1. 1 Computer Security Instructor: Dr. Bo Sun

2. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security –Basic security concept –Cryptography –Authentication –Standards –Network Security

3. 3 Course Outline Basic Security Concepts: –Confidentiality, integrity, availability –others Cryptography –Secret Key Cryptography: DES, IDEA, AES, etc. –Public Key Cryptography: RSA, Diffi-Hellman, Digital signature, Elliptic Curve, etc. –Modes of Operation: ECB, CBC etc. –Hashes and Message Digests: MD5, SHA-1 etc. Authentication –Basic concepts of Authentication Systems –Password Authentication –Security handshake pitfalls

4. 4 Course Outline cont’d Network and Distributed Systems –Kerberos –Public Key Infrastructure –IPsec –Secure Socket Layer /Transport Layer Security –Email security –Firewall

5. 5 Introduction

6. 6 Security Attacks

7. 7

8. Interruption

9. Interception

10. Modification

11. Fabrication 11

12. 12 Classify Security Attacks as passive attacks – –eavesdropping on, or monitoring of, transmissions to: –obtain message contents, or –monitor traffic flows active attacks – modification of data stream to: –masquerade of one entity as some other: man-in-the-middle –replay previous messages –modify messages in transit –denial of service

13. 13 Information Security Concerns DDoS Worm Attacks (e.g. code red) Exploitation of software bugs (e.g. buffer overflow) Monitoring and capture of network traffic Masquerade of authorized users ……. http://www.cert.org/

14. 14 Contributing Factors Lack of awareness of threats and risks of information systems Wide-open network policies –Many Internet sites allow wide-open Internet access Vast majority of network traffic is unencrypted Lack of security in TCP/IP Complexity of security management and administration Exploitation of software bugs: e.g. Sendmail bugs Cracker skills keep improving

15. 15 Security Objectives Confidentiality (Secrecy): Prevent/Detect/Deter improper disclosure of information Integrity: Prevent/Detect/Deter improper modification of information Availability: Prevent/Detect/Deter improper denial of access to services provided by the system

16. 16 Security Mechanisms Access Control

17. 17 Security Services Confidentiality: protection of any information from being exposed to unintended entities. –Information content –Parties involved –Where they are, how they communicate, how often, etc. Authentication: assurance that an entity of concern or the origin of a communication is authentic - it’s what it claims to be or from Integrity: assurance that the information has not been tampered with

18. 18 Security Services Non-repudiation: offer of evidence that a party is indeed the sender or a receiver of certain information Access control: facilities to determine and enforce who is allowed access to what resources, hosts, software, network connections Security management: facilities for coordinating users’ service requirements and mechanism implementations throughout the enterprise network and across the internet – Trust model – Trust communication protocol – Trust management infrastructure

19. 19 The Internet Application Presentation Session Transport Network Data Link Physical OSI of ISO Transport Internet Data Link Physical Upper Layers Internet Stack

20. 20 Layered Store-and-forward User A User B Application Transport Network Link

21. 21 Virus, Worms, and Trojan Horses Trojan horse: instructions hidden inside an otherwise useful program that do bad things Virus: a set of instructions that, when executed, inserts copies of itself into other programs. Worm: a program that replicates itself by installing copies of itself on other machines across a network. Trapdoor: an undocumented entry point, which can be exploited as a security flaw Zombie: malicious instructions installed on a system that can be remotely triggered to carry out some attack with les traceability because the attack comes from another victim. ….