Chapter 15 Security Bernard Chen Spring 2007. Protection vs. Security Protection (Ch.14) deals with...
-
Upload
oscar-roberts -
Category
Documents
-
view
226 -
download
1
Transcript of Chapter 15 Security Bernard Chen Spring 2007. Protection vs. Security Protection (Ch.14) deals with...
Chapter 15Security
Bernard ChenSpring 2007
Protection vs Security
Protection (Ch14) deals with internal problem
Security (Ch 15) Deals with external problem
Security In many applications ensuring the security of
the computer system is worth considerable effort
Large commercial systems containing payroll or other financial data are inviting targets to thieves
Security must consider external environment of the system and protect the system resources
The Security Problem Intruders (crackers) attempt to
breach security Threat is potential security violation Attack is attempt to breach security
Attack can be accidental or malicious Easier to protect against accidental
than malicious misuse
Security Violations
Categories Breach of confidentiality Breach of integrity Breach of availability Theft of service Denial of service
Security Violations Breach of confidentiality This type of violation involves unauthorized
reading of data (or theft of information) Capturing secret data from a system such as credit-card information identity theft
Breach of integrity This violation involves unauthorized
modification of data Such as modification of the source code of an important commercial application
Security Violations Breach of availability This violation involved unauthorized
destruction of data Website defacement is a common example of this type
Theft of service This violation involves unauthorized use of
resource
Denial of service (DOS) This violation involves preventing legitimate
use of the system
Security Violation Methods
Methods Masquerading (breach authentication) Replay attack Message modification Man-in-the-middle attack Session hijacking
Security Violation Methods Masquerading one participant in a
communication pretends to be someone else By masquerading attackers breach authentication the correctness of identification
Replay Attack consist of the malicious or fraudulent repeat of a valid data transmission
Security Violation Methods
Message modification
Man-in-the-middle attack
Session hijacking
Security Measure LevelsSecurity must occur at four levels to be effective
Physical
Human (Avoid phishing a legitimate-looking email or a web
page misleads a user into entering confidential information
dumpster diving attempting to gather information in order to gain unauthorized access to the computer)
Operating System
Network
Program Threats
C Program with Buffer C Program with Buffer-overflow Condition
C Program with Buffer C Program with Buffer-overflow Condition
In stead of using ldquostrcpy(buffer argv[1])rdquoUseldquostrncpy(bufferargv[1]sizeof(buffer)
-1)rdquo
Hypothetical Stack Frame
Viruses Code fragment embedded in legitimate
program Very specific to CPU architecture
operating system applications Usually borne via email or as a macro
Types of VirusesMany categories of viruses literally many thousands of
viruses1048698 File1048698 Boot1048698 Macro1048698 Source code1048698 Polymorphic1048698 Encrypted1048698 Stealth1048698 Tunneling1048698 Multipartite1048698 Armored
A Boot-sector Computer Virus
Worms A worm is a process that uses the
SPAWN mechanism to ravage system performance
The worm spawns copies of itself using up system resources and perhaps locking out all other processes
The worm was made up of two programs a grappling hook program and the main program
Worm
Cryptography as a Security Tool It is the broadest security tool available
Source and destination of messages cannot be trusted without cryptography
The method is based on secrets (keys)
Encryption
Encryption
Symmetric Encryption
Same key used to encrypt and decrypt
E(k) can be derived from D(k) and vice versa
Symmetric Encryption DES is most commonly used symmetric
block-encryption algorithm (created by US Govt)
Encrypts a block of data at a time Triple-DES considered more secure Advanced Encryption Standard (AES)
twofish up and coming RC4 is most common symmetric stream
cipher but known to have vulnerabilities
Asymmetric Encryption
Public-key encryption based on each user having two keys
public key ndash published key used to encrypt data
private key ndash key known only to individual user used to decrypt data
Protection vs Security
Protection (Ch14) deals with internal problem
Security (Ch 15) Deals with external problem
Security In many applications ensuring the security of
the computer system is worth considerable effort
Large commercial systems containing payroll or other financial data are inviting targets to thieves
Security must consider external environment of the system and protect the system resources
The Security Problem Intruders (crackers) attempt to
breach security Threat is potential security violation Attack is attempt to breach security
Attack can be accidental or malicious Easier to protect against accidental
than malicious misuse
Security Violations
Categories Breach of confidentiality Breach of integrity Breach of availability Theft of service Denial of service
Security Violations Breach of confidentiality This type of violation involves unauthorized
reading of data (or theft of information) Capturing secret data from a system such as credit-card information identity theft
Breach of integrity This violation involves unauthorized
modification of data Such as modification of the source code of an important commercial application
Security Violations Breach of availability This violation involved unauthorized
destruction of data Website defacement is a common example of this type
Theft of service This violation involves unauthorized use of
resource
Denial of service (DOS) This violation involves preventing legitimate
use of the system
Security Violation Methods
Methods Masquerading (breach authentication) Replay attack Message modification Man-in-the-middle attack Session hijacking
Security Violation Methods Masquerading one participant in a
communication pretends to be someone else By masquerading attackers breach authentication the correctness of identification
Replay Attack consist of the malicious or fraudulent repeat of a valid data transmission
Security Violation Methods
Message modification
Man-in-the-middle attack
Session hijacking
Security Measure LevelsSecurity must occur at four levels to be effective
Physical
Human (Avoid phishing a legitimate-looking email or a web
page misleads a user into entering confidential information
dumpster diving attempting to gather information in order to gain unauthorized access to the computer)
Operating System
Network
Program Threats
C Program with Buffer C Program with Buffer-overflow Condition
C Program with Buffer C Program with Buffer-overflow Condition
In stead of using ldquostrcpy(buffer argv[1])rdquoUseldquostrncpy(bufferargv[1]sizeof(buffer)
-1)rdquo
Hypothetical Stack Frame
Viruses Code fragment embedded in legitimate
program Very specific to CPU architecture
operating system applications Usually borne via email or as a macro
Types of VirusesMany categories of viruses literally many thousands of
viruses1048698 File1048698 Boot1048698 Macro1048698 Source code1048698 Polymorphic1048698 Encrypted1048698 Stealth1048698 Tunneling1048698 Multipartite1048698 Armored
A Boot-sector Computer Virus
Worms A worm is a process that uses the
SPAWN mechanism to ravage system performance
The worm spawns copies of itself using up system resources and perhaps locking out all other processes
The worm was made up of two programs a grappling hook program and the main program
Worm
Cryptography as a Security Tool It is the broadest security tool available
Source and destination of messages cannot be trusted without cryptography
The method is based on secrets (keys)
Encryption
Encryption
Symmetric Encryption
Same key used to encrypt and decrypt
E(k) can be derived from D(k) and vice versa
Symmetric Encryption DES is most commonly used symmetric
block-encryption algorithm (created by US Govt)
Encrypts a block of data at a time Triple-DES considered more secure Advanced Encryption Standard (AES)
twofish up and coming RC4 is most common symmetric stream
cipher but known to have vulnerabilities
Asymmetric Encryption
Public-key encryption based on each user having two keys
public key ndash published key used to encrypt data
private key ndash key known only to individual user used to decrypt data
Security In many applications ensuring the security of
the computer system is worth considerable effort
Large commercial systems containing payroll or other financial data are inviting targets to thieves
Security must consider external environment of the system and protect the system resources
The Security Problem Intruders (crackers) attempt to
breach security Threat is potential security violation Attack is attempt to breach security
Attack can be accidental or malicious Easier to protect against accidental
than malicious misuse
Security Violations
Categories Breach of confidentiality Breach of integrity Breach of availability Theft of service Denial of service
Security Violations Breach of confidentiality This type of violation involves unauthorized
reading of data (or theft of information) Capturing secret data from a system such as credit-card information identity theft
Breach of integrity This violation involves unauthorized
modification of data Such as modification of the source code of an important commercial application
Security Violations Breach of availability This violation involved unauthorized
destruction of data Website defacement is a common example of this type
Theft of service This violation involves unauthorized use of
resource
Denial of service (DOS) This violation involves preventing legitimate
use of the system
Security Violation Methods
Methods Masquerading (breach authentication) Replay attack Message modification Man-in-the-middle attack Session hijacking
Security Violation Methods Masquerading one participant in a
communication pretends to be someone else By masquerading attackers breach authentication the correctness of identification
Replay Attack consist of the malicious or fraudulent repeat of a valid data transmission
Security Violation Methods
Message modification
Man-in-the-middle attack
Session hijacking
Security Measure LevelsSecurity must occur at four levels to be effective
Physical
Human (Avoid phishing a legitimate-looking email or a web
page misleads a user into entering confidential information
dumpster diving attempting to gather information in order to gain unauthorized access to the computer)
Operating System
Network
Program Threats
C Program with Buffer C Program with Buffer-overflow Condition
C Program with Buffer C Program with Buffer-overflow Condition
In stead of using ldquostrcpy(buffer argv[1])rdquoUseldquostrncpy(bufferargv[1]sizeof(buffer)
-1)rdquo
Hypothetical Stack Frame
Viruses Code fragment embedded in legitimate
program Very specific to CPU architecture
operating system applications Usually borne via email or as a macro
Types of VirusesMany categories of viruses literally many thousands of
viruses1048698 File1048698 Boot1048698 Macro1048698 Source code1048698 Polymorphic1048698 Encrypted1048698 Stealth1048698 Tunneling1048698 Multipartite1048698 Armored
A Boot-sector Computer Virus
Worms A worm is a process that uses the
SPAWN mechanism to ravage system performance
The worm spawns copies of itself using up system resources and perhaps locking out all other processes
The worm was made up of two programs a grappling hook program and the main program
Worm
Cryptography as a Security Tool It is the broadest security tool available
Source and destination of messages cannot be trusted without cryptography
The method is based on secrets (keys)
Encryption
Encryption
Symmetric Encryption
Same key used to encrypt and decrypt
E(k) can be derived from D(k) and vice versa
Symmetric Encryption DES is most commonly used symmetric
block-encryption algorithm (created by US Govt)
Encrypts a block of data at a time Triple-DES considered more secure Advanced Encryption Standard (AES)
twofish up and coming RC4 is most common symmetric stream
cipher but known to have vulnerabilities
Asymmetric Encryption
Public-key encryption based on each user having two keys
public key ndash published key used to encrypt data
private key ndash key known only to individual user used to decrypt data
The Security Problem Intruders (crackers) attempt to
breach security Threat is potential security violation Attack is attempt to breach security
Attack can be accidental or malicious Easier to protect against accidental
than malicious misuse
Security Violations
Categories Breach of confidentiality Breach of integrity Breach of availability Theft of service Denial of service
Security Violations Breach of confidentiality This type of violation involves unauthorized
reading of data (or theft of information) Capturing secret data from a system such as credit-card information identity theft
Breach of integrity This violation involves unauthorized
modification of data Such as modification of the source code of an important commercial application
Security Violations Breach of availability This violation involved unauthorized
destruction of data Website defacement is a common example of this type
Theft of service This violation involves unauthorized use of
resource
Denial of service (DOS) This violation involves preventing legitimate
use of the system
Security Violation Methods
Methods Masquerading (breach authentication) Replay attack Message modification Man-in-the-middle attack Session hijacking
Security Violation Methods Masquerading one participant in a
communication pretends to be someone else By masquerading attackers breach authentication the correctness of identification
Replay Attack consist of the malicious or fraudulent repeat of a valid data transmission
Security Violation Methods
Message modification
Man-in-the-middle attack
Session hijacking
Security Measure LevelsSecurity must occur at four levels to be effective
Physical
Human (Avoid phishing a legitimate-looking email or a web
page misleads a user into entering confidential information
dumpster diving attempting to gather information in order to gain unauthorized access to the computer)
Operating System
Network
Program Threats
C Program with Buffer C Program with Buffer-overflow Condition
C Program with Buffer C Program with Buffer-overflow Condition
In stead of using ldquostrcpy(buffer argv[1])rdquoUseldquostrncpy(bufferargv[1]sizeof(buffer)
-1)rdquo
Hypothetical Stack Frame
Viruses Code fragment embedded in legitimate
program Very specific to CPU architecture
operating system applications Usually borne via email or as a macro
Types of VirusesMany categories of viruses literally many thousands of
viruses1048698 File1048698 Boot1048698 Macro1048698 Source code1048698 Polymorphic1048698 Encrypted1048698 Stealth1048698 Tunneling1048698 Multipartite1048698 Armored
A Boot-sector Computer Virus
Worms A worm is a process that uses the
SPAWN mechanism to ravage system performance
The worm spawns copies of itself using up system resources and perhaps locking out all other processes
The worm was made up of two programs a grappling hook program and the main program
Worm
Cryptography as a Security Tool It is the broadest security tool available
Source and destination of messages cannot be trusted without cryptography
The method is based on secrets (keys)
Encryption
Encryption
Symmetric Encryption
Same key used to encrypt and decrypt
E(k) can be derived from D(k) and vice versa
Symmetric Encryption DES is most commonly used symmetric
block-encryption algorithm (created by US Govt)
Encrypts a block of data at a time Triple-DES considered more secure Advanced Encryption Standard (AES)
twofish up and coming RC4 is most common symmetric stream
cipher but known to have vulnerabilities
Asymmetric Encryption
Public-key encryption based on each user having two keys
public key ndash published key used to encrypt data
private key ndash key known only to individual user used to decrypt data
Security Violations
Categories Breach of confidentiality Breach of integrity Breach of availability Theft of service Denial of service
Security Violations Breach of confidentiality This type of violation involves unauthorized
reading of data (or theft of information) Capturing secret data from a system such as credit-card information identity theft
Breach of integrity This violation involves unauthorized
modification of data Such as modification of the source code of an important commercial application
Security Violations Breach of availability This violation involved unauthorized
destruction of data Website defacement is a common example of this type
Theft of service This violation involves unauthorized use of
resource
Denial of service (DOS) This violation involves preventing legitimate
use of the system
Security Violation Methods
Methods Masquerading (breach authentication) Replay attack Message modification Man-in-the-middle attack Session hijacking
Security Violation Methods Masquerading one participant in a
communication pretends to be someone else By masquerading attackers breach authentication the correctness of identification
Replay Attack consist of the malicious or fraudulent repeat of a valid data transmission
Security Violation Methods
Message modification
Man-in-the-middle attack
Session hijacking
Security Measure LevelsSecurity must occur at four levels to be effective
Physical
Human (Avoid phishing a legitimate-looking email or a web
page misleads a user into entering confidential information
dumpster diving attempting to gather information in order to gain unauthorized access to the computer)
Operating System
Network
Program Threats
C Program with Buffer C Program with Buffer-overflow Condition
C Program with Buffer C Program with Buffer-overflow Condition
In stead of using ldquostrcpy(buffer argv[1])rdquoUseldquostrncpy(bufferargv[1]sizeof(buffer)
-1)rdquo
Hypothetical Stack Frame
Viruses Code fragment embedded in legitimate
program Very specific to CPU architecture
operating system applications Usually borne via email or as a macro
Types of VirusesMany categories of viruses literally many thousands of
viruses1048698 File1048698 Boot1048698 Macro1048698 Source code1048698 Polymorphic1048698 Encrypted1048698 Stealth1048698 Tunneling1048698 Multipartite1048698 Armored
A Boot-sector Computer Virus
Worms A worm is a process that uses the
SPAWN mechanism to ravage system performance
The worm spawns copies of itself using up system resources and perhaps locking out all other processes
The worm was made up of two programs a grappling hook program and the main program
Worm
Cryptography as a Security Tool It is the broadest security tool available
Source and destination of messages cannot be trusted without cryptography
The method is based on secrets (keys)
Encryption
Encryption
Symmetric Encryption
Same key used to encrypt and decrypt
E(k) can be derived from D(k) and vice versa
Symmetric Encryption DES is most commonly used symmetric
block-encryption algorithm (created by US Govt)
Encrypts a block of data at a time Triple-DES considered more secure Advanced Encryption Standard (AES)
twofish up and coming RC4 is most common symmetric stream
cipher but known to have vulnerabilities
Asymmetric Encryption
Public-key encryption based on each user having two keys
public key ndash published key used to encrypt data
private key ndash key known only to individual user used to decrypt data
Security Violations Breach of confidentiality This type of violation involves unauthorized
reading of data (or theft of information) Capturing secret data from a system such as credit-card information identity theft
Breach of integrity This violation involves unauthorized
modification of data Such as modification of the source code of an important commercial application
Security Violations Breach of availability This violation involved unauthorized
destruction of data Website defacement is a common example of this type
Theft of service This violation involves unauthorized use of
resource
Denial of service (DOS) This violation involves preventing legitimate
use of the system
Security Violation Methods
Methods Masquerading (breach authentication) Replay attack Message modification Man-in-the-middle attack Session hijacking
Security Violation Methods Masquerading one participant in a
communication pretends to be someone else By masquerading attackers breach authentication the correctness of identification
Replay Attack consist of the malicious or fraudulent repeat of a valid data transmission
Security Violation Methods
Message modification
Man-in-the-middle attack
Session hijacking
Security Measure LevelsSecurity must occur at four levels to be effective
Physical
Human (Avoid phishing a legitimate-looking email or a web
page misleads a user into entering confidential information
dumpster diving attempting to gather information in order to gain unauthorized access to the computer)
Operating System
Network
Program Threats
C Program with Buffer C Program with Buffer-overflow Condition
C Program with Buffer C Program with Buffer-overflow Condition
In stead of using ldquostrcpy(buffer argv[1])rdquoUseldquostrncpy(bufferargv[1]sizeof(buffer)
-1)rdquo
Hypothetical Stack Frame
Viruses Code fragment embedded in legitimate
program Very specific to CPU architecture
operating system applications Usually borne via email or as a macro
Types of VirusesMany categories of viruses literally many thousands of
viruses1048698 File1048698 Boot1048698 Macro1048698 Source code1048698 Polymorphic1048698 Encrypted1048698 Stealth1048698 Tunneling1048698 Multipartite1048698 Armored
A Boot-sector Computer Virus
Worms A worm is a process that uses the
SPAWN mechanism to ravage system performance
The worm spawns copies of itself using up system resources and perhaps locking out all other processes
The worm was made up of two programs a grappling hook program and the main program
Worm
Cryptography as a Security Tool It is the broadest security tool available
Source and destination of messages cannot be trusted without cryptography
The method is based on secrets (keys)
Encryption
Encryption
Symmetric Encryption
Same key used to encrypt and decrypt
E(k) can be derived from D(k) and vice versa
Symmetric Encryption DES is most commonly used symmetric
block-encryption algorithm (created by US Govt)
Encrypts a block of data at a time Triple-DES considered more secure Advanced Encryption Standard (AES)
twofish up and coming RC4 is most common symmetric stream
cipher but known to have vulnerabilities
Asymmetric Encryption
Public-key encryption based on each user having two keys
public key ndash published key used to encrypt data
private key ndash key known only to individual user used to decrypt data
Security Violations Breach of availability This violation involved unauthorized
destruction of data Website defacement is a common example of this type
Theft of service This violation involves unauthorized use of
resource
Denial of service (DOS) This violation involves preventing legitimate
use of the system
Security Violation Methods
Methods Masquerading (breach authentication) Replay attack Message modification Man-in-the-middle attack Session hijacking
Security Violation Methods Masquerading one participant in a
communication pretends to be someone else By masquerading attackers breach authentication the correctness of identification
Replay Attack consist of the malicious or fraudulent repeat of a valid data transmission
Security Violation Methods
Message modification
Man-in-the-middle attack
Session hijacking
Security Measure LevelsSecurity must occur at four levels to be effective
Physical
Human (Avoid phishing a legitimate-looking email or a web
page misleads a user into entering confidential information
dumpster diving attempting to gather information in order to gain unauthorized access to the computer)
Operating System
Network
Program Threats
C Program with Buffer C Program with Buffer-overflow Condition
C Program with Buffer C Program with Buffer-overflow Condition
In stead of using ldquostrcpy(buffer argv[1])rdquoUseldquostrncpy(bufferargv[1]sizeof(buffer)
-1)rdquo
Hypothetical Stack Frame
Viruses Code fragment embedded in legitimate
program Very specific to CPU architecture
operating system applications Usually borne via email or as a macro
Types of VirusesMany categories of viruses literally many thousands of
viruses1048698 File1048698 Boot1048698 Macro1048698 Source code1048698 Polymorphic1048698 Encrypted1048698 Stealth1048698 Tunneling1048698 Multipartite1048698 Armored
A Boot-sector Computer Virus
Worms A worm is a process that uses the
SPAWN mechanism to ravage system performance
The worm spawns copies of itself using up system resources and perhaps locking out all other processes
The worm was made up of two programs a grappling hook program and the main program
Worm
Cryptography as a Security Tool It is the broadest security tool available
Source and destination of messages cannot be trusted without cryptography
The method is based on secrets (keys)
Encryption
Encryption
Symmetric Encryption
Same key used to encrypt and decrypt
E(k) can be derived from D(k) and vice versa
Symmetric Encryption DES is most commonly used symmetric
block-encryption algorithm (created by US Govt)
Encrypts a block of data at a time Triple-DES considered more secure Advanced Encryption Standard (AES)
twofish up and coming RC4 is most common symmetric stream
cipher but known to have vulnerabilities
Asymmetric Encryption
Public-key encryption based on each user having two keys
public key ndash published key used to encrypt data
private key ndash key known only to individual user used to decrypt data
Security Violation Methods
Methods Masquerading (breach authentication) Replay attack Message modification Man-in-the-middle attack Session hijacking
Security Violation Methods Masquerading one participant in a
communication pretends to be someone else By masquerading attackers breach authentication the correctness of identification
Replay Attack consist of the malicious or fraudulent repeat of a valid data transmission
Security Violation Methods
Message modification
Man-in-the-middle attack
Session hijacking
Security Measure LevelsSecurity must occur at four levels to be effective
Physical
Human (Avoid phishing a legitimate-looking email or a web
page misleads a user into entering confidential information
dumpster diving attempting to gather information in order to gain unauthorized access to the computer)
Operating System
Network
Program Threats
C Program with Buffer C Program with Buffer-overflow Condition
C Program with Buffer C Program with Buffer-overflow Condition
In stead of using ldquostrcpy(buffer argv[1])rdquoUseldquostrncpy(bufferargv[1]sizeof(buffer)
-1)rdquo
Hypothetical Stack Frame
Viruses Code fragment embedded in legitimate
program Very specific to CPU architecture
operating system applications Usually borne via email or as a macro
Types of VirusesMany categories of viruses literally many thousands of
viruses1048698 File1048698 Boot1048698 Macro1048698 Source code1048698 Polymorphic1048698 Encrypted1048698 Stealth1048698 Tunneling1048698 Multipartite1048698 Armored
A Boot-sector Computer Virus
Worms A worm is a process that uses the
SPAWN mechanism to ravage system performance
The worm spawns copies of itself using up system resources and perhaps locking out all other processes
The worm was made up of two programs a grappling hook program and the main program
Worm
Cryptography as a Security Tool It is the broadest security tool available
Source and destination of messages cannot be trusted without cryptography
The method is based on secrets (keys)
Encryption
Encryption
Symmetric Encryption
Same key used to encrypt and decrypt
E(k) can be derived from D(k) and vice versa
Symmetric Encryption DES is most commonly used symmetric
block-encryption algorithm (created by US Govt)
Encrypts a block of data at a time Triple-DES considered more secure Advanced Encryption Standard (AES)
twofish up and coming RC4 is most common symmetric stream
cipher but known to have vulnerabilities
Asymmetric Encryption
Public-key encryption based on each user having two keys
public key ndash published key used to encrypt data
private key ndash key known only to individual user used to decrypt data
Security Violation Methods Masquerading one participant in a
communication pretends to be someone else By masquerading attackers breach authentication the correctness of identification
Replay Attack consist of the malicious or fraudulent repeat of a valid data transmission
Security Violation Methods
Message modification
Man-in-the-middle attack
Session hijacking
Security Measure LevelsSecurity must occur at four levels to be effective
Physical
Human (Avoid phishing a legitimate-looking email or a web
page misleads a user into entering confidential information
dumpster diving attempting to gather information in order to gain unauthorized access to the computer)
Operating System
Network
Program Threats
C Program with Buffer C Program with Buffer-overflow Condition
C Program with Buffer C Program with Buffer-overflow Condition
In stead of using ldquostrcpy(buffer argv[1])rdquoUseldquostrncpy(bufferargv[1]sizeof(buffer)
-1)rdquo
Hypothetical Stack Frame
Viruses Code fragment embedded in legitimate
program Very specific to CPU architecture
operating system applications Usually borne via email or as a macro
Types of VirusesMany categories of viruses literally many thousands of
viruses1048698 File1048698 Boot1048698 Macro1048698 Source code1048698 Polymorphic1048698 Encrypted1048698 Stealth1048698 Tunneling1048698 Multipartite1048698 Armored
A Boot-sector Computer Virus
Worms A worm is a process that uses the
SPAWN mechanism to ravage system performance
The worm spawns copies of itself using up system resources and perhaps locking out all other processes
The worm was made up of two programs a grappling hook program and the main program
Worm
Cryptography as a Security Tool It is the broadest security tool available
Source and destination of messages cannot be trusted without cryptography
The method is based on secrets (keys)
Encryption
Encryption
Symmetric Encryption
Same key used to encrypt and decrypt
E(k) can be derived from D(k) and vice versa
Symmetric Encryption DES is most commonly used symmetric
block-encryption algorithm (created by US Govt)
Encrypts a block of data at a time Triple-DES considered more secure Advanced Encryption Standard (AES)
twofish up and coming RC4 is most common symmetric stream
cipher but known to have vulnerabilities
Asymmetric Encryption
Public-key encryption based on each user having two keys
public key ndash published key used to encrypt data
private key ndash key known only to individual user used to decrypt data
Security Violation Methods
Message modification
Man-in-the-middle attack
Session hijacking
Security Measure LevelsSecurity must occur at four levels to be effective
Physical
Human (Avoid phishing a legitimate-looking email or a web
page misleads a user into entering confidential information
dumpster diving attempting to gather information in order to gain unauthorized access to the computer)
Operating System
Network
Program Threats
C Program with Buffer C Program with Buffer-overflow Condition
C Program with Buffer C Program with Buffer-overflow Condition
In stead of using ldquostrcpy(buffer argv[1])rdquoUseldquostrncpy(bufferargv[1]sizeof(buffer)
-1)rdquo
Hypothetical Stack Frame
Viruses Code fragment embedded in legitimate
program Very specific to CPU architecture
operating system applications Usually borne via email or as a macro
Types of VirusesMany categories of viruses literally many thousands of
viruses1048698 File1048698 Boot1048698 Macro1048698 Source code1048698 Polymorphic1048698 Encrypted1048698 Stealth1048698 Tunneling1048698 Multipartite1048698 Armored
A Boot-sector Computer Virus
Worms A worm is a process that uses the
SPAWN mechanism to ravage system performance
The worm spawns copies of itself using up system resources and perhaps locking out all other processes
The worm was made up of two programs a grappling hook program and the main program
Worm
Cryptography as a Security Tool It is the broadest security tool available
Source and destination of messages cannot be trusted without cryptography
The method is based on secrets (keys)
Encryption
Encryption
Symmetric Encryption
Same key used to encrypt and decrypt
E(k) can be derived from D(k) and vice versa
Symmetric Encryption DES is most commonly used symmetric
block-encryption algorithm (created by US Govt)
Encrypts a block of data at a time Triple-DES considered more secure Advanced Encryption Standard (AES)
twofish up and coming RC4 is most common symmetric stream
cipher but known to have vulnerabilities
Asymmetric Encryption
Public-key encryption based on each user having two keys
public key ndash published key used to encrypt data
private key ndash key known only to individual user used to decrypt data
Security Measure LevelsSecurity must occur at four levels to be effective
Physical
Human (Avoid phishing a legitimate-looking email or a web
page misleads a user into entering confidential information
dumpster diving attempting to gather information in order to gain unauthorized access to the computer)
Operating System
Network
Program Threats
C Program with Buffer C Program with Buffer-overflow Condition
C Program with Buffer C Program with Buffer-overflow Condition
In stead of using ldquostrcpy(buffer argv[1])rdquoUseldquostrncpy(bufferargv[1]sizeof(buffer)
-1)rdquo
Hypothetical Stack Frame
Viruses Code fragment embedded in legitimate
program Very specific to CPU architecture
operating system applications Usually borne via email or as a macro
Types of VirusesMany categories of viruses literally many thousands of
viruses1048698 File1048698 Boot1048698 Macro1048698 Source code1048698 Polymorphic1048698 Encrypted1048698 Stealth1048698 Tunneling1048698 Multipartite1048698 Armored
A Boot-sector Computer Virus
Worms A worm is a process that uses the
SPAWN mechanism to ravage system performance
The worm spawns copies of itself using up system resources and perhaps locking out all other processes
The worm was made up of two programs a grappling hook program and the main program
Worm
Cryptography as a Security Tool It is the broadest security tool available
Source and destination of messages cannot be trusted without cryptography
The method is based on secrets (keys)
Encryption
Encryption
Symmetric Encryption
Same key used to encrypt and decrypt
E(k) can be derived from D(k) and vice versa
Symmetric Encryption DES is most commonly used symmetric
block-encryption algorithm (created by US Govt)
Encrypts a block of data at a time Triple-DES considered more secure Advanced Encryption Standard (AES)
twofish up and coming RC4 is most common symmetric stream
cipher but known to have vulnerabilities
Asymmetric Encryption
Public-key encryption based on each user having two keys
public key ndash published key used to encrypt data
private key ndash key known only to individual user used to decrypt data
Program Threats
C Program with Buffer C Program with Buffer-overflow Condition
C Program with Buffer C Program with Buffer-overflow Condition
In stead of using ldquostrcpy(buffer argv[1])rdquoUseldquostrncpy(bufferargv[1]sizeof(buffer)
-1)rdquo
Hypothetical Stack Frame
Viruses Code fragment embedded in legitimate
program Very specific to CPU architecture
operating system applications Usually borne via email or as a macro
Types of VirusesMany categories of viruses literally many thousands of
viruses1048698 File1048698 Boot1048698 Macro1048698 Source code1048698 Polymorphic1048698 Encrypted1048698 Stealth1048698 Tunneling1048698 Multipartite1048698 Armored
A Boot-sector Computer Virus
Worms A worm is a process that uses the
SPAWN mechanism to ravage system performance
The worm spawns copies of itself using up system resources and perhaps locking out all other processes
The worm was made up of two programs a grappling hook program and the main program
Worm
Cryptography as a Security Tool It is the broadest security tool available
Source and destination of messages cannot be trusted without cryptography
The method is based on secrets (keys)
Encryption
Encryption
Symmetric Encryption
Same key used to encrypt and decrypt
E(k) can be derived from D(k) and vice versa
Symmetric Encryption DES is most commonly used symmetric
block-encryption algorithm (created by US Govt)
Encrypts a block of data at a time Triple-DES considered more secure Advanced Encryption Standard (AES)
twofish up and coming RC4 is most common symmetric stream
cipher but known to have vulnerabilities
Asymmetric Encryption
Public-key encryption based on each user having two keys
public key ndash published key used to encrypt data
private key ndash key known only to individual user used to decrypt data
C Program with Buffer C Program with Buffer-overflow Condition
C Program with Buffer C Program with Buffer-overflow Condition
In stead of using ldquostrcpy(buffer argv[1])rdquoUseldquostrncpy(bufferargv[1]sizeof(buffer)
-1)rdquo
Hypothetical Stack Frame
Viruses Code fragment embedded in legitimate
program Very specific to CPU architecture
operating system applications Usually borne via email or as a macro
Types of VirusesMany categories of viruses literally many thousands of
viruses1048698 File1048698 Boot1048698 Macro1048698 Source code1048698 Polymorphic1048698 Encrypted1048698 Stealth1048698 Tunneling1048698 Multipartite1048698 Armored
A Boot-sector Computer Virus
Worms A worm is a process that uses the
SPAWN mechanism to ravage system performance
The worm spawns copies of itself using up system resources and perhaps locking out all other processes
The worm was made up of two programs a grappling hook program and the main program
Worm
Cryptography as a Security Tool It is the broadest security tool available
Source and destination of messages cannot be trusted without cryptography
The method is based on secrets (keys)
Encryption
Encryption
Symmetric Encryption
Same key used to encrypt and decrypt
E(k) can be derived from D(k) and vice versa
Symmetric Encryption DES is most commonly used symmetric
block-encryption algorithm (created by US Govt)
Encrypts a block of data at a time Triple-DES considered more secure Advanced Encryption Standard (AES)
twofish up and coming RC4 is most common symmetric stream
cipher but known to have vulnerabilities
Asymmetric Encryption
Public-key encryption based on each user having two keys
public key ndash published key used to encrypt data
private key ndash key known only to individual user used to decrypt data
C Program with Buffer C Program with Buffer-overflow Condition
In stead of using ldquostrcpy(buffer argv[1])rdquoUseldquostrncpy(bufferargv[1]sizeof(buffer)
-1)rdquo
Hypothetical Stack Frame
Viruses Code fragment embedded in legitimate
program Very specific to CPU architecture
operating system applications Usually borne via email or as a macro
Types of VirusesMany categories of viruses literally many thousands of
viruses1048698 File1048698 Boot1048698 Macro1048698 Source code1048698 Polymorphic1048698 Encrypted1048698 Stealth1048698 Tunneling1048698 Multipartite1048698 Armored
A Boot-sector Computer Virus
Worms A worm is a process that uses the
SPAWN mechanism to ravage system performance
The worm spawns copies of itself using up system resources and perhaps locking out all other processes
The worm was made up of two programs a grappling hook program and the main program
Worm
Cryptography as a Security Tool It is the broadest security tool available
Source and destination of messages cannot be trusted without cryptography
The method is based on secrets (keys)
Encryption
Encryption
Symmetric Encryption
Same key used to encrypt and decrypt
E(k) can be derived from D(k) and vice versa
Symmetric Encryption DES is most commonly used symmetric
block-encryption algorithm (created by US Govt)
Encrypts a block of data at a time Triple-DES considered more secure Advanced Encryption Standard (AES)
twofish up and coming RC4 is most common symmetric stream
cipher but known to have vulnerabilities
Asymmetric Encryption
Public-key encryption based on each user having two keys
public key ndash published key used to encrypt data
private key ndash key known only to individual user used to decrypt data
Hypothetical Stack Frame
Viruses Code fragment embedded in legitimate
program Very specific to CPU architecture
operating system applications Usually borne via email or as a macro
Types of VirusesMany categories of viruses literally many thousands of
viruses1048698 File1048698 Boot1048698 Macro1048698 Source code1048698 Polymorphic1048698 Encrypted1048698 Stealth1048698 Tunneling1048698 Multipartite1048698 Armored
A Boot-sector Computer Virus
Worms A worm is a process that uses the
SPAWN mechanism to ravage system performance
The worm spawns copies of itself using up system resources and perhaps locking out all other processes
The worm was made up of two programs a grappling hook program and the main program
Worm
Cryptography as a Security Tool It is the broadest security tool available
Source and destination of messages cannot be trusted without cryptography
The method is based on secrets (keys)
Encryption
Encryption
Symmetric Encryption
Same key used to encrypt and decrypt
E(k) can be derived from D(k) and vice versa
Symmetric Encryption DES is most commonly used symmetric
block-encryption algorithm (created by US Govt)
Encrypts a block of data at a time Triple-DES considered more secure Advanced Encryption Standard (AES)
twofish up and coming RC4 is most common symmetric stream
cipher but known to have vulnerabilities
Asymmetric Encryption
Public-key encryption based on each user having two keys
public key ndash published key used to encrypt data
private key ndash key known only to individual user used to decrypt data
Viruses Code fragment embedded in legitimate
program Very specific to CPU architecture
operating system applications Usually borne via email or as a macro
Types of VirusesMany categories of viruses literally many thousands of
viruses1048698 File1048698 Boot1048698 Macro1048698 Source code1048698 Polymorphic1048698 Encrypted1048698 Stealth1048698 Tunneling1048698 Multipartite1048698 Armored
A Boot-sector Computer Virus
Worms A worm is a process that uses the
SPAWN mechanism to ravage system performance
The worm spawns copies of itself using up system resources and perhaps locking out all other processes
The worm was made up of two programs a grappling hook program and the main program
Worm
Cryptography as a Security Tool It is the broadest security tool available
Source and destination of messages cannot be trusted without cryptography
The method is based on secrets (keys)
Encryption
Encryption
Symmetric Encryption
Same key used to encrypt and decrypt
E(k) can be derived from D(k) and vice versa
Symmetric Encryption DES is most commonly used symmetric
block-encryption algorithm (created by US Govt)
Encrypts a block of data at a time Triple-DES considered more secure Advanced Encryption Standard (AES)
twofish up and coming RC4 is most common symmetric stream
cipher but known to have vulnerabilities
Asymmetric Encryption
Public-key encryption based on each user having two keys
public key ndash published key used to encrypt data
private key ndash key known only to individual user used to decrypt data
Types of VirusesMany categories of viruses literally many thousands of
viruses1048698 File1048698 Boot1048698 Macro1048698 Source code1048698 Polymorphic1048698 Encrypted1048698 Stealth1048698 Tunneling1048698 Multipartite1048698 Armored
A Boot-sector Computer Virus
Worms A worm is a process that uses the
SPAWN mechanism to ravage system performance
The worm spawns copies of itself using up system resources and perhaps locking out all other processes
The worm was made up of two programs a grappling hook program and the main program
Worm
Cryptography as a Security Tool It is the broadest security tool available
Source and destination of messages cannot be trusted without cryptography
The method is based on secrets (keys)
Encryption
Encryption
Symmetric Encryption
Same key used to encrypt and decrypt
E(k) can be derived from D(k) and vice versa
Symmetric Encryption DES is most commonly used symmetric
block-encryption algorithm (created by US Govt)
Encrypts a block of data at a time Triple-DES considered more secure Advanced Encryption Standard (AES)
twofish up and coming RC4 is most common symmetric stream
cipher but known to have vulnerabilities
Asymmetric Encryption
Public-key encryption based on each user having two keys
public key ndash published key used to encrypt data
private key ndash key known only to individual user used to decrypt data
A Boot-sector Computer Virus
Worms A worm is a process that uses the
SPAWN mechanism to ravage system performance
The worm spawns copies of itself using up system resources and perhaps locking out all other processes
The worm was made up of two programs a grappling hook program and the main program
Worm
Cryptography as a Security Tool It is the broadest security tool available
Source and destination of messages cannot be trusted without cryptography
The method is based on secrets (keys)
Encryption
Encryption
Symmetric Encryption
Same key used to encrypt and decrypt
E(k) can be derived from D(k) and vice versa
Symmetric Encryption DES is most commonly used symmetric
block-encryption algorithm (created by US Govt)
Encrypts a block of data at a time Triple-DES considered more secure Advanced Encryption Standard (AES)
twofish up and coming RC4 is most common symmetric stream
cipher but known to have vulnerabilities
Asymmetric Encryption
Public-key encryption based on each user having two keys
public key ndash published key used to encrypt data
private key ndash key known only to individual user used to decrypt data
Worms A worm is a process that uses the
SPAWN mechanism to ravage system performance
The worm spawns copies of itself using up system resources and perhaps locking out all other processes
The worm was made up of two programs a grappling hook program and the main program
Worm
Cryptography as a Security Tool It is the broadest security tool available
Source and destination of messages cannot be trusted without cryptography
The method is based on secrets (keys)
Encryption
Encryption
Symmetric Encryption
Same key used to encrypt and decrypt
E(k) can be derived from D(k) and vice versa
Symmetric Encryption DES is most commonly used symmetric
block-encryption algorithm (created by US Govt)
Encrypts a block of data at a time Triple-DES considered more secure Advanced Encryption Standard (AES)
twofish up and coming RC4 is most common symmetric stream
cipher but known to have vulnerabilities
Asymmetric Encryption
Public-key encryption based on each user having two keys
public key ndash published key used to encrypt data
private key ndash key known only to individual user used to decrypt data
Worm
Cryptography as a Security Tool It is the broadest security tool available
Source and destination of messages cannot be trusted without cryptography
The method is based on secrets (keys)
Encryption
Encryption
Symmetric Encryption
Same key used to encrypt and decrypt
E(k) can be derived from D(k) and vice versa
Symmetric Encryption DES is most commonly used symmetric
block-encryption algorithm (created by US Govt)
Encrypts a block of data at a time Triple-DES considered more secure Advanced Encryption Standard (AES)
twofish up and coming RC4 is most common symmetric stream
cipher but known to have vulnerabilities
Asymmetric Encryption
Public-key encryption based on each user having two keys
public key ndash published key used to encrypt data
private key ndash key known only to individual user used to decrypt data
Cryptography as a Security Tool It is the broadest security tool available
Source and destination of messages cannot be trusted without cryptography
The method is based on secrets (keys)
Encryption
Encryption
Symmetric Encryption
Same key used to encrypt and decrypt
E(k) can be derived from D(k) and vice versa
Symmetric Encryption DES is most commonly used symmetric
block-encryption algorithm (created by US Govt)
Encrypts a block of data at a time Triple-DES considered more secure Advanced Encryption Standard (AES)
twofish up and coming RC4 is most common symmetric stream
cipher but known to have vulnerabilities
Asymmetric Encryption
Public-key encryption based on each user having two keys
public key ndash published key used to encrypt data
private key ndash key known only to individual user used to decrypt data
Encryption
Encryption
Symmetric Encryption
Same key used to encrypt and decrypt
E(k) can be derived from D(k) and vice versa
Symmetric Encryption DES is most commonly used symmetric
block-encryption algorithm (created by US Govt)
Encrypts a block of data at a time Triple-DES considered more secure Advanced Encryption Standard (AES)
twofish up and coming RC4 is most common symmetric stream
cipher but known to have vulnerabilities
Asymmetric Encryption
Public-key encryption based on each user having two keys
public key ndash published key used to encrypt data
private key ndash key known only to individual user used to decrypt data
Encryption
Symmetric Encryption
Same key used to encrypt and decrypt
E(k) can be derived from D(k) and vice versa
Symmetric Encryption DES is most commonly used symmetric
block-encryption algorithm (created by US Govt)
Encrypts a block of data at a time Triple-DES considered more secure Advanced Encryption Standard (AES)
twofish up and coming RC4 is most common symmetric stream
cipher but known to have vulnerabilities
Asymmetric Encryption
Public-key encryption based on each user having two keys
public key ndash published key used to encrypt data
private key ndash key known only to individual user used to decrypt data
Symmetric Encryption
Same key used to encrypt and decrypt
E(k) can be derived from D(k) and vice versa
Symmetric Encryption DES is most commonly used symmetric
block-encryption algorithm (created by US Govt)
Encrypts a block of data at a time Triple-DES considered more secure Advanced Encryption Standard (AES)
twofish up and coming RC4 is most common symmetric stream
cipher but known to have vulnerabilities
Asymmetric Encryption
Public-key encryption based on each user having two keys
public key ndash published key used to encrypt data
private key ndash key known only to individual user used to decrypt data
Symmetric Encryption DES is most commonly used symmetric
block-encryption algorithm (created by US Govt)
Encrypts a block of data at a time Triple-DES considered more secure Advanced Encryption Standard (AES)
twofish up and coming RC4 is most common symmetric stream
cipher but known to have vulnerabilities
Asymmetric Encryption
Public-key encryption based on each user having two keys
public key ndash published key used to encrypt data
private key ndash key known only to individual user used to decrypt data
Asymmetric Encryption
Public-key encryption based on each user having two keys
public key ndash published key used to encrypt data
private key ndash key known only to individual user used to decrypt data