* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download chap1-slide - GEOCITIES.ws
Survey
Document related concepts
Information security wikipedia , lookup
Wireless security wikipedia , lookup
Cyberwarfare wikipedia , lookup
Cyber-security regulation wikipedia , lookup
Trusted Computing wikipedia , lookup
Cracking of wireless networks wikipedia , lookup
Unix security wikipedia , lookup
Denial-of-service attack wikipedia , lookup
Mobile security wikipedia , lookup
Social engineering (security) wikipedia , lookup
Computer security wikipedia , lookup
Computer and network surveillance wikipedia , lookup
Transcript
ADCS Chapter 1 An Introduction To Computer Security Some men see things as they are and ask why. Others dream things that never were and ask why not. ~ George Bernard Shaw Irish Playwright and Critic Prepared by: SITI ZAINAH ADNAN If you do have any feedback or comment, please feel free to email me at [email protected] Your cooperation is very much appreciated ! CS262/0602/V2 Chapter 1 - 1 ADCS References • Book (available at the Informatics library) – CHAPTER 1: Security In Computing, Charles P.Pfleeger, Prentice Hall International • Notes (available at IVC) – ComputerSecurityIntro – SecurityTaxonomy CS262/0602/V2 Chapter 1 - 2 ADCS An Introduction To Computer Security TOPICS • Introduction • Threats to Computer Systems – Threats, Vulnerabilities and Attacks – Type of Threats – Points of Security Vulnerabilities – Methods of Defense • Categories of Computer Attacks – Using an Attack Taxonomy – Consideration in Selecting an Attack Taxonomy – Simple Attack Taxonomy – Risk Based Attack Taxonomy • Examples of Common Attack Methods • Attack Prevention Methods CS262/0602/V2 Chapter 1 - 3 ADCS Introduction • Why computer security becomes more important? • What is computer security? • How to define computer security? • Who are the attackers? • What are their objectives? • What are natural disasters? • Kinds of security breaches computer security concepts • What are the objectives (goals) of computer security - information quality? • What are the weakness points (vulnerabilities) in computer system? • What are types of treats (possible danger that might occur)? • How to control (methods of defence) treats that might lead to computer attacks? CS262/0602/V2 Chapter 1 - 4 ADCS Introduction • Computer security was not an issue at the beginning • But with the set off the “information age”, organisation dependent on computers for their functioning • Information became a strategic asset, therefore should be properly protected • Networking as well was booming which result in central mainframe being replaced with LAN of PCs connected to public network • So as the users varies from the expertise to the novice • As a results, computer system becomes more vulnerable CS262/0602/V2 Chapter 1 - 5 ADCS Introduction • Computer security -ways and means taken to protects computer and everything associated with it: – Hardware – Software – Storage media – Data – Persons (authorised users) – Information (Information Security) • Secure computing resources against unauthorized users (attackers, outsider) as well as from natural disasters CS262/0602/V2 Chapter 1 - 6 ADCS Introduction • Computer security: – Preventing attackers from achieving objectives through unauthorised access or unauthorised use of computers and networks – Keeping anyone from doing things you do not want them to do, with, on, or from your computers or any peripheral devices – It is a mean to achieve the goal information security – A computer is secure if you can depend on it and its software to behave as you expected – Trusted system - the system that able to preserve and protect your data CS262/0602/V2 Chapter 1 - 7 ADCS Introduction • Attackers: – Hackers - break into computers for challenge and status – Spies - break into computers for information to be used for political gain – Terrorists - break into computers to cause fear for political gain – Corporate raiders - employees break into computers of competitors for financial gain – Professional criminal - break into computers for personal financial gain – Vandals - break into computers to cause damage CS262/0602/V2 Chapter 1 - 8 ADCS Introduction • Objectives: – Corruption of information - any unauthorised alteration of files stored on a host computer or data in transmit across the network – Disclosure of information - the dissemination of information to anyone who is not authorised to access that information – Theft of service - the unauthorised use of computer or network services without degrading the service to other users – Denial of service - the intentional degrading or blocking of computer or network resources CS262/0602/V2 Chapter 1 - 9 ADCS Introduction • Natural disasters: – Earthquake – Floods – Lighting – Storm – Power fluctuation – Humidity – Dust – Varying temperature – Fire • Can cause damage (harmful effect or loss) of computer resources CS262/0602/V2 Chapter 1 - 10 ADCS Kind of Security Breaches • Exposure – Form of possible loss or harm in a computing system – E.g. unauthorized disclosure of data, modification of data, denial of legitimate access to computing • Vulnerability – Weakness in the security system – Might be exploited to cause loss or harm – Things that are not well protected – E.g. Natural: computers are very vulnerable to natural disasters such as fire, flood etc. CS262/0602/V2 Chapter 1 - 11 ADCS Kind of Security Breaches • Attack – Action taken by a malicious intruder that involves the exploitation of certain vulnerabilities – E.g. hit the hard drive • Threats – Circumstances that have the potential to cause loss or harm – Possible danger – E.g. A person - a system cracker or a spy • Control – Protective measure to reduce vulnerability – An action, a device, a procedure or a technique – E.g. Firewall, password checking CS262/0602/V2 Chapter 1 - 12 ADCS Points of Security Vulnerabilities • Attacks on hardware: – Computer hardware is so visible and hence easy to attack. – Includes power supply surge, unstable power supply etc. • Attacks on Software: – Software can be destroyed maliciously or modified, deleted or misplaced. – Examples include time bomb, Salami attack, Trojan horse, computer bug etc. • Attacks on data: – Available in many forms, such as electronic, printout and media. – Can be destroyed, changed, modified or deleted very easily. CS262/0602/V2 Chapter 1 - 13 ADCS Objectives of Computer Security- Information Quality • Confidentiality – Assets of computing system are accessible only by authorised parties – Also known as secrecy or privacy. – Access type: reading, viewing, printing, knowing – e.g. research results should be kept secret from competitors CS262/0602/V2 Chapter 1 - 14 ADCS Objectives of Computer Security- Information Quality • Integrity – Assets can be modified only by authorised parties – To ensure that information is accurate, complete and authentic. – Modification: writing, changing status, deleting, creating – e.g. information shouldn’t be tampered with and is no replay of previous communication – e.g. sender (receiver) cannot repudiate the date sent/received e-commerce CS262/0602/V2 Chapter 1 - 15 ADCS Objectives of Computer Security - Information Quality • Availability – Assets are available to authorized parties – Able to recover quickly and completely if a disaster occurs – To ensure timely processing and distribution of the information – Opposite of availability is denial of service (DoS) – DoS can jeopardise the processing continuity and hence the organisation survival CS262/0602/V2 Chapter 1 - 16 ADCS Types of Threats • A the sender sends a message to B the receiver through the transmission medium T • O an interceptor or intruder might try to access the message in any of the following ways: – Block it, by preventing it reaching B – Intercept it, by un-authorise access on it – Modify it, by seizing the message – Fabricate an authentic-looking message CS262/0602/V2 Chapter 1 - 17 ADCS (T) Transmission medium (A) Information source (B) Information destination Normal flow There is a flow of information from a source, such as a file or a region of main memory, to a destination, such as another file or user. CS262/0602/V2 Chapter 1 - 18 ADCS a) Block (interruption) -An asset of the system is destroyed or becomes unavailable or usable -Attack on availability -e.g. Hardware destruction, cutting telecommunication line, disabling the file management system CS262/0602/V2 Chapter 1 - 19 ADCS (A) Information source (B) Information destination (O) Intruder b) Interception -An un-authorize party gains access to an asset. -This is an attack on confidentiality -e.g. Wiretapping to capture data in a network, illicit copying of files or program CS262/0602/V2 Chapter 1 - 20 ADCS c) Modification -An un-authorize party not only gains access but to tamper (modify) an asset. -This is an attack on integrity -e.g. Changing value on data files, altering program so it works differently CS262/0602/V2 Chapter 1 - 21 ADCS d) Fabrication -An un-authorize party inserts counterfeit objects into the system -This is an attack on authenticity -e.g. Insertion of spurious messages in a network CS262/0602/V2 Chapter 1 - 22 ADCS Interception Interruption (Loss) Modification Data Fabrication Interruption Interception (Theft) Hardware Interruption (Denial of Service) (Deletion) Software Modification Interception Potential security weak points CS262/0602/V2 Chapter 1 - 23 ADCS Methods Of Defense • Encryption – Most powerful – Provides data secrecy, integrity and availability. • Software / Program Control – To exclude outside attack. – E.g. authenticated login-session, anti-virus program, logs (provides evidence for security incidents) • Hardware Control – Devise used to limit access or verify user’s identity. – E.g. badges, hardware lock CS262/0602/V2 Chapter 1 - 24 ADCS Methods Of Defense • Policies – Develop strict procedures: • Account management includes specific rules for the creation/deletion of accounts, rules for well-chosen password • Automatic backup - consists of a backup scheme, a restoration scheme, etc • Auditing, monitoring - main target keeping the users aware and alert for symptoms of incidents, etc • Incident plan - involves a detailed (tested) procedure, the appointment of a contact person, the elaboration of juridical, etc • Key management - determines how and when new keys are chosen CS262/0602/V2 Chapter 1 - 25 ADCS Methods Of Defense • Physical Control – Easiest, most effective and least expensive methods – Building protection- measures against natural disasters, assaults, unwanted visitors, etc – Data (media) protection measures for the protection of removable media (tapes, disks, CD-ROMs, etc) CS262/0602/V2 Chapter 1 - 26 ADCS Computer Attacks • • • • • • • • • • • What is taxonomy? What is computer attack taxonomy? Why did they choose attack? Why computer attack is categorised? Why it is important? What are the objectives to categorised computer attacks? What are the example of attack taxonomy? What is matrices attack taxonomy? What is risk based attack taxonomy? What are the example of computer attack? What are the methods to prevent computer attack? CS262/0602/V2 Chapter 1 - 27 ADCS Categories of Computer Attacks • Taxonomy – definition – The science, laws, or principles of classification – Division into ordered groups or categories CS262/0602/V2 Chapter 1 - 28 ADCS Categories of Computer Attacks • Attack Taxonomy: – Defined as any generalised categorisation of potential attacks that might occur on given computer system. – Important and necessary process for systematic study to gain greater understanding of computer security attack – Useful in development of new system and evaluating existing system • Consideration in selecting attack taxonomy: – Completeness – Appropriateness – Internal and External threats CS262/0602/V2 Chapter 1 - 29 ADCS Simple Attack Taxonomy • Using matrices (table) by Perry and Wallich • Classification of scheme based on two dimensions: – Vulnerabilities – Potential perpetrators (attackers) CS262/0602/V2 Chapter 1 - 30 ADCS Simple Attack Taxonomy Programmers Theft of information Information destruction Malicious software Theft of services Theft as user Internal Users External (Outsiders) Unauthorised action Via modem Malicious software Unauthorised action Via modem • Theft of services e.g. unauthorised copying of s/w or unauthorised used of computer or n/w services • Malicious s/w e.g. time-bomb, Trojan horse, virus etc • e.g. programmers may insert a malicious software to cause information destruction such as time bomb CS262/0602/V2 Chapter 1 - 31 ADCS Risk Based Attack Taxonomy • Based on a vast number of reported instances of actual attacks (experience based) by Neumann and Parker • Provides a reasonable justification of completeness for the taxonomy • Based on security-related incidents reported to CERT/CC (Computer Emergency Response Team Coordination Center) located at Carnegie Mellon University (www.cert.org) • CERT/CC provides Internet community with single organisation for coordinating responses to security incidents CS262/0602/V2 Chapter 1 - 32 ADCS Risk Based Attack Taxonomy • External information theft: – Unauthorised access to information that do not require physical access to the computer system or network – Associated with disclosure threat. – Visual spying - glancing at one’s terminal to view the information, look over at one’s shoulder and observe the keystrokes when the password was being entered – Social engineering - forged telephone call/email message asking inexperienced users to change password into specific words – Searching waste baskets for printouts to get wealth of information if it not properly disposed CS262/0602/V2 Chapter 1 - 33 ADCS Risk Based Attack Taxonomy • External abuse of resources: – Involves physical destruction of computer system hardware. – Associated with the integrity threat. – Example, smashing a disk drive CS262/0602/V2 Chapter 1 - 34 ADCS Risk Based Attack Taxonomy • Masquerading: – Involves a malicious intruder successfully impersonating another user. – Once password or other authentication means have been captured, they can be used to masquerade as somebody else – Associated with disclosure, integrity or denial of service threats. – Example, recording and playing back network transmission CS262/0602/V2 Chapter 1 - 35 ADCS Risk Based Attack Taxonomy • Pest Program: – Programs that cause subsequent harm to computer system – Can be quickly distributed through information sharing – Requires mechanisms internal to the computer system – Associated with integrity threat. – Example, installing malicious software CS262/0602/V2 Chapter 1 - 36 ADCS Pest Program • Virus is a computer program that intentionally written to attach itself to other programs or disk boot sections and replicate whenever those programs executed or those disks infected • A virus that is attached to another program can be either: – Transient virus • Runs when its attached program executes • Terminates when its attached program ends. – Resident virus • Locates itself in memory so that it can remain active, or be activated, even after its attached program ends. CS262/0602/V2 Chapter 1 - 37 ADCS Pest Program • Virus categorized based on the method of distribution and attack: – Macros - small programs written in macro code for word processing or spreadsheet applications. – Executables - attached themselves to the executable program (or executable itself) – Boot sector - copy itself to the boot sector or hard drives or floppy disks. Once in memory, a boot sector virus tries to replicate itself to other drives. CS262/0602/V2 Chapter 1 - 38 ADCS Pest Program – Stealth - avoid detection by redirecting hard drive read requests away from the virus scanner or by manipulating directory structure information. – Polymorphic - a polymorphic virus has programming code enabling it to change its action and programming code each time it runs. The virus can avoid being detected by older versions of virus scanner software. Modern virus scanners use variety of techniques to identify polymorphic viruses. CS262/0602/V2 Chapter 1 - 39 ADCS Risk Based Attack Taxonomy • Bypassing of Internal Controls: – Avoid authentication to access to computer resources by using existing program flaws (bugs) – The prime targets are authorisation, access and authority controls. – Associated with disclosure, integrity or denial of service threats. – E.g. Microsoft Windows kernel contains stack buffer overflow: • Attacker can exploit this flaw to execute code with privileges of OS kernel such as reading protected area of system memory etc CS262/0602/V2 Chapter 1 - 40 ADCS Attack Methods - Examples • Spoofing or masquerading – A host or a program or an application hide its true identity by using the identity of a legitimate network device or host. – For example, in IP spoofing, a cracker alters the IP packet header so that it appears to have originated from a trusted network. This allows crackers to gain access to engage in system snooping (the action to enter a computer network and begins mapping the system’s contents). CS262/0602/V2 Chapter 1 - 41 ADCS Attack Methods - Examples • Brute-Force attacks: – Users typically create passwords that are mnemonic. – Hackers gain access by guessing of password of individuals. – Obtain a copy of password file and encryption function. • Software based attacks: – Through pest program CS262/0602/V2 Chapter 1 - 42 ADCS Attack Methods - Examples • Schedule file removal: – A useful file offered on many types of operating systems. – Used to schedule program to be run at predetermined time Command can be combined with attack programs – e.g. every time the user log in then delete system file CS262/0602/V2 Chapter 1 - 43 ADCS Attack Methods - Examples • Field separate attack: – This attack relies on technical things in operating system: • Redefine field separator variable to include various characters to create pathnames for files in OS • Invoke system programs that can be used to execute codes to open certain files with administrative privileges • Transferring privilege through some means through OS shell or other program – The objective is to launch further attack to computer system CS262/0602/V2 Chapter 1 - 44 ADCS Attack Methods - Examples • DoS and DDoS – Is a high volume of traffic generated by attacker to a network, server will become too busy to attend to the request causing the legal user unable to use the resources. – Distributed Denial of Service (DDoS) is DoS attack which is launch from several host (distributed) instead of only by single host. – Example of DoS (Denial of Service) attacks are: Land, Smurf / Fraggle, FTP (File Transfer Protocol) Bounce, UDP (User Datagram Protocol) Bomb, Ping of Death, Syn Flood, Teardrop. CS262/0602/V2 Chapter 1 - 45 ADCS Methods to Prevent Attack • Individual screening: – Involves checking the background, credentials and other personal attributes of individuals (user authentication) – Used to trust user not to spoof other user or create compiler Trojan horse. CS262/0602/V2 Chapter 1 - 46 ADCS Methods to Prevent Attack • Physical security: – This method involves securing the computer system facility. – Computer centres that are guarded, locked and monitored demonstrate this type of security control. – Advantage is external hardware damage is effectively controlled. – Disadvantage is may not useful for remote access. CS262/0602/V2 Chapter 1 - 47 ADCS Methods to Prevent Attack • Care in operations: – Involves individuals being careful in their day-to-day activities to avoid common types of attacks. – Users can often avoid password spoof attacks by clearing the terminals before login into system. – Similarly compiler attacks can be avoided by simple access and configuration controls. CS262/0602/V2 Chapter 1 - 48 ADCS Methods to Prevent Attack • The use of Software and Hardware system protection – The use of: • Firewall • Anti virus software • IDS (Intrusion Detection System) • Cryptography technique (Encryption and Decryption) CS262/0602/V2 Chapter 1 - 49