html

23. CERT InCidentNote (2003) W32/Soblg.F worm. IN-2003-03.http://www.cert.org/incident_notes/IN-2003-03.html

24. Chandra P (2005) Bulletproof Wireless Security: GSM, UMTS, 802.11, and Ad Hoc Secu­rity. Elsevier, Paris

25. Chaum D (1983) Blind signatures for untraceable payments. In: Proceedings ofCRYPTO'82, 199-203. Plenum Press, New York

26. Chaum D, Fiat A, and Naor M (1990) Untraceable electronic cash. In: Proceedings ofCRYPTO'88, Lecture Notes in Computer Science, vol. 403, 319-327. Springer-Verlag,BerlIn

372 References

27. Chaum D and van Antwerpen H (1989) Undeniable signatures. In: Proceedings of Advancesin Cryptology (CRYPTO'89), 212-216

28. Cheswick W, Bellovin S, and Rubin A (2003) Firewalls and Internet Security, Repelling theWIly Hacker. 2nd ed. AddIson-Wesley, Massachusetts

29. CNSS (2003) National Policy on the Use of the Advanced Encryption Standard (AES) toProtect Security Systems and National Security Information. CNSS Policy No. 15 Fact SheetNo. I.http://www.cnss.gov/Assets/pdf/ cnssp 15 fs.pdf

30. Ciampa M (2005) Security Guide to Network Security Fundamentals. 2nd ed. ThompsonCourse technology, Massachusetts

31. Cohen F (1994) A Short Course on Computer Viruses. John Wiley & Sons, New Jersey32. Cole E (2002) Hackers Beware. New RIders, IndIana33. Comer D (2006) Network Systems Design using Network Processors: Intel IXP 2xxx ersion,

Prentice Hall, New Jersey34. Coppersmith D (1994) The Data EncryptIOnStandard (DES) and Its strength against attacks.

IBM Journal of Research and Development 38:243-25035. Courtois Nand Pieprzyk J (2002) Cryptanalysis of block ciphers with overdefined systems

of equations. In: Proceedings of the 8th International Conference on the Theory and Appli­catIOnof Cryptology and InformatIOn Secunty (ASIACRYPT), Lecture Notes In ComputerScience, vol. 2501, 267-287. Springer, Berlin

36. Crume J (2000) Inside Internet Security: What Hackers Don't Want You to Know. Addison­Wesley, New Jersey

37. Daemen J and RlJmen V (1999) AES Proposal: The RIJndael Block CIpher.http://csrc.nist.gov/CryptoToolkit/aes/rijndael/Rijndael.pdf

38. Dawson E and Nielsen L (1996) Automated cryptanalysis of XOR plaintext strings. Cryp­tologia, 2:165-181

39. Dennmg D (1987) An mtruslOn detectIOn model. IEEE TransactIOns on Software Engmeer­ing 13(2):222-232

40. Diffie Wand Hellman M (1976) New directions in cryptograpy. IEEE Transactions in Infor­mation Theory 22:644-654

41. Doraswamy Nand Harkings D (1999) IPSec The New Security Standard for the Internet,Intranet, and Vlflual Pnvate Networks. PrentICeHall, New Jersey

42. Doman A (2002) The Essential Guide to Wireless Communications Applications. Prentice­Hall, New Jersey

43. Easttom C (2006) Network Defense and Countermeasures: Principles and Practices. PearsonPrentice Hall, New Jersey

44. Edney J and Arbaugh W (2004) Real 802.11 Security: Wi-Fi Protected Access and 802.lli.AddIson-Wesley, Boston

45. Electronic Frontier Foundation (1999) Distributed.Net and EFF DES Cracker put the finalnUll Into the Data EncryptIOn Standard's coflin.http://www.eff.org/Privacy/Crypto/Crypto_misc/OESCracker

46. Elgamal T (1985) A public-key cryptosystem and a signature scheme based on discretelogarithms. IEEE Transactions on Information Theory 31(4):469-472

47. FIPS 46-3 (1999) Data Encryption Standard (DES). Federal Information Processing Stan­dards Publication 46-3 (Reaffirmed), National Institute of Standards and Technology

48. FIPS-171 (1995) American National Standard Financial Institution Key Management(Wholesale). National Institute of Standards and Technology

49. FIPS 180-1 (1995) Secure Hash Standard. Federal Information Processing Standards Publi­cation 180-1, National Institute of Standards and Technology

50. FIPS 180-2 (2002) Secure Hash Standards. Federal Information Processing Standards Pub­lication 180-2, National Institute of Standards and Technology

51. FIPS 186-2 (2000) Digital Signature Standard (DSS). Federal Information Processing Stan­dards Publication 186-2, National Institute of Standards and Technology

52. FIPS-197 (2001) Announcing the Advanced Encryption Standard. FIPS Special Publication197, National Institute of Standards and Technology

References 373

53. FIPS-198 (2002) The keyed-hash message authentication code (HMAC). FIPS Special Pub­hcatlOn 198, NatIOnalInstitute of Standards and Technology

54. Fluhrer S, Mantin I, and Shamir A (2001) Weaknesses in the key scheduling algorithm ofRC4. In: Proceedings of the 8th Annual International Workshop on Selected Areas in Cryp­tography, Lecture Notes in Computer Science, vol. 2259,1-24. Springer-Verlag, London

55. Forouzan B (2008) Cryptography and Network Security. McGraw-Hill, New York56. Harley D, Slade R, and Gattiker U (2001) Viruses Revealed. McGraw-Hill, New York57. Gerkis A and Purcell J (2006) A Survey of Wireless Mesh Networking Security Technology

and Threats. SANS Institute58. Hayre J and Kelath J (2006) AJAX Security Basics.

http://www.securityfocus.com/infocus/1868/159. He C and Mitchell J (2004) Analysis of the 802.1Ii 4-way handshake. In Proceedings of the

3rd ACM Workshop on Wireless Security, 43-50. ACM Press, New York60. Housley R, Ford W, Polk W, and Solo D (2002) Internet X.509 Public Key Infrastructure:

Certificate and CRL Profile. RFC 328061. Howlett T (2005) Open Source Security Tools: A Practical Guide to Security Applications.

Prentice-HaIl, New Jersey62. Hua L-K (1987) Introduction to Number Theory. Translated from Chinese by P. Shiu.

Spnnger, Berhn63. Javitz H and Valdes A (1991) The SRI IDES statistical anomaly detector. In Proceedings of

the IEEE Symposium in Security and Privacy, IEEE Computer Society Press, pages 316-32664. Karro J and Wang J (1998) Protecting Web servers from security holes in server-side In­

cludes. In: Proceedings of Annual Computer Security Application Conference (ACSAC'98),103-111. IEEE Computer Society Press, Washmgton DC

65. Karygiannis T and Owens L (2002) Wireless Network Security: 802.11, Bluetooth, andHandheld Devices. National Institute of Standards and Technology, Special Publication 800­2ffi

66. Knightley P (1986) The Second Oldest Profession, Spies and Spying in the Twentieth Cen­tury. Pengum Books, New York

67. Knuth D (1998) The Art of Computer Programming, Vol. 2: Seminumerical Algorithms. 3rded. Addison-Wesley, Massachusetts

68. Koblas D and Koblas M (1992) SOCKS. In: Proceedings of the Third Usenix Security Sym­puslUm.Pages 77-83

69. Kobliz N (1998) Algebraic Aspects of Cryptography. Springer-Verlag, Berlin70. LAN/MAN Committee (2004) IEEE Standard for Information technology: Wireless LAN

Medium Access Control (MAC) and Physical Layer (PHY) specifications Amendment 6:Medium Access Control (MAC)Security Enhancements

71. Lmn, J (1987) Pnvacy Enhancement for Internet Electromc Mall: Part I: Message Enclpher­ment and Authentication Procedures. RFC 989

72. Linn, J (1993) Privacy Enhancement for Internet Electronic Mail: Part I: Message Encryp­tion and AuthenticatIOn Procedures. RFC 1421

73. Massey J (1993) SAFER K-64: A Byte-Oriented Block-Ciphering Algorithm. In Proceed­mgs of Fast Software EncryptIOn, 1-17

74. Massey J, Khachatnan G, and Kureglan M (1998) SAFER+. In Proceedmgs of the FirstAdvanced Encryption Standard Candidate Conference. National Institute of Standards andTechnology

75. McKean C (2001) Peer-to-Peer Security and Intel's Peer-to-Peer Trusted Library. SANSSecunty Essentials, USEe Practical ASSignment, VersIOn 1.2e

76. Merkle R (1979) Secrecy, Authentication, and Public Key Systems. PhD thesis, StandfordUniversity

77. Miller, G (1976) Riemann's Hypothesis and Tests for Primality. Journal of Computer andSystem Sciences 13(3): 300-317

78. Moore T, Clulow J, Anderson R, Nagaraja S (2007) New Strategies for Revocation in Ad­Hoc Networks. In Proceedings of the 4th European Workshop on Security and Privacy in Adhoc and Sensor Networks. Lecture Notes in Computer Science, vol. 4572, pages 232-246,Springer-Verlag, Berlin

374 References

79. Mirkovic J and ReIher P (2004) A taxonomy of DDoS attack and DDoS defense mecha­nisms. ACM SIGCOMM Computer Communications Review 34(2):39-53

80. Neuman B-C and Ts' 0 T (1994) Kerberos: an authentication service for computer networks.IEEE Communications 32(9):33-38

81. Northcutt S (1999) Network Intrusion Detection, An Analysit's Handmonograph. New Rid­ers, Indiana

82. Oppliger R (1999) Security Technologies for the World Wide Web. Artech House, Mas­sachusetts

83. PC Magazine (2007) Ten most common passwords. http://www.pcmag.com/article2/0,1759,2113976,OO.asp

84. Peterson L and Davie B (2006) Computer Networks A Systems Approach. 3rd ed. Elsevier,Pans

85. Pfteeger C and Pfteeger S (2006) Security in Computing. 4th ed. Prentice-Hall, New Jersey86. Pietrek M (1994) Peering Inside the PE: A Tour of the Win32 Portable Executable File

Format. MSDN Magazine.http://msdn2.microsoft.com/en-us/library/ms809762.aspx

87. Pietrek M (2002) An In-Depth Look into the Win32 Portable Executable File Format.MSDN MagaZine. Part I:http://msdn.microsoft.com/msdnmag/issues/02/02/PE/default.aspx.Part II:http://msdn.microsoft.com/msdnmag/issues/02/03/PE2/default.aspx

88. Proctor P (2001) The Practical IntruSIOn DetectIOn Handmonograph. Prentice-Hail, NewJersey

89. Provos N (2004) A VIrtual honeypot framework. In Proceedings of the 13th USENIX Secu­rity Symposium. Pages 1-14

90. Ramachandran V and Ahmad M (2007) Cafe latte with a free topping of cracked WEP:retrieving WEP keys from road-warriors. In Proceedings of ToorCon

91. Ranum M (1992) A network firewall. In: Proceedll1gs of the FIrst World Conference onSystems Administration and Security

92. Rabll1, M (1980) Probablhstlc algontlul1 for testll1g pnmahty. Journal of Number Theory12(1): 128-138

93. Rescorla E (2001) SSL and TLS: Deslgmng and BUlldll1g Secure Systems. AddIson-Wesley,Massachusetts

94. RIvest R-L (1992) The RC4 encryption algonthm. RSA Data Secunty95. Rivest R-L (1995) The RC5 encryption algorithm. Dr. Dobb's Journal 20:146-14896. Rivest R-L, Shamir A, and Adleman L-M (1978) A method for obtaining digital signatures

and public-key cryptosystems. Communications of the ACM 21:120-12697. Rogaway P, Bellare M, and Black J (2003) OCB: A block-cipher mode of operation for

effiCient authenticated encryption, ACM Transactions on Information and System Secunty,6(3):365-403

98. Rubin A (2001) White-Hat Secunty Arsenal, Tackhng the Threats. AddIson-Wesley, Mas­sachusetts

99. Salomaa A (1990) PUbhc-Key Cryptography. Spnnger-Verlag, Berlin100. Seaminatha T and Elden C (2003) Wireless Security and Privacy. Addison-Wesley, Mas­

sachusetts101. Schneier B (1996) Applied Cryptography. 2nd ed. John Wiley & Sons, New York102. SchneIer B (2000) Secrets and LIes, DIgital Secunty In a Networked World. John Wiley &

Sons, New York103. Shaked Y and Wool A (2005) Cracking the Bluetooth PIN. In Proceedings of the 3rd

USENIX/ACM Conference Mobile Systems, Applications, and Services (MobiSys), pages39=.50

104. Shor P-W (1997) Polynomial-time algorithms for prime factorization and discrete loga­rithms on a quantum computer. SIAM Journal on Computing 26:1481-1509

105. Skoudis E (2002) Counter Hack, A Step-by-Step Guide to Computer Attacks and EffectiveDefenses. Prentice Hall, New Jersey

References 375

106. Stallings W (2006) Cryptography and Network Secuirty: Principles and Practice. 4th ed.Prentice HaIl, New Jersey

107. Steiner J, Neuman C, and Schiller J (1988) Kerberos: an authentication service for opennetwork systems (VersIOn 4). In Proceedings of the Winter 1988 Usemx Conference

108. Suehring S and Ziegler R (2006) Linux Firewalls. 3rd ed. Novell Press, Indiana109. Szor P (2005) The Art of Computer Virus Research and Defense. Addison-Wesley, New

Jersey110. Thomas S (2000) SSL and TLS essentials secunng the Web. John Wiley & Sons, New York111. Tibbs R and Oakes E (2006) Firewalls and VPNs Principles and Practices. Pearson Prentice

HaIl, New Jersey112. Trappe Wand Washington L (2006) Introduction to Cryptography with Coding Theory. 2nd

ed. Prentice Hall, New Jersey113. Vlega J and McGraw G (2002) Bmdllng Secure Software. Addison-Wesley, Massachusetts114. Voice of America (1999) Navajo Code Talkers. http://www.voanews.com/

specialenglish/archive/2002-02/a-2002-02-01-26-1.cfm115. Wack J, Cutler K, and Pole J (2002) Guidelines on Firewalls and Firewall Policy. NIST

SpeCialPublicatIOn SP 800-41116. Walker J (2002) 802.11 security series part II: the Temporal Key Integrity protocol (TKIP).

Intel Cooperation.http://cache-www.intel.com/cd/OO/OO/Ol/77/17769_80211_part2.pdf

117. Wang X, Yin Y, and Yu H (2005) Finding collisions in the full SHAI. In: Proceedings ofCRYPTO'05, Lecture Notes in Computer Science, vol. 3621, 17-36. Springer, Berlin

118. WEPCrack: http://wepcrack.sourceforge.net119. Whiteman M-E and Mattord H-J (2005) Principles of Information Security. 2nd ed. Thom­

son Course Technology, Massachusetts120. Yao A (1982) Protocols for secure computations. In Proceedings of the 23rd IEEE Sympo­

sium on the Foundations of Computer Science (FOCS'82), 160-164121. Ylonen T (2006) The Secure Shell (SSH) Protocol Architecture. RFC 4251122. Ylonen T (2006) The Secure Shell (SSH) Authentication Protocol. RFC 4252123. Ziv J and A Lempel (1977) A universal algorithm for sequential data compression. IEEE

Transacliuns un Inlurmaliun Theury, 23:337-343

Index

I's complement sum, 1402DES,553DES/2,553DES/3,554-way handshake, 221802.IX,219

A

access point (AP), see wireless access point(WAP)

ActiveX, 305ActiveX control, 306ad hoc WLAN, 208, 210Adleman, L, 90Advanced Encryption Standard, 39adware,25AES

add round key, 58, 62add subkey, 62inversed S-Box, 70meet-in-the-middle attack, 110mix-columns, 58, 64partial information attack, 109reverse S-Box, 60S-Box, 60, 70shift-rows, 58state matrix, 58substItute bytes, 58, 63

algebraic cryptanalysis, 44almost b-conserving, 77anti-malicious-software system, 28antI-phlshmg extension, 7AP spoofing, 211application gateway, 251application-specific integrated circuit (ASIC),

250

ARP poisoning, 14ARP spoofing, 14, 16,35Asynchronous JavaScript and XML (AJAX),

308avalanche effect, 43Avast AntiVirus, 296

B

backdoor, 22, 23Barreto, P, 132Base64 encoding, 191bastion host, 259, 260batch detection, 326BBS pseudorandom bit generator, 79beacomng, 209behavior signature, 329behaviorial data forensics, 336Bellare, M, 143bias vector, 235big endian, 85bmary string, 40birthday attack, 132, 146

set intersection attack, 149birthday paradox, 148bit, 40Black, J, 143black-hat hacker, 25, 26blackhole attack, 244blind signature, 155, 164block cipher, 41

initialization key, 239, 240link key, 234, 239, 240secure pairing, 233

378

secure simple pairing (SSP), 242Blum, L, 79Blum,M,79boot virus, 278bootstrap protocols (Bootp), 253botnet, see zombie armybroadcast attack, 330browser hijacking, 24buffer overflow, 16buffer overrun, see buffer overflowbugnosis, 315

CAchain, 120network, 120

cache gateway, 258CERT,30certificate authonty, 119certificate path, 120challenge-response authentication, 212character code sets, 40Chaum, D, 164chosen-plaintext attack, 44cipher-block-chaining mode (CBe), 72cipher-feedback mode (CFB), 72, 73ciphertext data, 4ciphertext stealing mode (CTS), 86clogging attack, 181Cocks, C, 91collisIOn resistance, 131Common Criteria, 260Common Internet File System (CIFS), 253Common Object File Format (COFF), 285commutative group, 112Component Object Model (COM), 305compound signature, 330-332computatIOnal umqueness property, 130, 131computer

forensics, 3hijacking, 24virus, 2

confusion, 43congruence relation, 92, 93content signature

payload signature, 329contextual interpretation, 337conventional encryption algorithm, 39cookie, 181,306counter mode (CTR), 72, 74counter mode-CBC MAC protocol (CCMP),

229cracker, 26

Index

crafted packet, 253crafted SYN packet, 14cryptanalysIs, 4crypto placement, 168cryptographic algorithm, 165cryptographic checksum, 140cryptographic hash function, 129, 130cryptosystem, 28cyber

spy, 25, 27terrorist, 25, 28

Cyclic Redundancy Check (CRe), 140,212

D

availability, 2confidentiality, 2mtegnty,2non-repudiation, 2storage state, 2transrmssron state, 2

data authentication code standard (DAC), 142Data Encryption Standard (DES), 39,45data mining, 318, 336, 337data refinement, 337database security, 3DDoS attack, 20de-association attack, 232deep layered defense, 3

encryption, 51expansion permutation, 51initial permutation, 52permutatIOn on keys, 48S-Box,49subkeys,48substitution, 51

detection engine, 326detectIOn policy, 324dictionary attack, 5, 7, 8differential cryptanalysis, 44Diffie, W, 90Diffie-Hellman key exchange, 89, 181diffusion, 43digital certificate, 119digital digest, 129digital fingerprint, 129, 130digital immune system (DIS), 297digital signature standard (DSS), 150

Index 379

disaster recovery, 3discrete elliptic curves, 113discrete logarithm (discrete log), 10 I

fast modular exponentiation, 94, 95Feistel cipher scheme, 45Feistel, H, 45

distributed denial of service (DDoS), 20, 310distributed firewall, 251DoS attack, 20, 36double signature, 164dnll down, 337dual signature, 153, 154dynamic document

Active Server Page (ASP), 303

Ferguson, N, 222Fermat's little theorem, 94File Allocation Table (FAT), 279file-format virus, 279file-system vrrus, 279fingerprint reader, 12finite continued fraction, 99firewall, 28, 249

Common Gateway Interface (COl), 303Hypertext Preprocessor (PHP), 303JavaServer Page (JSP), 303

ipf,268iptables, 268, 269access control list (ACL), 252

Dynamic Host Configuration Protocol(DHCP),253

Dynamic Link Library (DLL), 279

application gateway, 257application-level gateway (ALG), see

application gatewaycircuit gateway, 251, 255

E circUit-level gatcway (CLG) , see ctrcuitgateway

connection-state filtering, 254demilitarized zone, 261, 264dual-home bastion host (DHBH), 262dual-homed bastion system, 261dynamic packet filter, 251dynamic packet filter (DPF), 255egress filtering, 251

stateless filtering, 252Fluhrer, S, 77

proxy server, see apphcatlon gateway

stateful filtering, 252, 254stateful packet inspection (SPI), 259

screened subnet, 261, 263single-homed bastion system, 261

packet filter, 251

SOCKS, 257

ingress filtering, 251

fragmentation attack, 217

Elgamal PKC, 102Elgamal public-key cryptosystem, 89

encryption, 116

elliptic-curve Diffie-Hellman (ECDH), 117

electronic-codebook mode (ECB), 72

key exchange, 117electronic cash, 156, 157

Elgamal, T, 102elliptic-curve cryptography, 91, 112

elliptic-curve public-key cryptobraphy, 89emergency response, 3encrypted checksum algorithm, 129

eCash, 157ECC~-~-~~------------~~-~~~~-~~~~~

decryption, 116encoding, 114

elliptic-curve encoding parameter, 116elliptic-curve logarithm, 116

encrypted hash, 7Euclid's algorithm, 79, 80Euler's theorem, 93

G

Euler's totient function, 93event counter, 334

Galois field, 68gateway, 19

event gauge, 335 Gray code, 144event timer, 335Extensible Authentication Protocol over LAN

grayhole attack, 244grey-hat hacker, 25, 26

(EAPoL),220 group master key (GMK), 220external network, 250

HF

false negative detection, 324hacker, 25hacking tool, 27

false positive, 324false positive alarm, 324

hash function, 130header signature, 329, 330

380

healthy host, 22heap, 16Hellman, M, 90hidden Markov model (HMM), 316High Interaction Honeypot Analysis Toolkit

(HIHAT), 339HoneyBow, 339honeypot, 29, 317,338Honey trap, 339Honeywall, 339, 343host-based detection (HBD), 318, 325, 328host-based signature, 330hybrid detection, 318Hypertext Markup Language (HTML), 303

I

identity spoofing, 12Import Address Table (IAT), 285infected host, 22information, 2information security, 3infrastructure WLAN, 208initial vector, 72instant messaging (1M), 301integer factorization, 80

Internet InformatIOn Services (lIS), 293Internet Mall Access Protocol (IMAP), 193intrusion, 18Intrusion Detection Expert System (IDES),

334intrusion detection system (IDS), 28, 318intrusion prevention system (IPS), 318IP

header, 15, 16scan, 18,35spoofing, 14

IPsec, 165Internet key exchange, 173AH format, 177authentication header (AH), 173cookie exchange, 181encapsulating security payload (ESP), 173mtegnty check value (lCV), InInternet secunty association and key

management protocol (ISAKMP), 180Oakley key determination protocol (KDP),

180SA bundle, 174SA selectors (SAS), 174, 175security association (SA), 174

Index

security association database (SAD), 174,175

security parameters index (SPI), 174security policy database (SPD), 174, 175slldmg wmdow, 178

irreducible polynomial, 68

J

Java Virtual Machine (JVM), 304

K

Katz, P, 185Kerberos, 165, 194

authentication server, 195multiple-realm Kerberos, 195, 198server ticket, 195single-realm Kerberos, 195ticket, 195ticket granting server, 195

key distribution center (KDC), 126key ring, 122key scheduling algorithm (KSA), 75keyed-hash message authentication code

(HMAC), 129, 142keystroke logger, 25

Koblas, M, 257Koblitz, N, 91Krovetz, T, 143

L

left-circular shift operation, 48, 235Lempel, A, 185Line Printer Remote protocol (LRP), 253linear cryptanalysis, 44little endian, 85logic bomb, 22, 23

M

MACbackward intractability, 141computational uniqueness, 141forward efficiency, 141uniform distribution, 141

MAC address, 16MAC Service Data Unit (MSDU), 214MAC-address filtering, 209macro virus, 279Mafiaboy, 21

Index

Maginot Line, 31malicious software, 22malware

see malicious software, 22man-in-the-middle attack, 12, 101Mantin, I, 77Massey, J, 234master key, 118master zombie, 310master-slave DDoS attack, 310master-slave-reflector DDoS attack, 310mathematical attack, 44McAfee VirusScan, 296meet-in-the-middle attack, 55meet-in-the-middle attacks on 2DES, 56memory layout, 17memory-resident virus, 280Merkle, R, 132message, 2

replay, 12, 13message authentication code (MAC), 129message injection, 216message mtegnty code (MIC), 222metamorphic virus, 280, 287, 316MIller, G, 97MIller, S, 194Miller, V,91Mitnick, K, 15modular exponentiation, 95modular inverse, 93

multi-host signature, 330, 331multiple-key public-key cryptography

(MKPKC),164Multipurpose Internet Mail Extension protocol

(MIME), 193muted computer, 14

N

Nepenthes, 339network

administration tools, 31smfter, see packet smfter, 33spoofing, 12, 14

network address translation (NAT), 265dynamic NAT, 266

Network Basic Input/Output System(NetBIOS), 253

Network File System (NFS), 253network interface card (NIC), 357network signature, 329network tap, 326

381

network-based detection (NBD), 318, 325, 326network-node detection, 326network-sensor detection, 326Neuman, C, 194Neumann, P, 317New Technology File System (NTFS), 279Next Generation Virus Creation Kit (NGVCK),

287Nimitz, C, 27node subversIOn, 347nonce, 13, 172Norton AntiVirus, 296

o

Objcct Linking and Embcdding (OLE), 305offset codebook mode (OCB), 143one-time pad, 42one-way property, 130operational detection, see signature detectionout-of-band data, 337output-feedback mode (OFB), 72, 74

p

P2PBitTorrent, 299eMule,299Gnutella, 299Napster, 299

sniffer, 3, 33padding, 41pairwise master key (PMK), 219, 220pairwise transient key (PTK), 220password sniffing, 5, 10, 25payload signature, 329peer-to-peer (P2P), 301peer-to-peer security, 299per-frame key, 224penmeter secunty, 249periodic detection, 326phisher, 6, 7phlshmg, 5, 6phishing site, 7physical address, 16piconet, 232

master device, 232parked station, 232slave device, 232

plaintext data, 4polymorphic viruses, 280port address translation (PAT), 266

382

port scan, 18,35Portable Executable (PE), 285Pretty Good Privacy (PGP), 165primality test, 97prime number theorem, 92primitive root, 94, 95private key, 90private network, 266pnvate-key nng, 122, 192probabilistic algonthm, 97program behavior, 321protocol

defect, 2flaw, 2loophole, 2

Pseudo Hadamard Transform (PHT), 236pseudorandom number generator (PRNG), 78public key, 90public-key authonty (PKA), 127public-key certificate, 118, 119public-key cryptography (PKC), 89public-key cryptosystem, 89

backward intractability, 91commutability,91forward effiCiency, 91

public-key infrastructure (PKI), 165, 170public-key ring, 122, 123, 192

R

Rabin, M, 97Radix-64 encoding

see Base64 encoding, 191rainbow table, 8RC4 stream cipher, 75real-time detection, 326reduction function, 8registry virus, 280related-plaintext attack, 77relatively prime, 79repudiatIOn attack, 17retma scanner, 12Rijmen, Y, 57, 132Rivest, R, 75, 90robust secunty network (RSN), 221Rogaway, P, 143rollback attack, 231round key, 57route leak, 273route-error-injection attack, 245RSA

challenge number, 111small exponent attack, 108time analysis, 107

Index

RSA public-key cryptosystem, 90RSN IE poisoning, 231rule-based detection, 329rushing attack, 244

s

SANS, 30scanning, 209script kiddies, 25, 27script virus, 280Sebeck, 339secret key, 4secure code, 3Secure Electronic Transaction Protocol (SET),

154secure hash algorithm, 132Secure Shell (SSH), 165secure socket layer protocol (SSL), 184Secure Sockets Layer (SSL), 165

assessment, 3auditing, 3, 319policy, 3training, 3

security network association (RSNA), 221secunty profile, 319, 321session key, 118Shamir, A, 77, 90Shor, P, 80, 101Shub,M,79side channel attack, 45sieve, 97signature detection, 329signature verification, 151silenced computer, see muted computersmged response (SRES), 240smgle-event signature, 330, 331slave zombie, 310Smith, D, 289, 290smurt attack, 20

SOHO firewall, 267source combination, 337

Index

spam filter, 22spam honeypot, 339spam mail, 21spam trap, see spam honeypotspammer,22special b-exact key, 77spyware, 22, 24SSH

connection layer, 200, 201transport layer, 200user authentication layer, 200

SSLalert protocol, 185change-cipher-spec protocol, 185connection, 186handshake protocol, 184, 185master secret, 188pre-master secret, 188rccord protocol, 184, 189

STA spoofing, 211stack, 17stealth VIruS, 280Stoned Empire Monkey, 279stream cipher, 75strong colhslOn resistance, 131strongly collision resistant, 131subkey generation algorithm (SGA), 76subhmmal channel, 127Sun Tzu, 1sweeping attack, 332symmetnc-key encryption algonthm, see

conventional encryption algorithmsSYN flooding, 14system mtegnty venfier (SIV), 328

T

tag, see message authentication code (MAC)TCP

fragmentation attack, 253, 270header, 15hijacking, 14, 15packet, 15port, 18wrappers, 15

the Chinese remainder theorem, 98the fundamental theorem of arithmetic, 92time stamp, 13, 172timing attack, 45TKIP sequence counter (TSC), 224traffic analysis, 18transparent proxy firewall, 255Transport Layer Security (TLS), 165transport layer security protocol (TLS), 184

transport mode, 169tnple-DES, 39Trivial File Transfer Protocol (TFTP), 253Trojan dropper, 298Trojan horse, 22, 23trusted operating system, 3trusted operating system (TOS), 259

no read up, 260no write down, 260

tunnel mode, 169

II

undeniable signature, 164user password, 5user profile, 321

v

van Antwerpen, H, 164Vemam, G, 75vicious employee, 28virtual honeypot personality, 342virtual local area network (VLAN), 267virtual private network (VPN), 173virus, 22

Black Ice, 280cascade, 279DIR-II,279Elk Cloner, 279Happy99.exe, 280host program, 278infected program, see host programLoveLetter, 280WMIDMV,279XM/Larous, 279Zafi,284

VIruS emulator, 297vrrus hoax, 299virus scan, 22vrrus scanner, 294voice of IP (VoIP), 30 I

w

Wang, X, 131, 132Web

active document, 303dynamic document, 303static document, 303

Web bug, 315Web proxy server, 258WEP

FMS attack, 77

383

384

per-frame key, 214temporal key mtegnty protocol (TKIP), 218

WEP key, 211WHIRLPOOL

add round constant, 137, 140add round key, 137, 140mix rows, 137, 139shift columns, 137shift rows, 139state matrix, 136, 137substitute bytes, 137

white-hat hacker, 25, 26WI-FI,209Wi-Fi Alliance, 209WI-FI hotspot, 209Wi-Fi network, 209WI-FI Protected Access (WPA), 207, 218Wi-Fi Protected Access version 2 (WPA), 207Wilhamson, M, 90Windows Defender, 308Wired Equivalent Privacy (WEP), 75, 207, 211wireless access point (WAP), 208wireless key dlstnbutlon center (WKDC), 244wireless local-area network (WLAN), 207wireless personal area networks (WPAN), 207,

232wireless pubhc-key ll1frastructure (WPKI), 244wireless sensor network (WSN), 248worm, 22

Code Red, 292, 293Code Red II, 293infection propagator, 287LoveLetter, 280mass mailer, 288Melissa, 289rabbit, 288SQL slammer, 293storm, 293target locator, 287mm,293W32/Nimda, 293mm,293

worm tunnel, 244wormhole attack, 244WPA

DoS attack, 229Enterprise WPA, 219Home-and-SmaII-Office WPA, 219key mixing, 224message mtegnty code (MIC), 218pairwise transient key (PTK), 220

WPA2,229

x

X.509certificate authonty, 17lcertificate revocation list, 171end entity, 17lregistration authority (RA), 171Repository, 171

X.509 PKI, 170

Y

Yao, F, 132YlOnen, T, 200

z

Zimmermann, P, 192ZIP

base window, 353look-ahead window, 353

Ziv, J, 185zombie

computer, 21software, 21zapper,21

zombie army, 21Zombie Zapper, 36zombieware, 22

Index