U.S. National Cybersecurity Understanding Internet Security - PowerPoint PPT Presentation

About This Presentation
Title:

U.S. National Cybersecurity Understanding Internet Security

Description:

U.S. National Cybersecurity Understanding Internet Security William J. Perry Martin Casado Keith Coleman Dan Wendlandt MS&E 91SI Fall 2004 – PowerPoint PPT presentation

Number of Views:141
Avg rating:3.0/5.0
Slides: 41
Provided by: KeithC48
Learn more at: http://web.stanford.edu
Category:

less

Transcript and Presenter's Notes

Title: U.S. National Cybersecurity Understanding Internet Security


1
U.S. National CybersecurityUnderstanding
Internet Security
  • William J. Perry
  • Martin Casado Keith Coleman Dan Wendlandt
  • MSE 91SI
  • Fall 2004
  • Stanford University

2
Announcements
  • Axess Email lists
  • Coursework Forum
  • Bios/Photos

3
Goal Provide Working Knowledge of Internet
Security
4
Outline
  • What is Security?
  • Attack Classifications
  • Internet Security Mechanisms
  • Discussion Questions (if time)

5
What is Security ?
6
The Big Five
  • Security is traditionally broken up into
  • 1) Availability
  • 2) Integrity
  • 3) Confidentiality
  • 4) Authentication
  • 5) Access Control

7
Security From What?
  • What can disrupt the higher-level services
    running on the Internet?
  • Attacks
  • Accidents
  • Failures

NASA Control Room
8
Failures on the Internet
  • Why do security failures matter?
  • Security failures affect the Internets ability
    to function as a reliable and secure critical
    infrastructure.

9
Vulnerabilities
  • Def. vulnerability (n)
  • a state with the potential to lead to a failure
  • Where can vulnerabilities exist in technology?

Services (Amazon, SCADA) Applications (Word, IE,
Email Client) Service-Level Protocols (http,
smtp) Network and Network Protocols (ip,
tcp) Operating Systems (Windows, Linux, Cisco
IOS) Physical Hardware (cables, routers,
CPUs) Basic Infrastructure (electricity)
10
Attack Classifications(not mutually exclusive)
11
Vulnerabilities Attacks
  • The nature of the network technologies,
    protocols, and operators are the basis for
    attacks.
  • Attacks can (and will) come at vulnerabilities in
    every layer.
  • Big Question What is it about the Internet
    architecture that causes these vulnerabilities to
    exist?

Humans
Attacks
12
Scanning Fingerprinting
What is it?
  • Reconnaissance technique to explore networks,
    classify analyze connected hosts, and identify
    potential vulnerabilities.
  • Example nmap security scanner

13
Exploits
  • What is it?
  • The use of vulnerabilities in or
    misconfiguration of software or hardware to gain
    access to information or resources on a system.
  • Exploits may be manual or automated.
  • worms/viruses are exploits with code to
    facilitate propagation.
  • example Blaster worm exploits RPC bug

14
Trojaned Software
What is it? Software/Hardware with hidden
functionality that its use allows an attacker an
avenue to access a system or its
information. This is sometimes also referred to
as a backdoor.
Example A free copy of MSWord downloaded off of
Kazaa may have been modified to include a trojan
leading to a compromise.
15
Denial of Service
What is it?
  • The malicious consumption of resources in order
    to make a system incapable of fulfilling its
    designed role.
  • Attacks are often distributed to increase
    resource consumption (zombies or botnets).
  • example SYN flood against Yahoo

16
Social Engineering Attack
  • What is it?
  • Any attempt that employs non-technical means to
    attack a system. Often the attacker uses
    information gleaned from outside sources to
    produce false credentials (dumpster diving).
  • Attacks are often hybrid, relying on human and
    technical factors.
  • example Beagle virus used email domain name to
    pose as a message from the users ISP.

17
Access Control Failures
  • What is it?
  • Failure to set up adequate access control
  • Default configurations
  • Privilege revocation
  • Example default administrator password for
    windows

18
Authentication Failures
  • What is it?
  • Some authentication schemes are better than
    others
  • Passwords
  • Public Key Crypto
  • Example phishing schemes that steal passwords
    break the authentication model.

19
Infrastructure Attack
What is it?
  • An attack against the core systems that operate
    as the Internet infrastructure. Attacks can be
    either physical or virtual, often focusing on
    central points of failure.
  • example Attack on root DNS servers.

20
Insider Threats
  • What is it?
  • Attacks that exploit an existing trust
    relationship to harm the overall security of a
    system.
  • example former employee uses knowledge of a
    companys network systems and passwords to steal
    customer information entrusted to the company

21
Traffic Sniffing/Modification
  • What is it?
  • Using access to a link or infrastructure system
    to examine or modify the contents of Internet
    traffic. Similar to a phone tap, with ability to
    change contents.
  • example ISPs potential for information
    gathering

22
Dont Forget
  • Attacks are only one of the reasons systems can
    fail. There are many other, perhaps less
    exciting, ways systems are vulnerable.

23
Internet Security Mechanisms
24
What is Cryptography
  • A critical TOOL in securing information systems
    and their communications.
  • You may have heard of
  • SSL
  • Trusted Computing
  • Public Key Cryptography
  • Tripwire

25
Cryptography Overview
  • Crypto can great hard guarantees (backed by
    math) in the digital world similar to those we
    have long relied upon for security in the
    physical world
  • - Data Encryption (privacy)
  • No one else can read my message
  • - Data Integrity
  • My message has not been modified
  • My message is from who it says it is
  • Also provides for some improved authentication
    schemes.

26
Cryptography Examples
  • How do these mechanisms function?
  • (at 10,000 feet)

27
Problems with Crypto
  • Bad Standards
  • WEP, CSS
  • Bad Implementation
  • IE, OpenSSL
  • Attacks on Authentication
  • Phishing, password sniffing
  • Weak back-end
  • Weak link, insider attacks
  • Encryption is often slow cumbersome
  • PKI has difficulty scaling to large numbers

28
Ideal vs. Real Internet Security
  • Ideally we can utilize authentication and access
    control to protect systems and data.
  • In reality this is not practical.
  • E.g. What if everyone needed to be authenticated
    to talk to you computer?
  • Additionally, authentication schemes are only as
    secure as those using them.
  • E.g. An uneducated but authenticated user may
    install a trojan.

29
Attack Detection/Prevention
  • Firewalls Software to inspect packets, compare
    them to rules and drop traffic specified by these
    rules.
  • Intrusion Detection/Prevention Systems (IDS/IPS)
    Software to inspect traffic flows for
    signatures or other behavior that appears to be
    malicious.
  • Anti-Virus Software Inspects files for signs of
    infectious programs and eliminates them.
  • These mechanisms can either be deployed on
    individual hosts or on dedicated network servers.

30
Patching
  • Fix vulnerabilities in software that may lead to
    exploitation. Patch management is major hidden
    cost to companies.
  • Important
  • - Process is still embarrassingly manual
    (changing?).
  • - Gap between release of patch first exploit
    in the wild is shrinking (Witty worm and
    zero-days).
  • - Often patches are not applied to critical
    systems because updates sometimes have conflicts
    that can break software running on the systems.
  • Do we patch?
  • Check out Security Holes? Who Cares by Eric
    Rescorla. http//www.rtfm.com/upgrade.pdf

31
Process, Education Risk Assessment
  • Often forgotten as security mechanisms
  • - Having well-defined and consistent
    preparation, response, and recovery plans across
    an organization.
  • - Attempting to secure humans, often the weakest
    link.
  • - Determining the danger associated with each
    potential vulnerability.

32
Discussion Questions
33
Attributability
  • For traffic on the Internet, can we determine who
    a packet come from?
  • Two levels
  • Can we tell what computer sent a given
    packet?(what are the implications of source
    spoofing?)
  • Can we attribute a packet to a human?
  • - What does this say about our ability to catch
    and prosecute perpetrators of online attacks?
    What about active response?

34
Determining Intent
  • Can you infer intent from analyzing network
    traffic? What about at the application level?
  • What is the different between a denial of service
    attack and normal overwhelming usage?
  • What is more important, the intent or the result
    of Internet traffic?
  • What about enablement versus use?

35
Trust Relationships
  • What are key trust relationships relating to
    cybersecurity? Think about
  • - designers
  • - developers
  • - distributors
  • - owners
  • - operators
  • - users
  • If security is a weakest-link issue, what
    forces keep one of these trust links from
    breaking?

36
The Power of the Core
  • How much control do we have with determining
    where traffic flows on the Internet, and what
    entities have control over it?
  • What can someone on route potentially do? How
    can you trust the integrity of what you see?
  • What does it take to have control of the Internet
    core?

37
Infrastructure Attacks
  • How vulnerable is the actual Internet
    infrastructure to attacks?
  • Could a single group bring down the Internet?
    What does this mean? What kind of resources
    would it take?
  • How reliant is the Internet on a relatively few
    critical systems?
  • What happens when you rely on the security of
    infrastructure that you have absolutely no
    control over? As a company? As a country? How
    does this compare to security in the physical
    world?

38
Determining Identity
  • How can we trust an Internet entity is who they
    say they are?
  • Why is this process more difficult than it is in
    the brick mortar world?
  • How important is this for a critical
    infrastructure?
  • Do our solutions for providing identity scale to
    the millions of actions on the Internet?

39
Overwhelming Complexity
  • What does the extreme complexity of the Internet
    mean for our ability to secure it?
  • Are there just too many things that could go
    wrong to ever possibly be able to completely rely
    on it?
  • In what way does the complexity impact our
    ability to educate average users? Is user
    education necessary? Is effective user education
    even possible?
  • Will the Internet become more or less complex to
    manage in the future?

40
Why is this so hard?
  • What are the major barriers to providing
    security guarantees for an information system on
    the Internet?
  • What (or who) are the weak links for security
    systems?
  • Can we ever really secure a usable Internet
    computer system? (e.g. directed attack)
  • How does software size complexity relate to our
    ability to secure a system? What is zero-day?
Write a Comment
User Comments (0)
About PowerShow.com