ITCS 310: Network Security PDF
Document Details
Uploaded by UnrestrictedJasper5026
UAEU College of Information Technology
Dr. Lubna Fayez
Tags
Summary
This document covers week 3 of ITCS 310: Network Security, focusing on computer security, cybersecurity concepts, and goals. It delves into topics like security definitions, cybersecurity attacks, and the need for cybersecurity experts.
Full Transcript
ITCS 310: Network Security WE EK03: COMP UTER S EC URITY CON C EPTS A N D GOA L S D R. LUBNA FAY EZ COL LEGE OF I NFORMATION T ECHNOLOGY Week03: Outline Security Definition Security Goals Security Concepts 2 What is Security? Oxford Dictionary Definition: The state of...
ITCS 310: Network Security WE EK03: COMP UTER S EC URITY CON C EPTS A N D GOA L S D R. LUBNA FAY EZ COL LEGE OF I NFORMATION T ECHNOLOGY Week03: Outline Security Definition Security Goals Security Concepts 2 What is Security? Oxford Dictionary Definition: The state of being free from danger or threat Real-world Security: Protecting valuable things/people Physical stuff (money, jewelry, cars, etc.) People Access to somewhere (parking?) We think of an item as secure if no one can take it, harm it, or use it without our permission 3 Computer Security Only one type of digital asset: Information Protecting information is hard Stored on small, portable devices Can be accessed electronically The internet has made this even harder 4 What is Cybersecurity? Used to be the computer security: Protection of computer systems from harm to the hardware, software and the data Cybersecurity is much wider: protection of cyber--physical systems Including IT security (from personal devices to the cloud) E--government security, Industrial control system security, Connected healthcare security, Transportation security, Financial systems security. 5 The Need for Cybersecurity Experts Qatar is enforcing a cybercrime law and has specialized bodies at MOI, NCSA The shortage of cybersecurity experts is projected to be 1.5 million in the US alone by 2019, to fill various positions such as: Security analyst Incident response specialist Ethical hacking consultant Forensics expert Security architect… 6 Privacy What’s the difference between privacy and security ? 7 Security != Privacy no security no privacy privacy but not security 8 security but no privacy Cyber--security Is this real ? Is it possible to break--in my laptop ? Is it possible to hack my WiFi ? What about my Facebook account ? This actually already happened Yahoo, 500M accounts, 2014 British Airways, 500K accounts, 2015 Invest Bank, 40K accounts, 2016 QNB, 100K accounts, 2016 http://www.informationisbeautiful.net/visualizations/worlds--biggest--data--breaches--hacks/ 9 Cybersecurity Quick Facts There were 2,365 cyberattacks in 2023, with 343,338,964 victims 2023 saw a 72% increase in data breaches since 2021, which held the previous record Around the world, a data breach cost $4.88 million on average in 2024 Email is the most common vector for malware, with around 35% of malware delivered via email in 2023 Ninety-four percent of organizations have reported email security incidents Information security jobs are projected to grow by 32% between 2022 and 2032 https://www.forbes.com/advisor/education/it-and-tech/cybersecurity-statistics/ 10 Most Common Kinds of Cybersecurity Attacks Phishing: the use of text messages, deceptive emails, websites, and other forms of communication to deceive individuals into downloading malware or divulging sensitive information. 74% of account takeover attacks start with phishing. The most targeted companies for phishing scams are: Microsoft (57%) Amazon (1.6%) Apple (10%) DHL (0.9%) LinkedIn (7%) Adidas (0.8%) Google (6%) WhatsApp (0.8%) Facebook (1.8%) Instagram (0.7%) 11 Most Common Kinds of Cybersecurity Attacks Malware Malware attacks rose by 71% between 2016 and 2021. Ransomware attacks rose by 74% between 2023 and 2022. At any given time, 4.1 million sites are infected with malware. On average, a ransomware attack costs a business $4.91 million. Seven percent of ransomware attacks resulted in financial loss in 2023, with a median ransom payment of $10,000. 12 Most Common Kinds of Cybersecurity Attacks Distributed Denial of Service (DDoS) A distributed denial of service occurs when attackers use multiple devices to flood a target system, network or website with a high volume of traffic. This tactic overwhelms the target’s capacity to handle legitimate requests, rendering it inaccessible to legitimate users. On average, Microsoft mitigates 1,700 DDoS attacks daily Prominent DDoS attack victims include Amazon Web Services (AWS) GitHub Dyn 13 Most Common Kinds of Cybersecurity Attacks Personal Data Breaches 349,221,481 people were impacted by data breaches in 2023.1 The Consumer Sentinel Network received more than 5.5 million reports in 2023, consisting of 15: Fraud (2,606,042 reports) Identity theft (1,036,955 reports) Other (1,905,717 reports) 14 Most Common Kinds of Cybersecurity Attacks 15 Security Goals: C.I.A 16 Security Goals Confidentiality Integrity Availability 17 Security Goals: Confidentiality Confidentiality is the avoidance of the unauthorized disclosure of information. “Keep information secret”: the concealment of information or resources Prevent unauthorized reading of data Involves the protection of data, providing access for those who are allowed to see it while disallowing others from learning anything about its content. 18 Confidentiality hello 19 Attack on Confidentiality hello 20 Tools For Confidentiality: Encryption Encryption: the transformation of information using a secret, called an encryption key, so that the transformed information can only be read using another secret, called the decryption key 21 Tools For Confidentiality: Access Control Access control: rules and policies that limit access to confidential information to those people and/or systems with a “need to know.” “need to know” may be determined by identity, such as a person’s name or a computer’s serial number, a role that a person has, such as being a manager or a computer security specialist. 22 Tools For Confidentiality: Authentication Authentication: the determination of the identity or role that someone has. something the person has (like a smart card or a radio key something the person knows (like a password), something the person is (like a human with a fingerprint). 23 Security Goals: Integrity Refers to the trustworthiness of data or resources in terms of preventing improper and unauthorized changes. Prevent unauthorized modification of data 24 Integrity hello 25 Attack on Integrity hello bye 26 Tools for Integrity Ensure the property that information has not be altered in an unauthorized way. Tools: Backups: the periodic archiving of data. Checksums: the computation of a function that maps the contents of a file to a numerical value. A checksum function depends on the entire contents of a file and is designed in a way that even a small change to the input file (such as flipping a single bit) is highly likely to result in a different output value. Data correcting codes: methods for storing data in such a way that small changes can be easily detected and automatically corrected. 27 Security Goals: Availability Availability refers to the ability to use the information or resource desired. Ensure data is available to authorized people 28 Availability hello 29 Attack on Availability hello 30 Tools for Availability Ensure that information is accessible and modifiable in a timely fashion by those authorized to do so. Tools: Physical protections: infrastructure meant to keep information available even in the event of physical challenges. Computational redundancies: computers and storage devices that serve as fallbacks in the case of failures. Attack: Information attack: Denial-of-Service (DoS) Hardware attack: physical attack, power, link cut… 31 Other Security Concept: A.A.A 32 Other Security Concept Assurance: refers to how trust is provided and managed in computer systems. – The degree to which we have confidence that systems are behaving in the way we expect. Authenticity The receiver can verify the source of the data Prevent mimicking the source of the data Anonymity: the property for certain records or transactions not to be attributable to any individual. 33 Authenticity hello 34 what Attack on Authenticity does it effect which of He 3 hello 35 Anonymity §Anonymity: the property for certain records or transactions not to be attributable to any individual. §Tools: § Aggregation: the combining of data from many individuals so that disclosed sums or averages cannot be tied to any individual. § Mixing: the intertwining of transactions, information, or communications in a way that cannot be traced to any individual. § Proxies: trusted agents that are willing to engage in actions for an individual in a way that cannot be traced back to that person. 36 Threats, vulnerability and attacks (1/3) A few definitions: Asset: entity you want to protect, e.g., your data. Vulnerability: weakness or gap in the system. Threat: Anything that can exploit a vulnerability. 37 Threats, vulnerability and attacks (2/3) General Example: Asset: Charlie. Vulnerability: The leash Threat: Charlie runs away. 38 Threats, vulnerability and attacks (3/3) Cyber--security example: Asset: Your private photo on your mobile--phone Vulnerability: Bug on Android/OSX Threat: Someone aware of the vulnerability can steal your selfies 39 More examples of threats on assets Availability Confidentiality Integrity Equipment is stolen or disabled, thus denying Hardware service. Programs are deleted, An unauthorized copy of A working program is denying access to users. software is made. modified, either to cause Software it to fail during execution or to cause it to do some unintended task. Files are deleted, denying An unauthorized read Existing files are modified or new files are access to users. of data is performed. An fabricated. Data analysis of statistical data reveals underlying data. 40 About the adversary The adversary is a malicious entity willing to perform an illegal action, i.e., violating: Confidentiality Integrity Availability Authenticity of a certain asset. 41 About the adversary §The adversary can be either active or passive. §Active: § He takes an active part in the scenario § He corrupts transmitted messages § He prevents ongoing communication § He injects a virus into a system §Passive: § He is silent and stealthy § He eavesdrops the radio communications § He logs the messages transmitted in the local network 42 Threats and Attacks §Eavesdropping: the interception of information intended for someone else during its transmission over a communication channel. 43 Threats and Attacks Alteration: unauthorized modification of information. – Example: the man-in-the-middle attack, where a network stream is intercepted, modified, and retransmitted. 44 Threats and Attacks Denial-of-service: the interruption or degradation of a data service or information access. – Example: email spam, to the degree that it is meant to simply fill up a mail queue and slow down an email server. Alice 4 5 Threats and Attacks Masquerading: the fabrication of information that is purported to be from someone who is not actually the author. §– Or called impersonation 46 Threats and Attacks Repudiation: the denial of a commitment or data receipt. This involves an attempt to back out of a contract or a protocol that requires the different parties to provide receipts acknowledging that data has been received. 18 47 Public domain image from http://commons.wikimedia.org/wiki/File:Plastic_eraser.jpeg Threats and Attacks Correlation and traceback: the integration of multiple data sources and information flows to determine the source of a particular data stream or piece of information. BOB 48 Attack Levels of Impacts Low Moderate High 49 Low Impact The loss has a limited adverse effect on organizational operations, organizational assets, or individuals. Organization can perform its primary functions, with a reduced efficiency minor damage to organizational assets minor financial loss minor harm to individuals 50 Moderate Impact - Example The loss has a serious adverse effect on organizational operations, organizational assets, or individuals Organization can perform its primary functions, with a significantly reduced efficiency and significant degradation significant damage to organizational assets significant financial loss significant harm to individuals but without loss of life or serious, life- threatening injuries 51 High Impact The loss has a severe or catastrophic adverse effect on organizational operations, organizational assets, or individuals a severe degradation in or loss of mission capability with a duration The organization is not able to perform one or more of its primary functions Major damage to organizational assets Major financial loss severe or catastrophic harm to individuals:loss of life or serious, life- threatening injuries 52 OSI Security Architecture To assess effectively the security needs of an organization and to evaluate and choose various security products and policies there is a need for: A systematic way of defining the requirements for security and characterizing the approaches to satisfying those requirements OSI Architecture focuses on security attacks, mechanisms, and services computer and communications vendors have developed security features for their products and services that relate to OSI structured definition of services and mechanisms 53 OSI Security Security Security Attacks Mechanisms Services 54 OSI Architecture: Security Attacks Any action that compromises the security of information owned by an organization Active attacks Masquerade: an entity pretends to be a different entity Replay: involves the passive capture of a data unit and its subsequent retransmission to produce an unauthorized effect Alternatim/modification: portion of a legitimate message is altered, or that messages are delayed or reordered, to produce an unauthorized effect The denial of service attack 55 OSI Architecture: Security Attacks Passive attacks Eavesdropping or monitoring of transmission and logging Traffic analysis: observe the frequency and length of messages being exchanged guess the nature of the communication that was taking place gather information about the system, network, or devices the attacker can’t read the message but only understands the pattern and length of encryption Passive attacks are very difficult to detect: do not involve any alteration of the data traffic is exchanged in a normal fashion, and neither the sender nor the receiver is aware that a third party has read the messages or observed the traffic pattern 56 OSI Architecture: Security Mechanisms The approach to identifying any breach of security or attack on the organization responsible for protecting a system, network, or device against unauthorized access, tampering, or other security threats 57 Security Mechanisms (1/2) use algorithms to transform data into a form that can only be read by someone with Encryption the appropriate decryption key used to protect data transmitted over a network, stored on a device. the use of cryptographic techniques to create a unique, verifiable identifier for a Digital Signature digital document or message an ensure of the authenticity and integrity of the document or message Authentication A mechanism to ensure the identity of an entity using information exchange Exchange technique used to add extra data to a network traffic stream to obscure the true Traffic Padding content of the traffic and make it more difficult to analyze. 58 Security Mechanisms (2/2) allows the selection of specific physically secure routes for Routing Control specific data transmission and enables routing changes Access Control Rules and policies to enforce access rights to resources Data Integrity Mechanisms used to assure the integrity of data streams Notarization The use of a trusted third party to ensure certain properties of a data exchange 59 OSI Architecture: Security Services Services available for maintaining the security and safety of an organization help in preventing any potential risks to security Use security mechanisms to provide services 60 Security Services (1/2) the process of verifying the identity of a user or device Authentication to grant or deny access to a system or device the use of policies and procedures to determine who is Access Control allowed to access specific resources within a system. Data the protection of information from being accessed or disclosed to unauthorized parties Confidentiality 61 Security Services (2/2) the use of techniques to create a verifiable record of Non- the origin and transmission of a message, can be used to prevent the sender from denying that repudiation they sent the message Data The assurance that data received are exactly as sent by an authorized entity (contain no modification, insertion, Integrity deletion, or replay). 62 Fundamental Security Design Principles not been possible to develop security design and implementation techniques that systematically exclude security flaws and prevent all unauthorized actions. But there is a set of widely agreed design principles 63 Design Principles (1/13): Economy of Mechanism The design of security measures for hardware and software should be as simple and small as possible. Small design is easier to test and verify The more complex the mechanism, the more likely it is to possess exploitable flaws. Simple mechanisms tend to have fewer exploitable flaws and require less maintenance. Configuration management issues are simplified, updating or replacing a simple mechanism becomes a less intensive process. In practice, this is perhaps the most difficult principle to honor There is a constant demand for new features in both hardware and software, complicating the security design task 64 Design Principles (2/13): Fail-safe Default access decisions should be based on permission rather than exclusion The default situation is lack of access, and the protection scheme identifies conditions under which access is permitted implementation mistake in a mechanism refusing permission, a safe situation that can be quickly detected. Instead of having the default to permit access implementation mistake in a mechanism allowing access, a failure that may long go unnoticed in normal use 65 Design Principles (3/13): Complete Mediation Every access must be checked against the access control mechanism Systems should not rely on access decisions retrieved from a cache if access decisions are remembered for future use: careful consideration should be given to how changes in authority are propagated into such local memories File access systems appear to provide an example of a system that complies with this principle Yet, once a user has opened a file, no check is made to see if permissions change To fully implement complete mediation, every time a user reads a field or record in a file or a data item in a database, the system must apply access control This resource-intensive approach is rarely used 66 Design Principles (4/13): Open Design The design of a security mechanism should be open rather than secret Example: Encryption keys must be secret yet, encryption algorithms should be open to public scrutiny The algorithms can then be reviewed by experts higher confidence for users 67 Design Principles (5/13): Separation of Privilege Multiple privilege attributes are required to achieve access to a restricted resource Example: multifactor user authentication, which requires the use of multiple techniques a password and a smart card, to authorize a user Programs level: divide the program into parts that are limited to the specific privileges they require to perform a specific task Example: removing high-privilege operations to another process and running that process with the higher privileges required to perform its tasks Day-to-day interfaces are executed in a lower-privileged process 68 Design Principles (6/13): Least Privilege Every process and every user of the system should operate using the least set of privileges necessary to perform the task Example: role-based access control: The system security policy can identify and define the various roles of users or processes. Each role is assigned only those permissions needed to perform its functions. Each permission specifies permitted access to a particular resource (such as read and write access to a specified file or directory) Unless permission is granted explicitly, the user or process should not be able to access the protected resource System programs or administrators who have special privileges should have those privileges only when necessary For ordinary activities the special privileges should be withdrawn 69 Design Principles (7/13): Least Common Mechanism The design should minimize the functions shared by different users, providing mutual security Helps in reducing the number of unintended communication paths and reduces the amount of hardware and software on which all users depend and share making it easier to verify if there are any undesirable security implications 70 Design Principles (8/13): Psychological Acceptability Security mechanisms should not interfere improperly with the work of users, while at the same time meeting the needs of those who authorize access If security mechanisms hinder the usability or accessibility of resources then users may opt to turn off those mechanisms Security mechanisms should be transparent with minimal obstruction Should not be intrusive or burdensome, security procedures must reflect the user’s mental model of protection If the protection procedures do not make sense to the user the user is likely to make errors. 71 Design Principles (9/13): Isolation public access systems should be isolated from critical resources (data, processes, etc.) to prevent disclosure or tampering. For information with high sensitivity or criticality organizations may want to limit the number of systems on which that data is stored and isolate them, either physically or logically. Physical isolation may include ensuring that no physical connection exists between an organization’s public access information resources and an organization’s critical information The processes and files of individual users should be isolated from one another except where it is explicitly desired. 72 Design Principles (10/13): Encapsulation specific form of isolation based on object-oriented functionality. Protection is provided by encapsulating a collection of procedures and data objects in a domain of its own so that the internal structure of a data object is accessible only to the procedures of the protected subsystem, and the procedures may be called only at designated domain entry points. 73 Design Principles (11/13): Modularity development of security functions as separate, protected modules and to the use of a modular architecture for mechanism design and implementation Use of separate security modules instead of developing them Example: protocols and applications make use of cryptographic functions instead of implementing such functions in each protocol or application The design and implementation effort can then focus on the secure design and implementation of a single cryptographic module and include mechanisms to protect the module from tampering. 74 Design Principles (12/13): Layering Layering refers to the use of multiple, overlapping protection approaches addressing the people, technology, and operational aspects of information systems. Using multiple, overlapping protection approaches, the failure or circumvention of any individual protection approach will not leave the system unprotected. 75 Design Principles (13/13): Least Astonishment a program or user interface should always respond in the way that is least likely to astonish the user Example, the mechanism for authorization should be transparent enough to a user that the user has a good intuitive understanding of how the security goals map to the provided security mechanism. 76 Summary Security Definitions and concepts Security Goals Attacks and Threats Security Impacts OSI Security Architecture Design Principles of a Secure System 77