Lec 1 and 2a - Chapter 1.pdf

Full Transcript

INTRODUCTION
LECTURE SET 01 AND 02

CRs NO:1502170
INTRODUCTION TO CYBER SECURITY

M5 - 220 [email protected] Dr. Saddaf Rubab
 CYBER SECURITY

 Cyber security refers to the body of technologies,
processes, and practices designed to protect networks,
devices, programs, and data from attack, damage, or
unauthorized access.
 Cyber security consists of technologies, processes and
controls designed to protect systems, networks, programs,
devices and data from cyber attacks

2

FROM SECURITY IN COMPUTING, FIFTH EDITION, BY CHARLES P. PFLEEGER, ET AL. (ISBN:
9780134085043). COPYRIGHT 2015 BY PEARSON EDUCATION, INC. ALL RIGHTS RESERVED.
 CYBER SECURITY

3
https://www.varonis.com/blog/data-breach-statistics/
COMPUTER SYSTEM STRUCTURE

 Computer system can be divided into four components:
 Hardware – provides basic computing resources
 CPU, memory, I/O devices
 Operating system
 Controls and coordinates use of hardware among various
applications and users
 Application programs – define the ways in which the system
resources are used to solve the computing problems of the users
 Word processors, compilers, web browsers, database systems,
video games
 Users
 People, machines, other computers
4
FROM SECURITY IN COMPUTING, FIFTH EDITION, BY CHARLES P. PFLEEGER, ET AL. (ISBN:
9780134085043). COPYRIGHT 2015 BY PEARSON EDUCATION, INC. ALL RIGHTS RESERVED.
 COMPUTER SYSTEM STRUCTURE

5

FROM SECURITY IN COMPUTING, FIFTH EDITION, BY CHARLES P. PFLEEGER, ET AL. (ISBN:
9780134085043). COPYRIGHT 2015 BY PEARSON EDUCATION, INC. ALL RIGHTS RESERVED.
COMPUTER SYSTEM

I/O
Input / Output Peripherals
Register
ALU
Array
System Bus

Control
Memory

Microprocessor Unit Primary Storage Secondary Storage
MPU

FROM SECURITY IN COMPUTING, FIFTH EDITION, BY CHARLES P. PFLEEGER, ET AL. (ISBN:
6
9780134085043). COPYRIGHT 2015 BY PEARSON EDUCATION, INC. ALL RIGHTS RESERVED.
 RISK IS A FACT OF LIFE

 Crossing the street is risky
 But, you still cross the street!

 Using computers is risky (from the security and privacy
perspectives)
 But, you still use computers!
WHAT DOES "SECURE" MEAN?

 How do we protect our most valuable assets?
 bank robbery: bank robbery was, for a time, considered to be a
profitable business. Protecting assets was difficult and not always
effective.
 Today: asset protection is easier; Very sophisticated alarm and camera
systems silently protect secure places, genetic material (DNA),
fingerprints, retinal patterns, voice, etc.
WHAT DOES "SECURE" MEAN?
THIS CHAPTER

 Threats, vulnerabilities, and controls
 Confidentiality, integrity, and availability
 Attackers and attack types; method, opportunity, and
motive
 Valuing assets
 WHAT IS COMPUTER SECURITY?
 The protection of the assets of a computer system
 Hardware
 Software
 Data

Hardware: Software: Data:
Computer Operating system Documents
Devices (disk Utilities (antivirus) Photos
drives, memory, Commercial Music, videos
printer) applications (word Email
Network gear processing, photo Class projects
editing) 11

Individual applications
 Values of Assets

Off the shelf;
easily replaceable

Hardware: Software: Data:
Computer Operating system Documents
Devices (disk Utilities (antivirus) Photos
drives, memory, Commercial Music, videos
printer) applications (word Email
Network gear processing, photo Class projects
editing)
Individual
Unique; irreplaceable
applications 12
 COMPUTING SYSTEM SECURITY

 The computing system is a collection of hardware, software, storage
media, data, and people that an organization uses to perform computing
tasks.
 Sometimes, we assume that parts of a computing system are not
valuable to an outsider, but often we are mistaken.
 Any system is most vulnerable at its weakest point.
 Any part of a computing system can be the target of a crime.

 Computer security is the protection of the items you value,
called the assets
THE VULNERABILITY–THREAT–CONTROL PARADIGM

1. Vulnerability: weakness
2. Threat: condition that exercises vulnerability
3. Incident: vulnerability + threat. We also define the impact and
likelihood
4. Control: reduction of threat or vulnerability, safeguard
VULNERABILITIES,THREATS, ATTACKS, AND
CONTROLS

 A vulnerability is a weakness in the security system (for example, in
procedures, design, or implementation), that might be exploited to cause
loss or harm.
 A threat to a computing system is a set of circumstances that has the
potential to cause loss or harm.
 A human who exploits a vulnerability perpetrates an attack on the
system.
 How do we address these problems?
 We use a control as a protective measure. That is, a control is an
action, device, procedure, or technique that removes or reduces a
vulnerability.
VULNERABILITIES,THREATS, ATTACKS, AND
CONTROLS

 the relationship among threats, controls, and vulnerabilities
in this way:
 A threat is blocked by control of a vulnerability.
 To devise controls, we must know as much about threats as possible.
THREAT & VULNERABILITY
 Vulnerability
 Threat
 Attack
 Countermeasure
or control

The water is the threat, the
crack the vulnerability, and
the finger the control (for
now).

17
 THREATS AND HARMS

 A threat to a computing system is a set of circumstances that has the
potential to cause loss or harm.
 02 ways to consider potential harm:
 First, we can look at what bad things can happen to assets, and
 Second, we can look at who or what can cause or allow those bad
things to happen.
 Threats target the availability, valuable, integrity, personal aspects
 TYPES OF HARMS

 We can view any threat as being caused by one of four acts: interception,
interruption, modification, and fabrication.
 TYPES OF HARMS

 We can view any threat as being caused by one of four acts: interception,
interruption, modification, and fabrication.

An interception means that some
unauthorized party has gained
access to an asset.

These are the primary types of harm against system data and functions.
Understanding these possibilities is important to considering threat and risk.
 TYPES OF HARMS
 We can view any threat as being caused by one of four acts: interception,
interruption, modification, and fabrication.

In an interruption, an asset of the
system becomes lost, unavailable, or
unusable.

These are the primary types of harm against system data and functions.
Understanding these possibilities is important to considering threat and risk.
 TYPES OF HARMS
 We can view any threat as being caused by one of four acts: interception,
interruption, modification, and fabrication.

If an unauthorized party not only
accesses but tampers with an asset,
the threat is a modification.

These are the primary types of harm against system data and functions.
Understanding these possibilities is important to considering threat and risk.
 TYPES OF HARMS
 We can view any threat as being caused by one of four acts: interception,
interruption, modification, and fabrication.

an unauthorized party might create
a fabrication of counterfeit
objects on a computing system.
Fabrication attacks involve
generating data, processes,
communications, or other similar
activities with a system.
Example: Email Spoofing

These are the primary types of harm against system data and functions.
Understanding these possibilities is important to considering threat and risk.
VULNERABILITIES OF COMPUTING SYSTEMS
 THE MEANING OF COMPUTER SECURITY

 Security Goals
 When we talk about computer security, we mean that we are addressing three
important aspects of any computer-related system: confidentiality, integrity, and
availability (CIA)
 Confidentiality ensures that computer-related assets are accessed only by
authorized parties.
 Reading, viewing, printing, or even knowing their existence
 Secrecy or privacy
 Integrity means that assets can be modified only by authorized parties or only in
authorized ways.
 Writing, changing, deleting, creating
 Availability means that assets are accessible to authorized parties at appropriate
times. For this reason, availability is sometimes known by its opposite, denial of
service.
 CONFIDENTIALITY, INTEGRITY, AND AVAILABILITY
(CIA TRIAD

 One of the challenges in building
a secure system is finding the
right balance among the goals,
which often conflict.
 For example, it is easy to preserve a
particular object's confidentiality in a
secure system simply by preventing
everyone from reading that object.
However, this system is not secure,
because it does not meet the
requirement of availability for proper
access.
MORE SECURITY GOALS

Authentication Accountability
Verifying that users are Ability of system to confirm
who they say they are and actions of an entity to be
that each input arriving at traced uniquely to that
the system came from a entity. Sender cannot deny
trusted source having sent something

29
CONFIDENTIALITY, INTEGRITY, AND
AVAILABILITY

 In fact, these three characteristics can be independent, can overlap, and
can even be mutually exclusive.
CONFIDENTIALITY, INTEGRITY, AND
AVAILABILITY

 Ensuring confidentiality can be difficult.
 For example, who determines which people or systems are
authorized to access the current system? By "accessing" data, do we
mean that an authorized party can access a single bit? the whole
collection? pieces of data out of context? Can someone who is
authorized disclose those data to other parties?
 We understand confidentiality well because we can relate computing
examples to those of preserving confidentiality in the real world.
FAILURE OF DATA CONFIDENTIALITY

32
ACCESS CONTROL
Policy:
Who + What + How = Yes/No

Object
Mode of access (what)
Subject (how)
(who)

33
CONFIDENTIALITY, INTEGRITY, AND
AVAILABILITY

 Integrity is much harder to pin down.
 Integrity means different things in different contexts.
 Precise, unmodified, modified only in acceptable ways, modified
only by authorized people, modified only by authorized processes,
consistent, meaningful and usable
 Integrity can be enforced in much the same way as can
confidentiality: by rigorous control of who or what can
access which resources in what ways.
 CONFIDENTIALITY, INTEGRITY, AND
AVAILABILITY
 Availability applies both to data and to services (that is, to information and to
information processing). We say a data item, service, or system is available
 if there is a timely response to our request.
 Resources are allocated fairly so that some requesters are not favored
over others.
 The service or system involved follows a philosophy of fault tolerance,
whereby hardware or software faults lead to graceful cessation of service
or to work-arounds rather than to crashes and abrupt loss of
information.
 The service or system can be used easily and in the way it was intended
to be used.
 Concurrency is controlled; that is, simultaneous access, deadlock
management, and exclusive access are supported as required.
CONFIDENTIALITY, INTEGRITY, AND
AVAILABILITY

FROM SECURITY IN COMPUTING, FIFTH EDITION, BY CHARLES P. PFLEEGER, ET AL. (ISBN:
36
9780134085043). COPYRIGHT 2015 BY PEARSON EDUCATION, INC. ALL RIGHTS RESERVED.
 Confidentiality Integrity Availability

preserving guarding against ensuring timely and
authorized improper reliable access to
restrictions on information and use of
information access modification or information
and disclosure, destruction,
including means for including ensuring
protecting personal information
privacy and nonrepudiation and
proprietary authenticity
information

Computer security seeks to prevent unauthorized
viewing (confidentiality) or modification (integrity) of
data while preserving access (availability).

THE CIA TRIAD
TYPES OF THREATS

 Threats are caused both by
human and other sources
(natural disasters, loss of
electricity, failure of any
component).
 Threats can be malicious or
not.
 Malicious attacks can be
random or directed.

FROM SECURITY IN COMPUTING, FIFTH EDITION, BY CHARLES P. PFLEEGER, ET AL. (ISBN:
38
9780134085043). COPYRIGHT 2015 BY PEARSON EDUCATION, INC. ALL RIGHTS RESERVED.
ADVANCED PERSISTENT THREAT

 A lone attacker might create a random attack that traps a few, or a few million,
individuals, but the resulting impact is limited to what that single attacker can
organize and manage.
 A collection of attackers squad might work together — for example, the cyber
equivalent of a street gang or an organized crime
 come from organized, well financed, patient attackers. They carefully select their
targets, crafting attacks that appeal to specifically those targets.
 Typically the attacks are silent, avoiding any obvious impact that would alert a
victim, thereby allowing the attacker to exploit the victim’s access rights over a
long time.

FROM SECURITY IN COMPUTING, FIFTH EDITION, BY CHARLES P. PFLEEGER, ET AL. (ISBN:
39
9780134085043). COPYRIGHT 2015 BY PEARSON EDUCATION, INC. ALL RIGHTS RESERVED.
 ATTACKS

 When you test any computer system
 One of your jobs is to imagine how the system could malfunction.
 Then, you improve the system's design so that the system can
withstand any of the problems you have identified.
 In the same way, we analyze a system from a security perspective
 thinking about ways in which the system's security can malfunction and
diminish the value of its assets.
 TYPES OF ATTACKERS
Terrorist

Criminal-
Hacker
for-hire

Loosely
Individual connected
group

Organized
crime member

Each of these attacker types is associated with a different
set of resources, capabilities & motivations.
41

Understanding the different types will help later in
considering threats.
 Black hat hackers are cybercriminals that illegally crack systems with malicious
intent. Once a black hat hacker finds a security vulnerability, they try to exploit it
 White hat hackers are ethical security hackers who identify and fix vulnerabilities.
 Gray hat hackers may not have the criminal or malicious intent of a black hat
hacker, gray hat hackers uncover weaknesses, they report them rather than
exploiting them. But gray hat hackers may demand payment in exchange for providing
full details of what they uncovered.
 Green hat hackers are inexperienced and may lack the technical skills of more
experienced hackers.
 Blue hat hackers are white hat hackers who are actually employed by an
organization.
 Red hat hackers are vigilante hackers, red hat hackers are motivated by a desire to
fight back against black hat hackers.

FROM SECURITY IN COMPUTING, FIFTH EDITION, BY CHARLES P. PFLEEGER, ET AL. (ISBN:
42
9780134085043). COPYRIGHT 2015 BY PEARSON EDUCATION, INC. ALL RIGHTS RESERVED.
 COMPUTER CRIMINALS
 Computer crime is any crime involving a computer or aided by the use
of one.

 One approach to prevention or moderation is to understand who
commits these crimes and why.
 Many studies have attempted to determine the characteristics of
computer criminals.
 By studying those who have already used computers to commit crimes,
we may be able in the future to spot likely criminals and prevent the
crimes from occurring.
COMPUTER CRIMINALS
 Amateurs and Individuals
 Ordinary computer users who while doing their jobs discover their
ability to access something valuable
 Amateurs have committed most of the computer crimes reported to
date.
 Organized,Worldwide groups
 Attackers’ goals include fraud, extortion, money laundering, and drug
trafficking, areas in which organized crime has a well-established
presence.
 traditional criminals are recruiting hackers to join the lucrative world
of cybercrime
COMPUTER CRIMINALS

 Crackers or Malicious Hackers
 System crackers, often high school or university students, attempt to
access computing facilities for which they have not been authorized.
 Others attack for curiosity, personal gain, or self-satisfaction. And still
others enjoy causing chaos, loss, or harm. There is no common profile
or motivation for these attackers.
COMPUTER CRIMINALS

 Career Criminals
 By contrast, the career computer criminal understands the targets of
computer crime.
 There is some evidence that organized crime and international
groups are engaging in computer crime. Recently, electronic spies and
information brokers have begun to recognize that trading in
companies' or individuals' secrets can be lucrative.
METHOD, OPPORTUNITY, AND MOTIVE

 A malicious attacker must have three things (MOM):
 method: the skills, knowledge, tools, and other things with which to be
able to pull off the attack
 Knowledge of systems are widely available
 opportunity: the time and access to accomplish the attack
 Systems available to the public are accessible to them
 motive: a reason to want to perform this attack against this system
VULNERABILITIES

 When we prepare to test a system, we usually try to imagine how the
system can fail; we then look for ways in which the requirements,
design, or code can enable such failures.
 Imagine the vulnerabilities that would prevent us from reaching one
or more of our three security goals.
VULNERABILITIES OF COMPUTING SYSTEMS

 Hardware Vulnerabilities
 adding devices, changing them, removing them, intercepting the traffic
to them, or flooding them with traffic until they can no longer
function. (many other ways to harm the hardware).
 Software Vulnerabilities
 Software can be replaced, changed, or destroyed maliciously, or it can
be modified, deleted, or misplaced accidentally. Whether intentional
or not, these attacks exploit the software's vulnerabilities.
VULNERABILITIES OF COMPUTING SYSTEMS

 Data Vulnerabilities
 data have a definite value, even though that value is often difficult to
measure.
 Ex1: confidential data leaked to a competitor
 may narrow a competitive edge
 Ex2: flight coordinate data used by an airplane that is guided partly or
fully by software
 Can cost human lives if modified
OTHER EXPOSED ASSETS
 Networks
 Networks are specialized collections of hardware, software, and data.
 Can easily multiply the problems of computer security
 Insecure shared links
 Inability to identify remote users (anonymity)
 Key People
 People can be crucial weak points in security. If only one person
knows how to use or maintain a particular program, trouble can arise
if that person is ill, suffers an accident, or leaves the organization
(taking her knowledge with her).
VULNERABILITIES OF COMPUTING SYSTEMS

 Principle of Adequate Protection: Computer items must be
protected only until they lose their value. They must be protected
to a degree consistent with their value.
 This principle says that things with a short life can be protected by
security measures that are effective only for that short time. The
notion of a small protection window applies primarily to data, but it
can in some cases be relevant for software and hardware, too.
VULNERABILITIES OF COMPUTING SYSTEMS

 Principle of Easiest Penetration - “An intruder must be expected
to use any available means of penetration.”
 The penetration may not necessarily be by the most obvious means,
 nor is it necessarily the one against which the most solid defense has
been installed
 and it certainly does not have to be the way we want the attacker to
behave.
 This principle implies that computer security specialists must consider
all possible means of penetration.
 Penetration analysis must be done repeatedly, and especially whenever
the system and its security change.
VULNERABILITIES OF COMPUTING SYSTEMS

 Principle of Weakest Link - Security can be no stronger than its
weakest link.
 Whether it is the power supply that powers the firewall or the
operating system under the security application or the human who
plans, implements, and administers controls, a failure of any control
can lead to a security failure.
CONTROLS - METHODS OF DEFENSE

 We can deal with harm in several ways.We can seek to
 prevent it, by blocking the attack or closing the vulnerability
 deter it, by making the attack harder but not impossible
 deflect it, by making another target more attractive (or this one less
so)
 detect it, either as it happens or some time after the fact
 recover from its effects

Security professionals balance the cost and effectiveness of controls with the
likelihood and severity of harm.
 CONTROLS - METHODS OF DEFENSE
 The figure illustrates how we use a combination of controls to secure our
valuable resources. We use one or more controls, according to what we are
protecting, how the cost of protection compares with the risk of loss, and how
hard we think intruders will work to get what they want.

In this simple representation of a networked system, it is easy to see all the touch points where controls can be placed,
as well as some different types of controls, including deterrence, deflection, response, prevention, and preemption.
CONTROLS AVAILABLE

 Encryption
 the formal name for the scrambling process.
 We take data in their normal, unscrambled state, called cleartext, and
transform them so that they are unintelligible to the outside
observer; the transformed data are called enciphered text or
ciphertext.
 Encryption clearly addresses the need for confidentiality of data.
 Additionally, it can be used to ensure integrity; data that cannot be
read generally cannot easily be changed in a meaningful manner.
CONTROLS AVAILABLE

 Encryption does not solve all computer security problems, and other
tools must complement its use.
 Furthermore, if encryption is not used properly, it may have no effect on
security or could even degrade the performance of the entire system.
 Weak encryption can actually be worse than no encryption at all,
because it gives users an unwarranted sense of protection.
 Therefore, we must understand those situations in which encryption is
most useful as well as ways to use it effectively.
CONTROLS AVAILABLE
 Software/Program Controls
 Programs must be secure enough to prevent outside attack.
 They must also be developed and maintained so that we can be confident of
the programs' dependability.
 Program controls include the following:
 internal program controls: parts of the program that enforce security
restrictions, such as access limitations in a database management program
 operating system and network system controls: limitations enforced by the
operating system or network to protect each user from all other users
 independent control programs: application programs, such as password
checkers, intrusion detection utilities, or virus scanners, that protect against
certain types of vulnerabilities
CONTROLS AVAILABLE

 development controls: quality standards under which a program is
designed, coded, tested, and maintained to prevent software faults
from becoming exploitable vulnerabilities

 Software controls frequently affect users directly, such as when the user
is interrupted and asked for a password before being given access to a
program or data.
 Because they influence the way users interact with a computing
system, software controls must be carefully designed. Ease of use and
potency are often competing goals in the design of a collection of
software controls.
CONTROLS AVAILABLE

 Hardware Controls
 Numerous hardware devices have been created to assist in providing
computer security. These devices include a variety of means, such as
 hardware or smart card implementations of encryption
 locks or cables limiting access or deterring theft
 devices to verify users' identities
 firewalls
 intrusion detection systems
 circuit boards that control access to storage media
CONTROLS AVAILABLE
 Policies and Procedures
 Sometimes, we can rely on agreed-on procedures or policies among
users rather than enforcing security through hardware or software
means. such as frequent changes of passwords
 We must not forget the value of community standards and
expectations when we consider how to enforce security.

 Physical Controls
 locks on doors, guards at entry points, backup copies of important
software and data, and physical site planning that reduces the risk of
natural disasters.
 CONTROLS/COUNTERMEASURES

Kind of Threat
The three dimensions by which
a control can be categorized.

ot

ot
ot

s/ n

/n
/n

ed
ou
an

ct
i ci
m

ire
Hu
Thinking about controls in this

al

D

Physical
M
way enables you to easily map

Procedural
Confidentiality
the controls against the threats

Technical
they help address. Protects
Integrity

e
yp
Availability

lT
ntro
Co
63
EFFECTIVENESS OF CONTROLS

 Awareness of Problem
 People using controls must be convinced of the need for security.
That is, people will willingly cooperate with security requirements
only if they understand why security is appropriate in a given
situation.
EFFECTIVENESS OF CONTROLS

 Likelihood of Use
 Of course, no control is effective unless it is used.
 Principle of Effectiveness:
 Controls must be used and used properly to be effective. They
must be efficient, easy to use, and appropriate.
 This principle implies that computer security controls must be
efficient enough, in terms of time, memory space, human activity, or
other resources used, that using the control does not seriously
affect the task being protected. Controls should be selective so
that they do not exclude legitimate accesses.
EFFECTIVENESS OF CONTROLS

 Overlapping Controls
 Several different controls may apply to address a single vulnerability.
 Periodic Review
 Just when the security specialist finds a way to secure assets against
certain kinds of attacks, the opposition doubles its efforts in an
attempt to defeat the security mechanisms. Thus, judging the
effectiveness of a control is an ongoing task.
IS THERE A SECURITY PROBLEM IN COMPUTING?

1. The goals of secure computing: confidentiality, integrity, availability
(CIA)
2. The threats to security in computing: interception, interruption,
modification, fabrication
3. Controls available to address these threats: encryption,
programming controls, operating systems, network controls,
administrative controls, law, and ethics
SUMMARY

 Computer security attempts to ensure the confidentiality, integrity, and
availability of computing systems' components(hardware, software, and
data)
 This chapter explored the meanings and the types of threats,
vulnerabilities, attacks, and controls
 Also, four principles affect the direction of work in computer security:
the principle of easiest penetration, timeliness (adequate protection),
effectiveness, and the weakest link

Remember that computer security is a game with rules only for the defending team
the attackers can (and will) use any means they can.
REFERENCES

Chapter 01
Pfleeger, C. P. (2015). Security in Computing. 5th Edition.
Prentice Hall. ISBN 0-13-239077-9.

69