cscd 434 lecture 2 spring 2012 computer security overview
TRANSCRIPT
CSCD 434
Lecture 2 Spring 2012
Computer Security Overview
Overview
• Security Defined – Traditional and Modern– Confidentiality, Integrity, Availability– Other views
• Threats to Computer Systems– How bad is it?
• Vulnerabilities– Defined, Statistics
• Examples
Traditional View Security • Department of Defense (NSA, Others)
• Dates back to the 1960's• Multi-user systems, mainframes
–Shared access for users with different clearances–Top-secret, secret, confidential, unclassified
• TS, S, C, U–Most concerned with keeping secrets, away from nation states level of adversaries
• China, Russia, Eastern Europe
Traditional View Security
• Military dominated computer security• Obsessed with confidentiality
– Funded research• Prove secrets could remain secret in
presence of unclassified people in multi-user environment
– Concerned with detecting covert channels where spies or insiders would signal each other
– Collection of early security papers
http://seclab.cs.ucdavis.edu/projects/history/
Summary of Traditional View
1. Computers were not as networked• Many standalone and mainframe systems
2. Multi-user systems • Concerned with multi-level security• Secrecy - confidentiality of primary concern• Second, was data integrity and maintaining
access
3. Adversaries were of the highest levels
Modern View of Security 1. Computers are Connected and Interdependent
• This codependency magnifies effects of any failures
http://www.darknet.org.uk/2009/01/conficker-aka-downadup-or-kido-infections-skyrocket-to-an-estimate-9-million/
– March 2009• Conficker began in 2008.• Confirmed worm spikes, infects 1.1 million PCs in
< 24 hours ...• What does it do?• Worm allows its creators to remotely install
software on infected machines, takes advantage of a Windows vulnerability, called MS08-067
– Allows sharing of local resources
http://www.confickerworkinggroup.org/wiki/pmwiki.php/Main/HomePage
http://en.wikipedia.org/wiki/Conficker
Conficker Continued
• How sophisticated is Conficker?“ Currently no one knows why the Conficker
Worm was created, who is controlling it, or what it might do next
However, one thing is for sure, if and when its creator does decide to use the worm, it will have the power to cause massive chaos”
• Are you infected? See below
http://www.confickerworkinggroup.org/
infection_test/cfeyechart.html
Modern View of Security
• Other Examples– Slammer worm, 2003, infected 75,000
computers in 11 minutes
• Continued to scan 55 million
computers / sec– Blaster worm, 2003, infected 138,000 in
first 4 hours
• Over 1.4 million computers worldwide
– Many others ....http://hardgeek.org/2009/09/10-worst-computer-virus-
attacks-in-history/
Modern View of Security2. Computing today is very Homogeneous
– A single architecture and a handful of OS's dominate
• Linux, Mac OS and Windows
• In biology, homogeneous populations ... terrible idea– A single disease or virus can wipe them out
because they all share the same weakness– The disease needs one infection method!!
• Computers are the animals ... think cows• Internet provides the infection vector ... virus that
sickens cows ... Mad Cow disease
Modern View of Security
3. Adversaries are all levels and Global– Range from script kiddies to serious
groups such as those that steal defense secrets or industrial espionage
– Global reach with many in countries where we can't extradite them
• China, Eastern Europe, Russia and S. America
Hacker Timelinehttp://en.wikipedia.org/wiki/
Timeline_of_computer_security_hacker_history
Security Defined
• System Secure if …–Has these properties
• Confidentiality• Integrity• Availability
C.I.A
DDoS Attack Example
• July 21, 2008, Web site for president of Georgia was knocked offline by a distributed denial-of-service (DDOS) attack
• Georgia's presidential Web site was down for a day, starting early Saturday until Sunday
Network experts said the attack was executed by a botnet
Whats a botnet?
Botnet Defined
• A botnet is a large number of compromised computers that are used to generate spam, relay viruses or flood a network or Web server with excessive requests to cause it to fail
• The computer is compromised via a Trojan that often works by opening an Internet Relay Chat (IRC) channel that waits for commands from the person in control of the botnet
• There is a thriving botnet business selling lists of compromised computers to hackers and spammers
http://www.pcmag.com/encyclopedia_term/
0,2542,t=botnet&i=38866,00.asp
Another DDoS Attack Example• February 16th, 2007• Anti-phishing group, CastleCops.com was
knocked out by a massive DDoS, – Volunteer-driven site, run by husband and
wife team had been coping with on-and-off attacks since February 13
– An intense wave that began around 3:45 PM EST completely crippled the server capacity
• CastleCops.com just celebrated its fifth anniversary as a high-profile anti-malware community
• Comment: This site ceased operation Dec. 2008
Confidentiality Defined
• Confidentiality– What does it mean for data to be
confidential?– Data must only be accessed, used,
copied, or disclosed by persons who have been authorized
• To access, use, copy, or disclose information …
– You ensure information is not accessed by unauthorized users
Confidentiality Example
• Communication between two people should not be compromised
network
Eavesdropping,packet sniffing,illegal copying
Threats
We have made an important discovery …
Definitions• More on Confidentiality
• How do you prevent confidentiality loss?• Confidentiality is preventing disclosure
of information to unauthorized individuals or systems
• Example, credit card transaction on the Internet
• System enforces confidentiality by encrypting card number during transmission or limiting the places where it might appear
Integrity Defined
• Integrity– What is Data Integrity?– Data must not be
• Created• Changed, or • Deleted without authorization
– Ensuring that information is not altered by unauthorized persons
Integrity Defined• Messages should be received as originally
intended
network
Intercept messages,tamper, release again
I love you darling!!
I don’t want to see you again
Threats
DefinitionsMore on Integrity
– Integrity means that data cannot be modified without authorization
– Example of violation– Integrity is violated
• When an employee (accidentally or with malicious intent) deletes important data files,• When a computer virus infects a computer,• When an employee is able to modify his own salary in a payroll database, • When an unauthorized user vandalizes web site
Availability Defined
• Availability – Systems function correctly when
information is provided when its needed– The opposite of availability is denial of
service (DOS)
Availability Example• Disrupting communications
completely
network
Overwhelm or crash servers,disrupt infrastructure
Threats
Definitions
More on Availability– Information must be available when it is
needed. – High availability systems goal is remain
available at all times, preventing service disruptions due to power outages, hardware failures, and system upgrades
– Example of violation?– Ensuring availability also involves
preventing DoS attacks denial-of-service attacks
CIA
• While a good way to measure system security– DOD environment
• Not sufficient for modern computers– Today, computers are complex– Many more layers of applications and
uses – More difficult to both define and
measure security
Simple View Computer Security
• You have something you want to protect
• You have someone or something you
want
to protect it from
• You are willing to expend effort and
resources in order to protect it
Question
• Is Computer Security a Process or a
State?
Security Defined
• It is a process, not a state!!!! There is no fundamental point when
system is secure• Have Risk,• Do Assessment• Manage risk,• Mitigate what can't be managed • Need to identify what’s “Good Enough”• Security is a tradeoff, can't protect
everything
ATM Machine Example
• ATM machine– User asks for cash, spits it out– Door opens, user takes cash, door closes– What happens if user doesn’t take cash?
ATM Machine Example
• Assumption if this happens, subsequent user shouldn’t get cash that doesn’t belong to him– All following transactions, machine
refuses to open door– Cash could go to wrong user– Creates a DoS for rest of users
Security Protocols Difficult
• Hard to get security protocols right• Designers don’t anticipate everything
that could go wrong– Users or attackers frequently seem to
find the flaw
• Even something seemingly simple can have flaws
US Tax System Example
• Tax refunds, how hard is that?– Algorithm for processing form
• Verify identity of form filled out by a given person
• Verify income and with-holding are correct
• If these two steps ok && amount of Withholding > tax owed
• then send person refund check
• What could go wrong?
US Tax System Example
• Except, no rule against duplicate checks– Person could file for multiple refund
checks under this system– And, that happened for a while – Was eventually caught …
Computer Security Threats
Threats to Computer Security
• So, what are the threats?• Passive
– Sniffing of data• Viewing of information – physical • Over your shoulder, taking pictures of
screens– Dumpster diving– Social Engineering
• Active– Interception of data, injection of data – Virus, worm, trojan horse program– DOS or DDOS
Is Security that Bad?
License
Is Security that Bad?
How big is the security
problem?
0
1000
2000
3000
4000
5000
6000
7000
8000
9000
1995 1997 1999 2001 2003 2005
http://www.cert.org/stats/
CERT Vulnerabilities reported
Malware Over TimeNumber of new malicious programs has remained stable does not automatically imply any stabilization in the number of attacks
http://www.securelist.com/en/analysis/204792161/Kaspersky_Security_Bulletin_Malware_Evolution_2010
Malware 2010• Data from Kapersky Labs
• In 2010, total number of recorded incidents exceeded 1.5 billion for the first time since we began our observations!
• Attacks via browsers accounted for over 30% of these incidents, that’s over 500 million blocked attacks
• Vulnerabilities have really come to the fore in 2010• Exploiting vulnerabilities has become the prime method for
penetrating users’ computers
– Vulnerabilities in Microsoft products rapidly losing ground
to those in Adobe and Apple products such as Safari,
QuickTime and iTunes.
Malware 2010• More Statistics
• Increase in number of attacks via P2P networks
• P2P networks are now a major channel through which malware penetrates users’ computers.
• In terms of security incident rates, we estimate this infection vector to be second only to browser attacks.
• Practically all types of threats, including file viruses, Rogue AVs, backdoors and various worms spread via P2P-networks.
Malware Complexity 2010
• Stuxnet worm– Experts needed 3 months – To understand its functionality – Stuxnet left all previously known malware
behind in terms of the number of publications it generated
– Malware author success = major security community attention
Malware in 2010
• Used to be ...– Users who have jailbroken their iPhones to
install third-party applications increased risk to themselves
– Now ... even those installing native applications downloaded from Apple Store are also exposing themselves to a degree of threat
– Several incidents involved legitimate Apple applications
• iPhone apps were detected covertly gathered data, sent it to software manufacturers
Why do threats succeed?
• Vulnerabilities !!!• Vulnerabilities !!!• Vulnerabilities !!!• Vulnerabilities !!!• Vulnerabilities !!!
Is it because hackers are so smart, or is it just too easy?
Vulnerability Defined
• What is a security vulnerability?
• A vulnerability is an error or weakness in a component that allows it to be attacked
• Typically, something that runs in an OS or other application
• If exploited, each vulnerability can potentially compromise the system or network
Vulnerabilities Explained
• Software vulnerabilities highly specific – Classic vulnerability affects a single feature
of one release of a software product installed under a specific operating system
• Out of trillions of lines of code running in networked systems, – A vulnerability may exist in a single line. – Like a unique grain of sand in a mile-long
beach ...– As the number of network components
grows every year, so do the number of vulnerabilities
Vulnerability Example• CVE-2005-3641
– Oracle Databases running on Windows XP with Simple File Sharing enabled, allows remote attackers to bypass authentication by supplying a valid username.
Impact– CVSS Severity: 7.0 (High) – Range: Remotely exploitable – Authentication: Not required to exploit – Impact Type: Provides unauthorized access,
Allows partial confidentiality, integrity, and availability violation , Allows disruption of service
Vulnerabilities
• True or False?– “Vulnerabilities that lead to system
security breaches are a result of sloppy or ignorant programmers producing bad, error-prone code”
Vulnerabilities• If previous statement isn’t true,
– What causes vulnerabilities?• Software is one cause
– Bugs, coding errors or incomplete specifications that didn’t account for security
• Network protocols – bad design– Incorrect assumptions about protocols and
how they would be used … classic example is TCP/IP
• Human error
– Social engineering and human ignorance• Physical access
– Insecure premises allowing unauthorized access
Steal cars with a laptop
NEW YORK - Security technology created to protect luxury vehicles may now make it easier for tech-savy thieves to drive away with them. In April ‘07, high-tech criminals made international headlines when they used a laptop and transmitter to open the locks and start the ignition of an armor-plated BMW X5 belonging to soccer player David Beckham, the second X5 stolen from him using this technology within six months
How did they do it?
•… Beckham's BMW X5s were stolen by thieves who hacked into the codes for the vehicles' RFID chips …
49
Disable Cars Over the Internet
• Young man, used an Internet service
to remotely disable ignitions and set off car horns
of more than 100 cars– Ramos-Lopez used a former colleague's password to
deactivate starters and set off car horns, police said– Several car owners said they had to call tow trucks and
were left stranded at work or home– The Texas Auto Center dealership in Austin installs GPS
devices that can prevent cars from starting• System is used to repossess cars when buyers are
overdue on payments• Car horns can be activated when repo agents go to
collect vehicles and believe the owners are hiding them
Human Vulnerabilities• Social Engineering
– Alive and well in spite of lots of publicity• Email Scams
– Investment schemes in African economy• “Nigerian uncle has died intestate Need to
transfer $8M to US with your assistance. You will get 10% of funds, need your bank info to initiate the transfer …”
– Phishing• Want to get your money!!• “Your paypal account needs updating, please
enter your username and password …”
Improving Security
• Design it in from the beginning– Security is typically an afterthought …
still• People more concerned with performance
and nice features than security, want to sell products
• Microsoft ?? and Linux and Apple too ....
– Security is often seen as something users don’t want – hinders their use of the system
– Must create security requirements that need to be met along with other requirements
Security is Hard
• Security hard to define– Without good definition, almost
impossible to achieve– One way to think of security,
• Consider system states
– Think of security of a system as its ability to stay in good states
– Be wary of anyone who says they have built a secure system
• How do they know?
Class Contributions
• Extra Credit !!! Any topic in class, 5
Points
– If you can find relevant actual examples or
news - must be current, past year
– Example: If we are talking about Attackers
• Story must be about Attackers, within last year
– You get to share it with the class!!!
The End• Next Time
– We will look at vulnerabilities in TCP/IP and other protocols
– See reading assignment