1 / 209

Slide #1- 1

JerseySTEM Mini-course in Cyber-Security Course designed by Prof. Vinod Ganapathy, Rutgers University. Slide #1- 1. About this course: Audience. Intended audience: Late-stage middle-school and early-stage high-school students (7 th -10 th graders) Pre-requisites:

yunt
Download Presentation

Slide #1- 1

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. JerseySTEM Mini-course in Cyber-SecurityCourse designed by Prof. Vinod Ganapathy, Rutgers University Slide #1-1

  2. About this course: Audience Intended audience: • Late-stage middle-school and early-stage high-school students (7th-10th graders) • Pre-requisites: • Some programming experience, in any language of your choice. • Rudimentary knowledge should suffice, but you should be willing to learn. • Some exposure to the UNIX shell. • Willingness to learn new languages and concepts! Slide #1-2

  3. About this course: Contents What you will learn: • Basic cyber-security concepts. • Some black-hat hacking skills (how to attack). • Some white-hat hacking skills (how to defend). • The course will be a mix of theory and hands-on practice. The theory will teach you the concepts and the hands-on exercises will reinforce the theoretical concepts. Slide #1-3

  4. About this course: A warning Why teach both black-hat and white-hat skills? • Because you’ve to “know thy enemy” • To effectively defend, you have to know how attackers think • This does not give you the license to show off your black-hat hacking skills. • You can get into deep trouble with law-enforcement if you do so. Consider yourself warned! Slide #1-4

  5. Computer security is the study of … • Weaknesses in systems and attacks against them. • Defending against such attacks • Pro-actively protecting data against various attacker models Slide #1-5

  6. Goals of computer security • Think of what you would want from your “ideal” anti-virus: • Prevent your files from getting corrupted. • Prevent your identity/credit-card number from being stolen • Avoid giving your password to phishing websites • … (many more examples) Slide #1-6

  7. Goals of computer security • We can abstract the goals into a convenient acronym: C.I.A. • Confidentiality • Keeping data and resources hidden from attacker • Integrity • Protecting data from unauthorized modification by attackers • Availability • Enabling legitimate access to data and resources

  8. A “secure system” • Is a computer that is connected to the Internet an example of a secure machine? • Can you protect Confidentiality, Integrity and Availability of data on such a machine? • Let’s look at these in turn. Slide #1-8

  9. A “secure system” • Is a computer that is connected to the Internet an example of a secure machine? • Protecting Confidentiality: • We routinely read of malicious software and attacks that steal credit card numbers, steal identity, steal passwords, etc. • These attacks violate data confidentiality. Slide #1-9

  10. A “secure system” • Is a computer that is connected to the Internet an example of a secure machine? • Protecting Integrity: • Think of ransomware: What does it do? It encrypts your files and prevents you from accessing the data in the files. • These attacks violate data integrity. Slide #1-10

  11. A “secure system” • Is a computer that is connected to the Internet an example of a secure machine? • Protecting Availability: • Denial of service (DOS) attacks routinely prevent you from accessing websites. • Recent example: Mirai botnet DOSed Dyn (October 2016) • Violated data availability. Slide #1-11

  12. A “secure system” • Let us disconnect the computer from the Internet. Sacrifices some data availability but maybe we’re willing to live with that. • Does it protect data confidentiality? • No! You can still exfiltrate data out of the machine (think USB sticks!) • Does it protect data integrity? • No! You can still infect the machine with malicious software (again, think USB sticks). .

  13. A “secure system” • Now, let us disconnect the computer from the Internet, and switch it off! Is it “secure”? • No! Data that is stored on hard disks can still be recovered by bad guys using forensic tools. • There are other kinds of sophisticated attacks too: • Exercise: Google “Cold Boot Attack” and read the associated Wikipedia article

  14. So, what is a “secure system”? • The answer to that question is “it depends.” • If you assume a very powerful adversary, you will need very powerful defences to achieve even basic confidentiality and integrity. • What you assume about the adversary (i.e., attacker) is called the threat model .

  15. Threat Models in practice • Network-based (or remote) attacker: • Is located remotely, and connected to the victim’s machine via a network link. • Can send and receive packets to the victim’s machine. • This is the threat model that is most used in practice. • For most of this course, we will work with this threat model. Slide #1-15

  16. Threat Models in practice • Local attacker: • Has an account to log into the victim’s machine. • Perhaps even has physical access to the machine itself. • Example: Snowden attacks? Other insider attacks. • Makes several restricting assumptions about the adversary, so we won’t use it in the course. Slide #1-16

  17. Course plan • We will start with an overview of the working environment: • Basics of UNIX shell, compiling programs, and command-line tools. • Simple C programs and their assembly-language programs. • Learning to read assembly code. • Learning to execute and inspect code within a debugger (gdb) Slide #1-17

  18. Course plan • Next up will be on buffer overflows, a major cybersecurity threat: • You will learn the low-level details of how this threat works. • You will be designing exploits and work through an “obstacle course” [Each exploit harder than the previous one!] Slide #1-18

  19. Course plan • If you learn how to attack, you should also learn how to defend! • We will study various popular deployed buffer overflow defences and learn how you can apply them. • Often tested in competitions like Cyber Patriot! Slide #1-19

  20. Introduction to the UNIX shell and command line, compilers and debuggers

  21. Using the UNIX shell • This will be an interactive introduction to using the UNIX shell. • You have each been given a virtual machine with the Ubuntu Linux distribution installed • Click on the Ubuntu VM to launch it. After booting up, it will show a login screen. Type the login name root and use the password root.

  22. Using the UNIX shell • Congratulations! You are on the UNIX shell. • You can now try each one of these commands in the virtual machine as you learn about them on the slides. • This virtual machine will be the environment you use for the rest of the course.

  23. Contents • Shell Intro • Command Format • Shell I/O • Command I/O • Command Overview • Some content on UNIX shell commands borrowed from material originally created by S. Mokhov, Concordia Univ

  24. Shell Intro • A system program that allows a user to execute: • shell functions (internal commands) • other programs (external commands) • shell scripts • Linux/UNIX has a bunch of them, the most common are • tcsh, an expanded version of csh (Bill Joy, Berkley, Sun) • bash, one of the most popular and rich in functionality shells, an expansion of sh (AT&T Bell Labs). Your VM uses the bash shell • ksh, Korn Shell • ...

  25. Command Format • Format: command name and 0 or more arguments:% commandname [arg1] ... [argN] • By % sign I mean prompt here and hereafter. • Arguments can be • options (switches to the command to indicate a mode of operation) ; usually prefixed with a hyphen (-) or two (--) in GNU style • non-options, or operands, basically the data to work with (actual data, or a file name)

  26. Shell I/O • Shell is a “power-user” interface, so the user interacts with the shell by typing in the commands. • The shell interprets the commands, that may produce some results, they go back to the user and the control is given back to the user when a command completes (in general). • In the case of external commands, shell executes actual programs that may call functions of the OS kernel. • These system commands are often wrapped around a so-called system calls, to ask the kernel to perform an operation (usually privileged) on your behalf.

  27. Command I/O • Input to shell: • Command name and arguments typed by the user • Input to a command: • Keyboard, file, or other commands • Standard input: keyboard. • Standard output: screen. • These STDIN and STDOUT are often together referred to as a terminal. • Both standard input and standard output can be redirected from/to a file or other command. • File redirection: • < input • > output • >> output append

  28. Commands As you see each command, try it out on the virtual machine.

  29. man • Manual Pages • The first command to remember • Contains info about almost everything :-) • other commands • system calls • c/library functions • other utils, applications, configuration files • To read about man itself type:% man man • NOTE: unfortunately there’s no% man woman ...

  30. which • Displays a path name of a command. • Searches a path environmental variable for the command and displays the absolute path. • To find which tcsh and bash are actually in use, type:% which tcsh% which bash • % man which for more details

  31. chsh • Change Login Shell • Login shell is the shell that interprets commands after you logged in by default. • You can change it with chsh (provided that your system admin allowed you to do so). • To list all possible shells, depending on implementation:% chsh -l% cat /etc/shells • % chsh with no arguments will prompt you for the shell.

  32. whereis • Display all locations of a command (or some other binary, man page, or a source file). • Searchers all directories to find commands that match whereis’ argument • % whereis tcsh

  33. passwd • Change your login password. • A very good idea after you got a new one. • It’s usually a paranoid program asking your password to have at least 6 chars in the password, at least two alphabetical and one numerical characters. Some other restrictions (e.g. dictionary words or previous password similarity) may apply. • Depending on a privilege, one can change user’s and group passwords as well as real name, login shell, etc. • % man passwd

  34. date • Guess what :-) • Displays dates in various formats • % date • % date -u • in GMT • % man date

  35. Calendar for month entire year Years range: 1 - 9999 No year 0 Calendar was corrected in 1752 - removed 11 days % cal current month % cal 2 2000 Feb 2000, leap year % cal 2 2100 not a leap year % cal 2 2400 leap year % cal 9 1752 11 days skipped % cal 0 error % cal 2002 whole year cal

  36. clear • Clears the screen • There’s an alias for it: Ctrl+L • Example sequence: • % cal • % clear • % cal • Ctrl+L

  37. sleep • “Sleeping” is doing nothing for some time. • Usually used for delays in shell scripts. • % sleep 2 2 seconds pause

  38. Command Grouping • Semicolon: “;” • Often grouping acts as if it were a single command, so an output of different commands can be redirected to a file: • % (date; cal; date) > out.txt

  39. alias • Defined a new name for a command • % alias • with no arguments lists currently active aliases • % alias newcommand oldcommand • defines a newcommand • % alias cl cal 2003 • % cl

  40. unalias • Removes alias • Requires an argument. • % unalias cl

  41. Display a history of recently used commands % history all commands in the history % history 10 last 10 % history -r 10 reverse order % !! repeat last command % !n repeat command n in the history % !-1 repeat last command = !! % !-2 repeat second last command % !ca repeat last command that begins with ‘ca’ history

  42. exit / logout • Exit from your login session. • % exit • % logout

  43. shutdown • Causes system to shutdown or reboot cleanly. • May require superuser privileges • % shutdown -h now - stop • % shutdown -r now - reboot

  44. List directory contents Has whole bunch of options, see man ls for details. % ls all files except those starting with a “.” % ls -a all % ls -A all without “.” and “..” % ls -F append “/” to dirs and “*” to executables % ls -l long format % ls -al % ls -lt sort by modification time (latest - earliest) % ls -ltr reverse ls

  45. cat • Display and concatenate files. • % cat • Will read from STDIN and print to STDOT every line you enter. • % cat file1 [file2] ... • Will concatenate all files in one and print them to STDOUT • % cat > filename • Will take whatever you type from STDIN and will put it into the file filename • To exit cat or cat > filename type Ctrl+D to indicate EOF (End of File).

  46. more / less • Pagers to display contents of large files page by page or scroll line by line up and down. • Have a lot of viewing options and search capability. • Interactive. To exit: ‘q’

  47. less • less ("less is more") a bit more smart than the more command • to display contents of a file: • % less filename • To display line numbers: • % less -N filename • To display a prompt: • % less -P"Press 'q' to quit" filename • Combine the two: • % less -NP"Blah-blah-blah" filename • For more information: • % man less

  48. touch • By touching a file you either create it if it did not exists (with 0 length). • Or you update it’s last modification and access times. • There are options to override the default behavior. • % touch file • % man touch

  49. cp • Copies files / directories. • % cp [options] <source> <destination> • % cp file1 file2 • % cp file1 [file2] … /directory • Useful option: -i to prevent overwriting existing files and prompt the user to confirm.

  50. mv • Moves or renames files/directories. • % mv <source> <destination> • The <source> gets removed • % mv file1 dir/ • % mv file1 file2 • rename • % mv file1 file2 dir/ • % mv dir1 dir2

More Related