![Page 1: 8/30/2010CS 686 Definition of Security/Privacy EJ Jung ejung@cs.usfca.edu CS 686 Special Topics in CS Privacy and Security](https://reader035.vdocuments.net/reader035/viewer/2022081603/56649ee65503460f94bf5de8/html5/thumbnails/1.jpg)
8/30/2010 CS 686
Definition of Security/Privacy
CS 686 Special Topics in CSPrivacy and Security
![Page 2: 8/30/2010CS 686 Definition of Security/Privacy EJ Jung ejung@cs.usfca.edu CS 686 Special Topics in CS Privacy and Security](https://reader035.vdocuments.net/reader035/viewer/2022081603/56649ee65503460f94bf5de8/html5/thumbnails/2.jpg)
8/30/2010 CS 686
AnnouncementsCourse Questionnaire and Consent Form
• No submission, no grades
Service Lab community partners are coming
Reading assignment in schedule• read “ahead”
![Page 3: 8/30/2010CS 686 Definition of Security/Privacy EJ Jung ejung@cs.usfca.edu CS 686 Special Topics in CS Privacy and Security](https://reader035.vdocuments.net/reader035/viewer/2022081603/56649ee65503460f94bf5de8/html5/thumbnails/3.jpg)
8/30/2010 CS 686
Course questionnaire results
20 students
Previous courses• 13 networks, 10 OS, 3 crypto, 1 security
Familiar technology• 13 hash, 10 proxy, 9 SSL/TLS, 9 PKC, 3 TOR, 2
PGP, 1 IPsec,
![Page 4: 8/30/2010CS 686 Definition of Security/Privacy EJ Jung ejung@cs.usfca.edu CS 686 Special Topics in CS Privacy and Security](https://reader035.vdocuments.net/reader035/viewer/2022081603/56649ee65503460f94bf5de8/html5/thumbnails/4.jpg)
8/30/2010 CS 686
Current challenging problems
Conflicting goals: • privacy vs. utility, anonymity vs. authenticity• safety vs. convenience, usability• right to opt-out• happy medium
HackersUser education and admin educationData sharing among many partiesData leak from social networks
![Page 5: 8/30/2010CS 686 Definition of Security/Privacy EJ Jung ejung@cs.usfca.edu CS 686 Special Topics in CS Privacy and Security](https://reader035.vdocuments.net/reader035/viewer/2022081603/56649ee65503460f94bf5de8/html5/thumbnails/5.jpg)
8/30/2010 CS 686
Want to solve
Hacking prevention, Server protection, Data protection Vulnerability (loophole) analysis and mitigation Intrusion detection
• packet sniffing and monitoring User education, usability Malware, e.g. virus, key-loggers, prevention&detection Identity theft, Phishing prevention/detection Right to opt-out, Pay for privacy Anonymity, Finding happy medium between anonymity
and authenticity• TOR
Security software development Secure data sharing among multiple parties, Data tracing
![Page 6: 8/30/2010CS 686 Definition of Security/Privacy EJ Jung ejung@cs.usfca.edu CS 686 Special Topics in CS Privacy and Security](https://reader035.vdocuments.net/reader035/viewer/2022081603/56649ee65503460f94bf5de8/html5/thumbnails/6.jpg)
8/30/2010 CS 686
After this course
Become knowledgeable
Find vulnerabilities
Protect systems and websites• without hurting performance and usability too
much
Work as security specialist
![Page 7: 8/30/2010CS 686 Definition of Security/Privacy EJ Jung ejung@cs.usfca.edu CS 686 Special Topics in CS Privacy and Security](https://reader035.vdocuments.net/reader035/viewer/2022081603/56649ee65503460f94bf5de8/html5/thumbnails/7.jpg)
8/30/2010 CS 686Henric Johnson 7
Attacks, Services and Attacks, Services and MechanismsMechanisms
Security Attack: Any action that compromises the security of information.
Security Mechanism: A mechanism that is designed to detect, prevent, or recover from a security attack.
Security Service: A service that enhances the security of data processing systems and information transfers. A security service makes use of one or more security mechanisms.
![Page 8: 8/30/2010CS 686 Definition of Security/Privacy EJ Jung ejung@cs.usfca.edu CS 686 Special Topics in CS Privacy and Security](https://reader035.vdocuments.net/reader035/viewer/2022081603/56649ee65503460f94bf5de8/html5/thumbnails/8.jpg)
8/30/2010 CS 686
Passive attack (1) - Eavesdrop
Code talkers
![Page 9: 8/30/2010CS 686 Definition of Security/Privacy EJ Jung ejung@cs.usfca.edu CS 686 Special Topics in CS Privacy and Security](https://reader035.vdocuments.net/reader035/viewer/2022081603/56649ee65503460f94bf5de8/html5/thumbnails/9.jpg)
8/30/2010 CS 686
Passive attack (2) - Analysis
Alexa
![Page 10: 8/30/2010CS 686 Definition of Security/Privacy EJ Jung ejung@cs.usfca.edu CS 686 Special Topics in CS Privacy and Security](https://reader035.vdocuments.net/reader035/viewer/2022081603/56649ee65503460f94bf5de8/html5/thumbnails/10.jpg)
8/30/2010 CS 686
Active attack (1) - impersonation
Impostors on Facebook
![Page 11: 8/30/2010CS 686 Definition of Security/Privacy EJ Jung ejung@cs.usfca.edu CS 686 Special Topics in CS Privacy and Security](https://reader035.vdocuments.net/reader035/viewer/2022081603/56649ee65503460f94bf5de8/html5/thumbnails/11.jpg)
8/30/2010 CS 686
Active (2) - replay
![Page 12: 8/30/2010CS 686 Definition of Security/Privacy EJ Jung ejung@cs.usfca.edu CS 686 Special Topics in CS Privacy and Security](https://reader035.vdocuments.net/reader035/viewer/2022081603/56649ee65503460f94bf5de8/html5/thumbnails/12.jpg)
8/30/2010 CS 686
Active (3) – intercept&modify
![Page 13: 8/30/2010CS 686 Definition of Security/Privacy EJ Jung ejung@cs.usfca.edu CS 686 Special Topics in CS Privacy and Security](https://reader035.vdocuments.net/reader035/viewer/2022081603/56649ee65503460f94bf5de8/html5/thumbnails/13.jpg)
8/30/2010 CS 686
Active (4) - DoS
Distributed DoS
![Page 14: 8/30/2010CS 686 Definition of Security/Privacy EJ Jung ejung@cs.usfca.edu CS 686 Special Topics in CS Privacy and Security](https://reader035.vdocuments.net/reader035/viewer/2022081603/56649ee65503460f94bf5de8/html5/thumbnails/14.jpg)
8/30/2010 CS 686
Summary of attacks
Henric Johnson 14
![Page 15: 8/30/2010CS 686 Definition of Security/Privacy EJ Jung ejung@cs.usfca.edu CS 686 Special Topics in CS Privacy and Security](https://reader035.vdocuments.net/reader035/viewer/2022081603/56649ee65503460f94bf5de8/html5/thumbnails/15.jpg)
8/30/2010 CS 686Henric Johnson 15
Security ServicesSecurity Services
Confidentiality (privacy)
Authentication (who created or sent the data)
Integrity (has not been altered)
Non-repudiation (the order is final)
Access control (prevent misuse of resources)
Availability (permanence, non-erasure)
• Denial of Service Attacks
• Virus that deletes files
![Page 16: 8/30/2010CS 686 Definition of Security/Privacy EJ Jung ejung@cs.usfca.edu CS 686 Special Topics in CS Privacy and Security](https://reader035.vdocuments.net/reader035/viewer/2022081603/56649ee65503460f94bf5de8/html5/thumbnails/16.jpg)
8/30/2010 CS 686
network
Attack on Authenticity
Authenticity is identification and assurance of origin of information
Unauthorized assumption ofanother’s identity
![Page 17: 8/30/2010CS 686 Definition of Security/Privacy EJ Jung ejung@cs.usfca.edu CS 686 Special Topics in CS Privacy and Security](https://reader035.vdocuments.net/reader035/viewer/2022081603/56649ee65503460f94bf5de8/html5/thumbnails/17.jpg)
8/30/2010 CS 686
network
Attack on Confidentiality
Confidentiality is concealment of information
Eavesdropping,packet sniffing,illegal copying
![Page 18: 8/30/2010CS 686 Definition of Security/Privacy EJ Jung ejung@cs.usfca.edu CS 686 Special Topics in CS Privacy and Security](https://reader035.vdocuments.net/reader035/viewer/2022081603/56649ee65503460f94bf5de8/html5/thumbnails/18.jpg)
8/30/2010 CS 686
network
Attack on Integrity
Integrity is prevention of unauthorized changes
Intercept messages,tamper, release again
![Page 19: 8/30/2010CS 686 Definition of Security/Privacy EJ Jung ejung@cs.usfca.edu CS 686 Special Topics in CS Privacy and Security](https://reader035.vdocuments.net/reader035/viewer/2022081603/56649ee65503460f94bf5de8/html5/thumbnails/19.jpg)
8/30/2010 CS 686
network
Attack on Availability
Availability is ability to use information or resources desired
Overwhelm or crash servers,disrupt infrastructure
![Page 20: 8/30/2010CS 686 Definition of Security/Privacy EJ Jung ejung@cs.usfca.edu CS 686 Special Topics in CS Privacy and Security](https://reader035.vdocuments.net/reader035/viewer/2022081603/56649ee65503460f94bf5de8/html5/thumbnails/20.jpg)
8/30/2010 CS 686
Famous words
Encrypt and decryptPlaintext and ciphertext
• encrypt plaintext -> ciphertext• decrypt ciphertext -> plaintext• easy example: XOR
Digital signature• as you sign on paper• for non-repudiation and accountability
Session• one conversation/communication unit
![Page 21: 8/30/2010CS 686 Definition of Security/Privacy EJ Jung ejung@cs.usfca.edu CS 686 Special Topics in CS Privacy and Security](https://reader035.vdocuments.net/reader035/viewer/2022081603/56649ee65503460f94bf5de8/html5/thumbnails/21.jpg)
8/30/2010 CS 686
Model for Network Security
![Page 22: 8/30/2010CS 686 Definition of Security/Privacy EJ Jung ejung@cs.usfca.edu CS 686 Special Topics in CS Privacy and Security](https://reader035.vdocuments.net/reader035/viewer/2022081603/56649ee65503460f94bf5de8/html5/thumbnails/22.jpg)
8/30/2010 CS 686
Access Control Model