ITIS 6167/8167: Network and Information Security Weichao Wang

2 Security overview Risks –Computers have controlled our lives Medical, ATM, banking, business Air traffic control –Why there are risks Adversaries –Smart and dedicated –Many of them –Hiding in the dark –From fun to profit (worm  self-changing  botnet)

3 Examples in real life Attack on Twitter –Hack into the victim’s account –DDoS to paralyze Twitter, facebook, etc Data mining attacks on public database –In Tenn, a newspaper generates a database about all residents that have CCW permits. –In CA, there is a webpage listing all people that donate to Proposition 8 ballot measure

4 Security overview Physical security is not enough (can you be sure that your physical security methods are sound and enough?) Networked computers can be accessed remotely

5 Security overview Defending methods –Prevention Prevent (password, salt, private salt, searching) Deter: raising the bar (password guessing, login slow) Deflect: making other target more attractive Diversify –Detection Monitoring (who, what, and how) Intrusion detection (signature based, anomaly based) IP telephony track

6 Security Overview Recovery –Recover data (check point) –Identify the damage –Forensics –Containment Tolerance –Maintain a decent service quality –Automatically degrade video quality while reserving bandwidth for voice

7 Security overview How prevention works –Policies –Encryption Digital cash, time-stamp, secure multiparty computation, e-voting, e-bidding –Access control and authorization Hardware control (interaction free authentication) Software control (RFID credit card) Information disclosure (write prevention)

8 Security overview What can go wrong with prevention –Design, implement, configuration –Mal-code transfer (enterprise level security) –Attackers are smart and dedicated –Uncle Tom wants it to be safe against terrorists, but not to him

9 Security overview Some additional methods to improve security –Least privilege –Writing good code –Security testing –Embed security from beginning instead of as a patch

10

11 Network security overview The features causing security problems –Sharing: access control for a single system is not enough –Complexity of systems –Undefined boundary: one host may be on multiple networks –Multiple-node path before data reaches you: anonymity of attacker and hard to traceback: the South Bell example

12 A typical NFS operation and its security features: –A read from B: confidentiality –A write to B: Integrity and confidentiality –Forge communication from A to B: integrity –Block traffic b/w A and B: availability –Impersonation

13 Security problems in network protocols: –ARP: cache poisoning –IP: spoofing, fragmentation –ICMP: –UDP: –TCP: session hijacking, SYN flood, DoS –DNS systems –Buffer overflow

14 Security methods –Hiding: OS configuration, port, –Encryption: IPSec –Port protection: telnet, ftp, etc –Authentication –Data integrity: digital signature, checksum –Firewall: block unwanted traffic –IDS –Forensics –Proof of possession

15

16 Review of networks Network consists of –Hosts –Network devices –Links –Software The view of Internet –Users’ view –Real topology

17 How routers work –Look at the destination address of the packet –Look up in the local routing table –Determine the exit interface –The next router will do the same –Default router –Route based on sub-network instead of IP address

18 IP address classes –Class A to C –Class A can have: million addresses –Class B can have: addresses –Class C can have: 256 address –A decent cooperation needs one to many class B addresses (Purdue’s joke)

19 Special address: – : local broadcast – : this host – : loopback –CIDR: classless inter-domain routing What about IPv6 addresses

20

21 Review of Cryptography Two kinds of cryptographic algorithms –Keep the method secret Good: safe for low security requirement Bad: update, proof of correctness, how to communicate with outsider –Make the algorithm public but keep the key secret Safety depends on the key only Good: safety analysis can be conducted

22 Introduction (cnt’d) Symmetric algorithms –The encryption and decryption key can be calculated from each other easily (most of the time the same). –Block algorithms and stream algorithms Cipher text is same of longer in length: Why?? –Good: efficient and fast, easy to deploy –Bad: key distribution, scalability, broadcast or multicast

23 Introduction (cnt’d) Public-key encryption –First appear in 1970’s –Two keys: public key and private key –Private key cannot be derived from public key –Everyone can send a packet to Alice –Only Alice has the private key to recover the packet –If Alice uses the private key to encrypt a message, can be viewed as digital signature –Strong, scalable, easy for broadcast and multicast, but very slow

24 Introduction (cnt’d) Attack to encryption system –Cipher-text only attack The amount of traffic matters –Known plaintext attack –Chosen plaintext attack Key point –Keep the cost to break the system higher than the gain of the information

25 Introduction (cnt’d) Can you always break an encryption system? –One time pad –Brute-force attack: Try every possible key

26 Introduction (cnt’d) Several old fashion encryption algorithms –Substitution ciphers Replace a character in the plaintext with another character Example: Caesar cipher –Transposition ciphers Shuffle the order of characters The frequency of characters does not change –XOR and one-time pad: If the random bits repeat in cycle, it is bad Synchronization at both side is always a problem

27

28 One way functions One way function is easy to calculate in one direction, but not the other. –Given x, easy to get f(x) –Given f(x), even f() is known, still not easy to get a x Trap door one way function –Given x, easy to calculate f(x) –Given f(x), difficult to get x –Given f(x) and a secret y, easy to get x

29 One way hash function Map a variable-length input string to a fixed length string: fingerprint the file –Easy to get Hash(x) when giving x –Almost impossible to find a x that satisfies Hash(x) –Almost impossible to find two files x and x’ to have the same hash value –Minor change in x, large changes in Hash(x) Since the hash value is shorter, we have conflict: –We can easily rule out files, but not guarantee this is the origin file –Still good enough in courts, like DNA tests

30 One way hash function Usage of hash function –Timestamp a file and prove that you are the creator (can be used to timestamp the homework) –Verify the integrity of the files in a file system Security problems: how and where to save the hash values Hash(x, k) to prevent change on the computer