ITIS 6167/8167: Network and Information Security

Weichao Wang

2

Security overview

• Risks– Computers have controlled our lives

• Medical, ATM, banking, business• Air traffic control

– Why there are risks• Adversaries

– Smart and dedicated– Many of them– Hiding in the dark– From fun to profit (worm self-changing botnet)

3

Examples in real life

• Attack on Twitter– Hack into the victim’s email account– DDoS to paralyze Twitter, facebook, etc

• Data mining attacks on public database– In Tenn, a newspaper generates a database

about all residents that have CCW permits. – In CA, there is a webpage listing all people

that donate to Proposition 8 ballot measure

4

Security overview

• Physical security is not enough (can you be sure that your physical security methods are sound and enough?)

• Networked computers can be accessed remotely

5

Security overview

• Defending methods– Prevention

• Prevent (password, salt, private salt, searching)• Deter: raising the bar (password guessing, login slow)• Deflect: making other target more attractive• Diversify

– Detection• Monitoring (who, what, and how)• Intrusion detection (signature based, anomaly based)• IP telephony track

6

Security Overview

• Recovery– Recover data (check point)– Identify the damage– Forensics– Containment

• Tolerance– Maintain a decent service quality – Automatically degrade video quality while

reserving bandwidth for voice

7

Security overview

• How prevention works– Policies– Encryption

• Digital cash, time-stamp, secure multiparty computation, e-voting, e-bidding

– Access control and authorization• Hardware control (interaction free authentication)• Software control (RFID credit card)• Information disclosure (write prevention)

8

Security overview

• What can go wrong with prevention– Design, implement, configuration– Mal-code transfer (enterprise level security)– Attackers are smart and dedicated– Uncle Tom wants it to be safe against

terrorists, but not to him

9

Security overview

• Some additional methods to improve security– Least privilege– Writing good code– Security testing– Embed security from beginning instead of as

a patch

10

11

Network security overview

• The features causing security problems– Sharing: access control for a single system is

not enough– Complexity of systems– Undefined boundary: one host may be on

multiple networks– Multiple-node path before data reaches you:

anonymity of attacker and hard to traceback: the South Bell example

12

• A typical NFS operation and its security features:– A read from B: confidentiality– A write to B: Integrity and confidentiality– Forge communication from A to B: integrity– Block traffic b/w A and B: availability– Impersonation

13

• Security problems in network protocols:– ARP: cache poisoning– IP: spoofing, fragmentation– ICMP:– UDP:– TCP: session hijacking, SYN flood, DoS– DNS systems– Buffer overflow

14

• Security methods– Hiding: OS configuration, port, – Encryption: IPSec– Port protection: telnet, ftp, etc– Authentication– Data integrity: digital signature, checksum– Firewall: block unwanted traffic– IDS– Forensics– Proof of possession

15

16

Review of networks

• Network consists of– Hosts– Network devices– Links– Software

• The view of Internet– Users’ view– Real topology

17

• How routers work– Look at the destination address of the packet– Look up in the local routing table– Determine the exit interface– The next router will do the same– Default router– Route based on sub-network instead of IP

address

18

• IP address classes– Class A to C– Class A can have: 16.78 million addresses– Class B can have: 65536 addresses– Class C can have: 256 address– A decent cooperation needs one to many

class B addresses (Purdue’s joke)

19

• Special address:– 255.255.255.255: local broadcast– 0.0.0.0: this host– 127.-.-.-: loopback– CIDR: classless inter-domain routing

• What about IPv6 addresses

20

21

Review of Cryptography

• Two kinds of cryptographic algorithms– Keep the method secret

• Good: safe for low security requirement• Bad: update, proof of correctness, how to

communicate with outsider

– Make the algorithm public but keep the key secret

• Safety depends on the key only• Good: safety analysis can be conducted

22

Introduction (cnt’d)

• Symmetric algorithms– The encryption and decryption key can be

calculated from each other easily (most of the time the same).

– Block algorithms and stream algorithms• Cipher text is same of longer in length: Why??

– Good: efficient and fast, easy to deploy– Bad: key distribution, scalability, broadcast or

multicast

23

Introduction (cnt’d)

• Public-key encryption– First appear in 1970’s– Two keys: public key and private key– Private key cannot be derived from public key– Everyone can send a packet to Alice

– Only Alice has the private key to recover the packet– If Alice uses the private key to encrypt a message,

can be viewed as digital signature – Strong, scalable, easy for broadcast and multicast,

but very slow

)(messageE APub

24

Introduction (cnt’d)

• Attack to encryption system– Cipher-text only attack

• The amount of traffic matters

– Known plaintext attack– Chosen plaintext attack

• Key point– Keep the cost to break the system higher than

the gain of the information

25

Introduction (cnt’d)

• Can you always break an encryption system?– One time pad– Brute-force attack: Try every possible key

26

Introduction (cnt’d)

• Several old fashion encryption algorithms– Substitution ciphers

• Replace a character in the plaintext with another character• Example: Caesar cipher

– Transposition ciphers• Shuffle the order of characters• The frequency of characters does not change

– XOR and one-time pad: • If the random bits repeat in cycle, it is bad • Synchronization at both side is always a problem

27

28

One way functions

• One way function is easy to calculate in one direction, but not the other.– Given x, easy to get f(x)– Given f(x), even f() is known, still not easy to

get a x

• Trap door one way function– Given x, easy to calculate f(x)– Given f(x), difficult to get x– Given f(x) and a secret y, easy to get x

29

One way hash function

• Map a variable-length input string to a fixed length string: fingerprint the file– Easy to get Hash(x) when giving x– Almost impossible to find a x that satisfies Hash(x)– Almost impossible to find two files x and x’ to have the

same hash value– Minor change in x, large changes in Hash(x)

• Since the hash value is shorter, we have conflict:– We can easily rule out files, but not guarantee this is

the origin file– Still good enough in courts, like DNA tests

30

One way hash function

• Usage of hash function– Timestamp a file and prove that you are the

creator (can be used to timestamp the homework)

– Verify the integrity of the files in a file system• Security problems: how and where to save the

hash values• Hash(x, k) to prevent change on the computer