network security cs 136 computer security peter reiher
play

Network Security CS 136 Computer Security Peter Reiher February - PowerPoint PPT Presentation

Jul 09, 2023 •98 likes •613 views

Network Security CS 136 Computer Security Peter Reiher February 21, 2008 Lecture 11 Page 1 CS 136, Winter 2008 Outline Basics of network security Definitions Sample attacks Defense mechanisms Lecture 11 Page 2 CS 136,

  1. Network Security CS 136 Computer Security Peter Reiher February 21, 2008 Lecture 11 Page 1 CS 136, Winter 2008

  2. Outline • Basics of network security • Definitions • Sample attacks • Defense mechanisms Lecture 11 Page 2 CS 136, Winter 2008

  3. Some Important Network Characteristics for Security • Degree of locality • Media used • Protocols used Lecture 11 Page 3 CS 136, Winter 2008

  4. Degree of Locality • Some networks are very local – E.g., an Ethernet – Only handles a few machines – Benefits from: • Physical locality • Small number of users • Common goals and interests • Other networks are very non-local – E.g., the Internet backbone – Vast numbers of users/sites share bandwidth Lecture 11 Page 4 CS 136, Winter 2008

  5. Network Media • Some networks are wires, cables, or over telephone lines – Can be physically protected • Other networks are satellite links or other radio links – Physical protection possibilities more limited Lecture 11 Page 5 CS 136, Winter 2008

  6. Protocol Types • TCP/IP is the most used – But it only specifies some common intermediate levels – Other protocols exist above and below it • In places, other protocols replace TCP/IP • And there are lots of supporting protocols – Routing protocols, naming and directory protocols, network management protocols – And security protocols (IPSec, ssh, ssl) Lecture 11 Page 6 CS 136, Winter 2008

  7. Implications of Protocol Type • The protocol defines a set of rules that will always be followed – But usually not quite complete – And they assume everyone is at least trying to play by the rules – What if they don’t? • Specific attacks exist against specific protocols Lecture 11 Page 7 CS 136, Winter 2008

  8. Threats to Network Security • Pretty much the usual suspects: – Wiretapping – Impersonation – Message confidentiality – Message integrity – Denial of service Lecture 11 Page 8 CS 136, Winter 2008

  9. Why Are Networks Especially Threatened? • Many “moving parts” • Many different administrative domains • Everyone can get some access • In some cases, trivial for attacker to get a foothold on the network • Networks encourage sharing • Networks often allow anonymity Lecture 11 Page 9 CS 136, Winter 2008

  10. What Can Attackers Attack? • The media connecting the nodes • Nodes that are connected to them • Routers that control the traffic • The protocols that set the rules for communications Lecture 11 Page 10 CS 136, Winter 2008

  11. Wiretapping • An obvious network vulnerability – But don’t forget, “wiretapping” is a general term • Not just networks are vulnerable • Passive wiretapping is listening in illicitly on conversations • Active wiretapping is injecting traffic illicitly Lecture 11 Page 11 CS 136, Winter 2008

  12. Wiretapping on Wires • Signals can be trapped at many points • Actually tapping into some physical wires is possible • Other “wires” are broadcast media – Packet sniffers can listen to all traffic on a broadcast medium • Subverted routers and gateways also offer access Lecture 11 Page 12 CS 136, Winter 2008

  13. Wiretapping on Wireless • Often just a matter of putting an antenna up – Though position may matter a lot – Generally not even detectable that it’s happening – Directional antennae and frequency hopping may add challenges • Active threats are easier to detect – And, for satellites, technically challenging Lecture 11 Page 13 CS 136, Winter 2008

  14. Impersonation • A packet comes in over the network – With some source indicated in its header • Often, the action to be taken with the packet depends on the source • But attackers may be able to create packets with false sources Lecture 11 Page 14 CS 136, Winter 2008

  15. Methods of Network Impersonations • Even in standard protocols, often easy to change fields in a header – When created or later – E.g., IP allows forging source addresses • Existing networks have little or no built-in authentication Lecture 11 Page 15 CS 136, Winter 2008

  16. Authentication to Foil Impersonation • Higher level protocols often require authentication of transmissions • Much care required to ensure proper authentication • And not having authentication underneath can cause many problems • Authentication schemes are rarely perfect Lecture 11 Page 16 CS 136, Winter 2008

  17. Violations of Message Confidentiality • Other problems can cause messages to be inappropriately divulged • Misdelivery can send a message to the wrong place – Clever attackers can make it happen • Message can be read at an intermediate gateway or a router • Sometimes an intruder can get useful information just by traffic analysis Lecture 11 Page 17 CS 136, Winter 2008

  18. Message Integrity • Even if the attacker can’t create the packets he wants, sometimes he can alter proper packets • To change the effect of what they will do Lecture 11 Page 18 CS 136, Winter 2008

  19. Denial of Service • Attacks that prevent legitimate users from doing their work • By flooding the network • Or corrupting routing tables • Or flooding routers • Or destroying key packets Lecture 11 Page 19 CS 136, Winter 2008

  20. How Do Denial of Service Attacks Occur? • Basically, the attacker injects some form of traffic • Most current networks aren’t built to throttle uncooperative parties very well • All-inclusive nature of the Internet makes basic access trivial • Universality of IP makes reaching most of the network easy Lecture 11 Page 20 CS 136, Winter 2008

  21. Some Sample Attacks • Smurf attacks • SYN flood • Ping of Death Lecture 11 Page 21 CS 136, Winter 2008

  22. Smurf Attacks • Attack on vulnerability in IP broadcasting • Send a ping packet to IP broadcast address – With forged “from” header of your target • Resulting in a flood of replies from the sources to the target • Easy to fix at the intermediary – Don’t allow IP broadcasts to originate outside your network • No good solutions for victim Lecture 11 Page 22 CS 136, Winter 2008

  23. SYN Flood • Based on vulnerability in TCP • Attacker uses initial request/response to start TCP session to fill a table at the server • Preventing new real TCP sessions • SYN cookies and firewalls with massive tables are possible defenses Lecture 11 Page 23 CS 136, Winter 2008

  24. Normal SYN Behavior SYN SYN/ACK ACK Table of open TCP connections Lecture 11 Page 24 CS 136, Winter 2008

  25. A SYN Flood SYN SYN SYN SYN SYN/ACK SYN/ACK SYN/ACK SYN/ACK Server can’t Table of open fill request! TCP connections Lecture 11 Page 25 CS 136, Winter 2008

  26. KEY POINT: Server doesn’t SYN Cookies need to save SYN/ACK number is cookie value! Client IP address & port, server’s secret function of IP address and various information port, and a timer No room in the table, so send back a SYN cookie, instead Server recalculates cookie to determine if proper response Lecture 11 Page 26 CS 136, Winter 2008

  27. The Ping of Death • IP packets are supposed to be no longer than 65,535 bytes long • Can improperly send longer IP packets • Some OS networking software wasn’t prepared for that – Resulting in buffer overflows and crashes • Can filter out pings, but other IP packets can also cause problem • OS patches really solve the problem Lecture 11 Page 27 CS 136, Winter 2008

  28. Network Security Mechanisms • Again, the usual suspects - – Encryption – Authentication – Access control – Data integrity mechanisms – Traffic control Lecture 11 Page 28 CS 136, Winter 2008

  29. Encryption for Network Security • Relies on the kinds of encryption algorithms and protocols discussed previously • Can be applied at different places in the network stack • With different effects and costs Lecture 11 Page 29 CS 136, Winter 2008

  30. IPSec • Standard for applying cryptography at the network layer of IP stack • Provides various options for encrypting and authenticating packets – On end-to-end basis – Without concern for transport layer (or higher) Lecture 11 Page 30 CS 136, Winter 2008

  31. What IPSec Covers • Message integrity • Message authentication • Message confidentiality Lecture 11 Page 31 CS 136, Winter 2008

  32. What Isn’t Covered • Non-repudiation • Digital signatures • Key distribution • Traffic analysis • Handling of security associations • Some of these covered in related standards Lecture 11 Page 32 CS 136, Winter 2008

  33. Some Important Terms for IPsec • Security Association - “ A Security Association (SA) is a simplex "connection" that affords security services to the traffic carried by it. – Basically, a secure one-way channel • SPI (Security Parameters Index) – Combined with destination IP address and IPsec protocol type, uniquely identifies an SA Lecture 11 Page 33 CS 136, Winter 2008

  34. General Structure of IPsec • Really designed for end-to-end encryption – Though could do link level • Designed to operate with either IPv4 or IPv6 • Meant to operate with a variety of different encryption protocols • And to be neutral to key distribution methods Lecture 11 Page 34 CS 136, Winter 2008

Recommend

Network Security Computer Security Peter Reiher November 4, 2014 Lecture 9 Page 1 CS 136,

Network Security Computer Security Peter Reiher November 4, 2014 Lecture 9 Page 1 CS 136,

Network Security Computer Security Peter Reiher November 4, 2014 Lecture 9 Page 1 CS 136, Fall 2014 Outline Network security characteristics and threats Denial of service attacks Traffic control mechanisms Firewalls

797 views • 67 slides
Layer Optimization: Security and Privacy CS 118 Computer Network Fundamentals Peter Reiher

Layer Optimization: Security and Privacy CS 118 Computer Network Fundamentals Peter Reiher

Layer Optimization: Security and Privacy CS 118 Computer Network Fundamentals Peter Reiher Lecture 18 CS 118 Page 1 Winter 2016 Another type of layer deficiency Some layers of protocol do not provide any security or privacy What if

708 views • 59 slides
Network Security CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Lecture

Network Security CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Lecture

Network Security CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Lecture 9 Page 1 CS 236 Online Some Important Network Characteristics for Security Degree of locality Media used Protocols used Lecture 9

156 views • 11 slides
Web Security Computer Security Peter Reiher December 9, 2014 Lecture 15 Page 1 CS 136, Fall

Web Security Computer Security Peter Reiher December 9, 2014 Lecture 15 Page 1 CS 136, Fall

Web Security Computer Security Peter Reiher December 9, 2014 Lecture 15 Page 1 CS 136, Fall 2014 Web Security Lots of Internet traffic is related to the web Much of it is financial in nature Also lots of private information flow

859 views • 70 slides
Operating System Security CS 111 Operating Systems Peter Reiher Lecture 17 CS 111 Page 1

Operating System Security CS 111 Operating Systems Peter Reiher Lecture 17 CS 111 Page 1

Operating System Security CS 111 Operating Systems Peter Reiher Lecture 17 CS 111 Page 1 Fall 2015 Outline Basic concepts in computer security Design principles for security Important security tools for operating systems

1.15k views • 64 slides
Operating System Security CS 111 Operating Systems Peter Reiher Lecture 17 CS 111 Page 1

Operating System Security CS 111 Operating Systems Peter Reiher Lecture 17 CS 111 Page 1

Operating System Security CS 111 Operating Systems Peter Reiher Lecture 17 CS 111 Page 1 Spring 2015 Outline Basic concepts in computer security Design principles for security Important security tools for operating systems

844 views • 56 slides
Introduction CS 136 Computer Security Peter Reiher January 8, 2008 Lecture 1 Page 1 CS 136,

Introduction CS 136 Computer Security Peter Reiher January 8, 2008 Lecture 1 Page 1 CS 136,

Introduction CS 136 Computer Security Peter Reiher January 8, 2008 Lecture 1 Page 1 CS 136, Winter 2008 Purpose of Class To introduce students to computer security issues To familiarize students with secure software development

1.19k views • 72 slides
Introduction CS 136 Computer Security Peter Reiher January 10, 2017 Lecture 1 Page 1 CS 136,

Introduction CS 136 Computer Security Peter Reiher January 10, 2017 Lecture 1 Page 1 CS 136,

Introduction CS 136 Computer Security Peter Reiher January 10, 2017 Lecture 1 Page 1 CS 136, Winter 2017 Purpose of Class To introduce students to computer security issues To familiarize students with secure software development

599 views • 57 slides
Introduction CS 136 Computer Security Peter Reiher April 1, 2014 Lecture 1 Page 1 CS 136,

Introduction CS 136 Computer Security Peter Reiher April 1, 2014 Lecture 1 Page 1 CS 136,

Introduction CS 136 Computer Security Peter Reiher April 1, 2014 Lecture 1 Page 1 CS 136, Spring 2014 Purpose of Class To introduce students to computer security issues To familiarize students with secure software development

1.18k views • 72 slides
More on Malware CS 136 Computer Security Peter Reiher March 4, 2008 Lecture 14 Page 1 CS

More on Malware CS 136 Computer Security Peter Reiher March 4, 2008 Lecture 14 Page 1 CS

More on Malware CS 136 Computer Security Peter Reiher March 4, 2008 Lecture 14 Page 1 CS 136, Winter 2008 Outline Introduction Viruses Trojan horses Trap doors Logic bombs Worms Botnets Spyware Some

701 views • 53 slides
Network Security: Continued CS 236 On-Line MS Program Networks and Systems Security Peter

Network Security: Continued CS 236 On-Line MS Program Networks and Systems Security Peter

Network Security: Continued CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Lecture 10 Page 1 CS 236 Online Firewall Configuration and Administration Again, the firewall is the point of attack for intruders

375 views • 16 slides
Malicious Software Computer Security Peter Reiher November 25, 2014 Lecture 12 Page 1 CS 136,

Malicious Software Computer Security Peter Reiher November 25, 2014 Lecture 12 Page 1 CS 136,

Malicious Software Computer Security Peter Reiher November 25, 2014 Lecture 12 Page 1 CS 136, Fall 2014 Outline Introduction Viruses Trojan horses Trap doors Logic bombs Worms Botnets Spyware Malware

838 views • 67 slides
Evaluating System Security CS 236 On-Line MS Program Networks and Systems Security Peter Reiher

Evaluating System Security CS 236 On-Line MS Program Networks and Systems Security Peter Reiher

Evaluating System Security CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Lecture 15 Page 1 CS 236 Online Evaluating Program Security What if your task isnt writing secure code? Its determining if someone

423 views • 16 slides
Securing Your System CS 236 On-Line MS Program Networks and Systems Security Peter Reiher

Securing Your System CS 236 On-Line MS Program Networks and Systems Security Peter Reiher

Securing Your System CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Lecture 19 Page 1 CS 236 Online Putting It All Together Weve talked a lot about security principles And about security problems And

209 views • 17 slides
Introduction to Cryptography CS 136 Computer Security Peter Reiher January 17, 2017 Lecture 3

Introduction to Cryptography CS 136 Computer Security Peter Reiher January 17, 2017 Lecture 3

Introduction to Cryptography CS 136 Computer Security Peter Reiher January 17, 2017 Lecture 3 Page 1 CS 136, Winter 2017 Outline What is data encryption? Cryptanalysis Basic encryption methods Substitution ciphers

1.16k views • 66 slides
Security Exercises for the Online Classroom with DETER Peter A. H. Peterson and Dr. Peter L.

Security Exercises for the Online Classroom with DETER Peter A. H. Peterson and Dr. Peter L.

Security Exercises for the Online Classroom with DETER Peter A. H. Peterson and Dr. Peter L. Reiher {pahp, reiher}@cs.ucla.edu Laboratory for Advanced Systems Research (LASR) University of California Los Angeles The 3 rd Workshop on Cyber

314 views • 28 slides
What is network security? Friends and enemies: Alice, Bob, Trudy What is network security?

What is network security? Friends and enemies: Alice, Bob, Trudy What is network security?

Network security Network security Foundations: what is security? cryptography Network Security Network Security authentication message integrity key distribution and certification Security in practice: Srinidhi Varadarajan

332 views • 6 slides
Outline Security Principles and Policies Security terms and concepts CS 239 Security

Outline Security Principles and Policies Security terms and concepts CS 239 Security

Outline Security Principles and Policies Security terms and concepts CS 239 Security policies Computer Security Basic concepts Peter Reiher Security policies for real systems January 13, 2005 Lecture 2 Lecture 2 Page 1

347 views • 9 slides
Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn

Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn

Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn Black J CSCI 6268/TLEN 5831, Fall 2004 Introduction UC Davis PhD in 2000 Cryptography Interested in broader security as well

492 views • 12 slides
Introduction CS 236 Advanced Computer Security Peter Reiher April 1, 2008 Lecture 1 Page 1

Introduction CS 236 Advanced Computer Security Peter Reiher April 1, 2008 Lecture 1 Page 1

Introduction CS 236 Advanced Computer Security Peter Reiher April 1, 2008 Lecture 1 Page 1 CS 236, Spring 2008 Outline Subject of class Class topics and organization Reading material Class web page Grading Projects

838 views • 50 slides
Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn

Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn

Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn Black J Lecture #2 Aug 25 th 2005 CSCI 6268/TLEN 5831, Fall 2005 Economist Survey Please read it Main points Security is a MUCH

600 views • 27 slides
Network Security Network Security Srinidhi Varadarajan Network security Network security

Network Security Network Security Srinidhi Varadarajan Network security Network security

Network Security Network Security Srinidhi Varadarajan Network security Network security Foundations: what is security? cryptography authentication message integrity key distribution and certification Security in practice:

634 views • 36 slides
Introduction CS 118 Computer Network Fundamentals Peter Reiher Lecture 1 CS 118 Page 1

Introduction CS 118 Computer Network Fundamentals Peter Reiher Lecture 1 CS 118 Page 1

Introduction CS 118 Computer Network Fundamentals Peter Reiher Lecture 1 CS 118 Page 1 Winter 2016 Purpose of the class To familiarize you with the basic concepts of computer networking Computer networks are increasingly key to

1.13k views • 66 slides
More on Cryptography CS 236 On-Line MS Program Networks and Systems Security Peter Reiher

More on Cryptography CS 236 On-Line MS Program Networks and Systems Security Peter Reiher

More on Cryptography CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Lecture 4 Page 1 CS 236 Online Outline Desirable characteristics of ciphers Stream and block ciphers Cryptographic modes Uses of

475 views • 29 slides

More recommend