1 / 21

Introduction to Security

Introduction to Security. Overview of Computer Security. Why is security important?. Computers and networks are the nerves of the basic services and critical infrastructures in our society Financial services and commerce Transportation Power grids Etc.

ginette
Download Presentation

Introduction to Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Introduction to Security Overview of Computer Security

  2. Why is security important? • Computers and networks are the nerves of the basic services and critical infrastructures in our society • Financial services and commerce • Transportation • Power grids • Etc. • Computers and networks are targets of attacks by our adversaries K. Salah

  3. Why is security so hard? • The complexity of computers and networks • Increases Internet usage • User expectation • Lack of awareness of threats and risks • Software by peopleware • Social engineering • Defense is inherently more expensive • Offense only needs the weakest link • Ample cracking tools K. Salah

  4. K. Salah

  5. Tempset Attack • Tempest • is an acronym for Transient ElectroMagnetic Pulse Emanation Surveillance. • This is the science of monitoring at a distance electronic signals carried on wires or displayed on a monitor. • It is of enormous importance to serious cryptography snoopers. • To minimize a tempest attack you should screen all the cables between your computer and your accessories, particularly your monitor. • A non CRT monitor screen such as those used by laptops (or plasma TV) offers a considerable reduction in radiated emissions and is recommended. K. Salah

  6. Type of Attackers • Amateurs: regular users, who exploit the vulnerabilities of the computer system • aka “Smart kiddies” • Less experienced • Motivation: easy access to vulnerable resources • Hackers/Crackers: attempt to access computing facilities for which they do not have the authorization • Experts • Motivation: enjoy challenge, curiosity • Career criminals: professionals who understand the computer system and its vulnerabilities • Motivation: personal gain (e.g., financial) • Intruders are all of the above K. Salah

  7. Methods of Defense • Prevent: block attack • Deter: make the attack harder • Deflect: make other targets more attractive • E.g. is honeypots • Detect: identify misuse • Tolerate: function under attack • Recover: restore to correct state K. Salah

  8. Computer Security Domains • Physical security -- Controlling the comings and goings of people and materials; protection against the elements and natural disasters • Operational/procedural security -- Covering everything from managerial policy decisions to reporting hierarchies • Personnel security -- Hiring employees, background screening, training, security briefings, monitoring, and handling departures • System security -- User access and authentication controls, assignment of privilege, maintaining file and filesystem integrity, backups, monitoring processes, log-keeping, and auditing. OS and database systems. • Network security -- Protecting network and telecommunications equipment, protecting network servers and transmissions, combating eavesdropping, controlling access from untrusted networks, firewalls, and detecting intrusions • Information Security – Hiding of information (cryptography) and also security of information in transit over a network. Examples: e-commerce transactions, online banking, confidential e-mails, file transfers, record transfers, authorization messages, etc. K. Salah

  9. What is Security? • Keeping something (information in our case) secure against • Someone stealing it • Someone destroying it • Someone changing it • Someone preventing me from using it • More Specifically • Confidentiality: nobody else can see it • Integrity: nobody else can change it • Availability: I can get at it whenever I want K. Salah

  10. Basic Components of Security • Confidentiality • Keeping data and resources secret or hidden • Integrity • Ensuring authorized modifications; • Includes correctness and trustworthiness • Availability • Ensuring authorized access to data and resources when desired • Accountability • Ensuring that an entity’s action is traceable uniquely to that entity • Security assurance • Assurance that all four objectives are met K. Salah

  11. What “secure” means Secure Confidentiality Availability Integrity K. Salah

  12. Information security today • Emergence of the Internet and distributed systems • Increasing system complexity • Digital information needs to be kept secure • Competitive advantage • Protection of assets • Liability and responsibility • Financial losses • There are reports that the annual financial loss due to information security breaches is between 5 and 45 billion dollars • National defense • Protection of critical infrastructures: • Power Grid; • Air transportation • Interlinked government agencies • Severe concerns regarding security management and access control measures K. Salah

  13. Information Requirements & Policies Terminology Security Architecture Security Features or Services Attackers/Intruders/ Malfeasors Security Mechanisms K. Salah

  14. Attack Vs Threat • A threat is a “potential” violation of security • The violation does not need actually occur • The fact that the violation might occur makes it a threat • It is important to guard against threats and be prepared for the actual violation • “being paranoid” • The actual violation of security is called an attack K. Salah

  15. Common security attacks • Interruption, delay, denial of receipt or denial of service • System assets or information become unavailable or are rendered unavailable • Interception or snooping • Unauthorized party gains access to information by browsing through files or reading communications • Modification or alteration • Unauthorized party changes information in transit or information stored for subsequent access • Fabrication, masquerade, or spoofing • Spurious information is inserted into the system or network by making it appear as if it is from a legitimate entity K. Salah

  16. Malicious Code or malware X Files Trojan Horses Bacterium Trapdoors Logic Bombs Worms Virus K. Salah

  17. DOS and DDOS K. Salah

  18. Trojan/Backdoor Program • Trojan part: masquerades itself as a nice program • WildAnimals.scr (Any executable can be saved as .scr) • YourDocumnet.doc … .exe • 100 spaces followed by .exe • Backdoor • Once launced, it opens a communication channel (IRC, FTP, telnet, etc) with a certain machine • Can be used to hijack a machine if running proxy communication protocols (ssh or socks4) and bypassing firewalls • Internet traffic would seem to be coming/outgoing from infected system and routed to attacker machine K. Salah

  19. Goals of Security • Prevention • To prevent someone from violating a security policy • Detection • To detect activities in violation of a security policy • Verify the efficacy of the prevention mechanism • Recovery • Stop policy violations (attacks) • Assess and repair damage • Ensure availability in presence of an ongoing attack • Fix vulnerabilities for preventing future attack • Retaliation against the attacker K. Salah

  20. Operational Issues • Cost-Benefit Analysis • Benefits vs. total cost • Is it cheaper to prevent or recover? • Risk Analysis • Should we protect something? • How much should we protect this thing? • Risk depends on environment and change with time • Laws and Customs • Are desired security measures illegal? • Will people do them? • Affects availability and use of technology K. Salah

  21. Human Issues • Organizational Problems • Power and responsibility • Financial benefits • People problems • Outsiders and insiders • Which do you think is the real threat? • Social engineering K. Salah

More Related