Dr. Jelena Mirkovic (Y-Ellen-a) University of Southern California Information Sciences Institute.
-
date post
19-Dec-2015 -
Category
Documents
-
view
219 -
download
3
Transcript of Dr. Jelena Mirkovic (Y-Ellen-a) University of Southern California Information Sciences Institute.
USC CSci530Computer Security Systems Lecture notes – Spring 2011
Dr. Jelena Mirkovic (Y-Ellen-a)University of Southern CaliforniaInformation Sciences Institute
If you wish to enroll and do not have D clearance yet, send an email to [email protected] with:oYour nameoWhich prerequisites you have completedoA phone number oRequest to receive a D clearance
I will contact and assess if space becomes available
Who gets in
http://ccss.usc.edu/530 oSyllabusoAssignmentsoNewsoLecture notes (also on Blackboard)
Class home page
http://ccss.usc.edu/530Lo1 of the 4 unitsoInstructor is David MorganoInstruction 4 – 4:50 Fridays in RTH105
WebCast via DEN Hands on work in the lab – exercising the
theoretical knowledge from class Some labs will be done remotely using DETER
testbed
Lab
Four reports, due as noted onlineEach discusses a paper of your choice from
a few top security conferences/journalsoSummary of the paper and its critiqueoYour ideas on the topico2-4 pages, submitted via BlackboardoYou can submit reports early if you like
One report from each student will be chosen for presentation in class
Total 20% of your grade, 4% eachLate policy: 48 h grace period divided over
all 4 assignments – must email ahead of deadline
Paper Reports
Class e-mail: [email protected] (TA and inst)
InstructoroDr. Jelena MirkovicoOffice hours Wed 3-4pm or by appt in SAL 234oContact via email (on class web page)
TAoLeslie Cheung oOffice hours Tu/Th 11am-noon, PHE 316oContact via email (on class web page)
Administration
Grading:oPaper reports/presentations: 20%oLab: 20%oQuizzes: 5%oParticipation: 5%oMidterm Exam: 20%oFinal Exam: 30%
Grades assigned using an absolute curve:
Administration
A A- B+ B B- C+ C C- D+ D D
93 90 86 83 80 76 73 70 66 63 60
DEN Blackboard system will host the class discussion boardoTo gain access and log in
https://blackboard.usc.edu/oContact [email protected] if you have
difficulty gaining access to the systemoI will check the discussion board once daily
but if you want a reliable response from me email me directly
Blackboard
Class participation is importantoAsk and answer questions in classoAsk, answer, participate on-line
Class participation carries 5% of your gradeoIf I don’t remember you from class, I look in the
web discussion forum to check participation Did you ask good questions Did you provide good answers Did you make good points in discussions
Class Participation
What is and is not OKoI encourage you to work with others to learn the
material but everyone must DO their work ALONE
oDo not to turn in the work of othersoDo not give others your work to use as their ownoDo not plagiarize from others (published or not)oDo not try to deceive the instructors
See section on web site and assignmentsoMore guidelines on academic integrityoLinks to university resourcesoDon’t just assume you know what is acceptable.
Academic Integrity
What Does Security Mean?
No one should be able to: o Break into my houseo Attack meo Steal my TVo Use my house to throw water balloons on
peopleo Damage my furnitureo Pretend to be my friend Bob and fool me o Waste my time with irrelevant thingso Prevent me from going to my favorite
restaurant
What Does Security Mean?… In Real Life
No one should be able to:o Break into my computero Attack my computero Steal my information o Use my computer to attack otherso Damage my computer or datao Use my resources without my permission
I want to talk to Aliceo Pretend to be Alice or myself or our computerso Prevent me from communicating with Alice
What Does Security Mean?… wrt Computers and Nets
An isolated computer has a security risk?o Computer security aims to protect a single,
connected, machine Networking = communication at all
times and in all scenarios!!!o Network security aims to protect the
communication and all its participants
Security = robustness or fault tolerance?
Computer vs. Network Security
Computer security Network security
Breaking into my computero Hackers
Break a password or sniff it off the network Exploit a vulnerability
Use social engineering Impersonate someone I trust
o Viruses and worms
What Are the Threats?
A vulnerability is a bug in the software that createsunexpected computer behavior when exploited, suchas enabling access without login, running unauthorizedcode or crashing the computer. An exploit is an input to the buggy program that makesuse of the existing vulnerability.
Attacking my computero Denial-of-service attacks
o Viruses and some worms
What Are the Threats?
A virus is a self-replicating program that requiresuser action to activate such as clicking on E-mail,downloading an infected file or inserting an infectedfloppy, CD, etc ..A worm is a self-replicating program that does notrequire user action to activate. It propagates itselfover the network, infects any vulnerable machine itfinds and then spreads from it further.
A DOS attack aims to disrupt a service by either exploiting a vulnerability or by sending a lot ofbogus messages to a computer offering a service
Stealing my information o From my computer or from communicationo I will use cryptography!
There are many ways to break ciphers There are many ways to divulge partial
information (e.g. who do you talk to)o I would also like to hide who I talk to and
when I will use anonymization techniques Anonymization hinders other security
approaches that build models of normal traffic patterns
What Are the Threats?
Using my machine to attack otherso E-mail viruseso Wormso Denial-of-service attacks (including reflector
attacks)o Spam, phishing
What Are the Threats?
Damaging my computer or datao I have to prevent break-inso I will also use cryptography to detect
tamperingo I must replicate data to recover from
tamperingo Denial-of-service attacks and worms can
sometimes damage computers
What Are the Threats?
Taking up my resources with irrelevant messageso Denial-of-service attackso Spam mail (takes time to read and fills
space)o Malicious mail (may contain a virus)o Viruses and worms
What Are the Threats?
Pretending to be Alice or myself or our computerso I want to be sure who I am talking to
(authentication and digital signatures)o It is hard to impersonate a computer in two-
way communication, such as TCP But it has been done
o Plain IP spoofing seems an extremely hard problem to solve
What Are the Threats?
IP spoofing means putting a fake IP address in thesender field of IP packets.
Preventing me from communicating with Aliceo Alice could be attackedo Routers could be overloaded or tampered
witho DNS servers could be attacked
What Are the Threats?
Confidentiality (C)oKeep data secret from non-participants
Integrity (I)oAka “authenticity”oKeep data from being modified
Availability (A)oKeep the system running and reachableoKeep it functioning properly
The Three Aspects of Security
No one should be able to:oBreak into my computer – A, C, IoAttack my computer – A, C, IoSteal my information - CoUse my computer to attack others – I?oDamage my computer or data - Io Use my resources without my permission - A
I want to talk to Aliceo Pretend to be Alice or myself or our computers – C,
Io Prevent me from communicating with Alice - A
What Does Security Mean?… wrt Computers and Nets
PolicyoDeciding what confidentiality, integrity and
availability meanMechanismoImplementing the policy
Orthogonal Aspects