computer security module 4
TRANSCRIPT
Computer Security
Deepak John
SJCET-Palai
Network Security
Kerberos
trusted key server system from MIT
Symmetric encryption
using no public keys
provides centralised private-key third-party authentication in a distributed
network
allows users access to services distributed through network
without needing to trust all workstations
rather all trust a central authentication server
two versions in use: 4 & 5
Kerberos Requirements
Secure: should be strong enough that a potential opponent does not find it to be
the weak link.
Reliable: should be highly reliable and should employ a distributed server
architecture with one system able to back up another.
Transparent: the user should not be aware that authentication is taking place
beyond the requirement to enter a password.
Scalable: should be capable of supporting large numbers of clients and servers.
Kerberos v4 Overview
a basic third-party authentication scheme
have an Authentication Server (AS)
that knows the passwords of all users and stores these in a centralized database.
shares a unique secret key with each server.
creates a ticket that contains the user’s ID and network address and the server’s
ID.
have a Ticket Granting server (TGS)
issues tickets to users who have been authenticated to AS
Kerberos v4 Dialogue
1. The client requests a ticket-granting ticket by sending its user’s ID to the AS,
together with the TGS ID, indicating a request to use the TGS service.
2. The AS responds with a ticket that is encrypted with a key that is derived from
the user’s password (Kc ), which is already stored at the AS. When this response
arrives at the client, the client users his password, generates the key, and
attempts to decrypt the incoming message. If the password is correct, the ticket
is successfully recovered.
3. The client requests a service-granting ticket by transmitting a message to the
TGS containing the user’s ID, the ID of the desired service, and the ticket-
granting ticket.
4. The TGS decrypts the incoming ticket using a key shared only by the AS and the
TGS ( Ktgs) and it checks to make sure that the lifetime has not expired. Then it
compares the user ID and network address with the incoming information to
authenticate the user. If the user is permitted access to the server V, the TGS
issues a ticket to grant access to the requested service.
5. The client requests access to a service by transmitting a message to the server
containing the user’s ID and the service-granting ticket. The server authenticates
by using the contents of the ticket.
Kerberos 4
Overview
Kerberos Version 4
Simplified approach
Client asks authentication server for ticket
AS grants ticket
Client sends ticket to server
Weaknesses
Big load on AS (Provide secondary ticket-granting servers)
Repeated password entry (Password to AS seldom, tickets from TGS
when needed, based on AS authentication)
Kerberos Realms
a Kerberos environment consists of:
a Kerberos server
a number of clients, all registered with
server
application servers, sharing keys with
server
this is termed a realm
typically a single administrative domain
if have multiple realms, their Kerberos
servers must share keys and trust
Difference Between Version 4 and 5
Encryption system dependence (V.4 DES)
Internet protocol dependence
Message byte ordering
Ticket lifetime
Authentication forwarding
Interrealm authentication
X.509 Authentication Service
Distributed set of servers that maintains a database about users.
Provides a certificate that contains the public key of a user and is signed with the private key of a CA
defines framework for authentication services
directory may store public-key certificates
with public key of user signed by certification authority
also defines authentication protocols
uses public-key crypto & digital signatures
Available versions are 1,2,and 3
version (1, 2, or 3)
certificate serial number (unique within CA)
signature algorithm identifier
issuer name (CA)
period of validity (from - to dates)
subject name (name of owner)
subject public-key info (algorithm, parameters, key)
issuer unique identifier
subject unique identifier
extension fields
signature (of hash of all fields in certificate)
Obtaining a Certificate
any user with access to CA can get any certificate from it
only the CA can modify a certificate
The standard uses the following notation to define a certificate
CA<<A>> = CA {V, SN, AI, CA, UCA, A, UA, Ap, TA}
notation CA<<A>> denotes certificate for A signed by CA
V=version of the certificate
SN=serial number of the certificate
AI =identifier of the algorithm used to sign
the certificate
CA =name of certificate authority
UCA =optional unique identifier of the CA
A=name of user A
UA=optional unique identifier of the
user A
Ap=public key of user A
TA=period of validity of the certificate
CA Hierarchy
if both users share a common CA then they are assumed to know its public key
each CA has certificates for clients (forward) and parent (backward)
each client trusts parents certificates
enable verification of any certificate from one CA by users of all other CAs in hierarchy
Certificate Revocation
certificates have a period of validity
may need to revoke before expiry,
CA’s maintain list of revoked
certificates
the Certificate Revocation List
(CRL)
users should check certificates with
CA’s CRL
Authentication Procedures
X.509 includes three alternative authentication procedures:
i. One-Way Authentication
ii. Two-Way Authentication
iii. Three-Way Authentication
all use public-key signatures
One-Way Authentication
1 message ( A->B) used to establish
the identity of A and that message is from A
message was intended for B
integrity & originality of message
message must include timestamp, nonce, B's identity and is signed by A
may include additional info for B
eg session key
Two-Way Authentication
2 messages (A->B, B->A) which also establishes in addition:
the identity of B and that reply is from B
that reply is intended for A
integrity & originality of reply
reply includes original nonce from A, also timestamp and nonce from B
may include additional info for A
Three-Way Authentication
3 messages (A->B, B->A, A->B)
has reply from A back to B containing signed copy of nonce from B
means that timestamps need not be checked or relied upon
X.509 Version 3
has been recognised that additional information is needed in a certificate
email/URL, policy details, usage constraints
rather than explicitly naming new fields defined a general extension method
extensions consist of:
extension identifier
criticality indicator
extension value
Certificate Extensions
key and policy information
convey info about subject & issuer keys, plus indicators of certificate policy
certificate subject and issuer attributes
support alternative names, in alternative formats for certificate subject and/or issuer
certificate path constraints
allow constraints on use of certificates by other CA’s
Public Key Infrastructure
as the set of hardware, software, people, policies, and procedures needed to
create, manage, store, distribute, and revoke digital certificates based on
asymmetric cryptography.
enable secure, convenient, and efficient acquisition of public keys.
End entity: used to denote end users, devices (e.g., servers, routers), or any other
entity that can be identified in the subject field of a public key certificate. End
entities typically consume and/or support PKI-related services.
Certificate authority (CA): The issuer of certificates and (usually) certificate
revocation lists (CRLs).
Registration authority (RA): An optional component that can assume a number
of administrative functions from the CA. Then RA is often associated with the
End Entity registration process.
CRL issuer: An optional component that a CA can delegate to publish CRLs.
Repository: A generic term used to denote any method for storing certificates and
CRLs so that they can be retrieved by End Entities.
Email Security
email is one of the most widely used and regarded network services
Email Security Enhancements
1. confidentiality
protection from disclosure
2. authentication
of sender of message
3. message integrity
protection from modification
4. non-repudiation of origin
protection from denial by sender
Pretty Good Privacy (PGP)
provides a confidentiality and authentication service that can be used for e-mail
and file storage applications.
developed by Phil Zimmermann
Based on known algorithms such as RSA
integrated into a single program
It is availiable free on a variety of platforms.(Unix, PC, Macintosh and other systems )
originally free, now also have commercial versions available
For personal email security
Operational Description
Consist of four services:
Authentication
Confidentiality
Compression
E-mail compatibility
Authentication
1. sender creates message
2. use SHA-1 to generate 160-bit hash of message
3. signed hash with RSA using sender's private key is attached to message
4. receiver uses RSA with sender's public key to decrypt and recover hash code
5. receiver verifies received message using hash of it and compares with decrypted
hash code
Confidentiality
1. sender generates message and 128-bit random number as session key for it
2. encrypt message using 3DES or other methods in CBC mode with session key
3. session key encrypted using RSA with recipient's public key, & attached to
message
4. receiver uses RSA with private key to decrypt and recover session key
5. session key is used to decrypt message
Compression
by default PGP compresses message after signing but before encrypting
so can store uncompressed message & signature for later verification
Message encryption is after compression
To strengthen cryptographic security
uses ZIP compression algorithm
Email Compatibility
when using PGP will have binary data to send (encrypted message etc)
however email was designed only for text
hence PGP must encode raw binary data into printable ASCII characters
uses radix-64 algorithm
maps 3 bytes to 4 printable characters
also appends a CRC
PGP also segments messages if too big
Operation
– Summary
Cryptographic Keys
PGP uses four types of keys
Session keys
Public keys
Private Keys
Passphrase keys
Session Keys
need a session key for each message
of varying sizes: 56-bit DES, 168-bit Triple-DES
uses random inputs taken from previous uses and from keystroke timing of user
Public & Private Keys
PGP use:
public keys for encrypting session keys / verifying signatures.
private keys for decrypting session keys / creating signatures.
Passphrase Keys
A passphrase is a longer version of a password, and in theory, a more secure one.
Typically composed of multiple words,
PGP Message Format
PGP Key Rings
each PGP user has a pair of key rings:
public-key ring contains all the public-keys of other PGP users known to this
user, indexed by key ID
private-key ring contains the public/private key pair(s) for this user, indexed
by key ID & encrypted keyed from a hashed passphrase
EP=public-key encryption
DP=public-key decryption
EC=symmetric encryption
DC = symmetric decryption
H=hash function
||=concatenation
Z=compression using ZIP algorithm
PGP Message Generation
The sending PGP entity performs the following steps:
Signs the message:
PGP gets sender’s private key from key ring using its user id as an index.
PGP prompts user for passphrase to decrypt private key.
PGP constructs the signature component of the message.
Encrypts the message:
PGP generates a session key and encrypts the message.
PGP retrieves the receiver public key from the key ring using its user id as an
index.
PGP constructs session component of message
PGP Message
Reception
The receiving PGP entity performs the following steps:
Decrypting the message:
PGP get private key from private-key ring using Key ID field in session key
component of message as an index.
PGP prompts user for passphrase to decrypt private key.
PGP recovers the session key and decrypts the message.
Authenticating the message:
PGP retrieves the sender’s public key from the public-key ring using the Key
ID field in the signature key component as index.
PGP recovers the transmitted message digest.
PGP computes the message for the received message and compares it to the
transmitted version for authentication.
PGP Key Management
in PGP every user is own CA
can sign keys for users they know directly
PGP adopts a trust model called the web of trust.
No centralised authority means Individuals sign one another’s public keys, these
“certificates” are stored along with keys in key rings.
PGP computes a trust level for each public key in key ring.
Trust levels for public keys dependent on:
Number of signatures on the key;
Trust level assigned to each of those signatures.
Trust levels recomputed from time to time.
S/MIME (Secure/Multipurpose Internet Mail Extensions)
security enhancement to MIME email emerged as the industry standard
original Internet RFC822 email was text only
MIME provided support for varying content types and multi-part messages
with encoding of binary data to textual form
S/MIME added security enhancements
have S/MIME support in many mail agents
eg MS Outlook, Mozilla, Mac Mail etc
S/MIME Functions
Enveloped Data: Encrypted content and encrypted session keys for recipients.
Signed Data: Message Digest encrypted with private key of “signer.”
Clear-Signed Data: Signed but not encrypted.
Signed and Enveloped Data: Various orderings for encrypting and signing
Header fields in MIME
MIME-Version: identifies the version
Content-Type: Describes the data contained in the body (application/word)
Content-Transfer-Encoding: How message has been encoded (radix-64)
Content-ID: Unique identifying character string.
Content Description: Needed when content is not readable text (e.g.mpeg)
S/MIME Cryptographic Algorithms
digital signatures: DSS & RSA
hash functions: SHA-1 & MD5
session key encryption: RSA
message encryption: AES, Triple-DES and others
MAC: HMAC with SHA-1
S/MIME Certificate Processing
S/MIME uses X.509 v3 certificates
uses a hybrid of X.509 CA hierarchy & PGP’s web of trust for key
management
each client has a list of trusted CA’s certificates and own public/private key
pairs & certificates
certificates must be signed by trusted CA’s
S/MIME – User Agent Role
Key generation
Generating key with RSA
Registration
Register a user’s public key with a certification authority
Certificate storage and retrieval
Access to a local list of certificates in order to verify incoming signatures and
encrypt outgoing
Enhanced Security Services
Signed receipts: the recipient signs the entire original message plus original
(sender's) signature and appends the new signature to form a new S/MIME
message.
Security labels: used for access control, by indicating which users are permitted
access to an object.
Secure mailing lists
IP Security
Internet Protocol security
(IPSec) is a suite of
cryptography based
protection services and
security protocols.
provides
authentication
confidentiality
key management
applicable to use over
LANs, WANs, & Internet
Applications of IPSec
Secure branch office connectivity over the Internet
Secure remote access over the Internet
Establishing extranet and intranet connectivity with partners
Enhancing electronic commerce security
Benefits of IPSec
in a firewall/router provides strong security to all traffic
in a firewall/router is resistant to bypass
transparent to applications and end users
provide security for individual users
IP Security Architecture
Architecture
RFC4301 Security Architecture for Internet Protocol
have two security header extensions:
Authentication Header (AH)
Encapsulating Security Payload (ESP)
Contains
1. documents that define IPSec.
2. IPSec services
3. concept of security association.
IPSec Documents
The IPSec specification consists of numerous documents and is divided into
seven groups,
1. Architecture: Covers the general concepts, security requirements, definitions,
and mechanisms defining IPSec technology.
2. Encapsulating Security Payload (ESP): Covers the packet format and general
issues related to the use of the ESP for packet encryption and authentication.
3. Authentication Header (AH): Covers the packet format and general issues
related to the use of AH for packet authentication.
4. Encryption Algorithm: A set of documents that describe how various
encryption algorithms are used for ESP.
5. Authentication Algorithm: A set of documents that describe how various
authentication algorithms are used
6. Key Management: Documents that describe key management schemes.
7. Domain of Interpretation (DOI): include identifiers for approved encryption
and authentication algorithms, as well as operational parameters such as key
lifetime
IPSec Services
Access control
Data origin authentication
Rejection of replayed packets
Confidentiality (encryption)
Limited traffic flow confidentiality
Security Associations
a one-way relationship between sender & receiver that affords security for traffic flow
defined by 3 parameters:
i. Security Parameters Index (SPI): A bit string assigned to SA to enable the
receiving system to select the SA under which a received packet will be
processed.
ii. IP Destination Address:unicast addresses are allowed
iii. Security Protocol Identifier:indicates whether the association is an AH or ESP
security association.
has a number of other parameters
seq no,lifetime etc
Authentication Header (AH)
provides support for data integrity & authentication of IP packets
Authentication based on use of a MAC(HMAC)
Next Header (8 bits): Identifies the type of header immediately following this
header
Payload Length (8 bits): Length of Authentication Header
Reserved (16 bits): For future use
Security Parameters Index (32 bits): Identifies a security association
Sequence Number (32 bits): A monotonically increasing counter value for
preventing attacks
Authentication Data (variable): A variable-length field
Encapsulating Security Payload (ESP)
provides message content confidentiality & limited traffic flow confidentiality
can use a variety of encryption & authentication algorithms
• Security Parameters Index (32 bits): Identifies a security association
• Sequence Number (32 bits): A monotonically increasing counter value; this
provides an anti-replay function
• Payload Data (variable): This is a transport-level segment (transport mode) or IP
packet (tunnel mode) that is protected by encryption
• Padding (0–255 bytes): for various reasons
• Pad Length (8 bits): Indicates the number of pad bytes
• Next Header (8 bits): Identifies the type of data contained in the payload data
field by identifying the first header in that payload
• Authentication Data (variable): A variable-length field that contains the
Integrity Check Value
Transport and Tunnel Modes
Transport Mode(end-to-end)
• Provides protection primarily for upper-layer protocol payloads
• used for end-to-end communication between two hosts.
Tunnel Mode(end-to-intermediate)
• provides protection to the entire IP packet
• add new header for next hop
• no routers on way can examine inner IP header
• is used when one or both ends of an SA are a security gateway, such as a
firewall or router that implements IPSec
Combining Security Associations
SA’s can implement either AH or ESP
to implement both need to combine SA’s
form a security association bundle
combined by
transport adjacency: more than one security protocol on same IP packet, without invoking tunneling
iterated tunneling: application of multiple layers of security protocols effected through IP tunneling
Mainly four cases of SA association
The cases are:
i. Case 1 security is provided between end systems that implement IPSec.
ii. Case 2 security is provided only between gateways (routers, firewalls , etc.)
and no hosts implement IPSec.
iii. Case 3 builds on Case 2 by adding end-to-end security .
iv. Case 4 provides support for a remote host that uses the Internet to reach an
organization’s firewall and then to gain access to some server or workstation
behind the firewall. Only tunnel mode is required between the remote host and
the firewall.
Key Management
handles key generation & distribution of secret keys
typically need 2 pairs of keys
2 per direction(Transmit and Receive) for AH & ESP
Two types of key management
i. manual key management
System admin manually configures every system
ii. automated key management
automated system for on demand creation of keys for large systems
Web Security
SSL (Secure Socket Layer)
is a method for providing security for web based applications
transport layer security service
subsequently became Internet standard known as TLS (Transport Layer Security)
uses TCP to provide a reliable end-to-end service
SSL has two layers of protocols
SSL Architecture
SSL Record Protocol :provides
basic security services to various
higher-layer protocols.
Hypertext Transfer Protocol
(HTTP):which provides the transfer
service for Web client/server
interaction,
Hand Shake, Change Cipher Spec
and Alert : SSL-specific protocols
are used in the management of SSL
exchanges.
Two important SSL concepts
1. SSL connection
peer-to-peer, communications link
associated with one SSL session
2. SSL session
an association between client & server
created by the Handshake Protocol
may be shared by multiple SSL connections
SSL Record Protocol Services
This protocol provides two services for SSL connections:
1. Confidentiality - using conventional encryption.
2. Message Integrity - using a Message Authentication Code (MAC).
It takes an application message to be transmitted and fragments it into manageable
blocks.
These blocks are then optionally compressed which must be lossless and may not
increase the content length by more than 1024 bytes.
A message authentication code is then computed over the compressed data using a
shared secret key. This is then appended to the compressed (or plaintext) block.
SSL Record Protocol Operation
The compressed message
plus MAC are then
encrypted using
symmetric encryption.
The final step is to
prepend a header
SSL Change Cipher Spec Protocol
This consists of a single message which consists of a single byte with the value 1.
This is used to cause the pending state to be copied into the current state which
updates the cipher suite to be used on this connection.
SSL Alert Protocol
conveys SSL-related alerts to peer entity
Consists of two bytes
fatal or warning
If the level is fatal SSL immediately terminates the connection.
The second byte contains a code that indicates the specific alert
SSL Handshake Protocol
This protocol is used before any application data is sent.
allows server & client to:
authenticate each other
to negotiate encryption & MAC algorithms
to negotiate cryptographic keys to be used
Uses a series of messages exchanged by the client and server during 4 phases,
1. Establish Security Capabilities
2. Server Authentication and Key Exchange
3. Client Authentication and Key Exchange
4. Finish
System Security
Intruders
can identify classes of intruders:
Masquerader: An individual who is not authorized to use the computer
Misfeasor: A legitimate user who accesses unauthorized data, programs, or
resources
clandestine user: An individual who seizes supervisory control of the system
and uses this control to evade auditing and access controls or to suppress audit
collection (either)
Intruder attacks range from the benign (simply exploring net to see what is there);
to the serious (who attempt to read privileged data, perform unauthorized
modifications, or disrupt system)
Intrusion Techniques
aim to gain access and/or increase privileges on a system
basic attack methodology
target acquisition and information gathering
initial access
privilege escalation
covering tracks
key goal often is to acquire passwords so then exercise access rights of owner
Password Guessing
one of the most common attacks
attacker knows a login (from email/web page etc)
then attempts to guess password for it
defaults, short passwords, common word searches
user info (variations on names, birthday, phone, common words/interests)
exhaustively searching all possible passwords
Password Capture
another attack involves password capture
watching over shoulder as password is entered
using a trojan horse program to collect
monitoring an insecure network login
eg. telnet, FTP, web, email
extracting recorded info after successful login (web history/cache, last number
dialed etc)
Intrusion Detection
intrusion detection is the one method of system defense
which aims to detect intrusions so can:
i. block access & minimize damage if detected quickly;
ii. act as deterrent given chance of being caught;
iii. can collect info on intruders to improve future security.
Approaches to Intrusion Detection
1. Statistical anomaly detection
2. Rule based detection
1. Statistical anomaly detection: collect data relating to the behavior of legitimate
users, then use statistical tests to determine whether new behavior is legitimate
user behavior or not.
a. Threshold detection:
b. Profile based:
threshold detection
define thresholds, independent of user, for the frequency of occurrence of
events.
count occurrences of specific event over time
if exceed reasonable value assume intrusion
profile based
develop profile of activity of each user and use to detect changes in the
behavior
characterize past behavior of users
detect significant deviations from this profile usually multi-parameter
2. Rule-based detection: attempt to define a set of rules used to decide if given
behavior is an intruder
a. Anomaly detection:
analyze historical audit records to identify usage patterns & auto-generate rules for them
then observe current behavior & match against rules to see if conforms
like statistical anomaly detection does not require prior knowledge of security flaws
b. Penetration identification: expert system approach that searches for
suspicious behavior
uses expert systems technology
with rules identifying known penetration, weakness patterns, or suspicious
behavior
compare audit records or states against rules
rules usually machine & O/S specific
rules are generated by experts who interview & codify knowledge of security
admins
quality depends on how well this is done
Audit Records
fundamental tool for intrusion detection
Basically, two plans are used:
• Native audit records: Virtually all main O/S’s include accounting software that
collects information on user activity,
• Detection-specific audit records: implement collection facility to generates
custom audit records with desired info, advantage is it can be vendor independent
and portable, disadvantage is extra overhead involved
Distributed Intrusion Detection
may need to deal with different
audit record formats
One or more nodes in the network
will serve as collection and analysis
points for the data, which must be
securely transmitted to them
Either a centralized (single point,
easier but bottleneck) or
decentralized (multiple centers
must coordinate) architecture can
be used.
Host agent module: audit collection module operating as a background process
on a monitored system
LAN monitor agent module: like a host agent module except it analyzes LAN
traffic
Central manager module: Receives reports from LAN monitor and host agents
and processes and correlates these reports to detect intrusion
Agent Implementation
The agent captures each native O/S audit record, & applies a filter that retains
only records of security interest.
These records are then reformatted into a standardized format (HAR).
Then a template-driven logic module analyzes the records for suspicious activity.
When suspicious activity is detected, an alert is sent to the central manager.
The central manager includes an expert system that can draw inferences from
received data. The manager may also query individual systems for copies of
HARs to correlate with those from other agents.
Password Management
front-line defense against intruders
users supply both:
login – determines privileges of that user
password – to identify them
passwords often stored encrypted
Unix uses multiple DES (variant with salt)
more recent systems use crypto hash function
should protect password file on system
Managing Passwords - Education
can use policies and good user education
educate on importance of good passwords
give guidelines for good passwords
minimum length (>6)
require a mix of upper & lower case letters, numbers, punctuation
not dictionary words
Computer Generated
let computer create passwords
if random likely not memorisable, so will be written down
have history of poor user acceptance
FIPS PUB 181 one of best generators
has both description & sample code
generates words from concatenating random pronounceable syllables
Reactive Checking
reactively run password guessing tools
cracked passwords are disabled
but is resource intensive
bad passwords are vulnerable till found
Proactive Checking
most promising approach to improving password security
allow users to select own password
but have system verify it is acceptable
simple rule enforcement
compare against dictionary of bad passwords
use algorithmic (markov model or bloom filter) to detect poor choices
Malicious Software
Backdoor or Trapdoor
Uses secret entry point into a program
allows those who know access bypassing usual security procedures
have been commonly used by developers
a threat when left in production programs allowing exploited by attackers
very hard to block in O/S
requires good s/w development & update
Logic Bomb
one of oldest types of malicious software
code embedded in legitimate program
activated when specified conditions met
eg presence/absence of some file
particular date/time
particular user
when triggered typically damage system
modify/delete files/disks, halt machine, etc
Trojan Horse
A Trojan horse is a useful, or apparently useful, program or command
procedure (eg game, utility, s/w upgrade etc)
containing hidden code that performs some unwanted or harmful function that
an unauthorized user could not accomplish directly.
Commonly used to make files readable, propagate a virus or worm, or simply
to destroy data.
Zombie
program which secretly takes over another networked computer then uses it to
indirectly launch attacks
used in denial-of-service attacks,
Typically zombies exploit known flaws in networked computer
Viruses
a piece of self-replicating code attached to some other code
both propagates itself & carries a payload (code to make copies of itself)
Once a virus is executing, it can perform any function, such as erasing files and
programs.
Virus Operation
virus phases:
dormant – virus is idle, waiting for trigger event. Not all viruses have this stage
propagation – virus places a copy of itself into other programs / system areas
triggering – virus is activated by some trigger event to perform intended
function
execution – desired function (which may be harmless or destructive) is
performed
Virus Structure
components:
infection mechanism - enables replication
trigger - event that makes payload activate
payload - what it does, malicious or benign
Virus can be prepended / postpended / embedded
when infected program invoked, executes virus code then original program code
can block initial infection (difficult) or propagation (with access controls)
The virus code (V) is prepended to infected programs (assuming the entry point is
the first line of the program).
The first line of code jumps to the main virus program. The second line is a
special marker for infected programs.
The main virus program first seeks out uninfected executable files and infects
them. Then it may perform some action,
Finally, the virus transfers control to the original program. If the infection phase
of the program is reasonably rapid, a user is unlikely to notice any difference
between the execution of an infected and uninfected program. This type of virus
can be detected because the length of the program changes. More sophisticated
variants attempt to hide their presence better, by for example, compressing the
original program.
Types of Viruses
can classify on basis of how they attack
i. parasitic virus : traditional and still most common form of virus, it attaches
itself to executable files and replicates when the infected program is executed
ii. memory-resident virus: Lodges in main memory as part of a resident system
program, and infects every program that executes
iii. boot sector virus:Infects a master boot record and spreads when a system is
booted from the disk containing the virus
iv. Stealth: a virus explicitly designed to hide itself from detection by antivirus
software
v. polymorphic virus : mutates with every infection, making detection by the
“signature "of the virus impossible.
vi. metamorphic virus : mutates with every infection, rewriting itself completely
at each iteration changing behavior and/or appearance, increasing the difficulty of
detection.
Macro Virus
macro code attached to some data file
platform independent
infect documents
easily spread
exploit macro capability of office apps
executable program embedded in office doc
is a major source of new viral infection
Email Virus
spread using email with attachment containing a macro virus
e.g. Melissa
exploits MS Word macro in attached doc
if attachment opened, macro activates
sends email to all on users address list
and does local damage
usually targeted at Microsoft Outlook mail agent & Word/Excel documents
Worms
replicating but not infecting program
typically spreads over a network by using users distributed privileges or by exploiting system vulnerabilities
widely used by hackers to create zombie PC's, subsequently used for further attacks, esp DoS
major issue is lack of security
Worm Operation
worm phases like those of viruses:
dormant
propagation
search for other systems to infect
establish connection to target remote system
replicate self onto remote system
triggering
execution
Virus Countermeasures
prevention - ideal solution but difficult
realistically need:
detection
identification
removal
if detect but can’t identify or remove, must discard and replace infected program
Anti-Virus Software
first-generation
scanner uses virus signature to identify virus
or change in length of programs
second-generation
uses heuristic rules to spot viral infection
or uses crypto hash of program to spot changes
third-generation
memory-resident programs identify virus by actions
fourth-generation
packages with a variety of antivirus techniques
eg scanning & activity traps, access-controls
Advanced Anti-Virus Techniques
generic decryption
use CPU simulator to check program signature & behavior before actually
running it
Ex: behavior blocking software
digital immune system (IBM)
general purpose emulation & virus detection
any virus entering is captured, analyzed, detection/shielding created for it,
removed
Behavior-Blocking Software
integrated with host O/S
monitors program behavior in real-time
eg file access, disk format, executable mods, system settings changes, network
access
for possibly malicious actions
if detected can block, terminate, or seek ok
has advantage over scanners
but malicious code runs before detection
Digital Immune System
1. A monitoring program on each PC uses a variety of heuristics based on system
behavior, suspicious changes to programs, or family signature to infer that a virus
may be present, & forwards infected programs to an administrative machine
2. The administrative machine encrypts the sample and sends it to a central virus
analysis machine
3. This machine creates an environment in which the infected program can be safely
run for analysis to produces a prescription for identifying and removing the virus
4. The resulting prescription is sent back to the administrative machine
5. The administrative machine forwards the prescription to the infected client
6. The prescription is also forwarded to other clients in the organization
7. Subscribers around the world receive regular antivirus updates that protect them
from the new virus.
Distributed Denial of Service Attacks (DDoS)
DDoS Countermeasures
three broad lines of defense:
1. attack prevention & preemption (before)
2. attack detection & filtering (during)
3. attack source traceback & ident (after)
a choke point of control and monitoring
interconnects networks with differing trust
imposes restrictions on network services
only authorized traffic is allowed
auditing and controlling access
provide NAT & usage monitoring
Firewall
Firewall Limitations
cannot protect from attacks bypassing it
cannot protect against internal threats
cannot protect against transfer of all virus infected programs or files
Types Of Firewalls
three common types
1. packet filters
2. application-level gateways
3. circuit-level gateways
Firewalls – Packet Filters
A packet-filtering router applies a set of rules to each incoming and outgoing IP
packet to forward or discard the packet.
Filtering rules are based on information contained in a network packet such as
source & destination IP addresses, ports, transport protocol & interface.
Some advantages are simplicity, transparency & speed.
If there is no match to any rule, then one of two default policies are applied:
• discard packet, conservative policy
• forward packet, permissive policy
Firewalls - Application Level Gateway (or
Proxy)
have application specific gateway / proxy
has full access to protocol
user requests service from proxy
proxy validates request as legal
then actions request and returns result to user
can log / audit traffic at application level
need separate proxies for each service
some services naturally support proxying
others are more problematic
Firewalls - Circuit Level Gateway
relays two TCP connections,
i. between itself and an inside TCP user
ii. between itself and a TCP user on an
outside host
Once the two connections are established,
it relays TCP data from one connection to
the other without examining its contents.
The security function consists of
determining which connections will be
allowed.
Bastion Host
highly secure host system
runs circuit / application level gateways
provides externally accessible services
may support 2 or more net connections
Firewall Configurations
i. screened host firewall, single-homed bastion
ii. screened host firewall, dual-homed bastion
iii.screened subnet firewall
screened host firewall, single-
homed bastion
the firewall consists of two systems:
• a packet-filtering router - allows
Internet packets to/from bastion
only
• a bastion host - performs
authentication and proxy functions
This configuration has greater
security, as it implements both
packet-level & application-level
filtering
screened host firewall, dual-homed bastion
physically separates the external and
internal networks, ensuring two
systems must be compromised to
breach security.
The advantages of dual layers of
security are also present here.
Again, an information server or
other hosts can be allowed direct
communication with the router if
this is in accord with the security
policy, but are now separated from
the internal network.
screened subnet firewall
the most secure shown.
It has two packet-filtering routers,
i. between the bastion host and the
Internet
ii. between the bastion host and the
internal network, creating an isolated
subnetwork.
May include one or more information
servers and modems for dial-in
capability.
Systems on the inside network cannot
construct direct routes to the Internet
Access Control
given system has identified a user
determine what resources they can access
general model is that of access matrix with
subject - active entity (user, process)
object - passive entity (file or resource)
access right – way object can be
accessed
can decompose by
columns as access control lists
rows as capability tickets
Bell LaPadula (BLP) Model
one of the most famous security models
implemented as mandatory policies on system
has two key policies:
no read up (simple security property)
a subject can only read/write an object if the current security level of the subject dominates (>=) the classification of the object
no write down (*-property)
a subject can only append/write to an object if the current security level of the subject is dominated by (<=) the classification of the object