Download presentation
Presentation is loading. Please wait.
Published byAugustine Richards Modified over 8 years ago
1
Computer & Network Security nittida.n@psu.ac.th
2
Outlines Definition of computer and network security Security Terminology Weaknesses and Vulnerabilities Identification and Authentications Authentication Mechanism Computer System and Network Intrusions Internet Etiquette Security Management
3
Definition of computer and network security Definitions Security Security is about the protection of assets * Protective measures Prevention – Take measures that prevent assets from being damaged Detection – Take measures that be able to detect when an asset has been damaged Reaction – Take measures that be able to recover from a damage * From : Gollmann D., Computer Security, John Wiley &Sons, 1999
4
Definition of computer and network security Information security The tasks of guarding digital information Information : – Typically processed by a computer – Stored on a some devices – Transmitted over a network Ensures that protective measures are properly implemented A protection method
5
Definition of computer and network security Computer security No absolute “secure” system Security mechanisms protect against specific classes of attacks
6
Definition of computer and network security Network security Security of data in transit Over network link Over store-and-forward node Security of data at the end point Files Email Hardcopies
7
Definition of computer and network security Network security differences from computer security : Attacks can come from anywhere, anytime Highly automated (script) Physical security measures are inadequate Wide variety of applications, services, protocols Complexity Different constraints, assumptions, goals No single “authority”/administrators
8
Security Terminology Security attack Security mechanism Security service Risk Risk Analysis Spies Cyberterrorists
9
Security Terminology Security attack Any action that compromises security information Security mechanism A mechanism that designed to detect, prevent, or recover from a security attack Security service A service that enhances the security of data processing systems and information transfers. Makes use of one or more security mechanisms
10
Security Terminology Risk A measure of the cost of a realised vulnerability that incorporates the probability of a successful attack Risk analysis : Provides a quantitative means of determining whether an expenditure on safeguards is warranted
11
Security Terminology Spies A person who Has been hired to break into a computer and steal information Do not randomly search for unsecured computers to attack Cyberterrorists Terrorists that attack the network and computer infrastructure to Deface electronic information (such as web sites) Deny service to legitimate computer users Commit unauthorised intrusions into systems and networks that result in infrastructure outages and corruption of vital data
12
Weaknesses, Vulnerabilities and Threats
13
Weaknesses and Vulnerabilities Vulnerability A weakness in a system allowing an attacker to violate the confidentiality, integrity, availability May result from Software bugs Software of system design flaws
14
Weaknesses and Vulnerabilities Vulnerability Examples of vulnerabilities Buffer overflows Race conditions Unencrypted protocols Bad/insufficient sanity checks Backdoors Unqualified trust Some of these vulnerabilities are described later
15
Threats Threat means A person, thing, event which poses some danger to an asset in terms of that asset’s confidentiality, integrity, availability Accident threats Delibrate threats : Passive and Active Examples of threat Hacker/cracker Script kiddies Spies and Malware Denial-of-service (DoS) attack Zombies Insecure/poorly designed applications
16
Threats Hacker/cracker** Hacker : a person who uses his/her advanced computer skills to attack computers, but not with a malicious intent, hackers use their skills to expose security flaws. Cracker : a person who violates system security with malicious intent. Crackers destroy data, deny legitimate users of services, cause serious problems on computers and networks. ** from : M. Ciampa, Security+guide to network security fundamentals, Thomson course technology, 2005
17
Threats Script kiddies Want to break into computers like crackers, but unskilled users download software from web sites, use to break into computers Spies A person who Has been hired to break into a computer and steal information Do not randomly search for unsecured computers to attack Malware A group of destructive programs such as viruses, worms, Trojan horse, logic bombs, and spyware
18
Threats Virus : a computer program that can copy itself and infect a computer without permission or knowledge of the user spreads from one computer to another when its host (such as an infected file) is taken to that computer viruses always infect or corrupt files on a targeted computer Worm : a computer program that is a self-replicating code Resides in active memory (the program is executed) Propagates itself uses a network to send copies of itself to other node can spread itself to other computers without needing to be transferred as part of an infected file always harm the network
19
Threats Trojan horse : a program that installs malicious software while under the guise of doing something else differs from a virus in that a Trojan horse does not insert its code into other computer files appears harmless until executed Logic Bomb : a program that inactive until it is triggered by a specific event, e.g. a certain date being reached once triggered, the program can perform many malicious activities is difficult to defend against
20
Threats Spyware : a computer program that installed surreptitiously on a personal computer to intercept or take partial control over the user's interaction with the computer, without the user's awareness installing additional software redirecting web browser activity secretly monitors the user's behavior collects various types of personal information,
21
Threats Denial-of-service (DoS) attack : a threat that Prevents legitimate traffic from being able to access the protected resource Common DoS Crashes a targeted service or server Normally done by Exploiting program buffer overflow problem Sending too many packets to a host causing the host to crash
22
Threats Zombies : systems that Have been infected with software (e.g. Trojan or back doors) Under control of attackers Be used to launch an attack against other targets Insecure/poorly designed applications One of the most difficult threats to be detected
23
Identification and Authentications Authentication Basics Passwords Biometrics Multiple methods
24
Authentication Basics Authentication A process of verifying a user’s identity Two reasons for authenticating a user The user identity is a parameter in access control decision (for a system) The user identity is recorded when logging security-relevant events in an audit trail
25
Authentication Basics Authentication Binding of an identity to a principal (subject) An identity must provide information to enable the system to confirm its identity Information (one or more) What the identity knows (such as password or secret information) What the identity has (such as a badge or card) What the identity is (such as fingerprints) Where the identity is (such as in front of a particular terminal)
26
Authentication Basics Authentication process Obtaining information from the identity Analysing the data Determining if it is associated with that identity Thus : authentication process is The process of verifying a claimed identity
27
Authentication Basics Username and Password Very common and simple identities Used to enter into a system Username Announce who a user is This step is called identification Password To prove that the user is who claims to be This step is called authentication
28
Authentication Mechanism Password Password Aging One-Time Password
29
Passwords Based on what people know User supplies password Computer validates it If the password is associate with the user, then the user’s identity is authenticated
30
Passwords Choosing passwords Password guessing attack is very simple and always works !! Because users are not aware of protecting their passwords Password choice is a critical security issue Choose passwords that cannot be easily guessed Password defenses Set a password to every account Change default passwords Password length – A minimum password length should be prescribed
31
Passwords Password defences Password format Mix upper and lower case symbols Include numerical and other non- alphabetical symbols Avoid obvious passwords
32
Passwords How to improve password security? Password checker tool Check passwords against some dictionary of weak password Password generation A utility in some system Producing random password for users Password aging A requirement that password be changed after some period of time Required mechanism – Forcing users to change to a different password – Providing notice of need to change – A user-friendly method to change password
33
Passwords How to improve password security? One-Time Password A password is valid for only one use Limit login attempts A system monitors unsuccessful login attempts – Reacts by locking the user account if logging in process failed Inform user After successful login a system display – The last login time – The number of failed login attempts
34
Attacking a Password System Password guessing Exhaustive search (brute force) Try all possible combination of valid symbols Dictionary attack Random selection of passwords Pronounceable and other computer-generated passwords User selection passwords Passwords based on – Account names – User names – Computer names, etc.
35
Biometrics The automated measurement of biological or behavioral features that identifies a person Method: A set of measurement of a user is taken (recorded) when a user is given an account When a user access the system The biometric authentication mechanism identify the identity
36
Biometrics Fingerprints Voices Eyes Faces Keystrokes Keystroke intervals Keystroke pressure Keystroke duration Combinations
37
Computer System and Network Intrusions
38
Intrusion Profiles Exploiting passwords Exploiting known vulnerabilities Exploiting protocol flaws Examining source files for new security flaws Denial-of-service attacks Abusing anonymous FTP Installing sniffer programs IP source address spoofing
39
Typical Network Intrusions Locate a system to attack New systems Network sweeps Gain entry to a user ’ s account No password or easy-to-guess password Sniffed password Exploiting system configuration weakness or software vulnerability to obtain access to a privileged account
40
Typical Network Intrusion Once inside, and intruder may: Remove traces from auditing records Install back door for future use Install Trojan Horse programs to capture system and account information Jump to other hosts on your network Use your system to launch attacks against other sites Modify, destroy, or inappropriately disclose information
41
Why Should You Care Protect your own operational environment Protect your user ’ s data Provide service to your users
42
What Should You Do? Stay current with security issues
43
Internet Etiquette-1 Do: Understand and respect security policies Take responsible for your own security Respect other Internet neighbours Cooperate to provide security
44
Internet Etiquette-2 Avoid: Unauthorised access to other accounts and systems Cracking password file from other systems Sharing accounts Unauthorised access to unprotected files Reading the e-mail of other users Disrupting service
45
Security Management 45 Understanding Security Writing a security policy Monitoring the network Auditing the network Preparing for an attack Handling an attack Forensics Log analysis Damage control
46
Understanding Security :Security Objectives** Confidentiality Confidentiality is the term used to prevent the disclosure of information to unauthorized individuals or systems. Confidentiality Integrity In information security, integrity means that data cannot be modified undetectably. Availability For any information system to serve its purpose, the information must be available when it is needed. available (CIA) ** http://en.wikipedia.org/wiki/Information_securityhttp://en.wikipedia.org/wiki/Information_security
47
Understanding Security What are we protecting Asses value Protecting cost Thinking like a defender List of problems might happen in various situations The organisation we are protecting Business types different levels of security
48
Understanding Security The process of security 1 Expands on this endless loop Endless loop of Security Learn everything about the threats The Internet is full of information How to protect a system How to break in to a system System vulnerabilities, etc. Well design every thing before implement !! Analysis must come before synthesis !!
49
Understanding Security The process of security 2 Endless loop of Security Think “pathologically” about the design (or “think evil thought”) Implement it the way it is designed Never let any components be altered from the design Continuously recheck it to make sure that it has not changed, such as Configuration change in routers/computers Practice running it to make sure that you understand it and can operate it correctly
50
Understanding Security The process of security 3 Endless loop of Security Make it simple for others to do when you want them to do Make it hard for people to do when you do not want them to do Make it easy for you to detect problems Make it difficult to hide what you do not want to be hidden Test everything you can test Practice everything you can practice Improve anything you can improve Repeat this process endlessly, at all levels of detail
51
Security Management 51 Understanding Security Writing a security policy Monitoring the network Auditing the network Preparing for an attack Handling an attack Forensics Log analysis Damage control
52
Writing a Security Policy Security Policy : Definitions : (1) Information security policy ** Objective : To provide management direction and support for information security in accordance with Business requirements, Relevant laws and regulations ** ISO/IEC 17799:2005(E)
53
Writing a Security Policy Security Policy : Definition (2) [Ciampa] : “The backbone of any infrastructureis its security policy. Without a policy that clearly outlines what needs to be protected, how it should be protected, and what users can – and cannot – do in support of the policy, there is no effective security.”
54
Writing a Security Policy Security Policy A document or sets of documents that Clearly defines the defense mechanisms an organisatoin will employ to keep information secure Outlines how the organisation will respond to attacks Outlines the duties and responsibilities of its employee for information security
55
Writing a Security Policy Security Policy : Definition: (3) [Northcutt] : A security policy establishes what you must do to protect information stored on computers A well-written policy contains sufficient definition of “what” to do so you can identify and measure, or evaluate “how”
56
Writing a Security Policy Purpose of Security Policy Describes of what being protected and why Sets priorities about what must be protected first and at what cost Allows an explicit agreement to be made with various parts of the organisation regarding the value of security Provides the security department with a valid reasons to say “no” when that is needed Provides the security department to back up the “no” Prevents the security department from acting illegally
57
Writing a Security Policy Security Policy Trade of suggested by Wadlow A good policy today is better that a great policy next year A weak-policy that is well distributed is better than a strong policy no one has read A simple policy that is easily understood is better than a complicated and confusing policy that no one ever bother to read A policy whose details are slightly wrong is better than a policy with no details at all A living-policy that is constantly updated is better than one that grow obsolete over time
58
Writing a Security Policy An amateur (simple) policy State a coup A formal policy Follow some guidelines/standards
59
59 Suggestion A suggestion to get a decent policy for an organisation (which currently no security policy) 1. Write a security policy for your organisation Say nothing specific State generalities Should cover no more than 5 pages Should not take more than 2 days to write Don’t ask for help, do it yourself Don’t try to make it perfect, just try to get some key issues written down It doesn’t have to be complete It doesn’t have to be crystal clear (From : T. A. Wadlow, The process of network security) Writing a Security Policy
60
60 Suggestion (cont.) 1.find 3 people who are willing to become “security committee” : their job is To make ruling and amendment to the policy To be judges, not enforcers 2.create an internal web site with policy page Committee contact information Amendments Approved and added to the web site as quick as possible Writing a Security Policy
61
61 Suggestion (cont.) 3. treat the policy as if it were absolute rule of the law Do not violate the policy Allow no violation to occur 4. if someone has a problem with the policy Have the person propose an amendment The policy committee members need to agree Make an amendment Writing a Security Policy
62
62 Suggestion (cont.) 5. schedule a regula meeting to consolidate policy and amendments Once a year, for example Involve You and the security committee Current security policy and the amendments Make a new policy statements 6. repeat the processes 3-6 Writing a Security Policy
63
63 Contents What are we protecting? Describe in detail The types of security levels expected to have in an organisation Characterise the machines on the network (for example) Writing a Security Policy
64
64 Contents (cont.) Red : contains extremely confidential information or provide mission- critical service Yellow : contains sensitive information or provides important service Green : able to access red or yellow machines but does not directly store sensitive information or perform crucial function White : unable to access red, yellow, or green systems but not externally accessible. No sensitive information or function Black : externally accessible. Unable to access red, yellow, green or white systems
65
Writing a Security Policy 65 Contents (cont.) Methods of protection Describe Levels for protection Priorities for protection For example
66
Writing a Security Policy 66 Contents (cont.) Organisation priorities : 1. health and human safety 2. compliant with applicable local, state, and federal laws 3. Preservation of the interests of the organisation 4. Preservation of the interests of partners of the organisation 5. Free and open dissemination of nonsensitive information Height Priority Low Priority
67
67 Describe general policies for access to each category of system Redred networks onlyRed-cleared employees only Monthly CategoryNetworkAccessQualification Cycle * YellowYellow and red networkEmployees onlyQuarterly GreenYellow, red, and green network Employees and cleared contractors Yearly WhiteWhite networks onlyEmployees and contractors Yearly BlackBlack networks onlyEmployees, contractors, and public (through cleared access means) monthly
68
Writing a Security Policy 68 Contents (cont.) Responsibility Describes the responsibilities, privileges that are accorded each class of system user : e.g. General Knowledge of this policy All actions in accordance with this policy Report any known violations of this policy to security Report any suspected problems with this policy to security Sysadmin/operations All user information to be treated as confidential No authorised access to confidential information Indemnified for any action consistent with systems administrator code of conduct
69
Writing a Security Policy 69 Contents (cont.) Security Administrator Highest level of ethical conduct Indemnified for any action consistent with security officer code of conduct Contractor Access to specifically authorised machine in specifically authorised fashion Request advance authorisation in writing for any actions which might be interpreted as security issue Guest No access to any computing facilities except with written advance notice to security
70
Writing a Security Policy 70 Contents (cont.) Appropriate Use Describe the ways in which employees should not use the network General Minimal personal use during normal business hours No use of network for outside business activity Access to Internet resource consistent with HR policies Sysadmin Responsible access to sensitive or personal information on the network All special access justifiable for business operations
71
Writing a Security Policy 71 Contents (cont.) Security Personal Responsible access to sensitive information on the network All special access justifiable for business operations Use of security tools for legitimate business purpose only Contractor No personal access any time Minimal use of the network and only for specific reasons relating to specific contracts Guest No use of the network at any time
72
Writing a Security Policy 72 Contents (cont.) Consequence Describe the way in which the magnitude of a policy violation is determined and the categories of consequences. Examples: Security review board Penalties Critical Serious limited
73
73 Writing a Formal policy Known as “risk-based security management”. Risk Combination of the probability of an event and its consequence Risk analysis Systematic use of information to identify sources and to estimate the risk Risk evaluation Process of comparing the estimated risk against given risk criteria to determine the significance of the risk
74
74 Writing a Formal Policy Risk (Cont.) Risk assessment Overall process of risk analysis and risk evaluation Risk management Coordinated activities to direct and control an organization with regard to risk
75
75 Writing a Formal Policy Some guidelines ISO/IEC 17799:2005(E) SANS guidelines www.sans.org/security-resources/policies NIST guidelines http://csrc.nist.gov/index.html etc.
76
76 ISO/IEC 17799:2005(E) Security Policy Should contain Definitions of information security Overall objectives and scope Importance of security A statement of management intent A framework for setting control objectives and controls Including the structure of risk assessment and risk management
77
77 ISO/IEC 17799:2005(E) Security Policy A brief explanation of the security policies, principles, standards, and compliance requirements of particular importance to the organization, including Compliance with legislative, regulatory, and contractual requirements; Security education, training, and awareness requirements; Business continuity management; Consequence of information security policy violations;
78
78 ISO/IEC 17799:2005(E) Security Policy A definition of general and specific responsibilities for information security management, including Reporting information security incidents; References to documentation which may support the policy, e.g. More detailed security policies and procedures for specific systems or security rules should comply with.
79
79 ISO/IEC 17799:2005(E) Security Policy Review of the information security policy The information security policy should be reviewed At a planned intervals, or If significant changes occur To ensure its continuing suitability, adequacy, and effectiveness
80
80 Example of Security Policy Format 1. Purpose/Overview 2. Scope 3. Policy 4. Enforcement 5. Revision history
81
81 Example of Policies (suggested by SANS*) Organization Policy Audit policy Computer security policy Desktop security policy Email security policy Internet security policy Mobile security policy Network security policy Physical security policy Server security policy Wireless security policy * www.sans.org/security-resources/policies
82
Monitoring Your Network 82 The Shape of Logging System What to Log Logging Mechanisms Time Sensor Log Management
83
Monitoring Your Network 83 Goals of a monitoring system Reduce the likelihood of an attack going unlogged Increase the likelihood that the events logged for an attack will be recognized as an attack
84
The Shape of Logging System 84 Problem of logging system What events to be logged? if every event is logged the log file will be very large if only selected events are logged some crucial events might not be logged !! Log file can be tampered by attackers To delete attack traces Attackers can tamper the log file If the logs are accessible to them
85
The Shape of Logging System 85 Log should not be accessible to an attacker Mechanisms can deny access to logs The logs are kept on a separate machine The logs are encrypted The logs are stored in a write-only media The logs are stored in multiple places
86
The Shape of Logging System 86 Log should not be tampered with Tampering efforts should be easily detected Achieved by Cryptographically signing each log entry to detect invalid entries Monitoring the log entries to look for a sudden decrease in log size Indicates that the log entries have been deleted Assigning a sequence number to each log entry and verifying that the sequence is unbroken
87
What to Log 87 The network should log any events necessary to detect known attack patterns The network should log any events necessary to detect unusual patterns of access
88
Logging Mechanisms 88 Syslog The most common network logging mechanism Runs on Unix systems Components Syslog daemon Syslog ruleset Syslog-enabled programs
89
Syslog 89 Syslog daemon A program that runs in a background on all machines using syslog Serves several purposes Collects messages from syslog-enabled programs on the machine hosting it Collects certain messages from the system that are not syslog enabled (such as kernel messages regarding starting- up and some device problems) Listens on the syslog port (port 514/UDP) for messages Save all of the above messages in a file
90
Syslog Ruleset 90 Usually in /etc/syslog.conf Contains directives to the syslog daemon Determine where various types of messages should be logged Choices of logging Put a message into a file Log a message to another machine via UDP Write a message to the system console Write a message to all log-in users
91
Syslog-enabled Program 91 Syslog is a standard facility in Unix many Unix programs have calls to syslog built into them Enable these programs to log various events To the local syslog daemon
92
Pro (of syslog) 92 Universally available Standard implementation Available from nonprogrammable devices A read-only logging mechanism
93
Con (syslog) 93 Unauthenticated protocol Can be spoofed Unencrypted transmission Can be eavesdropped by attackers Unreliable UDP transmission Not all syslog messages reach their intended destination
94
Time 94 An important issue in log gathering and analysis Jun 4 22:33:21 machine1.ycom.com login: user smt login ok Jun 4 22:34:29 machine3.ycom.com login: user smt login ok Time is used in analysis process It should be accurate and synchronised with other systems A logging system should synchronise its time with a time server machine (NTP server)
95
Sensors 95 A mechanism that can be used to aid device-based logging Provides a means for gathering information and integrating it into the logging system
96
Sensors 96 Examples Some sensors can detect several variations on attacks Some sensors can detect problems with the network being monitored
97
Sensors 97 Some sensors are built to detect conditions on the logging system Are the logs increasing monotonically? If not a log file might be tampered Is the logging system receiving all the logs that are being sent? Some devices transmit a sequence number with each log entry if a particular number is missing something goes wrong
98
Sensors 98 Has any machine stopped logging? A machine that has stopped logging Might indicate a network problem OR an attack
99
Log Management 99 A process of making sure that logging system Stable Useful
100
References 1. Wadlow T. A., The process of network security: Designing and managing a safe network, Addison- Wesley, 2000 2. Ciampa M., Security + guide to network security fundamentals, Thomson course technology, 2005 3. Northcutt S., et.al., Inside network perimeter security, Sam publishing, 2005 4. ISO/IEC 27001:2005(E) 5. ISO/IEC 17799
101
Security Contest Topics Network Security Concept Network Security Architecture Network Security Assessment & Penetration Test Method Network Security Monitoring ISO27001 and series Computer Laws
102
ประกาศเลื่อนการสมัครและสอบ security contest วันที่ปิดรับสมัคร จากวันที่ 14 ตุลาคม เลื่อนเป็นวันที่ 31 ตุลาคม วันที่สอบคัดเลือกรอบแรก จากวันที่ 28 ตุลาคม เลื่อนเป็นวันที่ 18 พฤศจิกายน วันที่รอบชิงชนะเลิศพร้อมประกาศรางวัล จากวันที่ 25 พฤศจิกายน เลื่อนเป็นวันที่ 19 ธันวาคม
103
CS subject 344-422 344-422 Computer and Network Security วิชาเลือก ประจำภาคการศึกษา 1 ของทุกปี
Similar presentations
© 2024 SlidePlayer.com Inc.
All rights reserved.