Presentation is loading. Please wait.

Presentation is loading. Please wait.

System Programming CS 252 Topic 20

Published byAlexina Haynes Modified over 6 years ago

Similar presentations

Presentation on theme: "System Programming CS 252 Topic 20"— Presentation transcript:

1 System Programming CS 252 Topic 20
What is Computer/Information Security About? CS252 Topic 20

2 Security News in 2013 Snowden leaks information about various NSA data collection programs Phone call record Supposedly , instant message, etc. National Security Agency Facebook CEO’s page hacked by Palestinian Khalil Shreateh to demonstrate bugs in Facebook NSA: Secrecy (No such agency), Resources (Computing powers by acres, mathematicians), CS252 Topic 20

3 In the News in 2012: Hackers Force Apple, Amazon to Change Security Policy
What happened? Hackers gained access to Mat Honan (a reporter)’s iCloud account, then (according to Honan) At 5:00 PM, they remote wiped my iPhone At 5:01 PM, they remote wiped my iPad At 5:05, they remote wiped my MacBook Air. How did the attacker get access to iCloud account? Any guess? Lessons? Security only as strong as the weakest link. Information sharing across platforms can lead to unexpected vulnerabilities We’ve heard it before: Make sure to secure your online accounts with a strong, distinct password to avoid being hacked. But what if hackers can simply circumvent the need for your password to gain access to your information? Apple ID passwords could be swapped in exchange for the address, billing address and the last four digits of the credit card associated with the account. (Now Apple users can no longer reset their Apple IDs over the phone.) The hackers obtained the last four digits of Honan’s credit card number by breaking into his account on Amazon, which is now also tightening its security features. Amazon had required even less than Apple to change a password — only a user’s name, address and mailing address. The hackers found the final digits of Honan’s credit card once they reset his Amazon password. CS252 Topic 20

4 Stuxnet (2010) Stuxnet: Windows-based Worm
Worm: self-propagating malicious software (malware) Attack Siemens software that control industrial control systems (ICS) and these systems Used in factories, chemical plants, and nuclear power plants First reported in June 2010, the general public aware of it only in July 2010 Seems to be a digital weapon created by a nation-state 60% (more than 62 thousand) of infected computers in Iran Iran confirmed that nuclear program damaged by Stuxnet Sophisticated design, special targets, expensive to develop These are small embedded industrial control systems that run all sorts of automated processes: on factory floors, in chemical plants, in oil refineries, at pipelines--and, yes, in nuclear power plants. These PLCs are often controlled by computers, and Stuxnet looks for Siemens SIMATIC WinCC/Step 7 controller software. Iranian President Mahmoud Ahmadinejad has said it "managed to create problems for a limited number of our centrifuges." He also said the problems were resolved. Earlier in November, U.N. inspectors found Iran's enrichment program temporarily shut down, according to a recent report by the U.N. nuclear watchdog. The extent and cause of the shutdown were not known, but speculation fell on Stuxnet. On 1 June 2012, an article in The New York Times said that Stuxnet is part of a U.S. and Israeli intelligence operation called "Operation Olympic Games", started under President George W. Bush and expanded under President Barack Obama. In May 2011, the PBS program Need To Know cited a statement by Gary Samore, White House Coordinator for Arms Control and Weapons of Mass Destruction, in which he said, "we're glad they [the Iranians] are having trouble with their centrifuge machine and that we - the US and its allies - are doing everything we can to make sure that we complicate matters for them" offered "winking acknowledgement" of US involvement in Stuxnet.[20] According to the British Daily Telegraph, a showreel that was played at a retirement party for the head of the Israel Defence Forces (IDF), Gabi Ashkenazi, included references to Stuxnet as one of his operational successes as the IDF chief of staff.[21] CS252 Topic 20

5 Malware That Appear to Be Related to Stuxnet
Duqu (September 2011) Use stolen certificates, exploits MS Word Flame (May 2012) A tool for cyber espionage in Middle East (infecting approx machines, mostly in Iran) “Suicide” after being discovered 20 Mbytes, with SQLLite DB to store info, hide its own presence, exploit similar vulnerabilities as StuxNet, adjust its behavior to different Anti-Virus Presents a novel way to produce MD5 hash collision to exploit certificates CS252 Topic 20

6 What is Information (Computer) Security?
Security = Sustain desirable properties under intelligent adversaries Desirable properties Understand what properties are needed. Intelligent adversaries Needs to understand/model adversaries Always think about adversaries. Differs from fault tolerance in that faults are random, and attacks are intelligently carried out. CS252 Topic 20

7 Security Goals/Properties (C, I, A)
Confidentiality (secrecy, privacy) only those who are authorized to know can know Integrity (also authenticity in communication) only modified by authorized parties and in permitted ways do things that are expected Availability those authorized to access can get access CS252 Topic 20

8 Which of C, I, A are violated in ..
The Stuxnet attack compromises integrity of software systems, availability of some control functionalities, confidentiality of some keys in order to sign malware to be loaded by Windows The Apple/Amazon attack Confidentiality of credit card digits Integrity of password Availability of data and devices The Facebook attack Integrity Potential availability concern CS252 Topic 20

9 A Typical Security Definition/Assertion
In this system, an adversary who has access to the following ….. (known as the adversary model), cannot achieve its attack objective (or, equivalently, the following property of the system is preserved) unless the following is true (assumptions) Security is about understand precisely under what condition a system would fail. CS252 Topic 20

10 Computer Security Issues
Malware (Malicious Software) Computer viruses Trojan horses Computer worms E.g., Morris worm (1988), Melissa worm (1999), Stuxnet (2010), etc. Spywares, scarewares, ransomwares Malwares on mobile devices Computer break-ins spams E.g., Nigerian scam (419 scam, advanced fee fraud), stock recommendations The number "419" refers to the article of the Nigerian Criminal Code (part of Chapter 38: "Obtaining Property by false pretences; Cheating") dealing with fraud. Since 1995, the United States Secret Service has been involved in combating these schemes. The organization doesn't investigate unless the monetary loss is in excess of 50,000 US Dollars. However, very few arrests and prosecutions have been made due to the international aspect of this crime. In 2006, a report by a research group concluded that Internet scams in which criminals use information they trick from gullible victims and commonly strip their bank accounts cost the United Kingdom economy £150 million per year, with the average victim losing £31,000. CS252 Topic 20

11 More Computer Security Issues
Identity theft, e.g., phishing Driveby downloads Botnets Distributed denial of service attacks Serious security flaws in many important systems electronic voting machines, ATM systems Privacy in digital age Malware on ATM machines being found. It records card & PIN info. CS252 Topic 20

12 Why Do Computer Attacks Occur?
Who are the attackers? bored teenagers, criminals, organized crime organizations, rogue (or other) states, industrial espionage, angry employees, … Why they do it? fun, fame, profit, … computer systems are where the moneys are Political/military objectives CS252 Topic 20

13 Why These Attacks Can Succeed?
Software/computer systems are buggy Users make mistakes Technological factors Von Neumann architecture: stored programs Unsafe program languages Software are complex, dynamic, and increasingly so Making things secure are hard Security may make things harder to use What makes computers powerful? They are programmable. It is not designed to do one thing, but rather to execute any program. Why Turing Machine was considered a theoretical foundation for computer science. There exists a universal Turing Machine. Von Neumann architecture. Data can change into code. Computers do things that they are told to do. CS252 Topic 20

14 Why Do These Factors Exist?
Economical factors Lack of incentives for secure software Security is difficult, expensive and takes time Human factors Lack of security training for software engineers Largely uneducated population Human factor. Analogy with security in the physical world. CS252 Topic 20

15 Security is Not Absolute
Is your car secure? What does “secure” mean? Are you secure when you drive your car? Security is relative to the kinds of loss one consider security objectives/properties need to be stated to the threats/adversaries under consideration. security is always under certain assumptions (Merriam-Webster) Security: the quality or state of being secure (Merriam-Webster) Secure: a: free from danger b: free from risk of loss c: affording safety d: trustworthy, dependable Law, rules, Secure: 1. put valuable belongs in the car without worrying about them 2. drive it (long distance vs. short distance) Answer: it depends, upon: 1. where do I drive. 2. who are my adversary CS252 Topic 20

16 Security is Secondary What protection/security mechanisms one has in the physical world? Why the need for security mechanisms arises? Security is secondary to the interactions that make security necessary. What makes you feel secure in physical world? Buildings. Cars. Law enforcement. Airport security. Border security. Etc. Some of these do not exist in the past. Consider a village 6000 years ago. What make those people secure? Limited interaction. Robert H. Morris: father of the creator of the Morris Worm. Was a researcher at Bell Labs from 1960 until Then working at the (NSA). Served as chief scientist of the NSA's National Computer Security Center, where he was involved in the production of the Rainbow Series of computer security standards, and retired from the NSA in 1994. Robert H. Morris : The three golden rules to ensure computer security are: do not own a computer; do not power it on; and do not use it. CS252 Topic 20

17 Information Security is Interesting
The most interesting/challenging threats to security are posed by human adversaries Security is harder than reliability Information security is a self-sustaining field Can work both from attack perspective and from defense perspective Security is about benefit/cost tradeoff Thought often the tradeoff analysis is not explicit Security is not all technological Humans are often the weakest link CS252 Topic 20

18 Information Security is Challenging
Defense is almost always harder than attack. In which ways information security is more difficult than physical security? adversaries can come from anywhere computers enable large-scale automation adversaries can be difficult to identify adversaries can be difficult to punish potential payoff can be much higher In which ways information security is easier than physical security? Which ways information security is easier than physical security? More well-defined entry points. Lower cost of deploying high-quality security mechanisms. E.g., cryptography CS252 Topic 20

19 Tools for Information Security
Cryptography Encryption, Message Authentication Public key encryption, Digital signature, etc. Authentication Access control Information flow control Processes and tools for developing more secure software Monitoring and analysis Recovery and response CS252 Topic 20

Download ppt "System Programming CS 252 Topic 20"

Similar presentations

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.
Acceptable Use Policy –The Acceptable Use Policy defines the rules of the machine and internet connection you are on. –Specific policies differ by machine.

Acceptable Use Policy –The Acceptable Use Policy defines the rules of the machine and internet connection you are on. –Specific policies differ by machine.
CS5261 Information Security CS 526 Topic 1 Overview of the Course Topic 1.

CS5261 Information Security CS 526 Topic 1 Overview of the Course Topic 1.
The Ecommerce Security Environment For most law-abiding citizens, the internet holds the promise of a global marketplace, providing access to people and.

The Ecommerce Security Environment For most law-abiding citizens, the internet holds the promise of a global marketplace, providing access to people and.
CS426Fall 2010/Lecture11 Computer Security CS 426 Lecture 1 Overview of the Course.

CS426Fall 2010/Lecture11 Computer Security CS 426 Lecture 1 Overview of the Course.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Scams and Schemes. Today’s Objective I can understand what identity theft is and why it is important to guard against it, I can recognize strategies that.

Scams and Schemes. Today’s Objective I can understand what identity theft is and why it is important to guard against it, I can recognize strategies that.
Company LOGO Copyright Carrie Kerskie Data Breach & Identity Theft By Carrie Kerskie Kerskie Group, Inc.

Company LOGO Copyright Carrie Kerskie Data Breach & Identity Theft By Carrie Kerskie Kerskie Group, Inc.
Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.

Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.
Cyber crime on the rise. Recent cyber attacks How it happens? Distributed denial of service Whaling Rootkits Keyloggers Trojan horses Botnets Worms Viruses.

Cyber crime on the rise. Recent cyber attacks How it happens? Distributed denial of service Whaling Rootkits Keyloggers Trojan horses Botnets Worms Viruses.
A sophisticated Malware Arpit Singh CPSC 420

A sophisticated Malware Arpit Singh CPSC 420
MOBILE DEVICE SECURITY. WHAT IS MOBILE DEVICE SECURITY? Mobile Devices  Smartphones  Laptops  Tablets  USB Memory  Portable Media Player  Handheld.

MOBILE DEVICE SECURITY. WHAT IS MOBILE DEVICE SECURITY? Mobile Devices  Smartphones  Laptops  Tablets  USB Memory  Portable Media Player  Handheld.
Malware  Viruses  E-mail Virus  Worms  Trojan Horses  Spyware –Keystroke Loggers  Adware.

Malware  Viruses  Virus  Worms  Trojan Horses  Spyware –Keystroke Loggers  Adware.
CS5261 Information Security CS 526 Topic 1 Overview of the Course Topic 1.

CS5261 Information Security CS 526 Topic 1 Overview of the Course Topic 1.
Business Computing 550 Lesson 6. 2 Security Threats on Web Sites Issues and vulnerabilities 1.Illegal Access and Use (Hacking the system or users exposing.

Business Computing 550 Lesson 6. 2 Security Threats on Web Sites Issues and vulnerabilities 1.Illegal Access and Use (Hacking the system or users exposing.
Jonathan Baulch  A worm that spreads via USB drives  Exploits a previously unknown vulnerability in Windows  Trojan backdoor that looks for a specific.

Jonathan Baulch  A worm that spreads via USB drives  Exploits a previously unknown vulnerability in Windows  Trojan backdoor that looks for a specific.
John Carpenter 2008 702904 & 711908 lecture - 01 1 702904 & 711908 Information Security 2008 Lecture 1: Subject Introduction and Security Fundamentals.

John Carpenter & lecture & Information Security 2008 Lecture 1: Subject Introduction and Security Fundamentals.
Understanding Computer Viruses: What They Can Do, Why People Write Them and How to Defend Against Them Computer Hardware and Software Maintenance.

Understanding Computer Viruses: What They Can Do, Why People Write Them and How to Defend Against Them Computer Hardware and Software Maintenance.
Topic 5: Basic Security.

Topic 5: Basic Security.

Similar presentations

Ads by Google