Introduction to Network Security Security Overview

Transcription

1 Introduction to Network Security Security Overview Egemen K. Çetinkaya Department of Electrical & Computer Engineering Missouri University of Science and Technology 31 August 2015 rev Egemen K. Çetinkaya

2 Network Security Overview Outline Overview and role in resilience Security sub-disciplines Overview of attacks and defenses Metrics and evaluation 31 August 2015 MST CPE 5420 Security Overview 2

3 Network Security Overview Overview and Role in Resilience Overview and role in resilience Security sub-disciplines Overview of attacks and defenses Metrics and evaluation 31 August 2015 MST CPE 5420 Security Overview 3

4 Security Security Definition property of a system and measures taken protect itself from unauthorized access or change subject to policy 31 August 2015 MST CPE 5420 Security Overview 4

5 Self-protection Self-Protection Importance to Resilience systems protect themselves from unauthorized access network control infrastructure Systems with the need to protect themselves end systems (e.g. firewalls) intermediate systems: routers, switches servers: DNS, Web, etc. enterprise networks (e.g. firewalls) virtual enclaves network realms that define trust boundaries 31 August 2015 MST CPE 5420 Security Overview 5

6 Self-protection Self-Protection Importance to Resilience systems protect themselves from unauthorized access network control infrastructure Network control infrastructure signalling (e.g. ICMP, RSVP/MPLS) routing protocols (e.g. S-BGP, OSPF, IS-IS) network services (e.g. DNSSEC, ICP) 31 August 2015 MST CPE 5420 Security Overview 6

7 Vulnerability Security Vulnerability flaw or weakness in system design, implementation, controls, operation, or management could be exploited to violate security policy [CNSS ] [S2007] note relation to definition with respect to faults internal fault that allows an external fault to cause an error [Laprie-1994], [ALR+2004] 31 August 2015 MST CPE 5420 Security Overview 7

8 Threat Security Threats entity, circumstance, capability, action, or event with potential to violate security and cause harm [CNSS ] [S2007] potential challenge that might exploit a vulnerability 31 August 2015 MST CPE 5420 Security Overview 8

9 Threat Security Threat Analysis entity, circumstance, capability, action, or event with potential to violate security and cause harm [CNSS ] [S2007] potential challenge that might exploit a vulnerability Threat analysis examination of information and analysis of actions to identify potential threats identifying probability of occurrence and consequences [CNSS ] [S2007] 31 August 2015 MST CPE 5420 Security Overview 9

10 Security Challenges Challenge : adverse event or condition that might violate security policy including availability impact dependability impact performability three aspects of trustworthiness 31 August 2015 MST CPE 5420 Security Overview 10

11 Security Discipline Evolution 1960s: computer system security security among multiple users on timesharing systems operating system security (e.g Multics) 1980s: computer network security security among computers sharing enterprise network 1990s: Internet security security against (almost) universal access to Global Internet 31 August 2015 MST CPE 5420 Security Overview 11

12 Network Security Overview Security Sub-disciplines Overview and role in resilience Security sub-disciplines Overview of attacks and defenses Metrics and evaluation 31 August 2015 MST CPE 5420 Security Overview 12

13 Security Relationship to Resilience Disciplines Egemen K. Çetinkaya Survivability many targetted failures Fault Tolerance (few random) Challenge Tolerance Traffic Tolerance Disruption Tolerance environmental delay connectivity energy mobility Robustness Complexity confidentiality Trustworthiness Dependability reliability maintainability safety availability auditability Security AAA authenticity integrity nonrepudiability authorisability legitimate flash crowd attack DDoS Performability QoS measures 31 August 2015 MST CPE 5420 Security Overview 13

14 Confidentiality AAA (triple-a) Security Security Properties and Attributes accounting or auditability (sometimes AAAA) authorisation authentication Attributes shared with dependability availability integrity Nonrepudiation note: all stated as -ilities in diagram for consistency 31 August 2015 MST CPE 5420 Security Overview 14

15 Confidentiality Security Confidentiality information is not made available or disclosed to unauthorized individuals, entities, processes, devices [X ] [CNSS ] [S2007] dependability with respect to the absence of unauthorized disclosure of information [Laprie-1994] includes privacy aspects Mechanisms for confidentiality? 31 August 2015 MST CPE 5420 Security Overview 15

16 Confidentiality Security Confidentiality information is not made available or disclosed to unauthorized individuals, entities, processes, devices [X ] [CNSS ] [S2007] dependability with respect to the absence of unauthorized disclosure of information [Laprie-1994] includes privacy aspects Mechanisms for confidentiality physical access restrictions encryption 31 August 2015 MST CPE 5420 Security Overview 16

17 Accounting Security Accounting and Auditing collecting information on access to resources generating audit trail Accounting is part of AAA auditing is sometimes separately added as AAAA 31 August 2015 MST CPE 5420 Security Overview 17

18 Authorization Security Authorization granting of privileges or rights [X ] [CNSS ] [S2007] Authorization is part of AAA Mechanisms for authorization? 31 August 2015 MST CPE 5420 Security Overview 18

19 Authorization Security Authorization granting of privileges or rights [X ] [CNSS ] [S2007] Authorization is part of AAA Mechanisms for authorization ACLs (access control lists) and capabilities authentication 31 August 2015 MST CPE 5420 Security Overview 19

20 Authentication Security Authentication data origin authentication: assurance that the source of data is as claimed peer-entity authentication: assurance that peer in association is as claimed [X ] [CNSS ] [S2007] Authentication is part of AAA Mechanisms for authentication? 31 August 2015 MST CPE 5420 Security Overview 20

21 Authentication Security Authentication data origin authentication: assurance that the source of data is as claimed peer-entity authentication: assurance that peer in association is as claimed [X ] [CNSS ] [S2007] Authentication is part of AAA Mechanisms for authentication digital certificates and signatures 31 August 2015 MST CPE 5420 Security Overview 21

22 Availability Security Availability property of being accessible and useable upon demand by an authorized entity [X ] [CNSS ] [S2007] Availability is also a dependability aspect probability of a of system operational at a given time 31 August 2015 MST CPE 5420 Security Overview 22

23 Integrity Security Integrity refers to logical correctness [ATIS-T ] data integrity: not changed, lost, destroyed; maliciously or accidentally system integrity: correct operation without unauthorized manipulation source integrity: data trustworthy based on its source and handling [X ] [CNSS ] [S2007] Integrity is also a dependability aspect Mechanisms for integrity? 31 August 2015 MST CPE 5420 Security Overview 23

24 Integrity Security Integrity refers to logical correctness [ATIS-T ] data integrity: not changed, lost, destroyed; maliciously or accidentally system integrity: correct operation without unauthorized manipulation source integrity: data trustworthy based on its source and handling [X ] [CNSS ] [S2007] Integrity is also a dependability aspect Mechanisms for integrity message digest (e.g. MD5, SHA-1) 31 August 2015 MST CPE 5420 Security Overview 24

25 Nonrepudiation Security Nonrepudiation inability to deny having participated in communication [X ] [CNSS ] [S2007] Mechanisms for nonrepudiation? 31 August 2015 MST CPE 5420 Security Overview 25

26 Nonrepudiation Security Nonrepudiation inability to deny having participated in communication [X ] [CNSS ] [S2007] Mechanisms for nonrepudiation digital certificates and signatures 31 August 2015 MST CPE 5420 Security Overview 26

27 Network Security Overview Overview of Attacks and Defenses Overview and role in resilience Security sub-disciplines Overview of attacks and defenses Metrics and evaluation 31 August 2015 MST CPE 5420 Security Overview 27

28 Misuse of terminology Network Security Attackers Do all of the below mean a malicious entity? Adversary? Cracker? Hacker? Intruder? 31 August 2015 MST CPE 5420 Security Overview 28

29 Network Security Attackers Adversary? entity that attacks a system Cracker? (also spelled kracker) someone who tries to break into someone else s system Hacker? (cracker hacker) someone working on computers and make cool things Intruder? entity that tries to gain unauthorized access Packet monkey? (deprecated) someone who floods a system for a DOS condition Script kiddy? someone who uses existing scripts, but not innovative [S2007] 31 August 2015 MST CPE 5420 Security Overview 29

30 Application attacks Protocol attacks Operational Policy Hardware Network Security Attack Types 31 August 2015 MST CPE 5420 Security Overview 30

31 Application attacks Attack Types Applications attacks exploit vulnerability in end-user software Examples: attacks against web browsers 31 August 2015 MST CPE 5420 Security Overview 31

32 Attack Types Protocols Attacks on network protocols Examples: BGP DNS 31 August 2015 MST CPE 5420 Security Overview 32

33 Operational Attack Types Operational attacks exploiting operation procedures to mismanage traffic Examples: attacks on routers attacks on links DoS, DDoS 31 August 2015 MST CPE 5420 Security Overview 33

34 Attack Types Policy Attacks exploiting policy aspects Examples: password? 31 August 2015 MST CPE 5420 Security Overview 34

35 Attacks on hardware Attack Types Hardware Can be more expensive as an attacker need to be involved from the design stage but the attack can be more damaging Examples: malicious design in hardware cutting fibre sniper attack on California power station [TK2010] 31 August 2015 MST CPE 5420 Security Overview 35

36 Passive attacks Attack Types Passive and Active Attacks attempts to learn or make use of the information but does not impact system resources difficult to detect Examples? Active attacks [S2014] 31 August 2015 MST CPE 5420 Security Overview 36

37 Attack Types Passive and Active Attacks Passive attacks attempts to learn or make use of the information but does not impact system resources difficult to detect Examples wiretapping telephone conversations s traffic analysis Encryption is defensive mechanism Active attacks [S2014] 31 August 2015 MST CPE 5420 Security Overview 37

38 Passive attacks Active attacks Attack Types Passive and Active Attacks modify the existing communication insertion of false information in the communication difficult to prevent Examples? [S2014] 31 August 2015 MST CPE 5420 Security Overview 38

39 Passive attacks Active attacks Attack Types Passive and Active Attacks modify the existing communication insertion of false information in the communication difficult to prevent Examples replay: capture data to produce an unauthorized effect masquerade: one entity pretends to be a different entity modification of messages: altered, delayed or reordered denial of service: inhibits use of services [S2014] 31 August 2015 MST CPE 5420 Security Overview 39

40 Network Security Defense Mechanisms Cryptographic algorithms: symmetric encryption asymmetric encryption data integrity protocols authentication protocols Security in network protocols: PGP, S/MIME, HTTPS, SSL, TLS, IPsec, S-BGP, DNSSEC i (WEP WPA WPA2) Firewall, ACL (access control list) 31 August 2015 MST CPE 5420 Security Overview 40

41 Network Security Overview Metrics and Evaluation Overview and role in resilience Security sub-disciplines Overview of attacks and defenses Metrics and evaluation 31 August 2015 MST CPE 5420 Security Overview 41

42 Security Metrics Overview How can the security evaluated? Generally two ideas: security is binary it can be evaluated within a range Security metrics metric indicating strength/weakness of security mechanism very immature field (except for cryptanalysis) Examples confidentiality: key length, CPU time for brute-force attack 31 August 2015 MST CPE 5420 Security Overview 42

43 Rainbow series NIST FIPS 199 Attack graphs Attack trees [NST2004] Security Evaluation Methods 31 August 2015 MST CPE 5420 Security Overview 43

44 Security Evaluation Rainbow Series Rainbow series About computer security guidelines Published by DoD and NSA in early 1980s Replaced by Common Criteria in 2000s Orange book is known for security evaluation 31 August 2015 MST CPE 5420 Security Overview 44

45 Security Evaluation Orange Book Trusted Computer System Evaluation Criteria TCSEC Initially issued 1983, later updated in 1985 Replaced by common criteria in 2005 Evaluation criteria Class D: minimal protection Class C1: discretionary security protection Class C2: controlled access protection Class B1: labelled security protection Class B2: structured protection Class B3: security domains Class A1: verified design 31 August 2015 MST CPE 5420 Security Overview 45

46 NIST FIPS 199 Security Evaluation NIST FIPS 199 NIST: National Institute of Standards and Technology FIPS: Federal Information Processing Standards Pub 199: issued in Feb Evaluation criteria based on levels of impact high: moderate: low: catastrophic effect serious effect limited effect 31 August 2015 MST CPE 5420 Security Overview 46

47 Security Evaluation Attack Graphs Attack graphs also called scenario graphs More info in Chapter 9, [QTK+2008] 31 August 2015 MST CPE 5420 Security Overview 47

48 Security Evaluation Attack Trees Describes combinatorial events leading to failure Nonleaf nodes describe attack goal Leaf nodes describe atomic attacks Uses AND and OR logic gates AND node OR node [NST2004] 31 August 2015 MST CPE 5420 Security Overview 48

49 References and Further Reading [L2001] Carl E. Landwehr, Computer Security, Intl. J. of Information Security, vol.1, #1, Aug. 2001, pp [CM2002] Anirban Chakrabarti and G. Manimaran, Internet Infrastructure Security: A Taxonomy, IEEE Network, vol.16, #6, Nov./Dec. 2002, pp [IW2008] Vinay M. Igure, and Ronald D. Williams, Taxonomies of Attacks and Vulnerabilities in Computer Systems, IEEE Comm. Surv. & Tut., vol.10 iss.1, 1st qtr pp [S2007] Robert W. Shirey, Internet Security Glossary, Version 2, FYI 36, RFC 4949, August [S2014] William Stallings, Cryptography and Network Security: Principles and Practice, 6th edition, Prentice Hall, Some slides are adopted from KU EECS 983 Resilient and Survivable Networking class taught by Prof. James P.G. Sterbenz 31 August 2015 MST CPE 5420 Security Overview 49

50 References and Further Reading [TK2010] Mohammad Tehranipoor and Farinaz Koushanfar, A Survey of Hardware Trojan Taxonomy and Detection, IEEE Design & Test of Computers, Vol. 27, No. 1, pp , [ALR+2004] Algirdas Avižienis, Jean-Claude Laprie, Brian Randell, and Carl Landwehr, Basic Concepts and Taxonomy of Dependable and Secure Computing, IEEE Transactions on Dependable and Secure Computing, Vol. 1, No. 1, pp , January-March [QTK+2008] Yi Qian, David Tipper, Prashant Krishnamurthy, and James Joshi, Information Assurance: Dependability and Security in Networked Systems, Morgan Kaufmann, [NST2004] David M. Nicol, William H. Sanders, and Kishor S. Trivedi, Model-Based Evaluation: From Dependability to Security, IEEE Transactions on Dependable and Secure Computing, Volume 1, Issue 1, pp , January-March August 2015 MST CPE 5420 Security Overview 50

51 References and Further Reading [KPS2002] Charlie Kaufman, Radia Perlman, and Mike Speciner, Network Security: Private Communication in a Public World, 2nd edition, Prentice Hall, August 2015 MST CPE 5420 Security Overview 51

52 End of Foils 31 August 2015 MST CPE 5420 Security Overview 52