Presentation is loading. Please wait.

Presentation is loading. Please wait.

6/15/2015 3:39 PM Lecture 6: Identity and Data Mining James Hook (Some material from Bishop, 2004) CS 591: Introduction to Computer Security.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "6/15/2015 3:39 PM Lecture 6: Identity and Data Mining James Hook (Some material from Bishop, 2004) CS 591: Introduction to Computer Security."— Presentation transcript:

1 6/15/2015 3:39 PM Lecture 6: Identity and Data Mining James Hook (Some material from Bishop, 2004) CS 591: Introduction to Computer Security

2 6/15/2015 3:39 PM Sources News stories on Surveillance –NY Times article on NSA spying, Dec 2005, http://www.commondreams.org/headlines05/1216-01.htm http://www.commondreams.org/headlines05/1216-01.htm –USA Today article on NSA phone records, May 2006, http://www.usatoday.com/news/washington/2006-05-10- nsa_x.htm http://www.usatoday.com/news/washington/2006-05-10- nsa_x.htm Readings on Telephone Fraud detection –Gary M. Weiss (2005). Data Mining in Telecommunications. http://storm.cis.fordham.edu/~gweiss/papers/kluwer04- telecom.pdf –Corinna Cortes, Daryl Pregibon and Chris Volinsky, "Communities of Interest'', http://homepage.mac.com/corinnacortes/papers/portugal.ps Bishop Chapter 13 Anderson 17 and 21

3 6/15/2015 3:39 PM Identity Mapping from abstract subjects and objects to real people and things

4 6/15/2015 3:39 PM Principal A principal is a unique entity An identity specifies a principal Authentication binds a principal to a representation of identity internal to a computer system

5 6/15/2015 3:39 PM Uses of Identity Access Control Accountability

6 6/15/2015 3:39 PM Unix Users UNIX uses UID (User identification number) for Access Control UNIX uses Username for Accountability Users provide a username and password to authenticate Password file maps usernames to UIDs Common for one principal to have multiple usernames (and UIDs)

7 6/15/2015 3:39 PM Object identity Object sharing E.g. unix files –file names map to inodes –inodes map to “real” files

8 6/15/2015 3:39 PM Identity in distributed systems jghook@pdx.eduPSU OITwindows boxes across campus hook@cs.pdx.eduPSU CSunix boxes in CS department hook@linux.cecs. pdx.edu PSU MCECS/CATlinux boxes in Engineering hook@beethoven. cs.pdx.edu laptop (owned by PSU) user administered laptop

9 6/15/2015 3:39 PM Traditional solution Within an organization machines trust each other Use a central authentication server This does not scale –You trust too many things

10 6/15/2015 3:39 PM Internet Scale solutions Certificates associate “distinguished names” with principals Certificates can be managed by Certification Authorities (CA) CA has policies: –Authentication policy: Level of authentication to identify principal –Issuance Policy: Principals to whom the CA will issue certificates

11 6/15/2015 3:39 PM Centralized CA CAs can be organized into a hierarchical structure (tree) Root CA: Internet Policy Registration Authority (IPRA) –Root certifies Policy Certifications authorities (PCAs) –PCAs certify individual CAs

12 6/15/2015 3:39 PM UValmont and Certification Hierarchy IPRA PCA-1 UValmont Student CA student PCA-2 UValmont Staff CA staff high assurance PCA low assurance PCA

13 6/15/2015 3:39 PM Policy and Trust In this distributed system policies do not need to be uniform, but they must be public and followed Bishop gives example where a university uses a weaker authentication test for students than staff Certificates issued by university reflect this Clients of certificates can accept or reject based on published policy

14 6/15/2015 3:39 PM Decentralized CA Do you need a root CA? The PGP (“pretty good privacy”) suite of tools uses a decentralized model of certificates –A group of principals can decide to trust each other –Certificates have a chain of signatures that allow the chain of trust to be evaluated and either accepted or rejected

15 6/15/2015 3:39 PM Other forms of Identity Certified identities are a relatively heavyweight mechanism Other notions of identity exploit other artifacts that tend to be unique

16 6/15/2015 3:39 PM Host identity IP address MAC address Hostname Various vulnerabilities to spoofing –Binkley will discuss these issues in more depth

17 6/15/2015 3:39 PM Cookies Cookie: a token that contains information about the state of a transaction on a network –Name, Value –Expires –Domain –Path –Secure (http/https)

18 6/15/2015 3:39 PM Cookies Cookies do not authenticate a principal with authority They do make a good surrogate to recognize –a principal in a session –a principal from a previous session

19 6/15/2015 3:39 PM Mechanisms for anonymity Bishop discusses anonymous remailers Elaborate scenarios using crypto and header stripping to give anonymous email

20 6/15/2015 3:39 PM Example: anon.penet.fi Offered anonymous email service –Sender sends letter to it, naming another destination –Anonymizer strips headers, forwards message Assigns an ID (say, 1234) to sender, records real sender and ID in database Letter delivered as if from anon1234@anon.penet.fi –Recipient replies to that address Anonymizer strips headers, forwards message as indicated by database entry

21 6/15/2015 3:39 PM Problem Anonymizer knows who sender, recipient really are Called pseudo-anonymous remailer or pseudonymous remailer –Keeps mappings of anonymous identities and associated identities If you can get the mappings, you can figure out who sent what

22 6/15/2015 3:39 PM More anon.penet.fi Material claimed to be copyrighted sent through site Finnish court directed owner to reveal mapping so plaintiffs could determine sender Owner appealed, subsequently shut down site

23 6/15/2015 3:39 PM Cypherpunk Remailer Remailer that deletes header of incoming message, forwards body to destination Also called Type I Remailer No record kept of association between sender address, remailer’s user name –Prevents tracing, as happened with anon.penet.fi Usually used in a chain, to obfuscate trail –For privacy, body of message may be enciphered

24 6/15/2015 3:39 PM Cypherpunk Remailer Message Encipher message Add destination header Add header for remailer n … Add header for remailer 2 Hi, Alice, It’s SQUEAMISH OSSIFRIGE Bob send to Alice send to remailer 2 send to remailer 1

25 6/15/2015 3:39 PM Weaknesses Attacker monitoring entire network –Observes in, out flows of remailers –Goal is to associate incoming, outgoing messages If messages are cleartext, trivial –So assume all messages enciphered So use traffic analysis! –Used to determine information based simply on movement of messages (traffic) around the network

26 6/15/2015 3:39 PM Attacks If remailer forwards message before next message arrives, attacker can match them up –Hold messages for some period of time, greater than the message interarrival time –Randomize order of sending messages, waiting until at least n messages are ready to be forwarded Note: attacker can force this by sending n–1 messages into queue

27 6/15/2015 3:39 PM Attacks As messages forwarded, headers stripped so message size decreases –Pad message with garbage at each step, instructing next remailer to discard it Replay message, watch for spikes in outgoing traffic –Remailer can’t forward same message more than once

28 6/15/2015 3:39 PM Mixmaster Remailer Cypherpunk remailer that handles only enciphered mail and pads (or fragments) messages to fixed size before sending them –Also called Type II Remailer –Designed to hinder attacks on Cypherpunk remailers Messages uniquely numbered Fragments reassembled only at last remailer for sending to recipient

29 6/15/2015 3:39 PM Cypherpunk Remailer Message recipent’s address any mail headers to add message padding if needed enciphered with Triple DES key #2 final hop address packet ID: 168 message ID: 7839 Triple DES key: 2 random garbage enciphered with Triple DES key #1 remailer #2 address packet ID: 135 Triple DES key: 1 enciphered with RSA for remailer #2 enciphered with RSA for remailer #1

30 6/15/2015 3:39 PM Anonymity Itself Some purposes for anonymity –Removes personalities from debate –With appropriate choice of pseudonym, shapes course of debate by implication –Prevents retaliation Are these benefits or drawbacks? –Depends on society, and who is involved

31 6/15/2015 3:39 PM Privacy Anonymity protects privacy by obstructing amalgamation of individual records Important, because amalgamation poses 3 risks: –Incorrect conclusions from misinterpreted data –Harm from erroneous information –Not being let alone Also hinders monitoring to deter or prevent crime Conclusion: anonymity can be used for good or ill –Right to remain anonymous entails responsibility to use that right wisely

32 6/15/2015 3:39 PM Phone Systems Phone fraud –Attacks on metering –Attacks on signaling –attacks on switching and configuration –insecure end systems dial-through fraud –feature interaction

33 6/15/2015 3:39 PM Fraud detection problem Subscription fraud –customer opens account with the intention of never paying Superimposition fraud –legitimate account; some legitimate activity –illegitimate activity “superimposed” by a person other than the account holder

34 6/15/2015 3:39 PM Fraud detection as identity Both Subscription fraud and superimposition fraud are asking if we can identify a principal by their behavior (and without their cooperation)

35 6/15/2015 3:39 PM Communities of Interest On the telephone you are who you call Coretes, Pregibon and Volinsky paper –use “top 9 lists” of ingoing and outgoing calls to characterize a user’s Community of Interest (COI) –Define Overlap of two COIs to be a distance measure Overlap is highly effective at identifying fraudsters –“Record Linkage Using COI-based matching” NB: Application not limited to phone networks

36 6/15/2015 3:39 PM Phone Fraud Where does the data come from? Phone switches generate call detail records (Weiss paper) These records can be harvested to yield CPV’s top 9 lists –Hancock is a DSL for writing code to read large volumes of data

37 6/15/2015 3:39 PM Telephone fraud detection Historically, COI-based matching is used to detect a deadbeat customer who has assumed a new network identity Is this a legitimate business use? Is there a potential privacy issue? Discuss potential abuses

38 6/15/2015 3:39 PM Credit Card Fraud detection Credit Card companies have done nearly real- time analysis of card usage Anomalies are flagged; card holder is contacted Customers have come to expect this service –It is considered a protection and an added value Discuss: –Abuse potential –Does government have a role? Why or why not?

39 6/15/2015 3:39 PM NY Times Story Revealed content of international phone calls between “persons of interest” were monitored outside of FISA –What not use FISA? –What if identity is a surrogate, not a name? [Note: I don’t know if the COI papers and the news stories reference in this lecture are related.]

40 6/15/2015 3:39 PM USA Today Story Several telephone companies providing call detail data to NSA “Largest database ever” Asserts no content being monitored Discussion/Conjecture: –What if they are calculating COI? Or COI-like data? –Could this serve as the source of the “surrogate identities” used for non-FISA wiretaps –If it is reasonable for business to use this technology for fraud detection is it reasonable for the government to exploit it as well? –What other personal information could be obtained from this data?

41 6/15/2015 3:39 PM US Constitution Amendment IV The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

42 6/15/2015 3:39 PM Discussion Is a COI a sufficient description to meet the requirement: –particularly describing the place to be searched, and the persons or things to be seized

Download ppt "6/15/2015 3:39 PM Lecture 6: Identity and Data Mining James Hook (Some material from Bishop, 2004) CS 591: Introduction to Computer Security."

Similar presentations

Mobile and Wireless Computing Institute for Computer Science, University of Freiburg Western Australian Interactive Virtual Environments Centre (IVEC)

Mobile and Wireless Computing Institute for Computer Science, University of Freiburg Western Australian Interactive Virtual Environments Centre (IVEC)
Overview Network security involves protecting a host (or a group of hosts) connected to a network Many of the same problems as with stand-alone computer.

Overview Network security involves protecting a host (or a group of hosts) connected to a network Many of the same problems as with stand-alone computer.
Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.

Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.
Modelling and Analysing of Security Protocol: Lecture 10 Anonymity: Systems.

Modelling and Analysing of Security Protocol: Lecture 10 Anonymity: Systems.
CS426Fall 2010/Lecture 81 Computer Security CS 426 Lecture 8 User Authentication.

CS426Fall 2010/Lecture 81 Computer Security CS 426 Lecture 8 User Authentication.
Lecture 5: Email security: PGP Anish Arora CIS694K Introduction to Network Security.

Lecture 5: security: PGP Anish Arora CIS694K Introduction to Network Security.
16.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
CSCI283 Fall 2005 GWU All slides from Bishop’s slide set Public Key Infrastructure (PKI)

CSCI283 Fall 2005 GWU All slides from Bishop’s slide set Public Key Infrastructure (PKI)
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 30 Internet Security.

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 30 Internet Security.
CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.
CMSC 414 Computer (and Network) Security Lecture 15 Jonathan Katz.

CMSC 414 Computer (and Network) Security Lecture 15 Jonathan Katz.
CMSC 414 Computer (and Network) Security Lecture 16 Jonathan Katz.

CMSC 414 Computer (and Network) Security Lecture 16 Jonathan Katz.
بسم الله الرحمن الرحيم NETWORK SECURITY Done By: Saad Al-Shahrani Saeed Al-Smazarkah May 2006.

بسم الله الرحمن الرحيم NETWORK SECURITY Done By: Saad Al-Shahrani Saeed Al-Smazarkah May 2006.
November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #13-1 Chapter 14: Identity What is identity Multiple names for one thing Different.

November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #13-1 Chapter 14: Identity What is identity Multiple names for one thing Different.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.
CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.
6/23/2015 10:43 PM Lecture 13: Evaluation James Hook CS 591: Introduction to Computer Security.

6/23/ :43 PM Lecture 13: Evaluation James Hook CS 591: Introduction to Computer Security.
CMSC 414 Computer and Network Security Lecture 20 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 20 Jonathan Katz.
1 Representing Identity CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute April 19, 2004.

1 Representing Identity CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute April 19, 2004.

Similar presentations

Ads by Google