INTRODUCTION TO COMPUTER

SECURITY
Paul Mutinda Kathale

Email: paulkathale@[Link]

1
 Introduction to Security
Outline
1. Examples – Security in Practice
2. What is „Security?”
3. Pillars of Security:
Confidentiality, Integrity, Availability (CIA)
4. Vulnerabilities, Threats, and Controls
5. Attackers
6. How to React to an Exploit?
7. Methods of Defense
8. Principles of Computer Security
2
 Computer Security
 This is a branch of Computer Science,
focusing on creating a secure environment
for the use of computers.
 It is a focus on the protecting the
infrastructure, systems and users to create
a secure environment for anyone using
computers.

3
 Security? What is that?
 Lock the doors and windows and you are secure
 NOT
 Call the police when you feel insecure
 Really?
 End result: Complete computer security is unattainable, it
is a cat and mouse game
 Similar to crime vs. law enforcement

4
 Goals of Computer Security
 Integrity:
 Guarantee that the data is what we expect
 Confidentiality
 The information must just be accessible to the authorized people
 Availability
 Service is available to users whenever they need
 Reliability
 Computers should work without having unexpected problems
 Authentication
 Guarantee that only authorized persons can access to the
resources

5
 Computer Security Issues
 Vulnerability is a point where a system is
susceptible to attack.
 A threat is a possible danger to the system. The
danger might be a person (a system cracker or a
spy), a thing (a faulty piece of equipment), or an
event (a fire or a flood) that might exploit a
vulnerability of the system.
 Countermeasures are techniques for protecting
your system

6
 Security Basics
 What does it mean to be secure?
 “Include protection of information from theft or corruption, or the
preservation of availability, as defined in the security policy.” - The
Wikipedia
 Types of Security
 Network Security
 System and software security
 Physical Security
 Very little in computing is inherently secure, you must
protect yourself!

7
 Critical Infrastructure Areas
Include:
 Telecommunications
 Electrical power systems
 Water supply systems
 Gas and oil pipelines
 Transportation
 Government services
 Emergency services
 Banking and finance
 …

8
 2. What is a “Secure” Computer System?
 To decide whether a computer system is “secure”, you must
first decide what “secure” means to you, then identify the
threats you care about.

You Will Never Own a Perfectly Secure System!

 Threats - examples
 Viruses, trojan horses, etc.
 Denial of Service
 Stolen Customer Data
 Modified Databases - SQL Injections
 Identity Theft and other threats to personal privacy
 Equipment Theft
 Espionage in cyberspace
 Hack-tivism
 Cyberterrorism
 …
9
 3. Basic Components of Security:
Confidentiality, Integrity, Availability (CIA)
 CIA Traid
 Confidentiality: Who is authorized to use data? C I
 Integrity: Is data „good?” S
 Availability: Can access data whenever need it?
A

 CIA or CIAAAN…  S = Secure

(other security components added to CIA)

 Authentication
 Authorization
 Non-repudiation
 …

10
 Need to Balance CIA
 Example 1: C vs. I+A
 Disconnect computer from Internet to increase confidentiality
 Availability suffers, integrity suffers due to lost updates

 Example 2: I vs. C+A

 Have extensive data checks by different people/systems to
increase integrity
 Confidentiality suffers as more people see data, availability
suffers due to locks on data under verification)

11
 Confidentiality
 “Need to know” basis for data access
 How do we know who needs what data?
Approach: access control specifies who can access what
 How do we know a user is the person she claims to be?
Need her identity and need to verify this identity
Approach: identification and authentication
 Analogously: “Need to access/use” basis for
physical assets
 E.g., access to a computer room, use of a desktop

 Confidentiality is:
 difficult to ensure
 easiest to assess in terms of success (binary in nature:
12
Yes / No)
 Integrity
 Integrity vs. Confidentiality
 Concerned with unauthorized modification of assets (=
resources)
Confidentiality - concered with access to assets
 Integrity is more difficult to measure than confidentiality
Not binary – degrees of integrity
Context-dependent - means different things in different
contexts
Could mean any subset of these asset properties:
{ precision / accuracy / currency / consistency /
meaningfulness / usefulness / ...}

13
 Availability

 We can say that an asset (resource) is

available if:
 Timely request response
 Fair allocation of resources (no starvation!)
 Fault tolerant (no total breakdown)
 Easy to use in the intended way
 Provides controlled concurrency (concurrency
control, deadlock control, ...)
[Pfleeger & Pfleeger]

14
 4. Vulnerabilities, Threats, and Controls
 Understanding Vulnerabilities, Threats, and Controls
 Vulnerability = a weakness in a security system
 Threat = circumstances that have a potential to cause harm
 Controls = means and ways to block a threat, which tries to
exploit one or more vulnerabilities
 Most of the class discusses various controls and their effectiveness
[Pfleeger & Pfleeger]

15
  Attack (materialization of a vulnerability/threat combination)
 = exploitation of one or more vulnerabilities by a threat; tries to defeat
controls
 Attack may be:

 Successful (a.k.a. an exploit)

 resulting in a breach of security, a system penetration, etc.

 Unsuccessful
 when controls block a threat trying to exploit a vulnerability

16
 Introduction to Ethical Hacking 17

17
 Introduction to Ethical Hacking 18

18
 Kinds of Threats
 Kinds of threats:
 Interception
 an unauthorized party (human or not) gains access to

an asset
 Interruption
 an asset becomes lost, unavailable, or unusable

 Modification
 an unauthorized party changes the state of an asset

 Fabrication
 an unauthorized party counterfeits an asset

[Pfleeger & Pfleeger]

19
 Software Level of Vulnerabilities / Threats
 Software Deletion
 Easy to delete needed software by mistake
 To prevent this: use configuration management
software
 Software Modification
 Trojan Horses, , Viruses, Logic Bombs,
Trapdoors, Information Leaks (via covert
channels), ...
 Software Theft
 Unauthorized copying
20
 Data Level of Vulnerabilities / Threats

 How valuable is your data?

 Credit card info vs. your home phone number
 Source code
 Visible data vs. context
 „2345” -> Phone extension or a part of SSN?

 Adequate protection
 Cryptography
 Good if intractable for a long time

 Threat of Identity Theft

 Cf. Federal Trade Commission: [Link] \

21
 Types of Attacks on Data CIA

 Disclosure
 Attack on data confidentiality
 Unauthorized modification / deception
 E.g., providing wrong data (attack on data integrity)
 Disruption
 DoS (attack on data availability)
 Usurpation
 Unauthorized use of services (attack on data confidentiality, integrity
or availability)

22
 5. Attackers
 Attackers need MOM
 Method
Skill, knowledge, tools, etc. with which to pull off an attack
 Opportunity
Time and access to accomplish an attack
 Motive
Reason to perform an attack

23
 Introduction to Ethical Hacking 24

24
 Introduction to Ethical Hacking 25

25
 Introduction to Ethical Hacking 26

26
 Classification of Hackers
 Hackers can be divided into three groups:
 White Hats
 Black Hats
 Gray Hats

Introduction to Ethical Hacking 27

27
 White Hats
 White hats are the good guys, the ethical hackers
who use their hacking skills for defensive purposes.
 White-hat hackers are usually security professionals
with knowledge of hacking and the hacker toolset and
who use this knowledge to locate weaknesses and
implement countermeasures.
 White hats are those who hack with permission from
the data owner.
 It is critical to get permission prior to beginning any
hacking activity. This is what makes a security
professional a white hat versus a malicious hacker who
cannot be trusted.

Introduction to Ethical Hacking 28

28
 Black Hats
 Black hats are the bad guys: the
malicious hackers or crackers who use
their skills for illegal or malicious
purposes.
 They break into or otherwise violate the
system integrity of remote systems, with
malicious intent.

Introduction to Ethical Hacking 29

29
 Black Hats - Contd
Having gained unauthorized access, black-
hat hackers.
 destroy vital data,
 deny legitimate users service, and
 just cause problems for their targets.
 Black-hat hackers and crackers can easily
be differentiated from white-hat hackers
because their actions are malicious.
 This is the traditional definition of a
hacker and what most people consider a
hacker to be.
Introduction to Ethical Hacking 30

30
 Gray Hats
 Gray hats are hackers who may work offensively or
defensively, depending on the situation.
 This is the dividing line between hacker and cracker.
 Gray-hat hackers may just be interested in hacking
tools and technologies and are not malicious black
hats.
 Gray hats are self-proclaimed ethical hackers, who
are interested in hacker tools mostly from a curiosity
standpoint.
 They may want to highlight security problems in a
system or educate victims so they secure their
systems properly.
 These hackers are doing their “victims” a favor.
Introduction to Ethical Hacking 31

31
 Gray Hats - Contd
 For instance, if a weakness is discovered in a
service offered by an investment bank, the hacker
is doing the bank a favor by giving the bank a
chance to rectify the vulnerability.
 Many self-proclaimed ethical hackers are trying to break
into the security field as consultants.
 Most companies don’t look favorably on someone who
appears on their doorstep with confidential data and
offers to “fix” the security holes “for a price.” - Responses
range from “thank you for this information, we’ll fix
the problem” to calling the police to arrest

Introduction to Ethical Hacking 32

32
 6. Reacting to an Exploit

Exploit = successful attack

 Report to the vendor first?

 Report it to the public?

 What will be public relations effects if you do/do not?

33
 “To Report or Not To Report:”
Tension between Personal Privacy
and Public Responsibility
An info tech company will typically lose between
ten and one hundred times more money from
shaken consumer confidence than the hack attack
itself represents if they decide to prosecute the
case.

34
 Further Reluctance to Report
 One common fear is that a crucial piece of equipment,
like a main server, say, might be impounded for
evidence by over-zealous investigators, thereby
shutting the company down.

 Estimate: fewer than one in ten serious intrusions are

ever reported to the authorities.

Mike Rasch, VP Global Security, testimony before the Senate

Appropriations Subcommittee, February 2000
reported in The Register and online testimony transcript

Barbara Edicott-Popovsky and Deborah Frincke, CSSE592/492, U. Washington]

35
 How can you achieve security?
 Many techniques exist for ensuring computer and
network security
 Cryptography
 Secure networks
 Antivirus software
 Firewalls
 In addition, users have to practice “safe
computing”
 Not downloading from unsafe websites
 Not opening attachments
 Not trusting what you see on websites
 Avoiding Scams
36
7. Methods of Defense
 Five basic approaches to defense of
computing systems
 Prevent attack
 Block attack / Close vulnerability

 Deter attack
 Make attack harder (can’t make it impossible )
 Deflect attack
 Make another target more attractive than this

target
 Detect attack
 During or after

 Recover from attack

37
 A) Controls
 Castle in Middle Ages  Computers Today
 Location with natural  Encryption
obstacles  Software controls
 Drawbridge  Hardware controls
 Heavy walls  Policies and procedures
 Arrow lits
 Physical controls
 Strong gate
 Tower

 Guards / passwords

38
  Multiple controls in computing systems can include:
 system perimeter – defines “inside/outside”

 preemption – attacker scared away

 deterrence – attacker could not overcome defenses

 faux environment (e.g. honeypot, sandbox) – attack

deflected towards a worthless target (but the attacker

doesn’t know about it!)
 Note layered defense /
multilevel defense / defense in depth (ideal!)

39
 A.1) Controls: Encryption

 Cleartext scambled into ciphertext (enciphered text)

 Protects CIA:
 confidentiality – by “masking” data
 integrity – by preventing data updates
 e.g., checksums included
 availability – by using encryption-based protocols
 e.g., protocols ensure availablity of resources for
different users

40
 Controls: Policies and Procedures

 Policy vs. Procedure

 Policy: What is/what is not allowed
 Procedure: How you enforce policy

 Advantages of policy/procedure controls:

 Can replace hardware/software controls
 Can be least expensive
 Be careful to consider all costs
 E.g. help desk costs often ignored for for passwords (=> look cheap
but migh be expensive)

41
  Policy - must consider:
 Alignment with users’ legal and ethical standards
 Probability of use (e.g. due to inconvenience)
Inconvenient: 200 character password,
change password every week
(Can be) good: biometrics replacing passwords
 Periodic reviews
 As people and systems, as well as their goals, change

42
 A.5) Controls: Physical Controls

 Walls, locks
 Guards, security cameras
 Backup copies and archives
 Cables and locks (e.g., for notebooks)
 Natural and man-made disaster protection
 Fire, flood, and earthquake protection
 Accident and terrorism protection
 ...

43
 B) Effectiveness of Controls
 Awareness of problem
 People convined of the need for these controls

 Likelihood of use
 Too complex/intrusive security tools are often disabled

 Overlapping controls
 >1 control for a given vulnerability
 To provide layered defense – the next layer compensates for a

failure of the previous layer

 Periodic reviews
 A given control usually becomess less effective with time
 Need to replace ineffective/inefficient controls with better ones

44
 8. Principles of Computer Security

 Principle of Easiest Penetration

An intruder must be expected to use any available
means of penetration.
The penetration may not necessarily be by the most obvious
means, nor is it necessarily the one against which the most
solid defense has been installed.

 Principle of Adequate Protection

Computer items must be protected to a degree
consistent with their value and only until they lose
their value.

45
  Principle of Effectiveness
Controls must be used—and used properly—to be
effective.
They must be efficient, easy to use, and appropriate.

 Principle of Weakest Link

Security can be no stronger than its weakest link.
Whether it is the power supply that powers the firewall or
the operating system under the security application or the
human, who plans, implements, and administers controls, a
failure of any control can lead to a security failure.
46
End of Section 1:
Introduction

47