Got Security? Information Assurance Considerations for Your Research, Course Projects, and Everyday Life

1
Got Security? Information Assurance
Considerations for Your Research, Course
Projects, and Everyday Life

• James Cannady, Ph.D.
• Assistant Professor

2
Information Security

• Those measures, procedures, or controls which
  provide an acceptable degree of safety of
  information resources from accidental or
  unauthorized intentional disclosure,
  modification, or destruction.
• Based on the assumption that others either want
  your data or want to prevent you from having it.
• Insecurity is the result of flaws, improper
  configurations, errors and bad design.
• Patches and security add-ons merely address the
  symptoms, not the cause.

3
Information Security Problem

• A large, rapidly growing international issue
• Key to growth of digital environments
• Critical infrastructure at risk
• True magnitude of the problem unknown

4
Why bother with Information Security??

• Some of our information needs to be protected
  against unauthorized disclosure for legal and
  competitive reasons
• All of the information we store and refer to must
  be protected against accidental or deliberate
  modification
• Information must be available in a timely
  fashion.
• We must also establish and maintain the
  authenticity (correct attribution) of documents
  we create, send and receive
• If poor security practices allow damage to our
  systems, we may be subject to criminal or civil
  legal proceedings
• Good security can be seen as part of the market
  development strategy

5
The Changing Security Environment

• The landscape for information security is
  changing
• From closed systems and networks to Internet
  connectivity
• From manual to automated processes
• Increased emphasis of information security as
  core/critical requirement

6
Evidence

• 90 businesses detected computer security
  breaches within the last twelve months
• 70 reported a variety of serious computer
  security breaches (e.g., theft of proprietary
  information, financial fraud, system penetration
  from outsiders, denial of service attacks and
  sabotage of data or networks)
• 74 acknowledged financial losses due to
  computer breaches
• 19 reported ten or more incidents
• Source Computer Security Institute 2000
  Computer Crime and Security Survey

7
Specific Security Issues Solutions

• The Four Big Issues
• Authentication Validation of transmissions,
  messages, and users
• Confidentiality Assurance that information is
  not disclosed to unauthorized entities or
  processes
• Integrity Assurance that information is not
  modified by unauthorized entities or processes
• Reliability Availability Assurance that
  information systems will function when required

8
Authentication

• Validation of transmissions, messages, and users
• IP Spoofing
• Filtering routers
• Fake Web Sites
• Web Site Certification
• DNS certification
• Unauthorized Users
• IP authentication
• Identification devices
• Intrusion Detection Systems

9
Confidentiality

• Assurance that information is not disclosed to
  unauthorized entities or processes
• Sniffing
• Encryption
• Intrusion Detection
• Unauthorized File Access
• Firewalls
• Intrusion Detection Systems

10
Integrity

• Assurance that data or processes have not been
  altered or corrupted by chance or by malice
• Corrupted Web Sites
• Web Site Certification
• Intrusion Detection
• Corrupted Data Bases
• Encryption
• Intrusion Detection

11
Reliability Availability

• Assurance that information systems will function
  when required
• Denial of Service Attacks (e.g. SYN flooding)
• Bandwidth
• Attack Detection
• Redundancy

12
The Threat Environment

• Information technology is more vulnerable than
  ever
• Open
• Distributed
• Complex
• Highly Dynamic
• Attacks are becoming more sophisticated
• Tools to exploit system vulnerabilities are
  readily available and require minimal expertise

13
Typical Threats

• Eavesdropping and sniffing
• System Penetration
• Authorization Violation
• Spoofing/Masquerading
• Tampering
• Repudiation
• Trojan Horse
• Denial of Service

14
Common Security Mechanisms

• Obscurity
• Firewalls
• Intrusion Detection
• Vulnerability/Security Assessment Tools
• Virus Detection
• Host Security
• Authentication Systems
• Cryptography

15
InfoSec Hard Problems

• 1999 INFOSEC Research Council
• Defines nine particularly difficult security
  problems impacting all aspects of IT.

16
InfoSec Hard Problems

• Intrusion Detection
• The timely and accurate detection of network
  attacks
• Extremely important
• No shortage of COTS
• Limited effectiveness and reliability

17
InfoSec Hard Problems

• Intrusion Response
• What do you do after an attack is detected?
• What do you do when youre wrong?

18
InfoSec Hard Problems

• Malicious Code Detection
• Trojan horses, dead code, etc.
• Example Windows 98

19
InfoSec Hard Problems

• Controlled Sharing of Sensitive Information
• Sharing information from a variety of sources to
  different recipients.
• Classified information in an Open Environment

20
InfoSec Hard Problems

• Application Security
• How do the applications enforce their own
  requirements?
• How does it effect the rest of the network?

21
InfoSec Hard Problems

• Denial of Service
• Simple and effective
• Unfortunately there is currently no method
  available of identifying and responding to a
  denial of service attack in an efficient and
  autonomous manner
• (National Research Council, 1998).

22
InfoSec Hard Problems

• Communications Security
• Protecting information in transit from
  unauthorized disclosure, and providing support
  for anonymity in networked environments.

23
InfoSec Hard Problems

• Security Management Infrastructure
• Providing tools and techniques for managing the
  security services in very large networks that are
  subject to hostile attack.

24
InfoSec Hard Problems

• Information Security for Mobile Warfare
• Developing information security techniques and
  systems that are responsive to the special needs
  of mobile tactical environments.
• Wireless security

25
Advantages of InfoSec Research

• Important problem
• Touches all aspects of IT
• Little research has been done
• Large variety of potential dissertation topics
• Can be incorporated into other IT topics
• Opportunities for publications
• Growing number of publications
• Can add InfoSec to more traditional topic to
  increase opportunities
• Huge job market for those with experience
• Job openings for network security professionals
  have increased 200 percent in the past six months

26
In Review

• Security is a complex and growing area of
  information technology
• There are numerous opportunities for InfoSec
  research
• Demonstrated security experience can be a key
  discriminator in any IT career

27
Ongoing Research at NSU

• Benedict Eu Dynamic Computer Defense in Depth
• Dennis Bauer Intrusion detection using
  evolution strategies
• Jim Dollens Intrusion detection using computer
  system DNA
• Al Fundaburk Developing an information security
  curriculum

28
Questions?
Dr. James Cannady cannady_at_nova.edu (954)
262-2085 http//scis.nova.edu/cannady