Computer Security.

Vulnerability : weakness in the security

system.
Threat : circumstances that has the
potential to cause loss or harm.
Control : an action, device, procedure or
technique that removes or reduce the
vulnerability.
Attack : exploitation of one or more
vulnerabilities by a threat; tries to defeat
controls

Amateurs : committed most of the

computer crimes reported to date.
Ordinary computer professionals or users.
Crackers : often high school or university
students, attempt to access computing
facilities for which they have not been
authorized.
Career criminals : understand the
target of computer crime. organized crime
and international groups.

Symmetric Cryptosystem

Methods of Defense : The Methods

4 kinds of threat :
Interception : some unauthorized party
has gained access to an asset.
Interruption : an asset of the system
becomes lost, unavailable or unusable.
Modification : unauthorized party not
only accesses but tampers with an asset.
Fabrication : intruder insert spurious
transaction to an existing computing
system.

Controls : strong gate or door.

Encryption : Scrambling process.

Physical Control : locks the door,

backup.

The Meaning of Computer Security :

Encryption : process of encoding a

message so that its meaning is not
obvious.

Confidentiality : ensures that computer

related assets are accessed only by
authorized parties.
Integrity : assets can be modified only
by authorized parties or only in
authorized ways.

Software Controls : OS and

development control.

Cryptanalysis

Hardware Controls : firewalls, intrusion

detecting system.

A cryptanalysts chore is to break an

encryptio.

Policies and Procedures : codes of

ethics.

Caesar Cipher :

Decryption : reverse process,

transforming an encrypted message back
into its normal, original form.

Availability : assets are accessible to

authorized parties at appropriate times.
Computer Criminals :

Asymmetric Cryptosystem

Each letter is translated to a letter

a fixed number of places after it in
alphabet.
Caesar used a shift of 3.

(no asal mesti tambah 3)

Advantages

Encryption Process

*Early one, most

easy to perform in
the field.
*Quite simple,
pattern formula
was easy to

Disadvantages

memorize and
implement.
*Dangerous to
perform
for
soldiers or spies.

The Data Encryption Standard (DES)

Stream Ciphers

*Obvious pattern is
major weakness

Provide high level of security.

Specified and easy to understand.
Available to all users.
Efficient to use.
Exportable.

Double DES :
convert one symbol of plaintext
immediately into a symbol of ciphertext.

Vernam Cipher :

Block Ciphers

Take two keys and perform two

encryption, one on top of the
other.
Assumption is FALSE : two
encryptions are no better than
one.
The double encryption only
double the work for the attacker.

Triple DES

encrypt a group of plaintext symbols as

one block.
Symmetric and Asymmetric
Encryption System

Encrypt with one key, decrypt

with the second, and encrypt with
the first again.
So that 112 bits effective key
length is quite strong and it is
effective against all feasible
known attacks.

Comparing Stream and Block

Algorithms :

DES Flow

The Advanced Encryption Standard

(AES) :

Unclassified.
Publicly disclosed.
Symmetric block cipher algorithm
for blocks of 128 bits
Rivets-Shamir-Adelman (RSA)
Encryption :

RSA cryptosystem is a public key

system.
Confidence in the method grows
as time passes without discovery
of a flaw.
RSA algorithm also operate with
arithmetic mod n.
Using d and e, and it is
interchangeable
Either one can be public key but
the other one must be the private
key.

Explain what happen in the DES key

transformation?
16 rounds on the input bits - substitutions
and permutations.
What is the size of the DES key after
transformation step ?
8 bit use + 8 unused.
Example : RSA by considering the
following parameters p = 19, q = 23, and
e=5
What is the RSA modulus n?
Pxq=n
19 x 23 = 437
n = 437

What is q(n)?
P = 19 , q = 23

Phi (n) = (19-1) x (23-1)

n = 396
What is the decryption key d?
Phi = (p-1) x (q-1)

By themselves, program are

seldom security threats.
The program operate on data,
taking action only when data and
state changes trigger it.
Much of the work done by a
program is invisible to the user,
so they are not likely to be aware
of any malicious activity.

Kind of Malicious Code :

Phi (n) = (19-1) x (23-1)

Phi = 396
396

396

5
79

396-395 = 1
317

396-79 =

d = 317
Buffer Flows : A buffer (or array or
estring)
x d mod
= 1 in which data can be
is aphi
space
5held.
x 317 mod 396 = 1
What can we do to avoid buffer
overflow attacks? Give 2 strategies :

Use higher-level programming

languages that are strongly
typed.
Validate input to prevent
unexpected data from being
processed.

Viruses and Other Malicious Code

How Viruses Attach :

Appended viruses - A program virus
attaches itself to a program then,
whenever the program run, the virus
activated.
Viruses that surround a program Virus that runs the original program but
has control before and after its execution.
Integrated viruses and replacement Integrating itself into the original code of
the target.

Viruses and Targeted Malicious Code

Research :

The Brain Virus.

The Internet Worm.
Code Red.
Web Bugs.
Salami Attack.
Trapdoors. Is the new jargon for
Backdoor Programs or Backdoor
virus in Software field.

Many kinds of viruses:

Mass Mailing Viruses

Macro Viruses
Back Doors a.k.a. Remote
Access Trojans
Cell phone viruses

Control of Access to General Objects

Objects to protect:

Memory
File or data on an auxiliary
storage device
Hardware device
A table of the OS
Data structure such as stack

Complementary goals in protecting

objects:

Check every access revoke

users privilege
Enforce least privilege least task
of every user
Verify acceptable usage yes-no
decision

User Authentication
Authentication mechanisms use any
of three qualities to confirm users
identity:

Something the user knows

password, PIN numbers, mothers
name.
Something the user has identity
badges, physical keys, drivers
license.
Something the user is called
biometrics.

Attacks on passwords:

Try all possible password.

Try passwords likely for the user.
Ask the user.

Password selection criteria:

Use characters other than just AZ.

Choose long password.
Avoid actual names or words

Main concern with the use of

passwords for authentication :

Denial of Service Attacks.

Forgery Attacks.
Server spoofing attacks.

Database Security
Advantages of the database:

Shared access

Data consistency
Minimal redundancy

Security Requirements :

Physical database integrity: the

data of the database are immune
to physical problems such as
power failures.
Logical database integrity: the
structure of the database is
preserve.
Element integrity: the data
contained in each element are
accurate.
User authentication: every user is
positively identified.

Security in Networks
Threats in Networks Threat
precursor:
Port scan - Program that give an
information about three things:

Which standard ports or services

are running and responding?
What operating system is
installed?
What applications and versions of
applications are present?

Social engineering
Involves using social skills and personal
interaction to get someone to reveal
security-relevant information and perhaps
even do something that permits an
attack.

Reconnaissance
Gathering discrete bits of information
from various sources and then putting
them together like the pieces of a puzzle.

so that the application will receive

only requests to act properly.
Legal, Privacy and Ethical Issues in
Computer Security

Availability of documentation
Vendor themselves sometimes distribute
information that is useful to an attacker.
Firewalls :

Firewall is a device that filters all

traffic between a inside network
and a outside network.
The purpose of a firewall is to
keep bad things outside a
protected environment.
Firewalls implement a security
policy.

Copyrights :

Patents :

The design of firewall :

Always invoked.
Tamperproof.
Small and simple enough for
rigorous analysis.

Type of firewalls :

Packet filtering gateways or

screening routers - Most effective.
Control packet from source to
destination.
Stateful inspection firewalls Maintains state information from
one packet to another in the input
stream.
Application proxies - Simulate the
(proper) effects of an application

Copyright are designed to protect

the expression of idea.
Applies to creative work.
The copyright must apply to an
original work.

Patents protect invention, tangible

objects or ways to make them.
Apply to the result of science,
technology and engineering.
Items protected computer
software, recognizing algorithms
like processes and formulas.

Security Awareness :
Security awareness program: one of least
frequently implemented, but most
effective security methods.
What is public key cryptography?
Public-key cryptography, or asymmetric
cryptography, is an encryption scheme
that uses two mathematically related, but
not identical, keys - a public key and a
private key.
What is non-repudiation in the
context of computer security?

Nonrepudiation is a method of
guaranteeing message transmission
between parties via digital signature
and/or encryption.
Describe why the DES algorithm is
generally not considered as secure.
What can be done to improve its
security?

Key length is fixed.

Design decisions not public.

To improve :

Only a single electronic copy a

crucial and sensitive documents.
Key escrow facilitates recovery of
the document if the key lost.

File Protection Mechanisms

All-None Protection :

Lack of trust
Timesharing issues
File listings

Group Protection :
User cannot belong to two groups
Forces one person to be multiple users
Forces user to be put into all groups
User Authentication

Something the user knows

(password, PIN, passphrase,
mothers maiden name).
Something the user has (ID, key,
drivers license, uniform).
Something the user is
(biometrics).

Authentication :

Challenge-Response Systems
Impersonation of Login
Authentication Other than
Passwords