???? Security - PowerPoint PPT Presentation

About This Presentation
Title:

???? Security

Description:

Security : CS912 07-3121101 2648-25 itchen_at_kmu.edu.tw – PowerPoint PPT presentation

Number of Views:132
Avg rating:3.0/5.0
Slides: 109
Provided by: tjm51
Category:
Tags: security

less

Transcript and Presenter's Notes

Title: ???? Security


1
????Security
??? ???? ??CS912 07-3121101 ? 2648-25
itchen_at_kmu.edu.tw
2
????
  • ??????
  • ????
  • ????
  • ????
  • ??????
  • ???

3
??????
  • ????????????????
  • ???????????????????????,????????????,?????????????
    ?????????????
  • ???????????????(???????)?Hub?????????????????????
    ????

4
????
  • ??????????????????????,?????(????,??????)?????????
    ????????????
  • ????????(virus)???(worm)???(Trojan)???(backdoor)
    ?????(logic bomb)
  • ??????????????????
  • ????
  • ????
  • IM (MSN, QQ, Skype)
  • Word, Excel, Powerpoint, jpg

5
??????
  • ???????
  • ?????????????(MBR?Registry?)????
  • ??????????????????
  • ????????????????(MACRO)???????
  • ??script???????????????
  • ??(worm)??????,????????????????2001.7????,
    2007.9 Nimda?????? CodeRed
  • ??(Trojan)??????(??)
  • ??(backdoor)
  • ????????, ?? Unwanted program ????

6
?????
  • ??????????????,???????????????????????? ???
  • ??,???????????????????????????,????????????????,??
    ???????? ?????,?????????????????????????????,?????
    ????????,????????? (????) ??????????????????????
  • ?????????????????,????????????? (?????)
    ????????????????????,?????????????????????????????
    ,????????????,???????? ??????

7
?????
  • ????????,?????????(??),???????????????,
    ????????????????????,?????????????????
    ????????????????,?????????????????????????????????
    ?????????????,???????? ???????,?????????????????,?
    ????????...?
  • ????,??????????????????????????
    ??????????????????????????????????????????????????
    ???????,???????????,?? ???????,?????????
    (??????????????)?

8
???????
  • ????????????????????,?????????,???????
  • ?????????,????????????????,??????????????????,????
    ???????,??????????????????????????????????,???????
    ???????,???????????, ?????????????
  • ??????????????????????(????)????

9
??????????????
  • ????????(?????10 ? 6)
  • 100?KMU?????? 17.39
  • 100?KMU????7.16

01 ???????????????????(24.8/11.87)02 ?????(13.85/3.83)03 2012 ???? -- ????,?????(26.39/14.12)04 ??????????!(8.05/1.19)05 ?S??????(20.05/10.29)06 ???????????????(9.76/3.03)07 100????????(7.92/0.92)08 ??????????(42.08/19.13)09 ??????(13.19/5.54)10 ?????????(7.78/1.72)
10
????
  • ??????????

??, ???????,??????????,?????????? ????? ??? ??? ?????? ??????   KMU ???????
?????, ????????????, ????????
http//cissnet.edu.tw/knowledge_05.aspx
11
????
??????
12
????????
???????????
?????????
13
????????
????????
Mail
??
Mail
??
Mail
??
????
????????
??Email address? ????,??????????????
????????
14
????????
  • ????????????
  • ????(????????????????)?????????
  • ?????????????(????????,????????)
  • ??????????????,??????????
  • ????????????????(??????,??????????)??????

15
?????????
  • ????????(????????,????????????????????)
  • ????(?outlook express???????)
  • ????????
  • ??????
  • ???????
  • ????USB????????

16
????
  • ??????
  • ???????
  • ????????
  • ???????????
  • C?????

17
(No Transcript)
18
(No Transcript)
19
?????
  • ????- ????? ????,????????
  • ??????, ??????????????
  • ???????
  • Autorun.inf
  • xxx.exe (????, ???, ??)
  • Kavo_Killer.exe ??
  • WowUSBProtector ??
  • ???????? autorun.inf ????
  • ??????
  • http//wiki.kmu.edu.tw/index.php/Kavo_??

20
(No Transcript)
21
Kavo Killer
22
Wow USB protector
23
?????? XP Professional
  • Windows XP Professional
  • ?? ? ?? ? ?? gpedit.msc (Windows XP Home Edition
    ??????)? ??
  • ?? "????" ??, ????? ???? ? ?????? ? ??
  • ??????? ? ?????? ??????
  • ?? "????????" ???, ?? "???"
  • ???? "???????" ?????, ?? "????"
  • ??,?????????????

24
(No Transcript)
25
?????? XP Home
  • Windows XP Home (??? Windiws 2000)
  • ?? ?? ? ?? ? ?? regedit
  • ???????? HKEY_CURRENT_USER\SOFTWARE\Microsoft\Wind
    ows\CurrentVersion\Policies\Explorer\NoDriveTypeAu
    toRun
  • ???? ????? 255,??? 255 (????????? autorun , ???
    95 ??)
  • ???

26
?????? XP Home
27
Win 7??????
????/??????/Windows??/??????,???????????????????
28
Win 7??????
29
???
  • ??? Spybot, Spyware Doctor, EFix

30
????
31
?????
  • ???? Adaware

32
(No Transcript)
33
TCP View
34
Process Explorer
35
Autoruns
36
Gmer????? Rootkit
37
Command mode
  • Dir /od(order??) /tc(?Create time) /a
    (??attribute)
  • ?????????
  • dir c/tc /a /s findstr2012/11/09
  • ???????????????
  • ??,???????????,??????

38
Sigcheck
  • sigcheck u a .exe ???????
  • sigcheck u a r c\ ??? c

39
VirusTotal
40
????
  • Debug??
  • Windbg
  • Ollydbg
  • Immunity debugger
  • Gdb(UNIX)
  • IDA pro
  • Dumpbin
  • ????? Vmware or VirtualBox ??
  • ???????

41
???? C\WINDOWS
42
????C\DocumentsandSettings\user\LocalSettings\Te
mp
43
???? C\Documents and Settings\user\Local
Settings\Temporary Internet Files
44
????
45
???????
  • ??????????????,????????????,?????????????,???????
    ?

46
?????????
  • ??????,????, ???, ???
  • ??BIOS???????????
  • ???????????
  • ??????????Firefox?????Thunderbird
  • ??????????????,?????????(?jpg?png?gif?bmp?zip)
  • ?????????(???Windows Update)
  • ??????????,?????????

47
???? TopTenREVIEWS ??
http//www.toptenreviews.com
48
Top Ten REVIEWS
  • ???ESET NOD32 Antivirus
  • ???Avira AntiVir Premium Avria AntiVir ???
  • ???BullGuard Antivirus
  • ???G Data Antivirus
  • ???Avast! Pro Antivirus Avast! ???
  • ???AVG Anti-Virus AVG 2012 ???
  • ???F-Secure Anti-Virus
  • ???Panda Antivirus Pro
  • ???Kaspersky
  • ???Bitdefender Antivirus Plus

49
???? AV-Comparatives ??
http//www.av-comparatives.org
50
AV-Comparatives(Detection rates)
  1. G Data 99.7
  2. Avira 99.4
  3. Kaspersky 99.3
  4. Sophos 98.9
  5. Panda,Bitdefender, BullGuard,McAfee,F-Secure
    98.6
  6. Fortinet,eScan 98.5
  7. Webroot 98.2
  8. Avast 98.0
  9. ESET 97.6
  10. PC Tools 97.2
  11. GFI 97.0
  12. AVG 96.4
  13. Trend Micro 95.6
  14. AhnLab 94.0
  15. Microsoft 93.1

51
????
52
????(?)
  • ????????????????????????????
  • ????????????????????,???????
  • ???????????????????????(OOP?Land attack???????)?
  • ???????????????????(?????)???

53
????(?)
  • Hub
  • Switch

54
????(?)
  • ????????????,???????????????????
  • ??????????????,?????????????????
  • ???????????????????,????????
  • ????CERT(????????)?TWCERT(????????????
    http//www.cert.org.tw)???,???????
  • ??????TCPwarp ????????,????????

55
????(?)
  • ????????(?)
  • ??????(????????),?????????IMAPS?POP3S(??????SSL??)
    ,Telnet?ftp??????SSH?
  • ??????????????????
  • ???????(????????????????)????????,??????,?????????
    ????????(_at_?)?
  • ??????

56
????????
  • ??????????,?14??????
  • 75???????????
  • 43????????????
  • 20?????????????

57
??????(?)
  • ???????,?????????????????,???????,??????????????
  • ?????????????USB??????????
  • ?????????????DAT?????????
  • ?????????????(????)???????(????????)??????????????
    ????????
  • ?????,???????,?????????????????????,????????????

58
??????(?)
  • ???????,????????,????????????,??????????????
  • ??????(????1?10?)
  • 1-5??????????????
  • 6-8????????????????????
  • 9-10??????????????????????
  • ????????????????,????????????????????

59
Outline
  • ?????
  • ????????
  • ?????
  • ?????(Substitution, Transposition, DES)
  • ??????(Advanced Encryption Standard, AES)
  • ??????(RSA)
  • MAC
  • ????

60
????????????
pw????
pw????
Sniffer,WireShark
pw????
eavesdropper
61
????????
  • Sniffer http//www.netscout.com
  • Wireshark http//www.wireshark.org
  • http//zh.wikipedia.org/zh-tw/Wireshark

62
WireShark
http//www.wireshark.org/download.html
63
????
  • ?????????
  • ????
  • 318-1 ???????????????????????????,????????????????
    ????
  • 318-2 ???????????????????????????,?????????
  • 339-3 ??????????????,?????????????????
    ????????,?????????????,????????,??????????
    ??????????????????????,??
  • 352 ???????????????,????????????,???
    ?????????????????
  • ?????? ?????

64
?? -???????
  • 358 ????????????????????????????????
    ,???????????????,??????????????? ?????????
  • 359 ?????????????????????????,??????
    ?????,?????????????????????????
  • 360 ??????????????????????????,?????
    ??????,????????????????????????
  • 361 ??????????????????????,?????????

65
?? -???????
  • 362 ??????????????,????????????,????
    ???????,???????????????????????? ?
  • 363 ????????????????,??????

66
??????
  • Eavesdropping
  • OS??
  • Password???
  • Spoofing
  • Session Hijacking
  • ??????virus?trapdoor
  • DOS, DDOS

67
???????
pw????
pw????
??
??
_at_
_at_
_at_
Sniffer, WireShark
eavesdropper
68
? ? ? ? ?
69
??,???????
  • ????(Symmetric Key)??
  • KeKd
  • ?????(Asymmetric Key)??
  • Ke?Kd

70
? ?
  • ?????,????????,?????,???????????????,??????????
    ?,???????,????.?????????,?????????,??????,?????,??
    ??????,???????,???????,???????????,?????????,?????
    ???????.???????,????,?????????,?????????,????.????
    ?,????????,????,????.??,??????????,?????????....??
    ????...

71
???
  • Substitution
  • Transposition

72
Substitution Ciphers(?????)
  • ????????????
  • ??apple???????bqqmf?
  • I love you ??j mpwf zpv
  • ????????, ????????
  • ???? Key ??

73
Transposition Ciphers
  • ???????????????,???????????????????????????????
    ???????????????,,???,????????????????????????????
    ?,??,??????????????

74
?????
  • Caesar Cipher
  • Momoalphabetic Cipher
  • Hill Cipher
  • Playfair Cipher
  • Vegenere Cipher (Polyalphabetic cipher)
  • Permutation Cipher
  • One-Time Pad

75
DES(Data Encryption Standard)
  • Plaintext M(64 bits)
  • Ciphertext C(64 bits)
  • Key K(56 bits or 64 bits)
  • Round Function F(X, Y)
  • X(32 bits) and Y(48 bits)
  • Rounds 16

75
76
DES(Cont.)
  • IP initial permutation IP(M) (L, R)
  • FP final permutation IP.FP FP.IP
  • (Ln, Rn) (Rn-1, Ln-1 ? F(Rn-1, K))
  • F(X, Y) Perm(S_box( Ext(X) ? Y))
  • C FP(R, L)

77
DES(Fig.)
77
78
DES(One round)
78
79
Triple DES
79
80
AES(Advanced Encryption Standard)
  • Joan Daemen, Vincent Rijmen in Belgium
  • 128/192/256 bit keys, 128 bit data
  • ?? 4 ??? , 10/12/14 round
  • AddRoundKey
  • SubBytes
  • ShiftRows
  • MixColumns

http//zh.wikipedia.org/zh-tw/??????
81
AES - AddRoundKey
82
AES - SubBytes
83
AES - ShiftRows
84
AES - MixColumns
85
RSA????(?????)
  • ?????????
  • ??????????p, q?(????2512)
  • ??? n p q ? ?(n)(p-1)(q-1)
  • ?????? ?(n) ????? e?
  • (?? gcd (e, ?(n))1)
  • ??????????? d such that
  • d ??e d 1 mod ?(n)?
  • ?(e, n)? Public key,d? Private key?

85
86
RSA (??)
  • (Cd mod n)
  • ((Me mod n)d mod n)
  • Med mod n
  • M(k (p-1) (q-1)) 1 mod n
  • M1 mod nM
  • (??e d 1 (mod ((p-1) (q-1)))?)
  • Fermats Theorem ??(n) mod n 1

87
RSA (??1)
  • ????? p101, q53, n101535353
  • ??4657
  • ?A?????(eA,NA)(7,5353)
  • ???????????????dA743,
  • Where eA, dA1 mod (10052)
  • ????? 4657743 mod 5353 1003
  • ????????(eA,NA )??????
  • 10037mod 53534657

88
11?F(n) ????
11 8
13-2 3-(8-6) 3-86 (11-8)-82(11-8)
3(11-8)-8 3(11)-4(8) ?Public key 11?F(n)
???? ??(11)????3,????key
8 6
3 2
2
1
88
89
RSA ??2,B?A
  • ????? p3, q5
  • n3515
  • F(n) (3-1)(5-1)8
  • ?? m13
  • ????11?As Public key (eA,NA)(11,15)
  • ??????????? Private key dA3,

90
RSA ??2,B?A(Cont.)
  • eAdA1131 mod F(n)
  • B?As Public key??????1311 mod 15 7
  • A ????Private key ????????
  • 73mod 1513

90
91
RSA (??3, ??)
  • Example(???, p3, q5, n15, e11, d3)
  • A???(m13)?A? Private key ??
  • 133 mod 157
  • B?As Public key ??????
  • 711 mod 15 13
  • ??????????

92
RSA??????
  • RSA??exponential algorithm
  • RSA?????DES??????
  • ???RSA????DES?1000?
  • ???RSA?????DES?100?
  • ?RSA??????
  • digital signature
  • protocol??key exchange?

93
???? One-way Function
  • ????????????? f ?One-way Function
  • 1. ??????F??x, ??????f(x)y.
  • 2. ????????f ??????y, ?????? ???x ??yf(x)
  • Example
  • y f(x) xnan-1 xn-1a1xa0 mod p

? f ?
X
Y
94
Message Authentication Codes (MAC)
  • MAC is an authentication tag (also called a
    checksum) derived by appying an authentic-ation
    scheme, together with a secret key, to a message.
  • There are four types of MACs
  • (1) unconditionally secure
  • (2) hash function-based
  • (3) stream cipher-based or
  • (4) block cipher-based.

95
MAC -2
  • Hash function H(m1, m2, , mt)m
  • ???Hash function MD5, SHA-1, ...
  • MAC is key-dependent one-way hash function
  • MAC are computed and verified with the same key
  • A B ???? key K
  • A send H(K, M) to B
  • B can reproduce As result

96
???????????
  • ?????
  • DES, IDEA, AES(MARS, RC6, Rijndael, Serpent, and
    Twofish), ...
  • ??????
  • RSA, ElGamal, Elliptic Curve Cryptography

97
??(1/6)
  • ?????

Session Key
Session Key
I am Yiter
Asdvh
I am Yiter
DES
DES
98
??(2/6)
  • ??????

?????
??? Public key
???Private Key
I am Yiter
I am Yiter
_at_SDFGSASDF
RSA
RSA
99
??(3/6)
  • ?????????????

???Private Key
??? Public key
Session Key
Session Key
(
RSA
RSA
Session Key
Session Key
I am ???
Dthfgbshgzxcv
I am ???
DES
DES
Bdve_at_dgrse
100
??(4/6)????
  • Example(???, p3, q5, n15, e11, d3)
  • ?????(m13)?A???Private key ??????? 133 mod 157
  • A ???????(m13, c7)????B
  • B ??A? Public key (eA,NA)???????
  • m711 mod 15 13
  • ?mm ?????

101
??(5/6) ??????
? ?
????
Hashing
? ?
? ?
??
????
??
Hashing
????
????
????
????
Secret Key
Public Key
102
??(6/6)
  • ?????????????

???Private Key
??? Public key
Session Key
Session Key
(
RSA
RSA
Session Key
Session Key
Dthfgbshgzxcv
Rijndael
Rijndael
102
103
SSL Architecture
104
SSL Firefox Example
Https//...
105
Firefox - Facebook
Http//...
???
106
IE- Facebook
Http//...
107
IE-Yahoo
Https//...
108
Summery
  • ??????
  • ????
  • ????
  • ????
  • ??????
  • ???
Write a Comment
User Comments (0)
About PowerShow.com