Lecture 1

Introduction

1.1
 Chapter 1
Objectives
 To define three security goals
 To define security attacks that threaten security
goals
 To define security services and how they are
related to the three security goals
 To define security mechanisms to provide security
services
 To introduce two techniques, cryptography and
steganography, to implement security mechanisms.
1.2
 1-1 SECURITY GOALS

This section defines three security goals.

Topics discussed in this section:

1.1.1 Confidentiality
1.1.2 Integrity
1.1.3 Security

1.3
 Security Goals

Confidentiality

Integrity Avalaibility

1.4
 1.1 Continued
Figure 1.1 Taxonomy of security goals

1.5
 1.1.1 Confidentiality

Confidentiality is probably the most common aspect of

information security.

We need to protect our confidential information.

An organization needs to guard against those malicious

actions that endanger the confidentiality of its
information.

1.6
 1.1.2 Integrity

Information needs to be changed constantly.

Integrity means that changes need to be done only by

authorized entities and through authorized mechanisms.

1.7
 1.1.3 Availability

The information created and stored by an organization

needs to be available to authorized entities.

Information needs to be constantly changed, which means

it must be accessible to authorized entities.

1.8
 Security Attack: Any action that
compromises the security of information.

Security Mechanism: A mechanism that is

designed to detect, prevent, or recover
from a security attack.

Security Service: A service that

enhances the security of data processing
systems and information transfers. A
security service makes use of one or
more security mechanisms.
1.9
 1-2 ATTACKS

The three goals of securityconfidentiality, integrity,

and availabilitycan be threatened by security
attacks.

Topics discussed in this section:

1.2.1 Attacks Threatening Confidentiality
1.2.2 Attacks Threatening Integrity
1.2.3 Attacks Threatening Availability
1.2.4 Passive versus Active Attacks
1.10
 Security Attacks

1.11
 Security Attacks
 Interruption: This is an attack on
availability
 Interception: This is an attack on
confidentiality
 Modification: This is an attack on
integrity
 Fabrication: This is an attack on
authenticity

1.12
1.2 Continued

Figure 1.2 Taxonomy of attacks with relation to security goals

1.13
 1.2.1 Attacks Threatening Confidentiality

Snooping refers to unauthorized access to or interception

of data.

Traffic analysis refers to obtaining some other type of

information by monitoring online traffic.

1.14
 1.2.2 Attacks Threatening Integrity

Modification means that the attacker intercepts the

message and changes it.

Masquerading or spoofing happens when the attacker

impersonates somebody else.

Replaying means the attacker obtains a copy

of a message sent by a user and later tries to replay it.

Repudiation means that sender of the message might later

deny that she has sent the message; the receiver of the
message might later deny that he has received the message.

1.15
 1.2.3 Attacks Threatening Availability

Denial of service (DoS) is a very common attack. It may

slow down or totally interrupt the service of a system.

1.16
 1.2.4 Passive Versus Active Attacks

Table 1.1 Categorization of passive and active attacks

1.17
18
Security Services
 Confidentiality (privacy)
 Authentication (who created or sent the data)
 Integrity (has not been altered)
 Non-repudiation (the order is final)
 Access control (prevent misuse of resources)
 Availability (permanence, non-erasure)
 Denial of Service Attacks
 Virus that deletes files

19
Methods of Defence
 Encryption
 Software Controls (access limitations in
a data base, in operating system protect
each user from other users)
 Hardware Controls (smartcard)
 Policies (frequent changes of
passwords)
 Physical Controls
TCP Attacks
 Recall how IP works…
 End hosts create IP packets and routers process
them purely based on destination address alone
 Problem: End hosts may lie about other fields
which do not affect delivery
 Source address – host may trick destination into
believing that the packet is from a trusted source
 Especially applications which use IP addresses as a
simple authentication method
 Solution – use better authentication methods
TCP Attacks
 TCP connections have associated state
 Starting sequence numbers, port numbers
 Problem – what if an attacker learns these
values?
 Port numbers are sometimes well known to
begin with (ex. HTTP uses port 80)
 Sequence numbers are sometimes chosen in
very predictable ways
TCP Attacks
 If an attacker learns the associated TCP
state for the connection, then the
connection can be hijacked!
 Attacker can insert malicious data into the
TCP stream, and the recipient will believe
it came from the original source
 Ex. Instead of downloading and running new
program, you download a virus and execute it
TCP Attacks
 Say hello to Alice, Bob and Mr. Big Ears
TCP Attacks
 Alice and Bob have an established TCP
connection
TCP Attacks
 Mr. Big Ears lies on the path between Alice
and Bob on the network
 He can intercept all of their packets
TCP Attacks
 First, Mr. Big Ears must drop all of Alice’s
packets since they must not be delivered
to Bob (why?)

Packets
The Void
TCP Attacks
 Then, Mr. Big Ears sends his malicious
packet with the next ISN (sniffed from the
network)

ISN, SRC=Alice
TCP Attacks
 What if Mr. Big Ears is unable to sniff the
packets between Alice and Bob?
 Can just DoS Alice instead of dropping her
packets
 Can just send guesses of what the ISN is until
it is accepted
 How do you know when the ISN is
accepted?
 Mitnick: payload is “add self to .rhosts”
 Or, “xterm -display MrBigEars:0”
TCP Attacks
 Why are these types of TCP attacks so
dangerous?

Web server Trusting web clien

Malicious user
TCP Attacks
 How do we prevent this?
 IPSec
 Provides source authentication, so Mr. Big
Ears cannot pretend to be Alice
 Encrypts data before transport, so Mr. Big
Ears cannot talk to Bob without knowing what
the session key is
 1-3 SERVICES AND MECHANISMS

ITU-T provides some security services and some

mechanisms to implement those services. Security
services and mechanisms are closely related because a
mechanism or combination of mechanisms are used to
provide a service..

Topics discussed in this section:

1.3.1 Security Services
1.3.2 Security Mechanism
1.3.3 Relation between Services and Mechanisms

1.34
 1.3.1 Security Services
Figure 1.3 Security services

1.35
 1.3.2 Security Mechanism
Figure 1.4 Security mechanisms

1.36
 1.3.3 Relation between Services and Mechanisms

Table 1.2 Relation between security services and mechanisms

1.37
Social Problems
 People can be just as dangerous as
unprotected computer systems
 People can be lied to, manipulated, bribed,
threatened, harmed, tortured, etc. to give up
valuable information
 Most humans will breakdown once they are at
the “harmed” stage, unless they have been
specially trained
 Think government here…
Social Problems
 There aren’t always solutions to all of these problems
 Humans will continue to be tricked into giving out information
they shouldn’t
 Educating them may help a little here, but, depending on how
bad you want the information, there are a lot of bad things you
can do to get it
 So, the best that can be done is to implement a wide
variety of solutions and more closely monitor who has
access to what network resources and information
 But, this solution is still not perfect
 1-4 TECHNIQUES

Mechanisms discussed in the previous sections are

only theoretical recipes to implement security. The
actual implementation of security goals needs some
techniques. Two techniques are prevalent today:
cryptography and steganography.

Topics discussed in this section:

1.4.1 Cryptography
1.4.2 Steganography

1.40
 1.4.1 Cryptography

Cryptography, a word with Greek origins, means “secret

writing.” However, we use the term to refer to the science
and art of transforming messages to make them secure and
immune to attacks.

1.41
 1.4.2 Steganography

The word steganography, with origin in Greek, means

“covered writing,” in contrast with cryptography, which
means “secret writing.”

Example: covering data with text

1.42
 1.4.2 Continued

Example: using dictionary

Example: covering data under color image

1.43
Conclusions
 The Internet works only because we
implicitly trust one another
 It is very easy to exploit this trust
 The same holds true for software
 It is important to stay on top of the latest
security advisories to know how to patch
any security holes
 1-5 THE REST OF THE BOOK

The rest of this book is divided into four parts.

Part One: Symmetric-Key Enciphermen

Part Two: Asymmetric-Key Encipherment

Part Three: Integrity, Authentication, and Key Management

Part Four: Network Security

1.45