1 / 43

Welcome to CS 395/495 Internet Security: A Measurement-based Approach

Welcome to CS 395/495 Internet Security: A Measurement-based Approach. Why Internet Security. Internet attacks are increasing in frequency, severity and sophistication Denial of service (DoS) attacks Cost $1.2 billion in 2000

alvin-solis
Download Presentation

Welcome to CS 395/495 Internet Security: A Measurement-based Approach

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Welcome to CS 395/495Internet Security: A Measurement-based Approach

  2. Why Internet Security • Internet attacks are increasing in frequency, severity and sophistication • Denial of service (DoS) attacks • Cost $1.2 billion in 2000 • 1999 CSI/FBI survey 32% of respondents detected DoS attacks directed to their systems • Thousands of attacks per week in 2001 • Yahoo, Amazon, eBay, Microsoft, White House, etc., attacked

  3. Why Internet Security (cont’d) • Virus and worms • Melissa, Nimda, Code Red, Code Red II, Slammer … • Cause over $28 billion in economic losses in 2003, growing to over $75 billion in economic losses by 2007. • Code Red (2001): 13 hours infected >360K machines - $2.4 billion loss • Slammer (2003): 10 minutes infected > 75K machines - $1 billion loss • …… • Security has become one of the hottest jobs even with downturn of economy

  4. Overview • Course Administrative Trivia • What is Internet security? • Principles of cryptography • Authentication Some slides are in courtesy of J. Kurose and K. Ross

  5. Logistics • Instructor Yan Chen (ychen@cs.northwestern.edu), Office Hours: Wed. 2-4pm or by appointment, Rm 330, 1890 Maple Ave. • TA Jason A. Skicewicz (jskitz@cs.northwestern.edu) Office Hours: Tu. and Th. 3:30-4:30pm, Rm 321, Maple Ave.

  6. Course Overview • Seminar class: paper reading + a big project • Start with the basic concepts of security • Cryptography, access control and protection • First half focus on large-scale Internet attacks • Mobile Malcode (virus/worm): characterization, technologies, history and current defense • Denial of service (DoS) attacks • Firewall technologies • Intrusion detection systems (IDS)

  7. Course Overview (cont’d) • Many new unknown attacks/anomalies remaining • Second half: Internet anomaly detection • High-speed network measurement and monitoring • Network fault diagnostics and root cause analysis • BGP/routing anomalies • Network topology discovery • Measurement-based inference • Peer-to-peer system measurement and monitoring

  8. Prerequisites and Course Materials • Required: CS340 (Intro to computer networking) • Highly Recommended: OS or having some familiarity with Unix systems programming • No required textbook – paper reading! • Recommended (see webpage for a complete list) • Firewalls and Internet Security: Repelling the Wily Hacker, 2nd edition, by William R. Cheswick, Steven M. Bellovin, and Aviel D. Rubin • Computer Networking: A Top-Down Approach Featuring the Internet, [KR], Second Edition, James Kurose and Keith Ross, Addison Wesley, 2002

  9. Grading • No exams for this class • Class participation and discussion 10% • Paper reading summary 10% • In class paper presentation 15% • Project 65% • Proposal and survey 5% • Design document 5% • Weekly report and meeting 5% • Project presentation 25% • Final report 25%

  10. Paper Reading • Write a very brief summary of each paper, to be emailed to the TA before the class • Summary should include: • Paper title and its author(s) • Brief one-line summary • A paragraph of the one or two most significant new insight(s) you took away from the paper • A paragraph of the one or two most significant flaw(s) of the paper • A last paragraph where you state the relevance of the ideas today, potential future research suggested by the article

  11. Class Format • Introduction of the basic problems, ideas and solutions (10 minutes) • Student presentations of the two papers • 20 minutes for presentation, and 10 minutes for discussion • Summarize with the last 10 minutes • Take turns for presentation (~30 papers, 4 papers/student)

  12. Format of the Presentation • Presentation should include the following • Motivation • Classification of related work/background • Main ideas • Evaluation and results • Open issues • Send the slides to the TA and me for review at least 24 hours ahead of the class • Guidelines online

  13. Projects • The most important part of class • Group of 2+ people • Project list will be online soon • Proposal – April 8 • 3-4 pages with another 1-2 pages references. • Design Document – April 15 • 4-5 pages with a detailed description of the software design, load distribution among group members. • Weekly Meeting and Progress Report – 4/13-5/25 • Each team will schedule a weekly meeting (30 minutes) with me. A work-in-progress report (except the 4/13 week) of 1-2 pages is due 24 hours ahead of the meeting. • Project Presentation – June 1 and 3 • Final Report – June 9

  14. Communication and Policies • Web page: http://www.cs.nwu.edu/~ychen/classes/cs495/ • Newsgroup (cs.netsec) is available • Send emails to instructor and TA for questions inappropriate in newsgroup • No late handins! Will be ignored • Work division • Each team member should do similar amount of work • Survey on work division at the end of quarter • More contribution, better grade!

  15. Overview • Course Administrative Trivia • What is Internet security? • Principles of cryptography • Authentication Some slides are in courtesy of J. Kurose and K. Ross

  16. What is network security? Confidentiality: only sender, intended receiver should “understand” message contents • sender encrypts message • receiver decrypts message Authentication: sender, receiver want to confirm identity of each other Message Integrity: sender, receiver want to ensure message not altered (in transit, or afterwards) without detection Access and Availability: services must be accessible and available to users

  17. Friends and enemies: Alice, Bob, Trudy • well-known in network security world • Bob, Alice (lovers!) want to communicate “securely” • Trudy (intruder) may intercept, delete, add messages Alice Bob data, control messages channel secure sender secure receiver data data Trudy

  18. Who might Bob, Alice be? • … well, real-life Bobs and Alices! • Web browser/server for electronic transactions (e.g., on-line purchases) • on-line banking client/server • DNS servers • routers exchanging routing table updates • other examples?

  19. There are bad guys (and girls) out there! Q: What can a “bad guy” do? A: a lot! • eavesdrop: intercept messages • actively insert messages into connection • impersonation: can fake (spoof) source address in packet (or any field in packet) • hijacking: “take over” ongoing connection by removing sender or receiver, inserting himself in place • denial of service: prevent service from being used by others (e.g., by overloading resources)

  20. Overview • Course Administrative Trivia • What is Internet security? • Principles of cryptography • Authentication Some slides are in courtesy of J. Kurose and K. Ross

  21. K K A B The language of cryptography Alice’s encryption key Bob’s decryption key symmetric key crypto: sender, receiver keys identical public-key crypto: encryption key public, decryption key secret (private) encryption algorithm decryption algorithm ciphertext plaintext plaintext

  22. Symmetric key cryptography substitution cipher: substituting one thing for another • monoalphabetic cipher: substitute one letter for another plaintext: abcdefghijklmnopqrstuvwxyz ciphertext: mnbvcxzasdfghjklpoiuytrewq E.g.: Plaintext: bob. i love you. alice ciphertext: nkn. s gktc wky. mgsbc

  23. K K A-B A-B K (m) m = K ( ) A-B A-B Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key: K • e.g., key is knowing substitution pattern in mono alphabetic substitution cipher • Q: how do Bob and Alice agree on key value? encryption algorithm decryption algorithm ciphertext plaintext plaintext message, m K (m) A-B A-B

  24. Symmetric key crypto: DES and AES DES: Data Encryption Standard • US encryption standard [NIST 1993] • 56-bit symmetric key, 64-bit plaintext input • How secure is DES? • DES Challenge: 56-bit-key-encrypted phrase (“Strong cryptography makes the world a safer place”) decrypted (brute force) in 4 months. Most recent record – 22 hours. AES: Advanced Encryption Standard • new (Nov. 2001) symmetric-key NIST standard, replacing DES • processes data in 128 bit blocks • brute force decryption (try each key) taking 1 sec on DES, takes 149 trillion years for AES

  25. Public Key Cryptography symmetric key crypto • requires sender, receiver know shared secret key • Q: how to agree on key in first place (particularly if never “met”)? public key cryptography • radically different approach [Diffie-Hellman76, RSA78] • sender, receiver do not share secret key • public encryption key known to all • private decryption key known only to receiver

  26. + K (m) B - + m = K (K (m)) B B Public key cryptography + Bob’s public key K B - Bob’s private key K B encryption algorithm decryption algorithm plaintext message plaintext message, m ciphertext

  27. K (K (m)) = m B B - + 1 2 Public key encryption algorithms Requirements: need K ( ) and K ( ) such that . . + - B B + given public key K , it should be impossible to compute private key K B - B RSA: Rivest, Shamir, Adelson algorithm

  28. + - K K B B RSA: Choosing keys 1. Choose two large prime numbers p, q. (e.g., 1024 bits each) 2. Compute n = pq, z = (p-1)(q-1) 3. Choose e (with e<n) that has no common factors with z. (e, z are “relatively prime”). 4. Choose d such that ed-1 is exactly divisible by z. (in other words: ed mod z = 1 ). 5.Public key is (n,e).Private key is (n,d).

  29. 1. To encrypt bit pattern, m, compute d e c = m mod n m = c mod n e (i.e., remainder when m is divided by n) d e m = (m mod n) mod n RSA: Encryption, decryption 0. Given (n,e) and (n,d) as computed above 2. To decrypt received bit pattern, c, compute d (i.e., remainder when c is divided by n) Magic happens! c Why secure? No quick factorizing algorithm

  30. d e c = m mod n m = c mod n d c RSA example: Bob chooses p=5, q=7. Then n=35, z=24. e=5 (so e, z relatively prime). d=29 (so ed-1 exactly divisible by z. e m m letter encrypt: l 17 1524832 12 c letter decrypt: 17 12 l 481968572106750915091411825223071697

  31. K (K (m)) = m - B B + K (K (m)) - + = B B RSA: another important property use private key first, followed by public key use public key first, followed by private key Result is the same!

  32. Symmetric (DES) vs. Public Key (RSA) • Exponentiation of RSA is expensive ! • AES and DES are much faster • 100 times faster in software • 1,000 to 10,000 times faster in hardware • RSA often used in combination in AES and DES • Pass the session key with RSA

  33. Overview • Course Administrative Trivia • What is Internet security? • Principles of cryptography • Authentication Some slides are in courtesy of J. Kurose and K. Ross

  34. Authentication Goal: Bob wants Alice to “prove” her identity to him Protocol ap1.0:Alice says “I am Alice” “I am Alice” Failure scenario??

  35. Authentication Goal: Bob wants Alice to “prove” her identity to him Protocol ap1.0:Alice says “I am Alice” in a network, Bob can not “see” Alice, so Trudy simply declares herself to be Alice “I am Alice”

  36. Alice’s IP address “I am Alice” Authentication: another try Protocol ap2.0:Alice says “I am Alice” in an IP packet containing her source IP address Failure scenario??

  37. Alice’s IP address “I am Alice” Authentication: another try Protocol ap2.0:Alice says “I am Alice” in an IP packet containing her source IP address Trudy can create a packet “spoofing” Alice’s address

  38. Alice’s password Alice’s IP addr “I’m Alice” Alice’s IP addr OK Authentication: another try Protocol ap3.0:Alice says “I am Alice” and sends her secret password to “prove” it. Failure scenario??

  39. Alice’s password Alice’s IP addr “I’m Alice” Alice’s IP addr OK Authentication: another try Protocol ap3.0:Alice says “I am Alice” and sends her secret password to “prove” it. Alice’s password Alice’s IP addr “I’m Alice” playback attack: Trudy records Alice’s packet and later plays it back to Bob

  40. encrypted password Alice’s IP addr “I’m Alice” Alice’s IP addr OK Authentication: yet another try Protocol ap3.1:Alice says “I am Alice” and sends her encryptedsecret password to “prove” it. Failure scenario??

  41. encrypted password Alice’s IP addr “I’m Alice” Alice’s IP addr OK Authentication: another try Protocol ap3.1:Alice says “I am Alice” and sends her encrypted secret password to “prove” it. encryppted password Alice’s IP addr “I’m Alice” record and playback still works!

  42. K (R) A-B Authentication: yet another try Goal:avoid playback attack Nonce:number (R) used only once –in-a-lifetime ap4.0:to prove Alice “live”, Bob sends Alice nonce, R. Alice must return R, encrypted with shared secret key “I am Alice” R Alice is live, and only Alice knows key to encrypt nonce, so it must be Alice! Failures, drawbacks?

  43. - K (R) A + + K K A A - - + (K (R)) = R K (K (R)) = R A A A Authentication: ap5.0 ap4.0 requires shared symmetric key • can we authenticate using public key techniques? ap5.0: use nonce, public key cryptography “I am Alice” Bob computes R and knows only Alice could have the private key, that encrypted R such that “send me your public key”

More Related