Network Integrity and Information Assurance : Lecture 1 Dr. Stewart Personick

advertisement
Network Integrity and Information
Assurance :
Lecture 1
Dr. Stewart Personick
sdp@ece.drexel.edu
Commonwealth 420
Copyright 2000 S.D. Personick. All rights reserved
Historical Perspective
Copyright 2000 S.D. Personick. All rights reserved
Historical perspective
• Ever since people have been able to express
their views about anything, they have
expressed concerns about privacy:
-British common law: “A man’s home is his
castle”
-the U.S. Constitution: protections against
“search and seizure”
- “Gentlemen don’t read each other’s mail”
(President Harry Truman)
Copyright 2000 S.D. Personick. All rights reserved
Historical perspective
• Ever since people have been able to express
their views, they have expressed concerns
about privacy (continued):
-attorney/client, doctor/patient, and
priest/parishioner….protections of
information discussed from legal discovery
-penalties for tampering with U.S. mail
- “wiretapping” laws
Copyright 2000 S.D. Personick. All rights reserved
Historical perspective
• Ever since people began competing for
power, territorial control, physical assets, and
money they have recognized the importance
of timely and accurate information
-lifting the “fog of war”
-understanding the enemy’s intentions
- “getting inside the enemy’s decision cycle”
- “loose lips sink ships”
(continued on next slide)
Copyright 2000 S.D. Personick. All rights reserved
Historical perspective
• Ever since people began competing for
power, territorial control, physical assets, and
money they have recognized the importance
of timely and accurate information
(continued)
-Understanding the customer’s needs
-Understanding the competition (industrial
espionage as well as legal industrial
intelligence activities)
Copyright 2000 S.D. Personick. All rights reserved
Historical perspective
• Ever since people began competing for
power, territorial control, physical assets, and
money, they have attempted to gain more
information through whatever means is at
their disposal; and they have also tried to
disrupt their adversary’s information flows
• Likewise, they have tried to protect their
information and their information
infrastructures
Copyright 2000 S.D. Personick. All rights reserved
Historical perspective
• ...they have also tried to intercept and/or
disrupt their adversaries’ information flows
- “steaming” open envelopes
-electronic eavesdropping
-cutting communication lines between enemy
commanders and troops
-jamming radio communications
-sending intentionally misleading messages
-code breaking (e.g., in WWII)
Copyright 2000 S.D. Personick. All rights reserved
Historical perspective
• ...they have tried to protect their information
and their information infrastructures
-wax “seals”
-cryptography
-signatures
-notarized documents
-LPI (low probability of intercept)
communication systems
- “hardened” satellite communication systems
Copyright 2000 S.D. Personick. All rights reserved
Historical perspective
• In recent decades, thought leaders have
recognized to combined power of computers
and communications to change they way we
run our businesses, and conduct our lives:
e.g., NTT’s “C&C” vision
e.g., “…any time, anywhere, and in any
medium...”
Copyright 2000 S.D. Personick. All rights reserved
Network Integrity and Information
Assurance :
Lecture 2
Dr. Stewart Personick
sdp@ece.drexel.edu
Commonwealth 420
Copyright 2000 S.D. Personick. All rights reserved
The Present
Copyright 2000 S.D. Personick. All rights reserved
Information Assurance and
Network Integrity: the Present
• More and more people and organizations
are becoming dependent upon computers,
networks, and network-based applications
(e.g., electronic commerce moving toward
$1T/year very rapidly)
Copyright 2000 S.D. Personick. All rights reserved
Information Assurance and
Network Integrity: the Present
• There is a growing concern with regard to:
-Privacy (unauthorized access to
personal/sensitive/proprietary/classified
DoD information)
-Theft (e.g., using stolen credit card
numbers)
-Reliability (i.e., will my network-based
applications work when I need to use
them?)
Copyright 2000 S.D. Personick. All rights reserved
Information Assurance and
Network Integrity: the Present
• If a single new virus, worm, or Trojan horse
attack causes each of 100 million computer
users to spend 1 hour learning about the
new threat, downloading software to defend
against the threat, taking other actions…
… and if an hour of each person’s time is,
on average, worth $50.00… …then each
new “event” produces a societal cost of $5B
Copyright 2000 S.D. Personick. All rights reserved
Information Assurance and
Network Integrity: the Present
• Examples of network-based applications
-Air traffic control, control of the power
grids, control of other “critical
infrastructures” [PDD-63]
-Electronic commerce: business-tobusiness, business-to-consumer
-Access to patient records in healthcare
-Access to information via the Web
Copyright 2000 S.D. Personick. All rights reserved
Information Assurance and
Network Integrity: the Present
• Examples of network-based applications
-E-mail
-Financial transactions (e.g., inter-bank
transactions, stock trading)
Copyright 2000 S.D. Personick. All rights reserved
Information Assurance and
Network Integrity: the Present
• Recent examples of information assurance
problems
-Major loss of paging systems in the US
(single satellite failure)
-Increasing numbers of virus/worm/Trojan
horse incidents
-Intrusions into government/DoD systems
-E-bay outage for ~24 hours
Copyright 2000 S.D. Personick. All rights reserved
Information Assurance and
Network Integrity: the Present
-Incorrect data downloaded into the Internet’s
Domain Name System (DNS) root servers
disrupted conversion of Internet “names”
like sdp@ece.drexel.edu into Internet
addresses like 144.118.31.1 for ~24 hours
-others that can’t be discussed in public
Copyright 2000 S.D. Personick. All rights reserved
Information Assurance and
Network Integrity: the Present
• Some of these problems are associated with
things which we “do to ourselves”. I.e., no
malicious intent
• Some of these problems are the result of
intentional acts, ranging from mischief to
criminal activities to state-sponsored
terrorism
Copyright 2000 S.D. Personick. All rights reserved
Information Assurance and
Network Integrity: the Present
• Some of these problems are associated with
violations of privacy, unauthorized access to
information, providing false identities, or
unauthorized modification of information
• Some of these problems are associated with
“denial of service” (disrupting systems and
applications)
Copyright 2000 S.D. Personick. All rights reserved
The shifting view of the IA & NI
Problem
• Industry and government moving
(sometimes slowly) to put in place
mechanisms and policies and procedures to
defend networks and systems against
attacks for which there are well established
defense mechanisms
• Still a lack of widespread awareness of the
full scope of the problem
Copyright 2000 S.D. Personick. All rights reserved
The shifting view of the IA & NI
Problem
• Rapidly emerging awareness (in some
communities (e.g., DARPA, NSA, …) of
the very difficult problems of defending
against (latent) “malicious code”, and
“insider” attacks
• The Y2K problem was a self-inflicted
“wake up call” regarding the magnitude of
the challenges ahead
Copyright 2000 S.D. Personick. All rights reserved
The shifting view of the IA & NI
Problem
• Moving from a paradigm of (unachievable)
absolute security to a paradigm of “defense in
depth”: “protect, detect, respond”
• Increasing emphasis on new research initiatives at
DARPA: both specific nearer term defense
technologies, tools and methodologies…as well as
on underlying science for the design of systems
and networks that are secure
Copyright 2000 S.D. Personick. All rights reserved
Network Integrity and Information
Assurance :
Lecture 3
Dr. Stewart Personick
sdp@ece.drexel.edu
Commonwealth 420
Copyright 2000 S.D. Personick. All rights reserved
Review of Typical Network and
Network Infrastructure
Architecture and Design
Copyright 2000 S.D. Personick. All rights reserved
A Typical Networked
Information System “Enclave”
To “the
Internet”
PC
PC
Server
Server
GW
Server
Copyright 2000 S.D. Personick. All rights reserved
Issues
• How, and to what extent can we protect the
enclave using a gateway machine?
• What penalty does this protection cause for
for legitimate users?
Copyright 2000 S.D. Personick. All rights reserved
Enclaves connected via Internet
Enclave C
Enclave A
“the Internet”
Enclave B
Enclave D
Copyright 2000 S.D. Personick. All rights reserved
Issues
• Since each Enclave is not perfectly
protected by its gateway, is it “safe” to use
the public Internet to connect the enclaves?
• What about “denial-of-service” attacks?
Copyright 2000 S.D. Personick. All rights reserved
Enclaves connected using an
“intranet”
Enclave C
Enclave A
“intranet”
Enclave B
Enclave D
Copyright 2000 S.D. Personick. All rights reserved
Issues
• Can we afford to build an “intranet” to
reach all of our enclaves?
• How do our users interconnect with the
“outside world”?
• If we don’t provide a means to interconnect
with the “outside world”, will our own users
defeat our security mechanisms by
providing such connections themselves?
Copyright 2000 S.D. Personick. All rights reserved
Enclaves connected using an
intranet imbedded within “the
Internet”
GW
Enclave A
Enclave C
“intranet”
Enclave B
“the Internet”
Copyright 2000 S.D. Personick. All rights reserved
Enclave D
Issues
• How well can we protect our embedded
intranet (virtual private network) from “off
net” intruders?
• What about denial-of-service attacks?
• VPN analogy: My safe deposit box at my
local bank is a “virtual private bank”.
Copyright 2000 S.D. Personick. All rights reserved
Enclaves connected using an
“intranet” that is connected to
“the Internet”
“the Internet”
Enclave C
Enclave A
GW
“intranet”
Enclave B
Enclave D
Copyright 2000 S.D. Personick. All rights reserved
Issues
• Can we afford to build an “intranet” to
reach all of our enclaves?
• How much protection will the gateway to
the larger Internet provide?
Copyright 2000 S.D. Personick. All rights reserved
Network Integrity and Information
Assurance :
Lecture 4
Dr. Stewart Personick
sdp@ece.drexel.edu
Commonwealth 420
Copyright 2000 S.D. Personick. All rights reserved
Attacks
Copyright 2000 S.D. Personick. All rights reserved
Types of attacks
• Eavesdropping:
- I read your message while it is passing through a
network
- I listen in on your conversation with one or more
other person(s)
- I monitor which Web pages you are accessing
- I monitor how many messages you send, and to
whom they are sent (traffic analysis)
- I monitor where you are, by looking at your
messages
Copyright 2000 S.D. Personick. All rights reserved
Types of attacks
• Eavesdropping (continued):
Eavesdropping is a passive, read-only
activity, in the sense that I don’t change
anything about your messages.
Eavesdrop: To secretly listen in on a private
conversation
Copyright 2000 S.D. Personick. All rights reserved
Types of attacks
• Unauthorized “read” access
I read a file that is stored on one of your servers or
other computers
This requires that I obtain access to your
computer, either via a network, or by some other
means. E.g., I physically access your computer; I
loan you a floppy disk that contains a malicious
application, that copies your files on to the
disk…which you return to me (Trojan horse
attack)
Copyright 2000 S.D. Personick. All rights reserved
Types of attacks
• Content tampering
-I change the content of a message passing
through a network, or I change the contents
of a database (e.g., I change the information
on one of your Web pages)
Tampering with a message in transit can be
done by substitution
Tampering with the contents of a computer
requires access and “write” privileges
Copyright 2000 S.D. Personick. All rights reserved
Types of attacks
• Impersonation
-I send you a document or a message that
appears to have been sent by someone else
The ability to prove that a message is
“authentic” : the sender is who he or she
claims to be, and the content has not been
modified since it was created by the
authentic sender is called “non-repudiation”
Copyright 2000 S.D. Personick. All rights reserved
Types of attacks
• “Denial-of- service” attacks
-I prevent your messages from being delivered by
attacking one or more routers or by attacking the
domain name system
-I cause congestion your network that prevents
you from doing what you want to do (e.g., I send
you a gigantic E-mail file, and clog your mail
server)
-I bombard you with junk messages
-I disable your network’s password authentication
system
Copyright 2000 S.D. Personick. All rights reserved
Prognosis
• Of all of these attacks, denial-of-service
attacks are the most problematic, on a
forward-looking basis
• The attacker has the advantage. He or she
only has to find one vulnerability to exploit.
The defender needs to anticipate all possible
attacks.
Copyright 2000 S.D. Personick. All rights reserved
Network Integrity and Information
Assurance :
Lecture 5
Dr. Stewart Personick
sdp@ece.drexel.edu
Commonwealth 420
Copyright 2000 S.D. Personick. All rights reserved
Basic Cryptography
Copyright 2000 S.D. Personick. All rights reserved
Cryptography
• Using mathematically-based methods to
protect information from being read and/or
modified by unauthorized persons
Copyright 2000 S.D. Personick. All rights reserved
The concept of a cipher
Four score and seven years ago …
Gpvs tdpsf boe tfwfo zfbst bhp ...
Copyright 2000 S.D. Personick. All rights reserved
Cryptography
• The simple substitution cipher is easy to
“break”
• We need a much more secure approach for
real-world applications
Copyright 2000 S.D. Personick. All rights reserved
Cryptography
• The most secure approach to cryptography
is to use a “one time pad”…
• However, in most applications it is not
practical to use the “one time pad” method
Copyright 2000 S.D. Personick. All rights reserved
Cryptography
• Most cryptographic methods are based on
-A cryptographic algorithm that is assumed
to be widely known (the algorithm itself is
not secret)
-A secret cryptographic “key” that is known
only to those who are authorized to have the
secret key
Copyright 2000 S.D. Personick. All rights reserved
Cryptography
Secret
Key
Secret
Key
Encrpyt
Decrpyt
Copyright 2000 S.D. Personick. All rights reserved
Desired Properties of an
Encryption Algorithm
• It should be very difficult (computationally)
to decrypt a message without having the
secret key
• It should be reasonably easy to encrypt and
decrypt a message, if you have the secret
key
Copyright 2000 S.D. Personick. All rights reserved
Details
• The secret key is usually a binary sequence
(1s and 0s) that is at least 56 bits long, and
preferably 128 bits long (or longer)
• Key management ... E.g., distributing secret
keys to people who are authorized to have
them, without making them accessible to
unauthorized persons … is always a
challenge
Copyright 2000 S.D. Personick. All rights reserved
Details
• Nobody knows for sure how “hard” it is to
“break” modern encryption methods …
however mathematicians are able to make
statements about the comparative difficulty
of breaking one method vs. another
• Increasing computing power makes brute
force methods feasible… leading to the
need for longer keys
Copyright 2000 S.D. Personick. All rights reserved
Details
• The ability to break many encryption
methods is closely related to the ability to
“factor” a large number … thus you may
read about competitions among people
working in the field of cryptography to
come up with efficient computational
schemes for factoring large numbers
Copyright 2000 S.D. Personick. All rights reserved
Public-key Cryptography
• In the 1970’s cryptographic researchers
came up with some amazing
results/concepts that have had a remarkable
impact on the ability to build practical
cryptographic systems
• These results/concepts helped address the
key management problem
Copyright 2000 S.D. Personick. All rights reserved
The concept of a 1-way function
• A one-way function is one for which it is
easy to compute y = f(x), where y and x are
sequences of binary digits (1s and 0s) …
… but it is very “hard” to compute what x
is, given that you have access to y
• A one way function is analogous to a
padlock: I can easily snap it shut, but I can’t
open it (without a key or a combination)
Copyright 2000 S.D. Personick. All rights reserved
The Concept of Public-key
Cryptography
• Public key encryption
Public
Key
Private (secret)
Key
Encrpyt
Decrpyt
Copyright 2000 S.D. Personick. All rights reserved
The Concept of Public Key
Encryption
• A public key is a sequence of binary digits
(1s and 0s) that is accessible to anyone who
wishes to know what it is (I.e., its published
in a publicly accessible directory)
• The corresponding private (secret) key is
only known to authorized persons
Copyright 2000 S.D. Personick. All rights reserved
The Concept of Public Key
Encryption
• A public key is used to apply a one-way function,
I.e. to encrypt the red information. Anyone with a
message to send to a particular recipient, or set of
recipients can use the recipient’s public key to do
this
• The corresponding private (secret) key is used by
the authorized recipient(s) to decrypt messages
that have been sent to them
Copyright 2000 S.D. Personick. All rights reserved
Details
• It is computationally difficult (and
correspondingly slow) to utilize public key
cryptography
• Therefore, in practice, public key
cryptography is often used as a secure
method for exchanging private keys; and
then private key cryptography is used to
exchange information
Copyright 2000 S.D. Personick. All rights reserved
A key exchange protocol
Server
Client
Obtain server’s public key
Use server’s public key to
send ID info to server
-----
Receive/decrypt message
Obtain client’s public key
Send session key to client
Receive/decrypt session key
-
Use session key
Use session key
Copyright 2000 S.D. Personick. All rights reserved
Digital Signatures
• Problem
-How can I be sure that a message with your
name associated with it:
really came from you
hasn’t been altered since you sent it
Copyright 2000 S.D. Personick. All rights reserved
Digital Signatures
Sender’s private
key
Message
Hash
Signature
Encrypt
Copyright 2000 S.D. Personick. All rights reserved
Digital Signatures
• The hash is a summary of my message
• Given the message, anyone can compute the
hash
• When I encrypt the hash and my signature,
using my secret key, anyone can decrypt it
using my public key
Copyright 2000 S.D. Personick. All rights reserved
Digital Signatures
• However, no one can change the message
without producing a mismatch between the
hash derived from the changed message,
and the hash that I sent in my encrypted
hash/signature file
• Furthermore, no one can create a fake hash/
signature file that will decrypt properly with
my public key
Copyright 2000 S.D. Personick. All rights reserved
Certificates
• When I send you a message claiming to be
Prof. Stewart Personick of Drexel University,
encrypted with my private key, and it decrypts
properly with my public key …how do you
know that the public key you obtained from
the public key directory really belongs to Prof.
Stewart Personick of Drexel University? Who
certifies this?
Copyright 2000 S.D. Personick. All rights reserved
Certificate Authority
• A well known/trusted “certificate authority” can
provide me with an electronically signed
certificate (encrypted with the certificate
authority’s private key) vouching for the fact that a
particular public key has, in fact, been issued to
Professor Stewart Personick of Drexel University
• One can create a hierarchy of certificate
authorities
Copyright 2000 S.D. Personick. All rights reserved
Network Integrity and Information
Assurance :
Lecture 6
Dr. Stewart Personick
sdp@ece.drexel.edu
Commonwealth 420
Copyright 2000 S.D. Personick. All rights reserved
Access Control: Passwords,
Biometrics, Tokens & Smart
Cards
Copyright 2000 S.D. Personick. All rights reserved
Access Control
• Control access using some combination of:
-what you know (e.g. a password)
-who you are (e.g., your fingerprints)
-what you have (e.g., a smart card)
Copyright 2000 S.D. Personick. All rights reserved
Passwords
• A basic method of protecting individual
files or information systems from
unauthorized access is through the use of
passwords. A password can be a surrogate
for an encryption key [How?].
• There are numerous pitfalls associated with
the use of passwords in real-world
applications
Copyright 2000 S.D. Personick. All rights reserved
Passwords
• A basic method of protecting individual
files or information systems from
unauthorized access is through the use of
passwords
• There are numerous pitfalls associated with
the use of passwords in real world
applications…e.g., Guessing passwords
Copyright 2000 S.D. Personick. All rights reserved
Guessing Passwords
• ID/Password pairs:
ID
guest
sdp
mlp
Password
guest
Feb22
fgy&3W72
Copyright 2000 S.D. Personick. All rights reserved
Guessing Passwords
• A basic problem with passwords is that we
can’t remember them unless they are also
relatively easy to guess
Copyright 2000 S.D. Personick. All rights reserved
Password Sniffing
• If you log on to a computer system via a
network, and you send your ID and
password “in the clear”, someone who is
monitoring that network can steal your
ID/password combination
Copyright 2000 S.D. Personick. All rights reserved
Lost Passwords
• A lost or forgotten password, like a lost or
forgotten secret key, could create a big problem; or
at least a minor/temporary one.
• A solution to the above is to either have a way of
placing passwords “in escrow” with a trusted
escrow service (equivalent to placing the password
in a safe deposit box at a bank) or using a
password system that incorporates a master
password
Copyright 2000 S.D. Personick. All rights reserved
Lost Passwords
• A solution to the above is to either have a
way of placing passwords “in escrow” with
a trusted escrow service (equivalent to
placing the password in a safe deposit box
at a bank) or using a password system that
incorporates a master password... e.g., I can
place all of my ID-password pairs in a
master file on my PDA, with access to that
file controlled by a master password
Copyright 2000 S.D. Personick. All rights reserved
Stealing Password Files
• Hackers will often attempt to steal files that
contain combinations of IDs and passwords
by accessing computers that may contain
these files
• Sometimes, careless system administrators
place these files in unprotected areas within
a computer
Copyright 2000 S.D. Personick. All rights reserved
Passwords
What is my Drexel
Financial System
ID/Password pair?
Escrow Agent
Client
Here it is: xyz/1234
Copyright 2000 S.D. Personick. All rights reserved
System
Passwords
What is my Drexel
Financial System
ID/Password pair?
Escrow Agent
Client
Here it is: xyz/1234
Teams: How could we automate this?
Copyright 2000 S.D. Personick. All rights reserved
One Time Password Generators
(Tokens)
• If we are willing to carry around a small electronic
password generator, we can greatly mitigate
password guessing, password sniffing and lost
password problems
• The password now becomes a combination of a
memorized password and the “randomly”
generated password produced by the password
generator
Copyright 2000 S.D. Personick. All rights reserved
SecurID Password Generator
607385
Copyright 2000 S.D. Personick. All rights reserved
SecurID Password Generator
sdp Feb22 607385
607385
Internal clock, secret
key, and random
number generator
Data base of
“secret keys” associated
with ID’s, and recently used
one time passwords;
master clock,
and random number
generator
Copyright 2000 S.D. Personick. All rights reserved
The S-key System
Public key
Encrypt (1)
Encrypt (2)
Encrypt (3)
seed
Encrypt (n)
D(n)=EEE…E(seed)
Copyright 2000 S.D. Personick. All rights reserved
The S-key System
• The server starts out with the value:
D(n) = EEE…E (seed) in storage, associated with
my log-on
• I use the public key to produce D(n-1) from the
seed. I send D(n-1) to the server when I want to
log on. The server uses the public key on D(n-1)
to produce D(n). If it works, I am allowed to log
on
• The next time, I generate D(n-2) to log on
• etc.
Copyright 2000 S.D. Personick. All rights reserved
Biometric Access Controls
•
•
•
•
•
Voice recognition
Fingerprint scanning/recognition
Face scanning/recognition
Iris scanning/recognition
DNA analysis
Copyright 2000 S.D. Personick. All rights reserved
Iris Scanning
sdp Feb22 scan parameters
Iris Scanner
Data base of
Iris Scan parameters
associated
with ID’s
Iris
Copyright 2000 S.D. Personick. All rights reserved
Iris Scanning
• Interesting facts [from SENSAR®]
-Number of people that ever lived: 10**10
-Age of the universe in years: 10**11
-Grains of sand on the world’s beaches:
10**19
-Probability of a false accept with iris
scanning (impostor): 1 in 10**19.42
Copyright 2000 S.D. Personick. All rights reserved
Smart Cards
ABC Bank
Copyright 2000 S.D. Personick. All rights reserved
Smart Cards
ABC Bank
Microprocessor, memory, I/O, secret key, OS,
applications, private data, other data
Copyright 2000 S.D. Personick. All rights reserved
Smart Cards: Electronic
Commerce
ABC Bank
Transaction
data (from
merchant)
Encrypted
output (to
bank)
Microprocessor, memory, I/O, secret key, OS,
applications, private data, other data
Copyright 2000 S.D. Personick. All rights reserved
Smart Cards: Electronic
Commerce
• Issues to be addressed
-the merchant wants a confirmation from
the bank that this purchase is authorized by
the bank, and will be paid by the bank
Copyright 2000 S.D. Personick. All rights reserved
Smart Cards: Electronic
Commerce
• -the customer wants to protect his or her
credit card number from being seen by the
merchant (or anyone else). The customer
wants to ensure that only his or her
authorized purchases are charged to his or
her account
-The customer may also wish to retain some
degree of anonymity
Copyright 2000 S.D. Personick. All rights reserved
Smart Cards: Electronic
Commerce
• -the bank wants to ensure that this purchase
is being made by the authorized holder of
the smart card
Copyright 2000 S.D. Personick. All rights reserved
Smart Cards: Electronic
Commerce
• Example of a protocol
-the merchant asks the bank for a
transaction number
-the bank sends the merchant a transaction
#, encrypted with the merchant’s public key
[Why do we need a transaction number?]
Copyright 2000 S.D. Personick. All rights reserved
Smart Cards: Electronic
Commerce
• Example of a protocol
-the merchant decrypts this message, and
sends the customer’s smart card the
following: transaction #, $ amount,
merchant ID#, date, time
Copyright 2000 S.D. Personick. All rights reserved
Smart Cards: Electronic
Commerce
• Example of a protocol (cont’d)
-the customer’s smart card incorporates the
merchant’s message into an encrypted message
(encrypted with the bank’s public key) that
contains: the customer’s credit card number plus
the transaction number encrypted with the
customer’s private key
[Why do we need to include the transaction
number encrypted with the customer’s private
key?]
Copyright 2000 S.D. Personick. All rights reserved
Smart Cards: Electronic
Commerce
• Example of a protocol (cont’d)
- The bank issues an authorization to the
merchant encrypted with the bank’s private
key; and then encrypted with the merchant’s
public key
[Why do we need both of these
encryptions?]
Copyright 2000 S.D. Personick. All rights reserved
Smart Cards: Identification
• Issues:
-Protect against eavesdropping (password
sniffing)
-Protect against “playback” attacks
[Teams: solution?]
Copyright 2000 S.D. Personick. All rights reserved
Network Integrity and Information
Assurance :
Lecture 7
Dr. Stewart Personick
sdp@ece.drexel.edu
Commonwealth 420
Copyright 2000 S.D. Personick. All rights reserved
Malicious Code
Copyright 2000 S.D. Personick. All rights reserved
Malicious Code
• What’s the problem we are trying to
address?
How do we keep people from inserting
harmful computer code into our computers?
Copyright 2000 S.D. Personick. All rights reserved
Malicious Code
• Categories of malicious code:
Nuisance code (e.g., unwanted messages)
Harmful code (erases files, clogs up systems,
changes system configuration)
Latent harmful code (time bombs)
Trojan Horses (e.g., containing back doors that
provide unauthorized access)
Spying applications (e.g., keystroke monitors)
Copyright 2000 S.D. Personick. All rights reserved
Malicious Code
• How can malicious code enter a system
-Comes on a trusted disc with an application;
downloaded or otherwise received from a trusted
source
-Comes from an an untrusted source
Applications downloaded from servers
Applications attached to E-mail
Exploitation of network-based applications
-Inserted by someone with access to the system
Copyright 2000 S.D. Personick. All rights reserved
Protecting Against Malicious
Code
• Applications from Trusted Sources
-Trusted sources can use digital signatures
or other means to protect against
unauthorized changes to their software
But… how does the trusted source ensure
that its own, authorized employees and
contractors have not inserted malicious code
into its products?
Copyright 2000 S.D. Personick. All rights reserved
Protecting Against Malicious
Code
• Possible alternatives for dealing with applications
from untrusted sources
-Don’t accept applications from untrusted sources
-Check the application for malicious code
-Run the application in a “sandbox” (e.g., one of
the underlying concepts of Java)
Copyright 2000 S.D. Personick. All rights reserved
Protecting Against Malicious
Code
• Finding non-specific malicious code within
an application
-A very difficult, unsolved problem...
e.g., malicious code could be activated by
its combination with specific data that is
entered at a future date
Copyright 2000 S.D. Personick. All rights reserved
Protecting Against Malicious
Code
• The concept of a “sandbox”
Create a virtual machine on which the code executes
(runs). Ensure that the code can only have access to
tightly controlled and monitored (e.g., level of usage)
resources. Securely save the machine’s configuration
information. Don’t allow the code to leave behind any
remnants, other than data stored in carefully controlled
memory locations. Restore the rest of the
machine/system to its original state
Copyright 2000 S.D. Personick. All rights reserved
Network Integrity and Information
Assurance :
Lecture 8
Dr. Stewart Personick
sdp@ece.drexel.edu
Commonwealth 420
Copyright 2000 S.D. Personick. All rights reserved
Network Denial-of-Service
Attacks
and
Other Network-ApplicationBased Attacks
Copyright 2000 S.D. Personick. All rights reserved
Network Denial-of-Service
Attacks
• Attacker’s objective
To interrupt or reduce the quality of
services…as experienced by legitimate
users
• Many attacks have innocent counterparts
(e.g., someone sends me a very large E-mail
attachment, and blocks my access to other
messages)
Copyright 2000 S.D. Personick. All rights reserved
Network Denial-of-Service
Attacks
• The “SYN” Flooding attack:
-In TCP, one establishes a connection by
sending a synchronization (SYN) message
to the host one wishes to communicate with
-The attack: send a large number of SYN
messages (with phony source addresses) to
a host. This overloads the buffer in the host
that keeps track of TCP connections (and
half-connections) in progress
Copyright 2000 S.D. Personick. All rights reserved
TCP SYN Flooding Attack
SYN(500)
SYN(1024), ACK(501)
No
acknowledgement
of prior SYN
segment….
More SYN
acknowledgements ...
...More new SYN
segments
Copyright 2000 S.D. Personick. All rights reserved
Network Denial-of-Service
Attacks
• The “SYN” Flooding attack:
-Some protection can be gained by
configuring networks so that they will not
accept IP packets from external (to the
network) sources whose source addresses
are internal to the network; and which will
not allow internal sources to send IP packets
to external destinations if the source
addresses used are not internal addresses
Copyright 2000 S.D. Personick. All rights reserved
Sequence Number Attacks
• Disable a host that is trusted by the target
(intended victim) machine
• Initiate a TCP connection by impersonating
the disabled host (I.e., use it’s IP address)
and sending a SYN message.
• Guess the initial sequence number that the
target system will use; and respond with an
acknowledgement.
Copyright 2000 S.D. Personick. All rights reserved
TCP Sequence Number Attack
SYN(500)
SYN(800), ACK(501)
ACK(801)
ACK(801), data
ACK(801), FIN(1012)
ACK(
)
ACK(1013)
ACK(1013), FIN(800)
ACK(801)
Ref: “Firewalls and
Copyright 2000 S.D. Personick. AllInternet
rights reservedSecurity”
Other Network-based Attacks
• See Cheswick and Bellovin Chapter 2
• Many network-based attacks are caused by
the lack of strong authentication of sources
(e.g., it is easy to impersonate another
machine by using its IP address) and lack of
encryption on IP network links
Copyright 2000 S.D. Personick. All rights reserved
Network Integrity and Information
Assurance :
Lecture 9
Dr. Stewart Personick
sdp@ece.drexel.edu
Commonwealth 420
Copyright 2000 S.D. Personick. All rights reserved
Firewalls
Ref: Firewalls and Internet Security,
W.R. Cheswick and S.M. Bellovin
Copyright 2000 S.D. Personick. All rights reserved
Firewall
• A firewall is a mechanism through which
we can attempt to protect a collection of
computers and networks within an enclave
from attacks launched from outside of the
protected enclave
• Firewalls can also be used to provide
barriers between subsets of computers and
networks within an enclave
Copyright 2000 S.D. Personick. All rights reserved
Firewalls
Gateway computer
The rest of cyberspace
ENCLAVE
Copyright 2000 S.D. Personick. All rights reserved
Firewalls
The rest of cyberspace
Subnet 1
Subnet 2
Enclave
Copyright 2000 S.D. Personick. All rights reserved
Packet Filter
ref: Firewalls and Internet Security
action
ourhost
block
*
port theirhost port comment
*
spigot
*
block these guys
our GW’s mail
allow
our GW
25
*
*
allow
*
*
*
25
Copyright 2000 S.D. Personick. All rights reserved
???
Packet Filters
• In the previous slide, we filter packets on the basis
of which of “our hosts” (inside the firewall) and
which our “their hosts” (outside the firewall), and
which ports are involved in a TCP connection,
independent of which end established the
connection
• The first rule keeps spigot from participating in
TCP connections with our hosts (we block packets
to/from spigot)
Copyright 2000 S.D. Personick. All rights reserved
Packet Filters
• The second rule allows any host to establish a
connection to port 25 (SMTP =mail) on our
gateway machine
• The last rule says that any of our hosts can
participate in a port 25 (SMTP =mail) TCP
connection with any other host. This is dangerous,
because an exterior host could use its port 25 to
initiate a connection to one of our hosts for a
purpose other than mail
Copyright 2000 S.D. Personick. All rights reserved
Packet Filter
ref: Firewalls and Internet Security
action
allow
source port dest
{ourhosts} *
port
*
*
allow
*
*
*
*
allow
*
*
*
>1023
Copyright 2000 S.D. Personick. All rights reserved
flags
ACK
Packet Filters
• In the previous slide, we implement filtering based
on which host has originated the TCP session
• In particular, if a packet is a initial request to open
up a TCP session, it does not have the TCP
“ACK” bit set. All other packets have the “ACK”
bit set. Therefore, we can block TCP connections
that are initiated by “their host” (outside of the
firewall)
Copyright 2000 S.D. Personick. All rights reserved
Packet Filters
• We assume that our hosts will reject packets with
the ACK bit set, if the corresponding TCP
connection has not been initiated
• Thus a host that is not one of our hosts cannot
establish a TCP connection under either of the first
two rules
• The last rule allows external hosts to establish a
TCP connection to our hosts if the target port
number is higher than 1023
Copyright 2000 S.D. Personick. All rights reserved
Where to put the filters
The rest of cyberspace
Subnet 1
Subnet 2
Enclave
Copyright 2000 S.D. Personick. All rights reserved
Where to put the filters
• The location of the filters is critical for
-catching problems as close to the source as
possible
-identifying the link on which a packet has
arrived
Copyright 2000 S.D. Personick. All rights reserved
Comments
• The lack of authentication of packet sources
and of routes taken by packets…as well as
opportunities to modify packets in transit
make the packet filtering problem much
harder
Copyright 2000 S.D. Personick. All rights reserved
Application Level Gateways
• This type of gateway acts as an intermediary
between outside hosts and inside hosts (their hosts
and our hosts) by accepting packets associated
with a specific application (e.g., Email) and
scrutinizing the contents of those packets (or sets
of related packets) at the application level.
• An application level gateway can also provide
useful functions, such as mail forwarding and
reformatting
Copyright 2000 S.D. Personick. All rights reserved
Network Integrity and Information
Assurance :
Lecture 10
Dr. Stewart Personick
sdp@ece.drexel.edu
Commonwealth 420
Copyright 2000 S.D. Personick. All rights reserved
Viruses (and Worms)
references:
William Stallings-Cryptography and
Network Security Chapter 15.2
Copyright 2000 S.D. Personick. All rights reserved
Viruses and Worms
• Virus: “A program that can “infect” other
programs by modifying them; the
modification includes a copy of the virus
program, which can then go on to infect
other programs” (ref: Stallings p504)
• Worm “Network worm programs use
network connections to pass from system to
system” (ref: Stalling p504)
Copyright 2000 S.D. Personick. All rights reserved
Viruses and Worms
• Virus: extraneous executable code that
attaches itself to a file or an application, and
that can reproduce itself to infect other files
or applications
• Worm: a stand-alone executable program
that can replicate itself, and that can utilize
system resources to spread to multiple
systems
Copyright 2000 S.D. Personick. All rights reserved
Simple Virus Structure (ref Stalling
p 506)
Program V:=
{goto main;
1234567;
subroutine infect executable :=
{loop:
file := get random executable file
if (first-line-of-file = 1234567)
then goto loop
else prepend V to file;}
main: main-program :=
{infect-executable;
goto next;}
next:
}
Copyright 2000 S.D. Personick. All rights reserved
Polymorphic Viruses
• Change with each new infection
• Are (for example) comprised of two parts
– A decryptor
– An encrypted virus file
• Both the decryptor and the encrypted file
change each time the virus replicates…so
that neither one has a fixed signature
Copyright 2000 S.D. Personick. All rights reserved
Infected application
Decryptor
Encrypted virus
file
App. 1
Copyright 2000 S.D. Personick. All rights reserved
How does it work?
Infected app.
Executing
1
Decryptor
Decryptor
Encrypted virus
file
Virus version xyz
Mutator Engine
App. 1
App. 1
1. The decryptor executable will decrypt the encrypted virus file
Copyright 2000 S.D. Personick. All rights reserved
How does it work2?
Decryptor
New Decryptor
Virus version
xyz
Mutator Engine
Virus version
xyz+1
Mutator Engine
App. 1
2
4
3
New Decryptor
Encrypted
virus file
New Decryptor
Encrypted
virus file
2. Virus1 finds the victim(App.2)
3. Mutator Engine creates a new Decryptor,
a new virus file, and encrypts the new
virus file
4. Virus2 is prepended to App. 2
App. 2
Copyright 2000 S.D. Personick. All rights reserved
Detecting Viruses
ref: Stalling pp 510-514
• Look for a known virus signature
• Heuristic methods: look for structures in a
file that look like they may be associated
with a virus (e.g., an decryption loop)
• Checksums (easily defeated using
compression and de-compression
techniques or by changing the checksum)
• Digital signatures
Copyright 2000 S.D. Personick. All rights reserved
Virus Signature Detection
Example:
20,000 files to check
x
30,000 virus signatures to test against
= 600,000,000 tests to perform
@ 1 test per microsecond => 10 minutes to
perform the virus check
Copyright 2000 S.D. Personick. All rights reserved
Network Integrity and Information
Assurance :
Lecture 11
Dr. Stewart Personick
sdp@ece.drexel.edu
Commonwealth 420
Copyright 2000 S.D. Personick. All rights reserved
Intrusion Detection
Ref: Edward Amoroso
Intrusion Detection
Copyright 2000 S.D. Personick. All rights reserved
Intrusion Detection
• For the purposes of this lecture, intrusion detection
is about detecting unauthorized, possibly
malicious attempts to gain access to networks and
computer systems, or to disrupt networks,
systems, services and applications of authorized
users
• To a large extent is is about the synthesis of
indications of intrusions from many sources of
such indications
Copyright 2000 S.D. Personick. All rights reserved
Ethical and Legal Surveillance
• Intrusion detection is based on observations of
actions that have been taken by, or caused by,
network users
• The body of law that governs the use of computer
networks is evolving rapidly
• Monitoring computer usage raises issues and
controversies related to privacy rights and
protections against arbitrary searches that derive
from the U S Constitution
Copyright 2000 S.D. Personick. All rights reserved
The Bill of Rights: U S Constitution
Amendment IV
The right of the people to be secure in their persons,
houses, papers, and effects, against unreasonable
searches and seizures, shall not be violated, and no
warrants shall issue, but upon probable cause, supported
by oath or affirmation, and particularly describing the
place to be searched, and the persons or things to be
seized.
Copyright 2000 S.D. Personick. All rights reserved
Intrusion Detection
• The principal purpose of intrusion detection
is to defend against attacks and to recover
from attacks
• Layered network defense:
Defend-Detect-Respond
Copyright 2000 S.D. Personick. All rights reserved
Responding
• Note that, from the perspective of legitimate
network users… an attack-induced outage
that lasts 20 milliseconds will probably be
un-noticeable for most applications. An
attack-induced outage that lasts 20 seconds
will be noticeable, but not serious, for most
users and applications. An attack-induced
outage that lasts 5.5 hours (20,000 seconds)
will generally be very serious for most users
Copyright 2000 S.D. Personick. All rights reserved
Responding
• How long it takes to recover is very much a
function of:
-the nature of the damage done
-the cause of the initial damage (e.g., how to
eliminate malicious code from trusted hosts)
-the availability, trustworthiness, and
accessibility of data that can be used to
diagnose the damage and the cause of the
damage
Copyright 2000 S.D. Personick. All rights reserved
Responding
• How long it takes to recover is very much a
function of (continued):
-the availability of back-up resources:
equipment, applications, and trusted data
-how the overall network was architected
-how good a job was done in planning and
implementing recovery processes
Copyright 2000 S.D. Personick. All rights reserved
Ref: Amoroso p17
“The basic principles of intrusion detection
are derived from many sources, many of
them having little or nothing to do with
computing and networking
resources…safecrackers and Internet
crackers share a kindred spirit not often
obvious because they live in such different
worlds…unless, of course, they share a jail
cell”
Copyright 2000 S.D. Personick. All rights reserved
Analogies from Everyday Life
Ref Amoroso p 18
• Network management systems collect data
from many sources to allow for the efficient
assignment and monitoring of resources and
their utilization
• Monitoring of typical usage patterns to
detect fraud (calling cards, credit cards)
• Reacting to situations that don’t seem
normal (instinct and intuition)
Copyright 2000 S.D. Personick. All rights reserved
Analogies from Everyday Life
Ref Amoroso p 18
• Constant vigilance: surveillance cameras
• Stealth design: hidden surveillance cameras
(trying to reduce the attacker’s advantage)
• Incenting adversaries to go elsewhere
Copyright 2000 S.D. Personick. All rights reserved
Generic Intrusion Detection
System
Network System
or Network Element
Network System
or Network Element
Observations
Intrusion Detection Engine
Data
Policies
Reports, alerts,
autonomous actions
Copyright 2000 S.D. Personick. All rights reserved
Generic Intrusion Detection
System
A critical, but subtle aspect of the intrusion
detection system strategy is to neutralize the
attacker’s advantage by drawing on the
concerted resources of large numbers of
defenders…both in terms of the data they can
provide, and in terms of the defense
mechanisms they can conceive
Copyright 2000 S.D. Personick. All rights reserved
Intrusion Detection Data
• Historical data related to (anonymous) network
traffic and usage patterns
• Historical data related to specific users or
applications
• User profiles: including trust levels, access
privileges and roles (job descriptions)
• Signatures of known attacks
• Signatures of patterns considered to indicate a
possible attack
Copyright 2000 S.D. Personick. All rights reserved
Intrusion Detection Data
• Signatures of activities or patterns
considered to indicate a possible attack:
Politician: “People say I am a crook; do you
think I am a crook”
Advisor “I don’t know if you are a crook,
but I know a lot of crooks who act like you”
Copyright 2000 S.D. Personick. All rights reserved
Download