Upload
haduong
View
230
Download
5
Embed Size (px)
Citation preview
Introduction to Computer SecurityCourse Introduction
Pavel LaskovWilhelm Schickard Institute for Computer Science
Computer security in headlines
Computer security in numbers
New malicious code samples observed (Symantec)
Technische Universität Berlin
Gefährliches Internet
» Internet als Risikofaktor?
» Omnipräsenz von Angriffen, Würmern und Viren» Massive Schäden bei Unternehmen und Bürgern» Zunehmende Kriminalisierung von Schadsoftware
0
750.000
1.500.000
2.250.000
3.000.000
2002 2003 2004 2005 2006 2007 2008 2009
Neuer Schadcode pro Jahr (Symantec)
What lurks behind the statistics?
Malware previously used for fun is now used for profit.78% of end user attacks involved stealing of login data76% of phishing attacks targeted financial sectorAverage cost of data breach in 2008 in the USA: 6.7M $.
Hacking is no longer the realm of “script-kiddies”.60% of malicious code threats represent new attacks.
The biggest risk resides not in but in front of a computer.Why would anyone want something from me?What does my Windows want to update again?I have already bought an antivirus, so I am safe.
Why are computer systems insecure?
Growing complexity of computer systemslarge number of components, complex interaction
High competitionshort “time-to-market”, high ROI
Leveraging of risks through high connectivityworm outbreaks, botnets
Slow incident response“incident hiding”, manual handling
Human error
What can go wrong will go wrong!
Human error: a case study
Human error: a case study
Human error: a case study
Human error: a case study
Human error: a case study
Human error: a case study
Human error: lessons learned
Users make errorselaborate social engineering designtime pressure
Significant monetary motivationBusiness efficiency via Internet
Acrobat Reader exploit
Acrobat Reader JBIG2 exploit: a timeline
Exploit discovered: ???First public warnings: 19.-20.02Adobe Reader 9.0 patched: 10.03Adobe Reader 8.1.3 patched: 18.03Adobe Reader Linux patched: 26.03Recognition by antivirus system as of mid-April 2009: 6/39(15.39%)
Infection without a click
Select a thumbnail view.Hover a mouse over a document.Do nothing: the Windows Desktop Search (if notde-activated) will find it and open!
Potential consequences of an infection
Start a keyloggerStart a botnet (zombie) clientDownload further code from a remote site
Security instruments
Security instruments
Prevention
Security instruments
Prevention
Detection
Security instruments
Prevention
Detection
Reaction
What will you learn?
Findamental concepts of computer securitydry, but important!
Basic security goals and mechanismsauthentication, access control, encryption, etc.
Practical security instrumentsWindows and Linux security.
Further selected topicsnetwork securitysoftware securityweb application and browser security
‘
Coarse administration
Lectures:Wed, 10:00–12:00 (ct), A301
Formalities:Credit hours (diploma): 2 SWS (lectures) + 1 SWS (exercises)Credit points (B.Sc.): 3 LP (lectures) + 1 LP (exercises)
Exams and grading:diploma: oral exam by appointment, graded certificate forexercisesB.Sc: written exam at the end of semester, 30% of the finalgrade from exercises
Office hours: by appointmentCourse web page:http://www.cogsys.cs.uni-tuebingen.de/lehre/ss11/introd comp sec.html
Homework assignments
Meetings:Tue, 10:00–12:00 (ct), A301First meeting: 26.04
4 homework assignments to be solved individuallyEvaluation and grade:
diploma: a grade reflects the percentage of points acquired.B.Sc.: a grade contributes 30% to the final grade.
Bibliography
Dieter Gollmann.Computer Security.Wiley & Sons, 2006.
Ross Anderson.Security Engineering.Wiley & Sons, 2001.
Bruce Schneier.Secrets and Lies: Digital Security in a Networked World.Wiley & Sons, 2004. (fun to read)
A typical web application
Legitimate user
BrowserWebserver
Internet
Attack: interception of communication
Legitimate user
BrowserWebserver
Internet
Attacker
Credit card number
Security goal: confidentiality
Prevention of unauthorized reading of dataPrevention of unauthorized learning of informationPotential abuse scenarios:
Discovery of confidential information (e.g. details of a businesscontract)Discovery of authentication credentials (e.g. password sniffing)
Enforcement intruments:Symmetric or asymmetric cryptographyAnonymization techniques
A typical web application
Legitimate user
BrowserWebserver
Internet
Attack: identity spoofing
Legitimate user
BrowserWebserver
Internet
Fake webserver
Attacker
Security goal: authentication
Verification of an identity of a person or a computerPrerequisite for access controlAuthentication methods:
Shared secrets (e.g. password or PIN)Ticket systems (identity cards, digital certificates)Challenge-response techniquesBiometric techniquesHuman authentication: CAPTCHA’s, Turing test, etc.
Authentication risks: identity theft
A typical web application
Legitimate user
BrowserWebserver
Internet
Attack: injection of malicious code
Legitimate user
BrowserWebserver
Internet
Attacker
Malware
XSS attack
Security goal: integrity
Prevention of malicious tampering of dataPotential abuse scenarios:
Fraudulent modification of data (e.g. 100,000¤ instead of100¤ in an online transaction request)Injection of malicious code in downloaded softwareEvading detection by modification of a compromized operatingsystem
Enforcement instruments:Integrity checking using cryptographic hash functions
A typical web application
Legitimate user
BrowserWebserver
Internet
Attack: server overload
Legitimate user
Browser
Internet
Server overloaded
Security goal: availability
A joint objective of security and dependabilityMay be caused by attacks as well as natural phenomena,such as design errors or flash crouds.Enforcement instruments:
Detection of DoS-attacksRouter and firewall reconfigurationService redundancyVirtualization
A typical web application
Legitimate user
BrowserWebserver
Internet
Attack: transaction denial by a user
Legitimate user
BrowserWebserver
Internet
Credit card charded
Transaction cancelled
Security goal: accountability
An audit trail of security-related eventsA key instrument of detection/responseA stronger form of accountability is non-repudiation:unforgeable evidence that a certain action occurred.Similar attacks as integrityEnforcement instruments:
Integrity checksRead-only auditDigital certificates and trusted third parties
Summary
Security is not a solution but an ongoing process.Security can only be achieved by a combination of technicaland organizational measures.One of the biggest security risks is a user.Security is a big challenge but lots of fun as well: a greatfield of study and research.
Next lecture
The economics of computer securitySecurity threatsSecurity design principles