![Page 1: Lecture 01 –The Security Mindset - Stephen Checkoway · Lecture 01 –The Security Mindset Stephen Checkoway University of Illinois at Chicago CS 487 –Fall 2017 Adapted from Michael](https://reader036.vdocument.in/reader036/viewer/2022081614/5fc0a3754fa9251a7b2ef5f9/html5/thumbnails/1.jpg)
Lecture01– TheSecurity
Mindset
StephenCheckoway
UniversityofIllinoisatChicago
CS487– Fall2017
AdaptedfromMichaelBailey’sECE422
![Page 2: Lecture 01 –The Security Mindset - Stephen Checkoway · Lecture 01 –The Security Mindset Stephen Checkoway University of Illinois at Chicago CS 487 –Fall 2017 Adapted from Michael](https://reader036.vdocument.in/reader036/viewer/2022081614/5fc0a3754fa9251a7b2ef5f9/html5/thumbnails/2.jpg)
AboutMe
• 2012Ph.D.fromUCSanDiegoinCS
• 2012–2015AssistantResearchProfessorat
JohnsHopkinsUniversity(yes,there’sansin
Johns)
• 2015– AssistantProfessoratUIC
![Page 3: Lecture 01 –The Security Mindset - Stephen Checkoway · Lecture 01 –The Security Mindset Stephen Checkoway University of Illinois at Chicago CS 487 –Fall 2017 Adapted from Michael](https://reader036.vdocument.in/reader036/viewer/2022081614/5fc0a3754fa9251a7b2ef5f9/html5/thumbnails/3.jpg)
AboutMe
• Researcharea:ComputerSecurity
• Somepriorresearch
– Votingmachinesecurity(changevotes)
– Automotivesecurity(remotecarhacks)
– Back-scatter,whole-bodyX-rayscanner(weapons)– iSight camera(disableindicatorLEDwhileon)
– Analysisofbackdoored PRNGinTLS/IPSEC• Lookingforstudents!
![Page 4: Lecture 01 –The Security Mindset - Stephen Checkoway · Lecture 01 –The Security Mindset Stephen Checkoway University of Illinois at Chicago CS 487 –Fall 2017 Adapted from Michael](https://reader036.vdocument.in/reader036/viewer/2022081614/5fc0a3754fa9251a7b2ef5f9/html5/thumbnails/4.jpg)
AboutMe
![Page 5: Lecture 01 –The Security Mindset - Stephen Checkoway · Lecture 01 –The Security Mindset Stephen Checkoway University of Illinois at Chicago CS 487 –Fall 2017 Adapted from Michael](https://reader036.vdocument.in/reader036/viewer/2022081614/5fc0a3754fa9251a7b2ef5f9/html5/thumbnails/5.jpg)
GoalsforthisCourse
• Criticalthinking
– Howtothinklikeanattacker
– Howtoreasonaboutthreatsandrisks
– Howtobalancesecuritycostsandbenefits
• Learntobeasecurity-consciouscitizen
![Page 6: Lecture 01 –The Security Mindset - Stephen Checkoway · Lecture 01 –The Security Mindset Stephen Checkoway University of Illinois at Chicago CS 487 –Fall 2017 Adapted from Michael](https://reader036.vdocument.in/reader036/viewer/2022081614/5fc0a3754fa9251a7b2ef5f9/html5/thumbnails/6.jpg)
Requirements
• 4or5Securityprojects(difficult!)
• Twoin-classexams
• Nofinal
![Page 7: Lecture 01 –The Security Mindset - Stephen Checkoway · Lecture 01 –The Security Mindset Stephen Checkoway University of Illinois at Chicago CS 487 –Fall 2017 Adapted from Michael](https://reader036.vdocument.in/reader036/viewer/2022081614/5fc0a3754fa9251a7b2ef5f9/html5/thumbnails/7.jpg)
Policies
• Attendance:notmandatory,butyoushould
comeanyway
• Latework:3latedays
• Collaboration:Workingroupsof2onprojects
• Communication:Don’temailme!UsePiazza
• Academicmisconduct:punishmentwillbe
basedonseverityuptoexpulsion(seriously)
![Page 8: Lecture 01 –The Security Mindset - Stephen Checkoway · Lecture 01 –The Security Mindset Stephen Checkoway University of Illinois at Chicago CS 487 –Fall 2017 Adapted from Michael](https://reader036.vdocument.in/reader036/viewer/2022081614/5fc0a3754fa9251a7b2ef5f9/html5/thumbnails/8.jpg)
Examplesofmisconduct
(nonexhaustive list)
• Claimingsomeoneelse’sworkasyourown
• Searchingforexistingsolutionstoassignments
• Falsifyingprogramoutput
• Collaboratingoutsideyourgroup
• Sharingcode/solutionsoutsideyourgroup
![Page 9: Lecture 01 –The Security Mindset - Stephen Checkoway · Lecture 01 –The Security Mindset Stephen Checkoway University of Illinois at Chicago CS 487 –Fall 2017 Adapted from Michael](https://reader036.vdocument.in/reader036/viewer/2022081614/5fc0a3754fa9251a7b2ef5f9/html5/thumbnails/9.jpg)
Projects
• Workingroupsof2(notrequired,highlyrecommended)
• Generallynotmuchprogrammingperproject
• Alotoftimethinking/tinkering/debugging
![Page 10: Lecture 01 –The Security Mindset - Stephen Checkoway · Lecture 01 –The Security Mindset Stephen Checkoway University of Illinois at Chicago CS 487 –Fall 2017 Adapted from Michael](https://reader036.vdocument.in/reader036/viewer/2022081614/5fc0a3754fa9251a7b2ef5f9/html5/thumbnails/10.jpg)
WhatisComputerSecurity?
• Securityisaproperty(ormoreaccuratelyacollectionofproperties)thatholdinagivensystemunderagivensetofconstraints– Whereasystemisanythingfromhardware,software,firmware,
andinformationbeingprocessed,stored,andcommunicated.
– andconstraintsdefineadversariesandtheircapabilities.
• Canalsomeanthemeasuresandcontrolsthatensuretheseproperties
• Securityisweird,aswedon’texplicitly studyotherproperties– Correctness
– Performance
![Page 11: Lecture 01 –The Security Mindset - Stephen Checkoway · Lecture 01 –The Security Mindset Stephen Checkoway University of Illinois at Chicago CS 487 –Fall 2017 Adapted from Michael](https://reader036.vdocument.in/reader036/viewer/2022081614/5fc0a3754fa9251a7b2ef5f9/html5/thumbnails/11.jpg)
MeettheAdversary
“Computersecuritystudieshowsystemsbehaveinthepresenceofanadversary.”
• Theadversary– a.k.a.theattacker
– a.k.a.thebadguy
* Anintelligencethatactivelytriestocausethesystemtomisbehave.
![Page 12: Lecture 01 –The Security Mindset - Stephen Checkoway · Lecture 01 –The Security Mindset Stephen Checkoway University of Illinois at Chicago CS 487 –Fall 2017 Adapted from Michael](https://reader036.vdocument.in/reader036/viewer/2022081614/5fc0a3754fa9251a7b2ef5f9/html5/thumbnails/12.jpg)
“Knowyourenemy.”
• Motives?
• Capabilities?
• Degreeofaccess?
![Page 13: Lecture 01 –The Security Mindset - Stephen Checkoway · Lecture 01 –The Security Mindset Stephen Checkoway University of Illinois at Chicago CS 487 –Fall 2017 Adapted from Michael](https://reader036.vdocument.in/reader036/viewer/2022081614/5fc0a3754fa9251a7b2ef5f9/html5/thumbnails/13.jpg)
ThinkingLikeanAttacker
• Lookforweakestlinks– easiesttoattack.
• Identifyassumptionsthatsecuritydependson.Aretheyfalse?
• Thinkoutsidethebox:Notconstrainedbysystemdesigner’sworldview.
Practicethinkinglikeanattacker:
Foreverysystemyouinteractwith,thinkaboutwhatitmeansforittobesecure,andimagehowitcould
beexploitedbyanattacker.
![Page 14: Lecture 01 –The Security Mindset - Stephen Checkoway · Lecture 01 –The Security Mindset Stephen Checkoway University of Illinois at Chicago CS 487 –Fall 2017 Adapted from Michael](https://reader036.vdocument.in/reader036/viewer/2022081614/5fc0a3754fa9251a7b2ef5f9/html5/thumbnails/14.jpg)
Exercises
![Page 15: Lecture 01 –The Security Mindset - Stephen Checkoway · Lecture 01 –The Security Mindset Stephen Checkoway University of Illinois at Chicago CS 487 –Fall 2017 Adapted from Michael](https://reader036.vdocument.in/reader036/viewer/2022081614/5fc0a3754fa9251a7b2ef5f9/html5/thumbnails/15.jpg)
![Page 16: Lecture 01 –The Security Mindset - Stephen Checkoway · Lecture 01 –The Security Mindset Stephen Checkoway University of Illinois at Chicago CS 487 –Fall 2017 Adapted from Michael](https://reader036.vdocument.in/reader036/viewer/2022081614/5fc0a3754fa9251a7b2ef5f9/html5/thumbnails/16.jpg)
![Page 17: Lecture 01 –The Security Mindset - Stephen Checkoway · Lecture 01 –The Security Mindset Stephen Checkoway University of Illinois at Chicago CS 487 –Fall 2017 Adapted from Michael](https://reader036.vdocument.in/reader036/viewer/2022081614/5fc0a3754fa9251a7b2ef5f9/html5/thumbnails/17.jpg)
Exercise
• Doorlock/intercom
– Occupantpresseskeywhichmakesatoneover
theintercom
– Lockisunlockedwhentoneisdetectedoverthe
intercom
• Howcananattacker
subvertthistogain
access?
![Page 18: Lecture 01 –The Security Mindset - Stephen Checkoway · Lecture 01 –The Security Mindset Stephen Checkoway University of Illinois at Chicago CS 487 –Fall 2017 Adapted from Michael](https://reader036.vdocument.in/reader036/viewer/2022081614/5fc0a3754fa9251a7b2ef5f9/html5/thumbnails/18.jpg)
ThinkingasaDefender
• Securitypolicy– Whatarewetryingtoprotect?
– Whatpropertiesarewetryingtoenforce?
• Threatmodel– Whoaretheattackers?
– WhataretheirCapabilities?Motivations?Access?
• Riskassessment– Whataretheweaknessesofthesystem?
– Howlikely?
• Countermeasures– Technicalvs.nontechnical?
– Howmuchdotheycost?
Challengeistothink
rationallyand
rigorouslyaboutrisk.
Rationalparanoia.
![Page 19: Lecture 01 –The Security Mindset - Stephen Checkoway · Lecture 01 –The Security Mindset Stephen Checkoway University of Illinois at Chicago CS 487 –Fall 2017 Adapted from Michael](https://reader036.vdocument.in/reader036/viewer/2022081614/5fc0a3754fa9251a7b2ef5f9/html5/thumbnails/19.jpg)
SecurityPolicies
• Whatassetsarewetryingtoprotect?
• Whatpropertiesarewetryingtoenforce?
– Confidentiality– Integrity– Availability– Privacy– Authenticity
…
![Page 20: Lecture 01 –The Security Mindset - Stephen Checkoway · Lecture 01 –The Security Mindset Stephen Checkoway University of Illinois at Chicago CS 487 –Fall 2017 Adapted from Michael](https://reader036.vdocument.in/reader036/viewer/2022081614/5fc0a3754fa9251a7b2ef5f9/html5/thumbnails/20.jpg)
ThreatModels
• Whoareouradversaries?– Motives?
– Capabilities?
– Access?
• Whatkindsofattacksdoweneedtoprevent?(Thinkliketheattacker!)
• Limits:Kindsofattacksweshouldignore?
![Page 21: Lecture 01 –The Security Mindset - Stephen Checkoway · Lecture 01 –The Security Mindset Stephen Checkoway University of Illinois at Chicago CS 487 –Fall 2017 Adapted from Michael](https://reader036.vdocument.in/reader036/viewer/2022081614/5fc0a3754fa9251a7b2ef5f9/html5/thumbnails/21.jpg)
AssessingRisk
• Whatwouldsecuritybreachescostus?
– Directcosts:Money,property,safety,...
– Indirectcosts:Reputation,futurebusiness,wellbeing,…
• Howlikelyarethesecosts?
– Probabilityofattacks?– Probabilityofsuccess?
• Remember:rationalparanoia
![Page 22: Lecture 01 –The Security Mindset - Stephen Checkoway · Lecture 01 –The Security Mindset Stephen Checkoway University of Illinois at Chicago CS 487 –Fall 2017 Adapted from Michael](https://reader036.vdocument.in/reader036/viewer/2022081614/5fc0a3754fa9251a7b2ef5f9/html5/thumbnails/22.jpg)
Countermeasures
• Technicalcountermeasures
• Nontechnicalcountermeasures
– Law,policy(government,institutional),
procedures,training,auditing,incentives,etc.
![Page 23: Lecture 01 –The Security Mindset - Stephen Checkoway · Lecture 01 –The Security Mindset Stephen Checkoway University of Illinois at Chicago CS 487 –Fall 2017 Adapted from Michael](https://reader036.vdocument.in/reader036/viewer/2022081614/5fc0a3754fa9251a7b2ef5f9/html5/thumbnails/23.jpg)
SecurityCosts
• Nosecuritymechanismisfree
– Directcosts:Design,implementation,
enforcement,falsepositives
– Indirectcosts:Lostproductivity,addedcomplexity
• Challengeisrationallyweighcostsvs.risk
– Humanpsychologymakesreasoningabouthigh
cost/lowprobabilityeventshard
![Page 24: Lecture 01 –The Security Mindset - Stephen Checkoway · Lecture 01 –The Security Mindset Stephen Checkoway University of Illinois at Chicago CS 487 –Fall 2017 Adapted from Michael](https://reader036.vdocument.in/reader036/viewer/2022081614/5fc0a3754fa9251a7b2ef5f9/html5/thumbnails/24.jpg)
Exercise
• Shouldyoulockyourbike?
– Assets?– Adversaries?– Riskassessment?
– Countermeasures?
– Costs/benefits?
![Page 25: Lecture 01 –The Security Mindset - Stephen Checkoway · Lecture 01 –The Security Mindset Stephen Checkoway University of Illinois at Chicago CS 487 –Fall 2017 Adapted from Michael](https://reader036.vdocument.in/reader036/viewer/2022081614/5fc0a3754fa9251a7b2ef5f9/html5/thumbnails/25.jpg)
TheSecurityMindset
• Thinkinglikeanattacker
– Understandtechniquesforcircumventingsecurity.
– Lookforwayssecuritycanbreak,notreasonswhyitwon’t.
• Thinkinglikeadefender
– Knowwhatyou’redefending,andagainstwhom.
–Weighbenefitsvs.costs:Nosystemisevercompletelysecure.
– “Rationalparanoia!”
![Page 26: Lecture 01 –The Security Mindset - Stephen Checkoway · Lecture 01 –The Security Mindset Stephen Checkoway University of Illinois at Chicago CS 487 –Fall 2017 Adapted from Michael](https://reader036.vdocument.in/reader036/viewer/2022081614/5fc0a3754fa9251a7b2ef5f9/html5/thumbnails/26.jpg)
Schneier’s law
• “Anyone,fromthemostcluelessamateurto
thebestcryptographer,cancreatean
algorithmthathehimselfcan'tbreak.”
• Replace“cryptographer”with“engineer”and
“algorithm”with“system”anditstillholds
true
![Page 27: Lecture 01 –The Security Mindset - Stephen Checkoway · Lecture 01 –The Security Mindset Stephen Checkoway University of Illinois at Chicago CS 487 –Fall 2017 Adapted from Michael](https://reader036.vdocument.in/reader036/viewer/2022081614/5fc0a3754fa9251a7b2ef5f9/html5/thumbnails/27.jpg)
![Page 28: Lecture 01 –The Security Mindset - Stephen Checkoway · Lecture 01 –The Security Mindset Stephen Checkoway University of Illinois at Chicago CS 487 –Fall 2017 Adapted from Michael](https://reader036.vdocument.in/reader036/viewer/2022081614/5fc0a3754fa9251a7b2ef5f9/html5/thumbnails/28.jpg)
ToLearnMore…
• TheSecurityMindset.https://www.schneier.com/blog/archives/2008/03/the_security_mi_1.html
• https://freedom-to-tinker.com/blog/felten/security-mindset-and-harmless-failures/
• https://cubist.cs.washington.edu/Security/2007/11/22/why-a-computer-security-course-blog/
![Page 29: Lecture 01 –The Security Mindset - Stephen Checkoway · Lecture 01 –The Security Mindset Stephen Checkoway University of Illinois at Chicago CS 487 –Fall 2017 Adapted from Michael](https://reader036.vdocument.in/reader036/viewer/2022081614/5fc0a3754fa9251a7b2ef5f9/html5/thumbnails/29.jpg)
Questions?