Embed Size (px)
Citation preview
Chapter 6
SECURITY
Garbis Megerian
Jeff Dizon
Yuko Takagi
Topics
• Viruses, Worms, Trojan Horses– How they all work– Famous attacks– Ethical Evaluation
• Phreaks & Hackers
• Denial of Service Attacks & Online Voting
Introduction
• Computers getting faster & cheaper
• Today’s uses:– E-mail– Managing personal information– Shopping
• Increase in computer usage =
Increase importance of security
Viruses
• What is a virus?– piece of self-replicating code embedded
within another program (host)
• How are viruses spread?– E-Mail– CDs, floppy disks, etc.– Downloaded files
Viruses
• How a virus works:– A person executes a program P, infected by a virus– The virus begins to execute its code
• It finds another executable file Q and infects it
– Returns control back to program P w/out user suspecting a problem
Viruses• Famous viruses
– Brain Virus [1986]• 1st to move from one IBM PC to another
– Michelangelo Virus [1991]• On Michelangelo’s birthday (March 6), overwrites critical records
– Melissa Virus [1999]• Email attachment, sends itself to 1st 50 in address book, crashed
email servers, infected 100,000 computers in 1st weekend.• Poster of original virus sentenced to 20 months in jail, fined $5,000 &
100 hours community service
– Love Bug [2000]• Email attachment, sends itself to victim’s complete address book• Deleted some media found on hard disk & collected passwords.• Originated in Philippines by 23 year-old, but no laws=no prosecution.
Viruses
• Viruses today– Antivirus software, must keep up-to-date– People believe they are up-to-date but, really
aren’t– 2003 study at Oberlin College:
• System administrators found viruses in 90% of the computers running Windows.
– 2007 study by McAfee:• 92% said they were up-to-date, but only 49% really
were.
Worms
• What is a worm?– Self-contained program that spreads through
a computer network by exploiting security holes.
Worms• Famous Worms
– WANK [1989] (cyberterrorism)• NASA infected by antinuclear protestors b/c of the
robot probe Galileo filled w/ radioactive plutonium.
– Code Red [2001]• Exploited bug in Microsoft’s Information Services
software & spread among Windows Web servers to 359,000+ hosts in less than 14 hours.
– Sapphire [2003]• Fastest spreading worm in history (# of hosts
doubled every 8.5 seconds)…ended up affecting 78,000 computers.
• No malicious risk, just overloaded networks and made database servers inaccessible.
Worms
• Blaster [2003]– Exploited bug in Windows 2000 and XP computers.– Goal: to deny Microsoft customers access to
windowsupdate.com to fix the bug.
• Sasser [2004]– Affected 18 million computers worldwide– Damage: made millions of computers unusable &
disrupted some transportation operations.– Creator was 17 years old, and he was sentenced to
one and a half years probation and 30 hours of community service.
The Internet Worm
• Robert Tapping Morris, Jr.Robert Tapping Morris, Jr. background– Learned Unix OS in junior high.– Father security researcher at Bell Labs– Discovered security holes in Unix– Broke into networked computers & read other people’s emails.– After freshman year at Harvard, started work at Bell Labs.
• Designing the worm– Buffer overflow attack– Wish List:
• Infect 3 machines per LAN• Only consume CPU cycles if machines are idle• Avoid slow machines• Break passwords to spread to more machines
– Main Goal: • infect as many computers as possible, but don’t destroy any data files.
The Internet Worm• Launching the Worm [1988]
– Launched from an MIT lab,
– Quickly spread to thousands of computers at military installations, medical research facilities & universities.
– Bugs in worm itself crashed computers
– System administrators worked very hard to stop spread
• Consequences of his Worm– 1st person to receive a felony conv. under
U.S. Computer Fraud and Abuse Act.
– Sentenced to 3 years’ probation
– 400 hours community service
– Fined $10,000
The Internet Worm…Ethical?
• Kantian - NO– Morris’s will was selfish: seeking thrill– Used others’ machines without permission– Took measures to hide his identity
• Social Contract – NO– Violated property rights– Took advantage of security holes to gain access to computers– Denied access to legitimate users.
• Utilitarian – NO– Benefit: discovery of 2 significant security holes, and patch.– Waste of time to fix by system administrators.– Less productivity b/c unavailable computers.
• Final Answer – NOT ETHICALNOT ETHICAL– Not malicious, but selfish– Could’ve tried on a LAN, not entire internet
Trojan Horses
• What is a Trojan Horse?– Program that performs malicious activity in
disguise.– Program may look harmless, but isnt.
• Remote Access Trojan (RAT)– Program that gives hacker access to victim’s
computer• Famous examples: Back Orifice and SubSeven
– Attacker must trick victim into downloading RAT server.
Defensive Measures
• Need dedicated system administrators• Set up reasonable authorization/authentication
– Authorization: determining user’s permissions– Authentication: determining that a person is who he
says he is (password, smart card, fingerprint)• Choose smart passwords to foil a dictionary attack
• Firewall– Monitors packets flowing in/out
• Update OS regularly• Email filters
Compare & Contrast
• Virus– Self-reproducing– Embedded within another program
• Worm– Self-contained– Spread across network– Causes harm through security holes
• Trojan Horse– Harmless appearance, harmful purpose
Phreaks and Hackers
• Definition of Hacker:– A person who accesses a computer without
authorization.
• Modern use of the word "hacker" includes computer break-ins accompanied by malicious behavior.
• Original Definition of Hacker:– An explorer, a risk-taker, someone who tries to make
a system do something it has never done before.
• The word "hacker" abounded at MIT's Tech Railroad Club in 1950s-1960s.
• To them, hacking was a way of demonstrating creator's technical virtuosity.
• Calling someone a hacker was a sign of respect.• The will of the hackers is to make an
improvement.• A hacker is not malicious.
Hacking on the PDP-1
• The PDP-1 is a product made by Digital Equipment Corporation (DEC)
• DEC donated it to MIT in 1961• PDP-1 came with very little software, so the
hackers at MIT improved it– They converted an assembler for MIT's TX-0 computer
to PDP-1 machine language– Created Spacewar, the first video game, which was
distributed for free– Wrote a program that produces the sounds needed to
activate telephone switching equipment(Simply for exploration, not for defrauding AT & T )
Stewart Nelson
• Was one of the MIT hackers• He thought adding a new hardware
instruction to the PDP-1 would make it better
• Decided not to ask for permission to avoid waiting
• Sneaked in one night, and did some rewiring which caused another instruction to malfunction
Ethical Evaluation: Was Stewart Nelson wrong to modify the PDP-1 hardware without
permission?
• Kantian Evaluation– His will was to improve the PDP-1? --> No, because
this characterization allows an expected result to provide the motivation for an action.
– He disregarded the instructions to access to the machine.
– He disregarded the needs of the PDP-1 users whose work depended upon the reliability of the computer.
– He treated other human beings as means to an end.– Hence his action was WRONG.
Ethical Evaluation: Was Stewart Nelson wrong to modify the PDP-1 hardware without
permission?
• Social Contract Theory– By modifying a system he did not own, he
violated the rights of the legitimate owners and users.
– Hence his action was WRONG.
Ethical Evaluation: Was Stewart Nelson wrong to modify the PDP-1 hardware without
permission?
• Rule Utilitarian Evaluation– If everyone engaged in such behavior, people
make unauthorized changes. This results in less reliability and lowering productivity.
– Hence his action was WRONG.
Ethical Evaluation: Was Stewart Nelson wrong to modify the PDP-1 hardware without
permission?
• Act Utilitarian Evaluation– Benefit: He learned more about the computer.– Negative effects: Cost of fixing the machine.
People are unable to do things because of the malfunction he caused.
– Hence his action was WRONG.
Techniques to obtain valid login name / password
• Guessing– Effective when system administrators allow users to
have short passwords
• Dumpster driving– Looking through garbage for a piece of information
• Social Engineering– Manipulation of a person inside the organization to
gain access to confidential information– Easier in large organization where people don't know
each other.
Phone Phreaking
• Definition of Phreak:– A person who manipulates the phone system
in order to make free calls.
Historical methods phreaks used to access long-distance service:
• Stealing long-distance telephone access codes– Easiest way is shoulder-surfing
• Guessing long-distance telephone access codes– By programming a computer to try different codes.– Running computer all night typically gives about a
dozen hit.
• Using a "blue-box" to get free access to long-distance lines– "Blue-box" mimics the telephone system's own
access signal (a high-pitch tone)
Penalties for Hacking
• The computer Fraud and Abuse Act stated the following as illegal:– Transmitting code that causes damage to a computer system
(i.e. Virus, worm)– Accessing any computer connected to the Internet w/o
authorization, even if no files are modified, changed or copied– Transmitting classified government information– Trafficking in computer passwords– Computer Fraud– Computer extortion
Denial-of-Service Attacks
• intentional action design to prevent legitimate users from making use of a computer
• goal is not to steal information, but to disrupt a computer server’s ability to respond to its clients
• an example of an “asymmetric” attack; a single person can harm a huge organization such as a corporation or even a government
29
DoS Attacks
• In February 2000, a 15-year-old known as “Mafiaboy” initiated a DoS attack that disabled huge Web sites such as Amazon, Ebay, Yahoo, CNN, and Dell.
• Recently, many DoS attacks have focused on blacklist services, used by ISPs to shield customers from spam.
• 4,000 Web sites suffer from DoS attacks each week.
• Attackers use other computers to launch their attacks
30
Three major types of DoS Attacks
1. SYN flood attack2. Consumes all bandwidth on the target’s
network by generating large number of messages to the network.
• Smurf attack
3. Fill all available space on the target computer’s disk.
31
SYN flood attack
normal SYN flood attack
1. Attacker sends many spoofed SYN messages to target computer
2. Target sets aside part of its connection for each message and replies with a SYN-ACK and waits for a reply from the attacker
3. Since the attacker used a phony client, it cannot respond to the target’s SYN-ACK messages and the connections stay half-open
4. Target can only handle so many clients at one time; turns away legitimate users from connecting
32
Consumes all bandwidth on the target’s network by generating large number of messages to the network.
• Smurf attack1. Attacker finds routers/amplifiers which multiply messages, and sends “ping”
messages to the routers.
2. A computer receiving a “ping” is supposed to echo back to the sender.
3. The attacker spoofed the IP address making it look like it came from the target computer.
4. All the computers that received a “ping” echo back to the “spoofed” IP address/target, and floods the target’s network.
33
Fill up target’s computer disk
• Three ways to fill a target’s computer disk:1. Email bombing
o attacker sends target a flood of long email messageso usually combined with email spoofing to hide attacker’s identity
2. Attacker creates a worm that intentionally generates very long stream of errors; target computer logs errors in a data file which eventually fills disk up.
3. Attacker breaks into target computer and copies over files from another site.
34
Defensive Measures
1. Ensuring physical security of a server.
2. System administrators should benchmark the performance of their computer systems to establish baselines. Once baselines are known, it is easier to detect abnormal behavior that may indicate breach of security.
3. Disk quota systems: limit amount of disk space a single user can use; prevents an intruder from using up all the disk space.
4. Disabling unused network services; reduces attackers options.
5. Turning off amplifier network capabilities of routers; limits an attacker if used for a smurf attack.
6. Pattern-recognition software to detect DoS attacks; software discards requests for service from “clients” proven unreliable (blacklist, soft of.)
35
Distributed Denial-of-Service
• DDoS attack– Attacker gains access to thousand of computers– Installs software that enables him/her to launch a
simultaneous attack– Attacker sends a command to the “hijacked”
computers and they launch their attack– Typically a smurf attack but on a much larger scale
with thousands of computers involved in the attack
36
SATAN
• Security Administrator Tool for Analyzing Networks (SATAN)– created by Dan Farmer– probes system computers for security weaknesses– critics thought that it might turn relatively unskilled
teenagers into computer hackers– no SATAN exploits materialized– Served its purpose by helping system admins identify
and fix security problems within their networks
37
Online Voting
• Motivation for Online Voting– 2000 Presidential Election– Closest contests in U.S. history– Florida was the pivotal state– Manual recount of votes stated that Bush received 2,912,790
while Gore received 2,912,253.– Two problems with the keypunch voting:
• Stylus doesn’t punch through hole cleanly, which are not counted by automatic vote tabulators
• “butterfly ballot” – people mistakenly punched the hole for Pat Buchanan thinking it was for Al Gore.
– may have cost Al Gore the presidency
38
Butterfly Ballot
39
Proposals
• Many suggested voting via the Internet to cast absentee ballots
• Online voting already a reality– Used in 200 Alaska Republican Presidential preference– 2000 Arizona Democratic Presidential primary– Local elections in United Kingdom
• 100,000 Americans in military and living overseas were going to have the opportunity to vote over the Internet in 2004 until government cancelled the experiment at the last minute
40
Utilitarian Evaluation
• Benefits of Online Voting:– People who cannot go to the polls can vote from home– Votes over the internet can be counted much faster– Electronic votes will not have the ambiguity associated with
physical votes such as hanging chad, erasures, etc.– Elections online will cost less money– Online voting will eliminate the risk of someone tampering with a
ballot box containing physical votes– Allows people to vote for multiple candidates if necessary– Can easily prevent overvoting—choosing too many candidates– Can reduce undervoting by separating each office in separate
pages
41
Utilitarian Evaluation
• Risks of Online Voting:– Unfair because it gives an advantage those who are financially better off
– Makes it more difficult to preserve the privacy of the voter (same system authenticates voter also records ballot)
– Increases the opportunities for vote solicitation and vote selling
– A Web site hosting an election is an obvious target for a DDoS attack
– Voting is done from home computers—security of the election depends on the security of these home computers
– A virus can change a person’s vote without the person’s knowledge
– A Trojan in a voter’s computer could allow a person’s vote be obserrved by an outsider
– Attack can fool a user into thinking he was connected to the vote server and steals information/credentials, which he can then use to “legitimately” vote
42
Utilitarian Analysis
• A utilitarian analysis must add up positive and negative outcomes
• Not all outcomes have equal weight• Must consider probability of the outcome, value of the
outcome in each person, and the number of people affected
• It is difficult to come up with reasonable weights for each outcome
• Experts could have different estimates for each, therefore, it is very difficult to come up with a proper utilitarian evaluation
43
Kantian Analysis
• Focus on the principle that the will of each voter be reflected in that voter’s ballot
• The integrity of each ballot is vital• Therefore, every vote should leave a paper
record, so a recount can be done in the event of a controversy
• Eliminating paper records to achieve the ends of saving time and money or boosting voter turnout is WRONG from a Kantian perspective.
44
