01 Intro

Computer and Network Security Introduction
Prof. Dr. Konrad Rieck Institute for Computer Science University of Gttingen
GEORG-AUGUST-UNIVERSITT GTTINGEN
Security @ Gttingen
New research group for computer security Prof. Dr. Konrad Rieck (junior professor) http://www.sec.informatik.uni-goettingen.de Teaching and research on applied security Different courses on computer security Research on analysis and detection of threats Intelligent security systems Several topics for student projects and master theses
Overview
Introduction to computer security What you will learn today Overview of the course Why security matters Basic Terminology Security goals and mechanisms
Overview of the Course
The Lecture
Course: Computer and Network Security (CNS) Lecture + Exercise (6 ECTS) Weekly schedule Day and time: Tuesday, 10:00-12:00 Location: Room 1.101; Informatik building Web page http://www.uni-goettingen.de/de/301521.html Slides, recordings user: cns password: ...
The Exercises
Exercises posted every week on the web page Meetings every ~3 weeks (next 10.11.) Day and time: Thursday, 10:00-12:00 Location: Room 1.101; Informatik building Updates and discussion Mailing list: sec-lehre@gwdg.de https://listserv.gwdg.de/mailman/listinfo/sec-lehre Exam at end of course (oral or written)
What you will learn ...
Principles of computer and network security Basics of applied cryptography Computer and network attacks Countermeasures and defenses Overview of the current security landscape Todays security threats Security standards, software and tools Best practice and open problems
What you will need ...

computer and network security Interest for
Hacker spirit Eagerness to understand how things work Network protocols, operating systems, ... Power of endurance Good programming skills Python as a basic language for exercises Excursions to C and assembler
GEORG-AUGUST-UNIVERSITT GTTINGEN 8
(Preliminary) Topics
1. Basic concepts of security 2. Symmetric-key cryptography 3. Public-key cryptography 4. Authentication and authorization 5. Network attacks and defenses 6. Vulnerabilities and exploits 7. Web security 8. Intrusion detection 9. Malicious software 10. Privacy and anonymity
defensive aspects
offensive aspects
Computer Security Today
10
Why Computer Security?

Computer systems are ubiquitous in our daily life Computers store and process our data and information Computers access and control our resources
Valuable data
Private data
Dangerous data
11
The Sony Breach

An Example: The Playstation Network (PSN) Attack Illegal intrusion into network around April 2011 Severe consequences for users and companies Financial damage of over 24 billion dollars
77 million user records stolen 140 server compromised Over 30 days complete outage
Unknown attacker Sonys PSN Network
12
Further Examples
Stuxnet Worm Computer worm detected in January 2010 Capability of disrupting industrial systems Possible sabotage against Iran Rustock Botnet Network of 1.7 million infected systems (zombies) Capability of sending 22 million spam messages per day Active from around 2007 to March 2010
13
...more trouble ahead

Cyberspace a dangerous place Omnipresence of computer attacks, viruses and worms Persistent underground economy (worth billions of dollars) Soon cyber-terrorism and cyber-warfare?
Novel malicious code per year
3.000.000 2.250.000 1.500.000 750.000 0
1.7 Mio 2.6 Mio
2002 2003 2004 2005 2006 2007 2008 2009

(Symantec, 2010)
14
Who is who?
Informal terminology of attackers
Oldschool Phreaker Hacker Cracker Lamer
Newschool Cracker Hacker Reverser Script kiddie Bot herder Spammer Hacktivist
Description Someone manipulating telephone systems Someone breaking into computer systems Computer enthusiast Someone reverse engineering programs Unexperienced and naive attacker Maintainer of a bot network Someone sending unsolicited emails Politically motivated attacker
Various other types of attackers, e.g. crime, military, agencies, ...
15
Security is fun too!
Security is different from other disciplines Established concepts are put into questions Intersection with many areas of computer science Often, its a game of good and evil players Practice and theory of security are often fun Monitoring, detection and analysis of real attacks Reasoning about limits of attacks and defenses
16
Security Goals and Mechanisms
17
A Formal View
Prevention Disclosure Confidentiality Deception Integrity
co Re
Availability
n
Disruption Ursupation
De tec tio
Security goals
Security Threats
ry ve
Security mechanisms
18
Security Goals
Security goals (memory hook: CIA) Confidentiality of information and resources Integrity of information and resources Availability of information and resources Basic definitions Threat = potential violation of a protective goal Security = protection from intentional threats Safety = protection from accidental threats
19
Confidentiality
Confidentiality Protection of resources from unauthorized disclosure Check: Who is authorized to access which resources?
Security measures Encryption of data, resource hiding Examples An attacker eavesdrop a telephone conversation An attacker reads the emails on your computer
20
Integrity
Integrity Protection of resources from unauthorized manipulation Check: Who has does what on which resources?
Security measures Authorization, checksums, digital fingerprints Examples An attacker changes the receipt of a bank transaction An attacker tampers with files on your computer
21
Availability
Availability Protection of resources from unauthorized disruption Check: When and how are which resources used?
Security Measures Restriction, redundancy, load balancing Examples An attacker crashes the web server of a company An attacker formats the hard disk of your computer
22
Threat & Attack
Basic classes of threats Disclosure = unauthorized access to information Deception = acceptance of false data (e.g. masquerading) Disruption = interruption or prevention of correct operation Ursupation = unauthorized control of resources Attack = attempt to violate a security goal (intentional threat) Often combinations of different threat classes
23
Examples of Attacks
Snooping = passive eavesdropping of information disclosure network sniffing, keyboard logging Manipulation = active modification of information deception, disruption and ursupation redirection of control flow, man-in-the-middle attacks Spoofing = impersonation of one entity by another deception and ursupation address spoofing, phishing attacks
24
Security Mechanisms
Security policies and mechanisms Policy = statement of what is and what is not allowed Mechanism = method or tool enforcing a security policy Strategies for security mechanisms Prevention of attacks Detection of attacks Recovery from attacks
Prevention Detection Recovery
Bruce Schneier: Security is a process, not a product!
25
Prevention
Prevention of attacks Prevention of attacks prior to violation of security goals Examples Data reduction and separation Removal or separation of information and resources Authentication and encryption Restriction of access to information and resources Limitations Inapplicable in many settings, e.g. open services
26
Detection
Detection of attacks Detection of attacks during violation of security goals Examples Anti-virus scanners Detection of malicious code on computers Network intrusion detection Detection of attacks in computer networks Limitations Ineffective against unknown and invisible attacks
27
Recovery
Recovery Recovery from attacks after violation of security goals Examples Computer forensics Investigation and analysis of security incidents Malware analysis Observation and analysis of malicious software Limitations Severe damage might have already occurred
28
Coverage
False negative (fn) Not allowed Allowed True negative (tn)
True positive (tp)
Security mechanism
False positive (fp)
Coverage of security mechanisms Two types of errors: false positives and false negatives Often one type more important than the other Note: tp = #not-allowed - fn and tn = #allowed - fp
Further Concepts
Authenticity = truthfulness of information and resources May be viewed as an aspect of integrity Accountability = linking of actions and users Realization of non-repudiation in computer systems Privacy = Security and control of personal information Property of individuals and not of data
30
Summary
31
Summary
Security central issue of computer science Omnipresence of threats and attacks Increasing importance due to cybercrime Key concepts of security Basic security goals: confidentiality, integrity, availability Various types of threats and attacks Security mechanisms for prevention, detection, recovery Next lecture: symmetric-key cryptography
32

01 Intro

Hochgeladen von

Dokumentinformationen

Originalbeschreibung:

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

01 Intro

Hochgeladen von

Copyright:

Verfügbare Formate

Computer and Network Security Introduction

Overview of the Course

What you will learn ...

What you will need ...

Computer Security Today

Why Computer Security?

The Sony Breach

Unknown attacker Sonys PSN Network

...more trouble ahead

2002 2003 2004 2005 2006 2007 2008 2009

Various other types of attackers, e.g. crime, military, agencies, ...

Security is fun too!

Security Goals and Mechanisms

Threat & Attack

Bruce Schneier: Security is a process, not a product!

True positive (tp)

False positive (fp)

Das könnte Ihnen auch gefallen