COMP 3705

Security: Definitions, History, and Overview

Types of Security

Physical Communications Emissions Computer Network

COMP 3705 Topics in Network Security

Physical security
People have been concerned about
security for a long time, long before computers existed. The first concern was physical security.

Door locks Guards Moats

COMP 3705 Topics in Network Security

Communications Security
Large problem during the Roman
Empire was Communications security. Solution: The Caesar cipher. Later on

Enigma machine Military code words (Navajo speakers)

COMP 3705 Topics in Network Security

Emissions Security
A current moving through a wire creates a
magnetic field or emission. First problem was with telegraph wires. In computers:

Circuit boards Chips Displays (CRT/LCD) Network cables

TEMPEST
COMP 3705 Topics in Network Security

Computer Security
Computer security is complex. Work by David Bell and Leonard La
Padula leads to the US Department of Defence (DoD) Trusted Computer System Evaluation Criteria or Orange Book in 1985 Many levels ranging from D (lowest) to A (highest)
COMP 3705 Topics in Network Security

Computer Security (cont.)

Problem is that certification is a slow
process. Computers change quickly. Thus, impractical.

COMP 3705 Topics in Network Security

Network Security
Network security combines all other
types of security. Mix of different systems, applications, and users. Systems theory Very difficult

COMP 3705 Topics in Network Security

Network Security (cont.)

Another attempt at certification: Trusted

Network Interpretation or Red Book in 1987. Extended the Orange Book. Too difficult to implement. Both superseded by the Common Criteria. See http://www.commoncriteriaportal.org/

COMP 3705 Topics in Network Security

Security Types Review

Physical Communications Emissions Computer Network

COMP 3705 Topics in Network Security

Five Ws of Security

Who What Where When Why And How!

COMP 3705 Topics in Network Security

Who would want to attack?

Hacker (White Hat, Black Hat, Grey Hat) Cracker Amateur

Script Kiddie Disgruntled employee Someone who stumbles across an opportunity

Organized crime We will use attacker to refer to all

COMP 3705 Topics in Network Security

What can be attacked?

Confidentiality

Difficult in groups In what way? Many things can be legitimately modified. Usable Sufficient capacity Completes in a reasonable time

Integrity

Availability

COMP 3705 Topics in Network Security

What can be attacked? (cont.)

Terminology

Vulnerability Threat (exploit) Control (countermeasure) A threat is blocked by control of a vulnerability

COMP 3705 Topics in Network Security

What can be attacked? (cont.)

Example

CVE-2005-2127 reports a vulnerability in Internet Explorer. The threat is a denial of service (attack on availability). Microsoft reports that the threat to this vulnerability is controlled by a patch that they have issued.

COMP 3705 Topics in Network Security

Where does the attack happen?

Hardware (requires physical access) Software

Theft (Confidentiality) Modification (Integrity) Deletion (Availability)

Data

COMP 3705 Topics in Network Security

When can you expect an attack?

Principle of easiest penetration Principle of adequate protection

Cost balance Timeliness

COMP 3705 Topics in Network Security

Why does an attack happen?

Internal attacks

Disgruntled employee Accidents Competitors (technical, financial, damage) Controversial business High profile (piggyback)
H4G1S and NASA Re: Kevin Mitnick

External attacks

COMP 3705 Topics in Network Security

How is an attack made?

Interception Interruption Modification Fabrication

COMP 3705 Topics in Network Security

Example - Identify the 5 Ws

Bob works for Speedy
Graphic Design. The executives just got big raises, while hard working Bob gets nothing. To get back at them, he deletes all the project files for an important client.

COMP 3705 Topics in Network Security

Social Engineering
From the Jargon File: social engineering: n.
Term used among crackers and samurai for cracking techniques that rely on weaknesses in wetware rather than software; the aim is to trick people into revealing passwords or other information that compromises a target system's security. Classic scams include phoning up a mark who has the required information and posing as a field service tech or a fellow employee with an urgent access problem. See also the tiger team story in the patch entry, and rubber-hose cryptanalysis.
COMP 3705 Topics in Network Security

Questions?

COMP 3705 Topics in Network Security

Review
Types of security

Physical Communications Emissions Computer Network

COMP 3705 Topics in Network Security

Review (cont.)

Who would want to attack? What can be attacked? Where does the attack happen? When can you expect an attack? Why does an attack happen? How is an attack made?

COMP 3705 Topics in Network Security

Next class

Definitions Quiz! Network protocols Network hardware and topology Routing

COMP 3705 Topics in Network Security