U.S. National Cybersecurity Understanding Internet Security - PowerPoint PPT Presentation

About This Presentation

U.S. National Cybersecurity Understanding Internet Security


U.S. National Cybersecurity Understanding Internet Security William J. Perry Martin Casado Keith Coleman Dan Wendlandt MS&E 91SI Fall 2004 – PowerPoint PPT presentation

Number of Views:143
Avg rating:3.0/5.0
Slides: 41
Provided by: KeithC48
Learn more at: http://web.stanford.edu


Transcript and Presenter's Notes

Title: U.S. National Cybersecurity Understanding Internet Security

U.S. National CybersecurityUnderstanding
Internet Security
  • William J. Perry
  • Martin Casado Keith Coleman Dan Wendlandt
  • MSE 91SI
  • Fall 2004
  • Stanford University

  • Axess Email lists
  • Coursework Forum
  • Bios/Photos

Goal Provide Working Knowledge of Internet
  • What is Security?
  • Attack Classifications
  • Internet Security Mechanisms
  • Discussion Questions (if time)

What is Security ?
The Big Five
  • Security is traditionally broken up into
  • 1) Availability
  • 2) Integrity
  • 3) Confidentiality
  • 4) Authentication
  • 5) Access Control

Security From What?
  • What can disrupt the higher-level services
    running on the Internet?
  • Attacks
  • Accidents
  • Failures

NASA Control Room
Failures on the Internet
  • Why do security failures matter?
  • Security failures affect the Internets ability
    to function as a reliable and secure critical

  • Def. vulnerability (n)
  • a state with the potential to lead to a failure
  • Where can vulnerabilities exist in technology?

Services (Amazon, SCADA) Applications (Word, IE,
Email Client) Service-Level Protocols (http,
smtp) Network and Network Protocols (ip,
tcp) Operating Systems (Windows, Linux, Cisco
IOS) Physical Hardware (cables, routers,
CPUs) Basic Infrastructure (electricity)
Attack Classifications(not mutually exclusive)
Vulnerabilities Attacks
  • The nature of the network technologies,
    protocols, and operators are the basis for
  • Attacks can (and will) come at vulnerabilities in
    every layer.
  • Big Question What is it about the Internet
    architecture that causes these vulnerabilities to

Scanning Fingerprinting
What is it?
  • Reconnaissance technique to explore networks,
    classify analyze connected hosts, and identify
    potential vulnerabilities.
  • Example nmap security scanner

  • What is it?
  • The use of vulnerabilities in or
    misconfiguration of software or hardware to gain
    access to information or resources on a system.
  • Exploits may be manual or automated.
  • worms/viruses are exploits with code to
    facilitate propagation.
  • example Blaster worm exploits RPC bug

Trojaned Software
What is it? Software/Hardware with hidden
functionality that its use allows an attacker an
avenue to access a system or its
information. This is sometimes also referred to
as a backdoor.
Example A free copy of MSWord downloaded off of
Kazaa may have been modified to include a trojan
leading to a compromise.
Denial of Service
What is it?
  • The malicious consumption of resources in order
    to make a system incapable of fulfilling its
    designed role.
  • Attacks are often distributed to increase
    resource consumption (zombies or botnets).
  • example SYN flood against Yahoo

Social Engineering Attack
  • What is it?
  • Any attempt that employs non-technical means to
    attack a system. Often the attacker uses
    information gleaned from outside sources to
    produce false credentials (dumpster diving).
  • Attacks are often hybrid, relying on human and
    technical factors.
  • example Beagle virus used email domain name to
    pose as a message from the users ISP.

Access Control Failures
  • What is it?
  • Failure to set up adequate access control
  • Default configurations
  • Privilege revocation
  • Example default administrator password for

Authentication Failures
  • What is it?
  • Some authentication schemes are better than
  • Passwords
  • Public Key Crypto
  • Example phishing schemes that steal passwords
    break the authentication model.

Infrastructure Attack
What is it?
  • An attack against the core systems that operate
    as the Internet infrastructure. Attacks can be
    either physical or virtual, often focusing on
    central points of failure.
  • example Attack on root DNS servers.

Insider Threats
  • What is it?
  • Attacks that exploit an existing trust
    relationship to harm the overall security of a
  • example former employee uses knowledge of a
    companys network systems and passwords to steal
    customer information entrusted to the company

Traffic Sniffing/Modification
  • What is it?
  • Using access to a link or infrastructure system
    to examine or modify the contents of Internet
    traffic. Similar to a phone tap, with ability to
    change contents.
  • example ISPs potential for information

Dont Forget
  • Attacks are only one of the reasons systems can
    fail. There are many other, perhaps less
    exciting, ways systems are vulnerable.

Internet Security Mechanisms
What is Cryptography
  • A critical TOOL in securing information systems
    and their communications.
  • You may have heard of
  • SSL
  • Trusted Computing
  • Public Key Cryptography
  • Tripwire

Cryptography Overview
  • Crypto can great hard guarantees (backed by
    math) in the digital world similar to those we
    have long relied upon for security in the
    physical world
  • - Data Encryption (privacy)
  • No one else can read my message
  • - Data Integrity
  • My message has not been modified
  • My message is from who it says it is
  • Also provides for some improved authentication

Cryptography Examples
  • How do these mechanisms function?
  • (at 10,000 feet)

Problems with Crypto
  • Bad Standards
  • WEP, CSS
  • Bad Implementation
  • IE, OpenSSL
  • Attacks on Authentication
  • Phishing, password sniffing
  • Weak back-end
  • Weak link, insider attacks
  • Encryption is often slow cumbersome
  • PKI has difficulty scaling to large numbers

Ideal vs. Real Internet Security
  • Ideally we can utilize authentication and access
    control to protect systems and data.
  • In reality this is not practical.
  • E.g. What if everyone needed to be authenticated
    to talk to you computer?
  • Additionally, authentication schemes are only as
    secure as those using them.
  • E.g. An uneducated but authenticated user may
    install a trojan.

Attack Detection/Prevention
  • Firewalls Software to inspect packets, compare
    them to rules and drop traffic specified by these
  • Intrusion Detection/Prevention Systems (IDS/IPS)
    Software to inspect traffic flows for
    signatures or other behavior that appears to be
  • Anti-Virus Software Inspects files for signs of
    infectious programs and eliminates them.
  • These mechanisms can either be deployed on
    individual hosts or on dedicated network servers.

  • Fix vulnerabilities in software that may lead to
    exploitation. Patch management is major hidden
    cost to companies.
  • Important
  • - Process is still embarrassingly manual
  • - Gap between release of patch first exploit
    in the wild is shrinking (Witty worm and
  • - Often patches are not applied to critical
    systems because updates sometimes have conflicts
    that can break software running on the systems.
  • Do we patch?
  • Check out Security Holes? Who Cares by Eric
    Rescorla. http//www.rtfm.com/upgrade.pdf

Process, Education Risk Assessment
  • Often forgotten as security mechanisms
  • - Having well-defined and consistent
    preparation, response, and recovery plans across
    an organization.
  • - Attempting to secure humans, often the weakest
  • - Determining the danger associated with each
    potential vulnerability.

Discussion Questions
  • For traffic on the Internet, can we determine who
    a packet come from?
  • Two levels
  • Can we tell what computer sent a given
    packet?(what are the implications of source
  • Can we attribute a packet to a human?
  • - What does this say about our ability to catch
    and prosecute perpetrators of online attacks?
    What about active response?

Determining Intent
  • Can you infer intent from analyzing network
    traffic? What about at the application level?
  • What is the different between a denial of service
    attack and normal overwhelming usage?
  • What is more important, the intent or the result
    of Internet traffic?
  • What about enablement versus use?

Trust Relationships
  • What are key trust relationships relating to
    cybersecurity? Think about
  • - designers
  • - developers
  • - distributors
  • - owners
  • - operators
  • - users
  • If security is a weakest-link issue, what
    forces keep one of these trust links from

The Power of the Core
  • How much control do we have with determining
    where traffic flows on the Internet, and what
    entities have control over it?
  • What can someone on route potentially do? How
    can you trust the integrity of what you see?
  • What does it take to have control of the Internet

Infrastructure Attacks
  • How vulnerable is the actual Internet
    infrastructure to attacks?
  • Could a single group bring down the Internet?
    What does this mean? What kind of resources
    would it take?
  • How reliant is the Internet on a relatively few
    critical systems?
  • What happens when you rely on the security of
    infrastructure that you have absolutely no
    control over? As a company? As a country? How
    does this compare to security in the physical

Determining Identity
  • How can we trust an Internet entity is who they
    say they are?
  • Why is this process more difficult than it is in
    the brick mortar world?
  • How important is this for a critical
  • Do our solutions for providing identity scale to
    the millions of actions on the Internet?

Overwhelming Complexity
  • What does the extreme complexity of the Internet
    mean for our ability to secure it?
  • Are there just too many things that could go
    wrong to ever possibly be able to completely rely
    on it?
  • In what way does the complexity impact our
    ability to educate average users? Is user
    education necessary? Is effective user education
    even possible?
  • Will the Internet become more or less complex to
    manage in the future?

Why is this so hard?
  • What are the major barriers to providing
    security guarantees for an information system on
    the Internet?
  • What (or who) are the weak links for security
  • Can we ever really secure a usable Internet
    computer system? (e.g. directed attack)
  • How does software size complexity relate to our
    ability to secure a system? What is zero-day?
Write a Comment
User Comments (0)
About PowerShow.com