Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Information Security

Lecture 5

Chapter 6
Computer and
Network Security
Chapter Overview
• Introduction
• Viruses, worms, and Trojan horses
• Phreaks and hackers
• Denial-of-service attacks
• Online voting
Copyright © 2005 Pearson Addison-Wesley. All rights reserved.
6-2
Introduction
• Computers getting faster and less expensive
• Utility of computers increasing
– Email
– Web surfing
– Shopping
– Managing personal information
• Increasing use of computers  growing
importance of computer security
Copyright © 2005 Pearson Addison-Wesley. All rights reserved.
6-3
Viruses, Worms, and Trojan Horses
• Viruses
• Worms
• The Internet worm
• Trojan horses
• Defensive measures
Copyright © 2005 Pearson Addison-Wesley. All rights reserved.
6-4
Viruses (1/2)
• Virus: piece of self-replicating code
embedded within another program (host)
• Viruses associated with program files
– Hard disks, floppy disks, CD-ROMS
– Email attachments
• How viruses spread
– Diskettes or CDs
– Email
– Files downloaded from Internet
Copyright © 2005 Pearson Addison-Wesley. All rights reserved.
6-5
Viruses (2/2)
• Well-known viruses
– Brain
– Michelangelo
– Melissa
– Love Bug
• Viruses today
– Commercial antivirus software
– Few people keep up-to-date
Copyright © 2005 Pearson Addison-Wesley. All rights reserved.
6-6
Worms
• Worm
– Self-contained program
– Spreads through a computer network
– Exploits security holes in networked computers
• Famous worms
–
–
–
–
WANK
Code Red
Sapphire (Slammer)
Blaster
Copyright © 2005 Pearson Addison-Wesley. All rights reserved.
6-7
The Internet Worm
• Robert Tappan Morris, Jr.
– Graduate student at Cornell
– Released worm onto Internet from MIT computer
• Effect of worm
– Spread to 6,000 Unix computers
– Infected computers kept crashing or became unresponsive
– Took a day for fixes to be published
• Impact on Morris
– Suspended from Cornell
– 3 years’ probation + 400 hours community service
– $150,000 in legal fees and fines
Copyright © 2005 Pearson Addison-Wesley. All rights reserved.
6-8
Ethical Evaluation
• Kantian evaluation
– Morris used others by gaining access to their computers
without permission
• Social contract theory evaluation
– Morris violated property rights of organizations
• Utilitarian evaluation
– Benefits: Organizations learned of security flaws
– Harms: Time spent by those fighting worm, unavailable
computers, disrupted network traffic, Morris’s punishments
• Morris was wrong to have released the Internet worm
Copyright © 2005 Pearson Addison-Wesley. All rights reserved.
6-9
Trojan Horses
• Trojan horse: program with benign capability
that masks a sinister purpose
• Remote access Trojan: Trojan horse that
gives attack access to victim’s computer
– Back Orifice
– SubSeven
• RAT servers often found within files
downloaded from erotica/porn Usenet sites
Copyright © 2005 Pearson Addison-Wesley. All rights reserved.
6-10
Defensive Measures
• System administrators play key role
• Authorization: determining that a user has
permission to perform a particular action
• Authentication: determining that people are
who they claim to be
• Firewall: a computer monitoring packets
entering and leaving a local area network
Copyright © 2005 Pearson Addison-Wesley. All rights reserved.
6-11
Phreaks and Hackers
•
•
•
•
•
•
•
•
Hackers
Phone Phreaking
The Cuckoo’s Egg
Legion of Doom
U.S. v. Riggs
Steve Jackson Games
Retrospective
Penalties for Hacking
Copyright © 2005 Pearson Addison-Wesley. All rights reserved.
6-12
Hackers (1/2)
• Original meaning
– Explorer
– Risk-taker
– Technical virtuoso
• Hacker ethic
– Hands-on imperative
– Free exchange of information
– Mistrust of authority
– Value skill above all else
– Optimistic view of technology
Copyright © 2005 Pearson Addison-Wesley. All rights reserved.
6-13
Hackers (2/2)
• Meaning of “hacker” changed
– Movie WarGames
– Teenagers accessing corporate or government
computers
• Dumpster diving
• Social engineering
– Malicious acts
• Destroying databases
• Stealing confidential personal information
Copyright © 2005 Pearson Addison-Wesley. All rights reserved.
6-14
Phone Phreaking
• Phone phreak: someone who manipulates
phone system to make free calls
• Most popular methods
– Steal long-distance telephone access codes
– Guess long-distance telephone access codes
– Use a “blue box” to get free access to longdistance lines
• Access codes posted on “pirate boards”
Copyright © 2005 Pearson Addison-Wesley. All rights reserved.
6-15
The Cuckoo’s Egg
• Clifford Stoll: system administrator at
Lawrence Berkeley Laboratory
• Tracked accounting error, discovered
unauthorized user
• Hacker was accessing military computers
• FBI, CIA, NSA, AFOSI, DIA joined search
• Trail led to group of West German hackers
– They were selling info to KGB
Copyright © 2005 Pearson Addison-Wesley. All rights reserved.
6-16
Legion of Doom
• Elite group of hackers/phreaks recruited by “Lex
Luthor”
– Publish Legion of Doom Technical Journal for phreaks and
hackers
• Sept 1988 broke into South Bell Advanced
Information Management System that had no security
• LOD member Robert Riggs copied E911 Document
from a Bell South Computer
• Craig Neidorf published edited E911 Document in his
BBS magazine, Phrack
• June 1989 all calls to Palm Beach Fla Probation
office routed to a phone-sex hotline
• Arrested Fry Guy
Copyright © 2005 Pearson Addison-Wesley. All rights reserved.
6-17
U.S. v. Riggs
• January 1990, MLK day, At&T’s long distance service
failed and millions calls aborted
• Three days later, Riggs and Neidorf were arrested
– Charged with wire fraud
– Interstate transportation of stolen property valued at $79,449
– Computer fraud
• Riggs pleaded guilty to wire fraud; went to federal
prison
• Neidorf pleaded not guilty
– Defense showed similar info being sold for < $25
– Prosecution moved to dismiss charges
Copyright © 2005 Pearson Addison-Wesley. All rights reserved.
6-18
Steve Jackson Games
• Steve Jackson Games (SJG) published role-playing
games and operated BBS
• Loyd Blankenship
– Key SJG employee
– LOD member
– Published E911 document on his own BBS
• Secret Service raided SJG and seized computers,
looking for copy of E911 Document
• Led to creation of Electronic Frontier Foundation
• EFF backed successful SJG lawsuit of Secret
Service
Copyright © 2005 Pearson Addison-Wesley. All rights reserved.
6-19
Retrospective
• Parallels between hackers and those who download
MP3 files
– Establishment overvalues intellectual property
– Use of technology as a “joy ride”
– Breaking certain laws that not that big a deal
• Parallels between response of Secret Service and
response of RIAA
– Cyberspace is real
– Those who break the law can be identified
– Illegal actions can have severe consequences
Copyright © 2005 Pearson Addison-Wesley. All rights reserved.
6-20
Penalties for Hacking
• Examples of illegal activities
– Accessing without authorization any Internet computer
– Transmitting a virus or worm
– Trafficking in computer passwords
– Intercepting a telephone conversation, email, or any other
data transmission
– Accessing stored email messages without authorization
– Adopting another identity to carry out an illegal activity
• Maximum penalty: 20 years in prison + $250,000 fine
Copyright © 2005 Pearson Addison-Wesley. All rights reserved.
6-21
Denial-of-Service Attacks
• Definition
• Attacks that consume scarce resources
• Defensive measures
• Distributed denial-of-service attacks
• SATAN
Copyright © 2005 Pearson Addison-Wesley. All rights reserved.
6-22
Definition
• Denial-of-service attack: an intentional action
designed to prevent legitimate users from
making use of a computer service
• Goal of attack: disrupt a server’s ability to
respond to its clients
• About 4,000 Web sites attacked each week
• Asymmetrical attack that may prove popular
with terrorists
Copyright © 2005 Pearson Addison-Wesley. All rights reserved.
6-23
Attacks that Consume Scarce Resources
• SYN flood attack
• Smurf attack
• Fill target computer’s hard disk
– Email bombing
– Worm
– Break-in followed by file copying
Copyright © 2005 Pearson Addison-Wesley. All rights reserved.
6-24
Defensive Measures
• Physical security of server
• Benchmarking
• Disk quota systems
• Disabling unused network services
• Turning off routers’ amplifier network
capability
Copyright © 2005 Pearson Addison-Wesley. All rights reserved.
6-25
Distributed Denial-of-Service Attacks
• Attacker gains access to thousands of
computers
• Launches simultaneous attack on target
servers
• Defensive measures
– Secure computers to prevent hijackings
– Check for forged IP addresses
Copyright © 2005 Pearson Addison-Wesley. All rights reserved.
6-26
SATAN
• Security Administrator Tool for Analyzing
Networks (SATAN)
• Allows administrators to test their systems
• Could be used to probe other computers
• Critics worried SATAN would turn unskilled
teenagers into hackers
• That never happened
Copyright © 2005 Pearson Addison-Wesley. All rights reserved.
6-27
Online Voting
• Motivation for online voting
• Proposals
• Ethical evaluation
Copyright © 2005 Pearson Addison-Wesley. All rights reserved.
6-28
Motivation for Online Voting
• 2000 U.S. Presidential election closely
contested
• Florida pivotal state
• Most Florida counties used keypunch voting
machines
• Two voting irregularities traced to these
machines
– Hanging chad
– “Butterfly ballot” in Palm Beach County
Copyright © 2005 Pearson Addison-Wesley. All rights reserved.
6-29
Benefits of Online Voting
• More people would vote
• Votes would be counted more quickly
• No ambiguity with electronic votes
• Cost less money
• Eliminate ballot box tampering
• Software can prevent accidental over-voting
• Software can prevent undervoting
Copyright © 2005 Pearson Addison-Wesley. All rights reserved.
6-30
Risks of Online Voting
•
•
•
•
•
Gives unfair advantage to well-off
More difficult to preserve voter privacy
More opportunities for vote selling
Obvious target for a DDoS attack
Security of election depends on security of home
computers
• Susceptible to vote-changing virus or RAT
• Susceptible to phony vote servers
• No paper copies of ballots for auditing or recounts
Copyright © 2005 Pearson Addison-Wesley. All rights reserved.
6-31
Conclusions
• Existing systems are highly localized
• Widespread tainting more possible with
online system
• No paper records with online system
• Evidence of tampering with online elections
• Relying on security of home computers
means system vulnerable to fraud
• A government should not allow online voting
Copyright © 2005 Pearson Addison-Wesley. All rights reserved.
6-32
Related documents
MishkinCh03
MishkinCh03
ppt16
ppt16
File
File
Chapter 1
Chapter 1
Chapter 17
Chapter 17
Document
Document
Chapter 3
Chapter 3
Chapter 7 The Stock Market
Chapter 7 The Stock Market
Download