Скачать презентацию EE 515 IS 523 Think Like an Adversary Lecture Скачать презентацию EE 515 IS 523 Think Like an Adversary Lecture

bd5bf8e4cade6d741c67d61b24e2cd5d.ppt

  • Количество слайдов: 43

EE 515/IS 523 Think Like an Adversary Lecture 1 Introduction Yongdae Kim EE 515/IS 523 Think Like an Adversary Lecture 1 Introduction Yongdae Kim

Instructor, TA, Office Hours ^ Instructor 4 Yongdae Kim -First time teaching in KAIST Instructor, TA, Office Hours ^ Instructor 4 Yongdae Kim -First time teaching in KAIST ; -) -First time teaching EE 515/IS 523 -16 th time teaching a security class 4 Email: yongdaek (at) ee. kaist. ac. Kr yongdaek (at) gmail. com -Please include ee 515 or is 523 in the subject of your mail 4 Office: EE 1226 4 Office Hours: MW 2: 45 ~ 3: 45 ^ TA 4 Senior: Jaeseong Jeong jsjung(at)netsys. kaist. ac. kr 4 Junior: Heeyoung Kim aliggo(at)kaist. ac. kr 4 Office hours: by appointment only

Crypto 1993 ETRI Crypto+Security 1998 USC Network/Distributed System Security 2002 UMN 2008 2012 KAIST Crypto 1993 ETRI Crypto+Security 1998 USC Network/Distributed System Security 2002 UMN 2008 2012 KAIST ^ 20 year career in security research 4 Applied Cryptography, Group key agreement, Storage, P 2 P, Mobile/Sensor/Ad -hoc/Cellular Networks, Social networks, Internet, Anonymity, Censorship ^ Published about 70 papers (3, 000 Google scholar citations) ^ 10 Ph. D, 9 MS, 15 BS advised 3

Class web page, e-mail ^ http: //syssec. kaist. ac. kr/courses/ee 515 4 Read the Class web page, e-mail ^ http: //syssec. kaist. ac. kr/courses/ee 515 4 Read the page carefully and regularly! 4 Read the Syllabus carefully. 4 Check calendar. ^ E-mail policy 4 Include [ee 515] or [is 523] in the subject of your e -mail

Textbook ^ Required: Papers! ^ Optional 4 Handbook of Applied Cryptography by Alfred J. Textbook ^ Required: Papers! ^ Optional 4 Handbook of Applied Cryptography by Alfred J. Menezes, Paul C. Van Oorschot, Scott A. Vanstone (Editor), CRC Press, ISBN 0849385237, (October 16, 1996) Available on-line at http: //www. cacr. math. uwaterloo. ca/hac/ 4 Security Engineering by Ross Anderson, Available at http: //www. cl. cam. ac. uk/~rja 14/book. html.

Overview ^ To discover new attacks ^ The main objective of this course is Overview ^ To discover new attacks ^ The main objective of this course is to learn how to think like an adversary. ^ Review various ingenuous attacks and discuss why and how such attacks were possible. ^ Students who take this course will be able to analyze security of the practical systems and

Course Content ^ Overview 4 Introduction 4 Attack Model, Security Economics, Legal Issues, Ethics Course Content ^ Overview 4 Introduction 4 Attack Model, Security Economics, Legal Issues, Ethics ^ Frequent mistakes 4 User Interface and Psychological Failures 4 Software Engineering Failures and Malpractices 4 Data mining/Machine Learning Failures ^ Case Studies 4 Peer-to-Peer System Security 4 Social Network Security and Privacy 4 Botnet/Malware 4 Cloud Computing Security 4 Internet Control Plane Security 4 Cellular Network Security 4 Mobile Phone Security 4 Security of Automobiles 4 Medical Device Security

Evaluation (IMPORTANT!) ^ News and paper survey (5%) ^ Lecture (20%) ^ Reading Report Evaluation (IMPORTANT!) ^ News and paper survey (5%) ^ Lecture (20%) ^ Reading Report (21 x 2% = 42%) ^ Project (30%) and ^ participation (3%)

News and Research Paper Survey ^ Every student needs to submit a summary of News and Research Paper Survey ^ Every student needs to submit a summary of news or a research paper twice ^ Submission 4 TBD ^ Submission date 4 Check class calendar ^ Topic 4 News and research papers should deal with security issues. 4 Your content should be different from others. Therefore, always check the current postings. 4 Use twitter, google reader ^ Length: maximum 1, 000 words, Grading: A – F ^ Subject: Title – Author (ID) – #-th

News Survey ^News must be fresh ^ published within two weeks from the due News Survey ^News must be fresh ^ published within two weeks from the due dates. ^Investigative/data journalism ^ No duplicate! ^ Do not rely on a single source. Read related articles. ^ Use your own language ^ Bibliography should be added. 4 "The register" (http: //www. theregister. co. uk/) 4 "Ars Technica" (http: //arstechnica. com/) 4 "Bruce Schneier's blog" (http: //www. schneier. com/) 4 F-secure web blog (http: //www. f-secure. com/weblog/) 4 etc.

Research Paper Summary ^ Independent from your group project ^ Published within the past Research Paper Summary ^ Independent from your group project ^ Published within the past three years. ^ Top security conference papers 4 ACM CCS 4 IEEE Symposium on Security and Privacy 4 Usenix Security 4 ISOC NDSS 4 For papers published in other conference, please get permission from me before posting ^ To summarize a paper, you often need to read more than one paper, as you might not have enough background on the topic.

Participation ^ Discussion on the forum 4 Especially, news and paper summary ^ Discussion Participation ^ Discussion on the forum 4 Especially, news and paper summary ^ Discussion during the class

Group Projects ^ Each project should have some Group Projects ^ Each project should have some "research" aspect. ^ Group size 4 Min 1 Max 5 ^ Important dates 4 Pre-proposal: Sep 17, 9: 00 AM. 4 Full Proposal: Sep 24, 9: 00 AM. 4 Midterm report: Oct 24, 9: 00 PM 4 Final report: Dec 12, 9: 00 AM. (NO EXTENSION!!). ^ Project examples 4 Attack, attack! 4 Analysis 4 Measurement

Grading ^ Absolute (i. e. not on a curve) 4 But flexible ; -) Grading ^ Absolute (i. e. not on a curve) 4 But flexible ; -) ^ Grading will be as follows 4 93. 0% or above yields an A, 90. 0% an A 4 85% = B+, 80% = B, 75% = B 4 70% = C+, 65% = C, 60% = C 4 55% = D+, 50% = D, and less than 50% yields an F.

And… ^ Incompletes (or make up exams) will in general not be given. 4 And… ^ Incompletes (or make up exams) will in general not be given. 4 Exception: a provably serious family or personal emergency arises with proof and the student has already completed all but a small portion of the work. ^ Scholastic conduct must be acceptable. Specifically, you must do your assignments, quizzes and examinations yourself, on your own.

TSS Body Scanner 17 TSS Body Scanner 17

Security Engineering ^ Building a systems to remain dependable in the face of malice, Security Engineering ^ Building a systems to remain dependable in the face of malice, error or mischance Attack Security System Service Deny Service, Degrade Qo. S, Misuse Prevent Attacks Communication Send message Eavesdrop Encryption Web server Serving web page Do. S CDN? Computer ; -) Botnet Destroy SMS Send SMS Shutdown Cellular Network Rate Control, Channel separation Pacemaker Heartbeat Control Remote programming and eavesdropping Distance bounding? Nike+i. Pod Music + Pedometer Tracking Don’t use it? Recommendation system Collaborative filtering Control rating using Ballot stuffing ?

A Framework ^Policy: what you are supposed to achieve Policy Incentives ^Mechanism: ciphers, access A Framework ^Policy: what you are supposed to achieve Policy Incentives ^Mechanism: ciphers, access control, hardware tamper Mechanism Assurance resistance ^Assurance: the amount of reliance you can put on each mechanism ^Incentive: to secure or to attack

Example (Airport Security) ^ Allowing knife => Policy or mechanism? ^ Explosive don’t contain Example (Airport Security) ^ Allowing knife => Policy or mechanism? ^ Explosive don’t contain nitrogen? ^ Below half of the weapons taken through screening? ^ Priorities: $14. 7 billion for passenger screening, $100 million for securing cockpit door ^ Bruce Schneier: Security theatre 4 The incentives on the decision makes favor visible controls over effective ones 4 Measures designed to produce a feeling of security rather than the reality

Example (Cablegate) ^ What happened? ^ What was wrong? ^ What should have been Example (Cablegate) ^ What happened? ^ What was wrong? ^ What should have been done?

Design Hierarchy ^What are we trying to do? ^How? ^With what? Policy Protocols Hardware, Design Hierarchy ^What are we trying to do? ^How? ^With what? Policy Protocols Hardware, crypto, . . .

Security vs Dependability ^ Dependability = reliability + security ^ Reliability and security are Security vs Dependability ^ Dependability = reliability + security ^ Reliability and security are often strongly correlated in practice ^ But malice is different from error! 4 Reliability: “Bob will be able to read this file” 4 Security: “The Chinese Government won’t be able to read this file” ^ Proving a negative can be much harder …

Methodology 101 ^ Sometimes you do a top-down development. In that case you need Methodology 101 ^ Sometimes you do a top-down development. In that case you need to get the security spec right in the early stages of the project ^ More often it’s iterative. Then the problem is that the security requirements get detached ^ In the safety-critical systems world there are methodologies for maintaining the safety case ^ In security engineering, the big problem is often maintaining the security requirements, especially as the system – and the environment – evolve

Terminologies ^ A system can be: 4 a product or component (PC, smartcard, …) Terminologies ^ A system can be: 4 a product or component (PC, smartcard, …) 4 some products plus O/S, comms and infrastructure 4 the above plus applications 4 the above plus internal staff 4 the above plus customers / external users ^ Common failing: policy drawn too narrowly

Terminologies ^ A subject is a physical person ^ A person can also be Terminologies ^ A subject is a physical person ^ A person can also be a legal person (firm) ^ A principal can be 4 a person 4 equipment (PC, smartcard) 4 a role (the officer of the watch) 4 a complex role (Alice or Bob, Bob deputising for Alice) ^ The level of precision is variable – sometimes you need to distinguish ‘Bob’s smartcard representing Bob who’s standing in for Alice’ from ‘Bob using Alice’s card in her absence’. Sometimes you don’t

Terminologies ^ Secrecy is a technical term – mechanisms limiting the number of principals Terminologies ^ Secrecy is a technical term – mechanisms limiting the number of principals who can access information ^ Privacy means control of your own secrets ^ Confidentiality is an obligation to protect someone else’s secrets ^ Thus your medical privacy is protected by your doctors’ obligation of confidentiality

Terminologies ^ Anonymity is about restricting access to metadata. It has various flavors, from Terminologies ^ Anonymity is about restricting access to metadata. It has various flavors, from not being able to identify subjects to not being able to link their actions ^ An object’s integrity lies in its not having been altered since the last authorized modification ^ Authenticity has two common meanings – 4 an object has integrity plus freshness 4 you’re speaking to the right principal

Terminologies ^ Trust vs. Trustworthy 4 Trusted system: whose failure can break the system Terminologies ^ Trust vs. Trustworthy 4 Trusted system: whose failure can break the system 4 Trustworthy system: won’t fail ^ An NSA man selling key material to the Chinese is trusted but not trustworthy (assuming his action unauthorized)

Terminologies ^ A security policy is a succinct statement of protection goals – typically Terminologies ^ A security policy is a succinct statement of protection goals – typically less than a page of normal language ^ A protection profile is a detailed statement of protection goals – typically dozens of pages of semiformal language ^ A security target is a detailed statement of protection goals applied to a particular system – and may be hundreds of pages of specification for both functionality and testing

Threat Model ^ What property do we want to ensure against what adversary? ^ Threat Model ^ What property do we want to ensure against what adversary? ^ Who is the adversary? ^ What is his goal? ^ What are his resources? 4 e. g. Computational, Physical, Monetary… ^ What is his motive? ^ What attacks are out of scope?

Terminologies ^ Attack: attempt to breach system security (DDo. S) ^ Threat: a scenario Terminologies ^ Attack: attempt to breach system security (DDo. S) ^ Threat: a scenario that can harm a system (System unavailable) ^ Vulnerability: the “hole” that allows an attack to succeed (TCP) ^ Security goal: “claimed” objective; failure implies insecurity

Goals: Confidentiality ^ Confidentiality of information means that it is accessible only by authorized Goals: Confidentiality ^ Confidentiality of information means that it is accessible only by authorized entities 4 Contents, Existence, Availability, Origin, Destination, Ownership, Timing, etc… of: 4 Memory, processing, files, packets, devices, fields, programs, instructions, strings. . .

Goals: Integrity ^ Integrity means that information can only be modified by authorized entities Goals: Integrity ^ Integrity means that information can only be modified by authorized entities 4 e. g. Contents, Existence, Availability, Origin, Destination, Ownership, Timing, etc… of: 4 Memory, processing, files, packets, devices, fields, programs, instructions, strings. . .

Goals: Availability ^ Availability means that authorized entities can access a system or service. Goals: Availability ^ Availability means that authorized entities can access a system or service. ^ A failure of availability is often called Denial of Service: 4 Packet dropping 4 Account freezing 4 Jamming 4 Queue filling

Goals: Accountability ^ Every action can be traced to “the responsible party. ” ^ Goals: Accountability ^ Every action can be traced to “the responsible party. ” ^ Example attacks: 4 Microsoft cert 4 Guest account 4 Stepping stones

Goals: Dependability ^ A system can be relied on to correctly deliver service ^ Goals: Dependability ^ A system can be relied on to correctly deliver service ^ Dependability failures: 4 Therac-25: a radiation therapy machine -whose patients were given massive overdoses (100 times) of radiation -bad software design and development practices: impossible to test it in a clean automated way 4 Ariane 5: expendable launch system -the rocket self-destructing 37 seconds after launch because of a malfunction in the control software -A data conversion from 64 -bit floating point value to 16 bit signed integer value

Interacting Goals ^ Failures of one kind can lead to failures of another, e. Interacting Goals ^ Failures of one kind can lead to failures of another, e. g. : 4 Integrity failure can cause Confidentiality failure 4 Availability failure can cause integrity, confidentiality failure 4 Etc…

Security Assessment ^ Confidentiality? ^ Availability? ^ Dependability? ^ “Security by Obscurity: ” 4 Security Assessment ^ Confidentiality? ^ Availability? ^ Dependability? ^ “Security by Obscurity: ” 4 a system that is only secure if the adversary doesn’t know the details. 4 is not secure!

Rules of Thumb ^ Be conservative: evaluate security under the best conditions for the Rules of Thumb ^ Be conservative: evaluate security under the best conditions for the adversary ^ A system is as secure as the weakest link. ^ It is best to plan for unknown attacks.

Security & Risk ^ We only have finite resources for security… Product A Product Security & Risk ^ We only have finite resources for security… Product A Product B Prevents Attacks: U, W, Y, Z Prevents Attacks: V, X Cost $10 K Cost $20 K ^ If we only have $20 K, which should we buy?

Risk ^ The risk due to a set of attacks is the expected (or Risk ^ The risk due to a set of attacks is the expected (or average) cost per unit of time. ^ One measure of risk is Annualized Loss Expectancy, or ALE: ALE of attack A Σ ( p. A × LA ) attack A Annualized attack incidence Cost per attack

Risk Reduction ^ A defense mechanism may reduce the risk of a set of Risk Reduction ^ A defense mechanism may reduce the risk of a set of attacks by reducing LA or p. A. This is the gross risk reduction (GRR): Σ (p. A × LA – p’A×L’A) attack A ^ The mechanism also has a cost. The net risk reduction (NRR) is GRR – cost.