Introduction to Computer Security

Transcription

1 Introduction to Computer Security Course Introduction Pavel Laskov Wilhelm Schickard Institute for Computer Science

2 Computer security in headlines

3 Technische Universität B» Internet als Risikofaktor?» Omnipräsenz von Computer Angriffen, security Würmern inund numbers Viren» Massive Schäden bei Unternehmen und Bürgern» Zunehmende Kriminalisierung von Schadsoftware Neuer Schadcode pro Jahr (Symantec) New malicious code samples observed (Symantec)

4 What lurks behind the statistics? Malware previously used for fun is now used for profit. 78% of end user attacks involved stealing of login data 76% of phishing attacks targeted financial sector Average cost of data breach in 2008 in the USA: 6.7M $. Hacking is no longer the realm of script-kiddies. 60% of malicious code threats represent new attacks. The biggest risk resides not in but in front of a computer. Why would anyone want something from me? What does my Windows want to update again? I have already bought an antivirus, so I am safe.

5 Why are computer systems insecure? Growing complexity of computer systems large number of components, complex interaction High competition short time-to-market, high ROI Leveraging of risks through high connectivity worm outbreaks, botnets Slow incident response incident hiding, manual handling Human error What can go wrong will go wrong!

6 Human error: a case study

7 Human error: a case study

8 Human error: a case study

9 Human error: a case study

10 Human error: a case study

11 Human error: a case study

12 Human error: lessons learned Users make errors elaborate social engineering design time pressure Significant monetary motivation Business efficiency via Internet

13 Acrobat Reader exploit

14 Acrobat Reader JBIG2 exploit: a timeline Exploit discovered:??? First public warnings: Adobe Reader 9.0 patched: Adobe Reader patched: Adobe Reader Linux patched: Recognition by antivirus system as of mid-april 2009: 6/39 (15.39%)

15 Infection without a click Select a thumbnail view. Hover a mouse over a document. Do nothing: the Windows Desktop Search (if not de-activated) will find it and open!

16 Potential consequences of an infection Start a keylogger Start a botnet (zombie) client Download further code from a remote site

17 Security instruments

18 Prevention Security instruments

19 Security instruments Detection Prevention

20 Security instruments Reaction Detection Prevention

21 What will you learn? Findamental concepts of computer security dry, but important! Basic security goals and mechanisms authentication, access control, encryption, etc. Practical security instruments Windows and Linux security. Further selected topics network security software security web application and browser security

22 Coarse administration Lectures: Wed, 10:00 12:00 (ct), A301 Formalities: Credit hours (diploma): 2 SWS (lectures) + 1 SWS (exercises) Credit points (B.Sc.): 3 LP (lectures) + 1 LP (exercises) Exams and grading: diploma: oral exam by appointment, graded certificate for exercises B.Sc: written exam at the end of semester, 30% of the final grade from exercises Office hours: by appointment Course web page: comp sec.html

23 Homework assignments Meetings: Tue, 10:00 12:00 (ct), A301 First meeting: homework assignments to be solved individually Evaluation and grade: diploma: a grade reflects the percentage of points acquired. B.Sc.: a grade contributes 30% to the final grade.

24 Bibliography Dieter Gollmann. Computer Security. Wiley & Sons, Ross Anderson. Security Engineering. Wiley & Sons, Bruce Schneier. Secrets and Lies: Digital Security in a Networked World. Wiley & Sons, (fun to read)

25 A typical web application Legitimate user Internet Browser Webserver

26 Attack: interception of communication Legitimate user Internet Browser Credit card number Webserver Attacker

27 Security goal: confidentiality Prevention of unauthorized reading of data Prevention of unauthorized learning of information Potential abuse scenarios: Discovery of confidential information (e.g. details of a business contract) Discovery of authentication credentials (e.g. password sniffing) Enforcement intruments: Symmetric or asymmetric cryptography Anonymization techniques

28 A typical web application Legitimate user Internet Browser Webserver

29 Attack: identity spoofing Legitimate user Internet Browser Webserver Fake webserver Attacker

30 Security goal: authentication Verification of an identity of a person or a computer Prerequisite for access control Authentication methods: Shared secrets (e.g. password or PIN) Ticket systems (identity cards, digital certificates) Challenge-response techniques Biometric techniques Human authentication: CAPTCHA s, Turing test, etc. Authentication risks: identity theft

31 A typical web application Legitimate user Internet Browser Webserver

32 Attack: injection of malicious code Legitimate user Browser Internet Malware Webserver XSS attack Attacker

33 Security goal: integrity Prevention of malicious tampering of data Potential abuse scenarios: Fraudulent modification of data (e.g. 100,000 instead of 100 in an online transaction request) Injection of malicious code in downloaded software Evading detection by modification of a compromized operating system Enforcement instruments: Integrity checking using cryptographic hash functions

34 A typical web application Legitimate user Internet Browser Webserver

35 Attack: server overload Legitimate user Server overloaded Internet Browser

36 Security goal: availability A joint objective of security and dependability May be caused by attacks as well as natural phenomena, such as design errors or flash crouds. Enforcement instruments: Detection of DoS-attacks Router and firewall reconfiguration Service redundancy Virtualization

37 A typical web application Legitimate user Internet Browser Webserver

38 Attack: transaction denial by a user Legitimate user Internet Browser Webserver Transaction cancelled Credit card charded

39 Security goal: accountability An audit trail of security-related events A key instrument of detection/response A stronger form of accountability is non-repudiation: unforgeable evidence that a certain action occurred. Similar attacks as integrity Enforcement instruments: Integrity checks Read-only audit Digital certificates and trusted third parties

40 Summary Security is not a solution but an ongoing process. Security can only be achieved by a combination of technical and organizational measures. One of the biggest security risks is a user. Security is a big challenge but lots of fun as well: a great field of study and research.

41 Next lecture The economics of computer security Security threats Security design principles