Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Networking

Overview of Computer Science

advertisement 
Overview of Computer Science
CSC 101 — Summer 2011
Risks of Digital Information
Malware
Encryption
Lecture 21 — August 3, 2011
Announcements
• Lab #8 Tomorrow
• WA #8 Due Friday
• Final Exam next Tuesday (8/9/11).
– This Room – 2pm – 5pm
• Final Review on Monday – 8/8/11
• Quiz #3 on Friday
2
Objectives
•
•
•
•
Risks of digital information
Malware
Phishing and spoofing
Data encryption
3
1
Technology Risks
• Information can be digitized
– Therefore easily manipulated by computers
• Computers can be networked
– Therefore information can be easily exchanged
• Our lives are increasingly influenced by this easy
availability of information
• With advances in technology come risks
– It is our responsibility to evaluate the veracity of and the right
to use the information we find
– It is also our responsibility to ensure that our institutions use
information wisely
4
Technology Risks
• Some risks of advances in information technologies
–
–
–
–
Personal privacy
Data security and high-tech crime
Intellectual property rights
T h l
Technology
failures
f il
–
–
–
–
Automation and dehumanization
Exploitation of information for political or economic power
The blurring of reality
Artificial intelligence and bio-digital technologies
• Hardware or software bugs
• Dependence on complex technologies
• We must be aware of the power of the technologies that
are part of our lives
5
Malware
• Malware – malicious software
–
–
–
–
–
–
–
Viruses
Trojan horses
Worms
S
Spyware
Adware
Key loggers
Etc.
These three are all often called “viruses”
• Can be spread through
–
–
–
–
Email
Network connections
Shared files
Downloaded applications
6
2
Malware: Viruses
• A computer virus is a small bit of software that
copies itself from one computer to others
– Transfers via email or shared files
– Can spread by silently emailing itself to many other
users
• Might do nothing but reproduce, may cause
damage by erasing files, or may silently ‘steal’
personal data
• Anyone who can program can create a virus
7
Malware: Trojan Horses
• A Trojan horse is a program that appears to be benign,
or even useful, but contains a hidden malicious action
– Often hidden in free downloads or shareware
– Can delete files or steal personal information
• Named for the Homeric story
of the Trojan Horse, a large
wooden horse presented by
the Greeks to the Trojans
as a gift but instead filled
with nasty soldiers
8
Malware: Worms
• A worm is a program that reproduces itself over
network connections
– Does not need an email message
or another program as a carrier
• Often targeted to
– A specific site, or
– A specific kind of computer
• Can cause a denial of service (DOS) attack
– Prevents the use of an attacked site or computer by
overloading its resources
9
3
Growth of Viruses
Sources: Computer Knowledge; Symantec Norton Anti-Virus
10
Financial Cost of Malware
Worldwide Economic Impact of Virus Attacks
20
($ Billions)
15
10
5
0
1994
1996
1998
2000
2002
2004
2006
Source: Computer Economics 2005 Malware Report
11
Virus Protection
• Antivirus software can help prevent or slow down
viruses, Trojan horses, and worms
– Regular virus definition updates are needed to prevent the
spread of new viruses
– WFU laptops are automatically updated when connected to the
WFU network
– Other computers require a subscription to the antivirus
software’s update service
– WFU email is also screened for viruses before being delivered
to your laptop
• For more info: http://securityresponse.symantec.com/
12
4
Politically Motivated Computer Crime
• Unwanted, malicious use of computers and networks for political or
ideological reasons
• ‘Normal’ malware and computer crime attacks are motivated by simple greed or hubris
– Information warfare
• Disruptive use of computers and networks by the actions of governments, either
offensivelyy or defensively,
y, against
g
government
g
or militaryy installations or opponents
pp
– Cyberterrorism
• Premeditated, politically motivated attack against computers and networks, resulting in
violence against non-combatant targets, by sub-national groups or clandestine agents
– “Hactivism”
• Disruptive use of computers and networks by individuals or groups to advance ideology
13
NASA WANK Worm
• Just before launch of shuttle carrying Galileo probe (1989)
– Probe’s nuclear generator contained radioactive plutonium
– Eradication took weeks and cost NASA $500,000
W O R M S
A G A I N S T
N U C L E A R
K I L L E R S
_______________________________________________________________
\__ ____________ _____
________
____ ____
__ _____/
\ \ \
/\
/ /
/ /\ \
| \ \ | |
| | / /
/
\ \ \ / \ / /
/ /__\ \
| |\ \ | |
| |/ /
/
\ \ \/ /\ \/ /
/ ______ \
| | \ \| |
| |\ \
/
\_\ /__\ /____/ /______\ \____| |__\ | |____| |_\ \_/
\___________________________________________________/
\
/
\
Your System Has Been Officically WANKed
/
\_____________________________________________/
You talk of times of peace for all, and then prepare for war.
14
14
“Virtual SitSit-In”
15
5
Defacement of Web Sites
16
Virus Generator
17
Worm Generator
18
6
DDoS Attacks
• Distributed Denial of Service attacks
– Make use of botnets
• Malware quietly infects a large number of computers
• At a predetermined time, all of the infected computers launch a
coordinated attack on some target
g
19
19
Some DDoS Assaults
• February 2000
– Targets: Yahoo, CNN, eTrade, Amazon, Buy.com,
ZDNet, eBay, others …
• July 2009
– Coordinated attack on US and S. Korean government
sites, as well as Wall Street sites
– Apparently sourced from N. Korea
• …and many others…
20
Code Red Worm
• Worm identifies vulnerable Windows servers to exploit
• Defaces English websites hosted on server with message:
Welcome to http://www.worm.com! Hacked by Chinese!
• July 19,
19 2001: over 359,000
359 000 hosts infected in 13 hours
– At 5:00 pm, worm launched DDoS attack against
198.137.240.91 (www.whitehouse.gov)
• Almost a million servers infected with losses of $2.4 billion
– Caused other effects, e.g. overload of Japan Airlines reservations
computer, delaying 55 flights and 15,000 passengers
21
7
Spread of Code Red Worm
July 19 01:05:00 2001
22
19 Hours Later
July 19 20:15:00 2001
23
An Example: eToys vs. etoy
• eToys.com tried to buy domain name of etoy.com
• When rebuffed, eToys.com filed suit against etoy.com
– Received injunction prohibiting etoy from using their name
• Protestors launched a DoS attack
– killertoy.html accessed eToys.com and filled multiple shopping
carts to brim without buying (>100,000 items/day)
– eToys stock dropped from $67 in late 1999 to $10 in early 2000
– eToys.com dropped suit and reimbursed $40,000 in legal fees
24
8
South Ossetia
• 2008: war between Georgia
and Russia over South Ossetia
– Websites of Government of Georgia
hacked apparently by Russian agents
hacked,
• Images comparing Georgian president
Mikheil Saakashvili to Adolf Hitler
• Similar attacks on Estonia in 2007
– A Georgian blogger (“Cyxymu”)
made frequent anti-Russian posts
• Many blogging sites, Twitter, Facebook, Google blogs, and Livejournal,
were attacked August 9, 2009, apparently to silence this one blogger
25
Why is the Internet so Vulnerable?
• The Internet was initially designed to make information transfer easy
– No central control, so no general way to monitor or restrict activity
– Never designed for tracking, tracing or validating users
• The Web was specifically designed for sharing and collaboration
among trustworthy
t t
th users
• The Internet was never anticipated to be so large, pervasive, and fast
–
–
–
–
–
IP addresses can be forged – can’t identify true source of an attack
Multiple administrative, jurisdictional, and national boundaries
Multiple kinds of computers and systems have access
Attackers can destroy logs and other audit data
No longer possible to link specific users to specific IP addresses
26
Spyware and Adware
• Spyware is software that secretly collects personal
information and passes it to advertisers or others
– Often gets installed without the user’s knowledge or consent
– Can track the user
user’ss web browsing habits
– Can collect passwords, credit card numbers, etc.
• Adware is ‘free’ programs that are supported by
advertising
– Often include a hidden spyware component
• These are often very difficult to remove once installed
27
9
Protection From Spyware and Adware
• Good anti-spyware tools are becoming available
– Ad-Aware SE (www.lavasoft.com)
• A free download that scans your computer for adware,
spyware,
py
and other suspect
p software
– Spybot Search & Destroy
• Included on your WFU laptop
– Some others can be found here
• Some other sources of information on spyware
and adware
– www.spychecker.com
– www.cexx.org/problem.htm
28
Preventing Malware
• Many viruses exploit security holes in operating
system or application software
– Software companies release security patches to repair
those weaknesses
– Usually provided free by the software companies
– WFU laptops automatically receive Microsoft patches
when connected to the WFU wired network
– Other computers may require manually going to
windowsupdate.microsoft.com for patches
29
Preventing Malware
• Some Web sites have special verification methods to
prevent automated signups
– Helps prevent spammers from obtaining large numbers of
valid, free accounts from which to send spam
– Called: CAPTCHA
• Completely Automated Public Turing test to tell Computers and
Humans Apart
See also www.captcha.net
30
10
The Turing Test
• The Turing Test uses two people and
a computer
– One person (the interrogator) types
questions on a terminal
• The questions can be about anything
anything—
math, science, politics, sports, art, emotions,
entertainment, human relationships, etc.
– As answers appear on the screen, the
interrogator guesses whether those answers
were typed by the other person or generated
by the computer
– By repeatedly fooling interrogators into thinking it is a person, a computer
can demonstrate intelligent behavior
• Turing: “If it acts intelligently, it is intelligent”
• But, is it really “intelligent”, or just well programmed?
31
Preventing Malware
• You can reduce your personal risk of malware
attack by
–
–
–
–
Handle email with care
Consider
C
id shared
h d files
fil as being
b i potentially
t ti ll infected
i f t d
Back up important information
Consider using a firewall if you’ve got an always-on
internet connection (e.g. cable modem or DSL)
– Don’t leave file sharing turned on unless it’s
password-protected
– Keep virus definitions and system patches up-to-date
32
– Back up important information (!)
Phishing and Spoofing
• Phishing is the practice of sending legitimate-looking emails that
falsely claim to be from well-known sites
• A spoofed Web page is one that falsely appears to be from a
legitimate, well-known site
• These
Th
bboth
th askk for
f personall information
i f
ti suchh as
–
–
–
–
Passwords
Bank account numbers
Credit card numbers
Etc.
• If you receive a phishing email, you can forward it to
spam@uce.gov to report it
– Not sure what happens if you do…
• Other major organizations have addresses to report phishing
emails to as well (e.g. abuse@bankofamerica.com)
33
11
Web Beacons
• A web beacon (or web bug) is an invisible graphic image
in an email or a Web page
– Includes hidden code that can send information back to a
spammer
– When the email is opened and its graphics displayed, the
spammer is notified that your address is valid
– Can be avoided by setting the email program to not display
HTML graphics
• Can display the graphics once you confirm that you trust the sender
– On Thunderbird, set this with
Tools Æ Options Æ Privacy Æ General Æ Block loading images
34
Cookies
• Many Web sites place cookies on the user’s computer
– An HTTP cookie is a small file containing information from a
particular Web site
• Cannot be read by other Web sites
– Can be very useful
• Helps simplify usage of Web sites
• Remembers personal information between sessions
– Cookies are not a form of malware
– But, can also be exploited to track users’ surfing habits and
other personal information
• DoubleClick, Inc. is one company that has tried to exploit this
• Requires extensive cross-correlation to gather any useful information
35
Access Security
• Access to a computer system may be based on
• Something you know
–
–
–
–
• Something you have
A password
An ID number
A lock combination
Personal information, such as
your mother’s maiden name
– A key
– A photo ID card
– A smart card containing digitally
encoded identification
• Something about you
• Something you do
– Your signature
– A voice print, fingerprint, retinal
scan, facial feature scan, or other
“biometric” measurement
36
12
Data Security
• BACK UP your important data!!!
• Lock your laptop whenever it’s in an insecure
location
37
Spam
• What is “Spam”
– SPAM® – a processed, meat-based ‘luncheon meat’
product that resembles food
– Spam – unsolicited commercial email (UCE)
– Using this name for email comes
from…
Monty Python’s Spam skit (1970) at video.google.com
Also, check out this fake ad for gMail
38
Secure Web Pages
• Before filling in a form on a Web page with sensitive
information, make sure that the connection is secure
– Connection between your browser and the server is encrypted
• Padlock icon in the browser
• https://www..... in the address box
– Doesn’t mean the site itself is secure…
Internet Explorer
Mozilla/Firefox
39
13
The Need for Encryption
• Two main types of data communication
– Broadcasting (one-to-many)
– Networking (one-to-one)
• IInformation
f
i that
h is
i broadcast
b d
can be
b received
i d
by anyone within range
• Information transmitted through a network is
usually intended for one recipient
– Still subject to ‘eavesdropping’
or interception
40
The Need for Encryption
• Messages are often intended for one recipient only
• Governments, Armies
• Businesses, Individuals
– These are all reasonable reasons for encryption in our society
• Not
N all
ll governments agree
• Want to guarantee that only intended recipients can
read messages
• Assume that the message will be intercepted
– Usually not possible to ensure that no one can tap in to a
communication channel
– So, make the meassage unreadable to anyone except the
intended recipient
41
Some Definitions
• Cryptography is the art and science of
keeping messages secret
• Encryption
yp
techniques
q
convert data into
secret codes
• Decryption is the process of retrieving the
original message
• A matched pair of encryption/decryption
methods is often called a cipher
42
14
Data Encryption
• An unencrypted message is called plaintext
• The encrypted version is called ciphertext
• Example: Original Plaintext:
“second bridge on monday”
encryption
Ciphertext:
“vhfrqgeulgjhrqprqgdb”
The ciphertext is the
message that is
actually transmitted
decryption
Recovered Plaintext:
“second bridge on monday”
43
Data Encryption
• A message is encrypted using some algorithm
• One very simple method is the Caesar Cipher:
– Each letter is replaced by a letter that is, say, 3 positions away in the
alphabet
• AÆ D, BÆ E, … , WÆ Z, XÆ A, YÆ B, ZÆ C
• Example:
“second
↓
bridge on monday”
“vhfrqgeulgjhrqprqgdb”
• Using a different number, say 5, would generate a different
ciphertext: “xjhtsigwniljtsrtsifd”
• Commonly used encryption algorithms are much more complex
44
Encryption Keys
• Encryption algorithms usually have changeable
parameters called keys
– In the Caesar cipher, the number “3” is the key for this cipher
– A different key leads to different ciphertext for a message
• E
Encryption
i keys
k
are usedd tto encode
d plaintext
l i t t into
i t
ciphertext
• Decryption keys are used to decode ciphertext to recover
the original plaintext
– Receiver needs to know the correct key to read the message
– Decryption keys can sometimes be discovered (“broken” or
“cracked”) by brute force methods employing computers to
search very large numbers of potential keys
– Longer keys make brute-force cracking more difficult
45
15
Modern Ciphers
• There are two main types of ciphers in
common use
– Secret key ciphers
• Also known as symmetric ciphers
– Public key ciphers
• Also known as asymmetric ciphers
46
Secret Key Ciphers
• Secret key ciphers use a single secret key for both encryption and
decryption (symmetric)
• The secret key must be transferred securely to the receiver in
order for the method to be secure
yp
Standard (DES)
(
) is a secret keyy cipher
p
• The Data Encryption
sponsored by the US government
–
–
–
–
DES uses a 56-bit key (256 ≈ 1017 ≈ one hundred quadrillion possible keys)
But, a 56-bit key can be cracked in a few hours by brute force
The key could be rapidly changed to keep ahead of a potential cracker
DES has been retired, but “Triple-DES” is still in common use
• The Advanced Encryption Standard (AES) has been adopted to
replace DES
– AES uses a 128-bit key (2128 ≈ 1038 possible keys)
– Would take much longer than the age of the universe to crack at the same
speed as the DES cracker
47
Public Key Ciphers
• Public key ciphers employ an algorithm with two
keys – a public key and a private key
(asymmetric)
• A sender looks up the recipient’s public key and
uses it to encode a message
• The recipient then decodes the message with his
or her private key
– This private key is necessary to decode the message
– The private key must match the public key used
48
16
Public Key Ciphers
49
Public Key Ciphers
• The RSA encryption algorithm was the first practical
public key algorithm
– Rivest, Shamir, and Adleman (1976)
– Patented (US
(
patent
p
# 4,405,829),
,
,
), so royalty
y y payments
p y
formerlyy required
q
• PGP (Pretty Good Privacy) and
GPG (GNU Privacy Guard) are implementations of
public-key ciphers
– www.pgpi.org
– www.gnupg.org
– Only GPG is completely free of patented software
– These both also make use of secret key ciphers for
“digital envelopes” (described on next slide)
50
Public Key Ciphers
• No need to keep the algorithms or public keys secret
– No need to transmit the private key
• But, public key ciphers require more resources
– Very long keys – up to 1024 bits or more – are used to prevent
brute-force key cracking
• 21024 ≈ 10300 possible keys (There are about 1080 atoms in the universe)
• Slow, complex computations required for encryption and decryption
• A compromise often used for efficiency:
a digital envelope
– Use a secret key cipher for the main message (efficient)
– Transmit the secret key securely by using a public key method
(only the secret key is sent via the less-efficient method)
51
17
Authentication
• Encryption is valuable for keeping messages private
– But, how is the sender’s identity verified?
– Can we trust the identity of the sender of an email
or other message?
– We would like to use electronic messages for
•
•
•
•
•
Legal documents and contracts
Orders or commands
Medical records or instructions
Business transactions
Any other communication requiring confirmation of a sender’s identity
• The process used to verify the identity of a respondent is
called authentication
52
Authentication
• One method of authentication of data communications is
called a digital signature
• Digital signatures exploit the pairing of public and
private encryption keys
• To authenticate that someone is who they say they are:
– A short, plaintext message is sent to the person, who encodes it
with their private key and returns it
– When the encrypted message is returned, it is decrypted with
that persons’ public key
– If it decrypts correctly, the person’s identity is confirmed
53
18
Related documents
Hwk #11
Hwk #11
GEMS—Codes and Ciphers Today we explored one kind of coding
GEMS—Codes and Ciphers Today we explored one kind of coding
public-key encrypts
public-key encrypts
The World’s Greatest Unsolved Ciphers Prof. Craig Bauer (York College of Pennsylvania)
The World’s Greatest Unsolved Ciphers Prof. Craig Bauer (York College of Pennsylvania)
CS361 Questions: Week 8
CS361 Questions: Week 8
Download
advertisement