Embed Size (px)
Citation preview
Network Security and Privacy
Vitaly Shmatikov
CS 378
http://www.cs.utexas.edu/~shmat/courses/cs378_spring05/
Course Personnel
Instructor: Vitaly Shmatikov• Office: TAYLOR 4.115C• Office hours: Thursday, 3:30-4:30pm (after
class)• Open door policy – don’t hesitate to stop by!
TA: Justin Brickell• Office hours TBA
Watch the course website• Assignments, reading materials, lecture notes
This course is an experiment!• First UT course on network security
Prerequisites
Required: CS 372 (Operating Systems)• My course has a substantial implementation
component• No waivers!
Recommended: Introduction to Computer Security; Cryptography; Computer Networks• Not much overlap with this course, but will help
gain deeper understanding of security mechanisms and where they fit in the big picture
Recommended: exposure to C programming• Project will involve implementing buffer overflow
exploits in C
Class Poll
Introduction to computer security?• Access control, Web security, sandboxing, firewalls?
Cryptography?• Public-key and symmetric encryption, digital
signatures, cryptographic hash, random-number generators?
Computer networks?• Network architecture, application and transport
layer protocols?
Programming in C?
Course Logistics
Lectures• Tuesday, Thursday 2-3:30pm
Five homeworks (40% of the grade)• One or two may involve implementation
Project (15% of the grade)• Involves a fair bit of implementation• Security is a contact sport!
Midterm (20% of the grade) Final (25% of the grade) UTCS Code of Conduct will be strictly
enforced
Course Materials
Textbook: William Stallings. “Network Security Essentials: Applications and Standards.”• Focuses on details of deployed security systems• Lectures will focus on “big-picture” principles and
ideas of network attack and defense• Attend lectures! Lectures will cover some material
that is not in the textbook – and you will be tested on it!
Occasional assigned readings• Start reading “Smashing the Stack For Fun and
Profit” by Aleph One (from Phrack hacker magazine)• Understanding it will be essential for your project
Other Helpful Books
Ross Anderson. “Security Engineering”.• Focuses on design principles for secure systems• Wide range of entertaining examples: banking,
nuclear command and control, burglar alarms• Ross Anderson is famous for hacking tamper-
resistant hardware
Kaufman, Perlman, Speciner. “Network Security: Private Communication in a Public World”. • Comprehensive network security textbook
Main Themes of the Course
Vulnerabilities of networked applications• Worms, denial of service attacks, malicious code
arriving from the network, attacks on infrastructure
Defense technologies• Protection of information in transit: cryptography,
application- and transport-layer security protocols • Protection of networked applications: firewalls and
intrusion detection
Study a few deployed systems in detail: from design principles to gory implementation details• Kerberos, SSL/TLS, IPSec
What This Course is Not About
Not a comprehensive course on computer security
Not a course on ethical, legal or economic issues• No file sharing, DMCA, free speech issues
Only cursory overview of cryptography• Take CS 346 for deeper understanding
Only some issues in systems security• No access control, OS security, secure hardware• Will cover buffer overflow: #1 cause of remote
penetration attacks
No language-based security
Motivationhttps://
Excerpt From “General Terms of Use”
YOU ACKNOWLEDGE THAT NEITHER WELLS FARGO, ITS AFFILIATES NOR ANY OF THEIR RESPECTIVE EMPLOYEES, AGENTS, THIRD PARTY CONTENT PROVIDERS OR LICENSORS WARRANT THAT THE SERVICES OR THE SITE WILL BE UNINTERRUPTED OR ERROR FREE; NOR DO THEY MAKE ANY WARRANTY AS TO THE RESULTS THAT MAY BE OBTAINED FROM USE OF THE SERVICES OR THE SITE, OR AS TO THE TIMELINESS, SEQUENCE, ACCURACY, RELIABILITY, COMPLETENESS OR CONTENT OF ANY INFORMATION, SERVICE, OR MERCHANDISE PROVIDED THROUGH THE SERVICES AND THE SITE.
“Privacy and Security”
“As a Wells Fargo customer, your privacy and security always come first.”
• Privacy policy for individuals• Online privacy policy• Our commitment to online security• Online and computer security tips• How we protect you• General terms of use
What Do You Think?
What do you think should be included in “privacy and security” for an e-commerce
website?
?
Desirable Security Properties
Authenticity Confidentiality Integrity Availability Non-repudiation Freshness Access control Privacy of collected information Integrity of routing and DNS infrastructure
Syllabus (1): Security Mechanisms
Basics of cryptography• Symmetric and public-key encryption,
certificates, cryptographic hash functions, pseudo-random generators
Authentication and key establishment• Case study: Kerberos
IP security• Case study: IPSec protocol suite
Web security• Case study: SSL/TLS (Transport Layer Security)
Syllabus (2): Attacks and Defenses
Buffer overflow attacks Network attacks
• Distributed denial of service• Worms and viruses• Attacks on routing infrastructure
Defense tools• Firewalls and intrusion detection systems
Wireless security Privacy-enhancing technologies
network
Attack on Confidentiality
Confidentiality is concealment of information
Eavesdropping,packet sniffing,illegal copying
network
Attack on Integrity
Integrity is prevention of unauthorized changes
Intercept messages,tamper, release again
network
Attack on Authenticity
Authenticity is identification and assurance of origin of information
Unauthorized assumption ofanother’s identity
network
Attack on Availability
Availability is ability to use information or resources desired
Overwhelm or crash servers,disrupt infrastructure
Network Stack
application
presentation
session
transport
network
data link
physical
IP
TCP
email, Web, NFS
RPC
802.11
Sendmail, FTP, NFS bugs, chosen-protocol andversion-rollback attacks
SYN flooding, RIP attacks,sequence number prediction
IP smurfing and otheraddress spoofing attacks
RPC worms, portmapper exploits
WEP attacks
Only as secure as the single weakest layer…
Network Defenses
Cryptographic primitives
Protocols and policies
Implementations
Building blocks
Blueprints
Systems
RSA, DSS, SHA-1…
SSL, IPSec, access control…
Firewalls, intrusiondetection…
…all defense mechanisms must work correctly and securely
Correctness versus Security
Program or system correctness: program satisfies specification
• For reasonable input, get reasonable output
Program or system security: program properties preserved in face of attack
• For unreasonable input, output not completely disastrous
Main difference: active interference from adversary
Modular design may increase vulnerability• Abstraction is very difficult to achieve in security: what if
the adversary operates below your level of abstraction?
Bad News
Security often not a primary consideration• Performance and usability take precedence
Feature-rich systems may be poorly understood• Higher-level protocols make mistaken assumptions
Implementations are buggy• Buffer overflows are the “vulnerability of the decade”
Networks are more open and accessible than ever • Increased exposure, easier to cover tracks
Many attacks are not even technical in nature• Phishing, impersonation, etc.
Better News
There are a lot of defense mechanisms• We’ll study some, but by no means all, in this course
It’s important to understand their limitations• “If you think cryptography will solve your problem,
then you don’t understand cryptography… and you don’t understand your problem” -- Bruce Schneier
• Many security holes are based on misunderstanding
Security awareness and user “buy-in” help Other important factors: usability and
economics
Reading Assignment
Stallings, sections 1.1-1.5 Start reading buffer overflow materials on
the website
