1. 1 Computer Security Instructor: Dr. Bo Sun

2. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security –Basic security concept –Cryptography –Authentication –Standards –Network Security

3. 3 Course Outline Basic Security Concepts: –Confidentiality, integrity, availability –others Cryptography –Secret Key Cryptography: DES, IDEA, AES, etc. –Public Key Cryptography: RSA, Diffi-Hellman, Digital signature, Elliptic Curve, etc. –Modes of Operation: ECB, CBC etc. –Hashes and Message Digests: MD5, SHA-1 etc. Authentication –Basic concepts of Authentication Systems –Password Authentication –Security handshake pitfalls

4. 4 Course Outline cont’d Network and Distributed Systems –Kerberos –Public Key Infrastructure –IPsec –SSL/TLS –Email security –Firewall

5. 5 Introduction

6. 6 Security Attacks

7. 7

8. 8 Classify Security Attacks as passive attacks - eavesdropping on, or monitoring of, transmissions to: –obtain message contents, or –monitor traffic flows active attacks – modification of data stream to: –masquerade of one entity as some other: man-in-the-middle –replay previous messages –modify messages in transit –denial of service

9. 9 Information Security Concerns DDoS Worm Attacks (e.g. code red) Exploitation of software bugs (e.g. buffer overflow) Monitoring and capture of network traffic Masquerade of authorized users ……. http://www.cert.org/

10. 10 Contributing Factors Lack of awareness of threats and risks of information systems Wide-open network policies –Many Internet sites allow wide-open Internet access Vast majority of network traffic is unencrypted Lack of security in TCP/IP Complexity of security management and administration Exploitation of software bugs: e.g. Sendmail bugs Cracker skills keep improving

11. 11 Security Objectives Confidentiality (Secrecy): Prevent/Detect/Deter improper disclosure of information Integrity: Prevent/Detect/Deter improper modification of information Availability: Prevent/Detect/Deter improper denial of access to services provided by the system

12. 12 Security Mechanisms Access Control

13. 13 Security Services Confidentiality: protection of any information from being exposed to unintended entities. –Information content –Parties involved –Where they are, how they communicate, how often, etc. Authentication: assurance that an entity of concern or the origin of a communication is authentic - it’s what it claims to be or from Integrity: assurance that the information has not been tampered with

14. 14 Security Services Non-repudiation: offer of evidence that a party is indeed the sender or a receiver of certain information Access control: facilities to determine and enforce who is allowed access to what resources, hosts, software, network connections Security management: facilities for coordinating users’ service requirements and mechanism implementations throughout the enterprise network and across the internet – Trust model – Trust communication protocol – Trust management infrastructure

15. 15 The Internet Application Presentation Session Transport Network Data Link Physical OSI of ISO Transport Internet Data Link Physical Upper Layers Internet Stack

16. 16 Layered Store-and-forward User A User B Application Transport Network Link

17. 17 Virus, Worms, and Trojan Horses Trojan horse: instructions hidden inside an otherwise useful program that do bad things Virus: a set of instructions that, when executed, inserts copies of itself into other programs. Worm: a program that replicates itself by installing copies of itself on other machines across a network. Trapdoor: an undocumented entry point, which can be exploited as a security flaw Zombie: malicious instructions installed on a system that can be remotely triggered to carry out some attack with les traceability because the attack comes from another victim. ….