Computer Security CS 426 Lecture 29

1
Computer Security CS 426Lecture 29

• Review of Second Half of the Course
• Exam covers whole course
• Consult HWs, Quizs, Mid-term, Slides

2
Cryptography (1)

• Goal of secure communication
• privacy (secrecy, confidentiality)
• authenticity, integrity
• Terminologies
• Steganography, cryptography, plaintexts,
  ciphertexts
• Adverserial models
• ciphertext-only, known-plaintext,
  chosen-plaintext, chosen-ciphertext
• Classical ciphers
• shift, substitution (frequency analysis),
  Vigenere
• One-time Pad, perfect secrecy

3
Cryptography (2)

• Stream ciphers, PRNG, weaknesses (avoid two-time
  pad)
• Block ciphers (DES, AES, parameters, brute-force
  attacks)
• Encryption modes ECB, CBC
• Public-key cryptography
• public-key encryption (RSA, how it works, )
• Cryptographic hash function
• three security properties, birthday attack
• well-known algorithms (parameters current
  attacks)

4
Cryptography (3)

• Message Authentication Code
• Digital Signature
• Public-key certificates, CA, root CA, trust
• Entity authentication
• password, one-time password, challenge-response
• Key agreement
• Diffie-Hellman
• (Incorrect) Usage web authentication, WEP
• SSL/TLS (What crypto tools are used?)

5
Intrusion Detection Systems

• Classification
• host vs. network,
• signature vs. anomaly-based (pros cons)
• Fase positive/false negative
• Host-based IDS data source, limitation
• Network-based IDS data source, limitation

6
Basic Network Security Problems

• Network packets pass by untrusted hosts
• Eavesdropping, packet sniffing (e.g., ngrep)
• IP addresses are public
• Smurf
• TCP connection requires state
• SYN flooding attack
• TCP state can be easy to guess
• TCP spoofing attack

7
Inherent DNS Vulnerabilities

• Users/hosts typically trust the host-address
  mapping provided by DNS
• Attacks
• Cache poisoning
• Attacking reverse DNS

8
Firewalls

• Stateless
• Stateful
• Proxy
• Personal

9
Browser Security Issues

• Bugs in browser
• Protecting the browser environment from active
  contents (mobile code), e.g., Java applets,
  ActiveX controls, Browser helpers, Javascripts
• Sandbox
• Signed scripts
• Isolation, same-origin policy
• Privacy issues
• Cookies
• Phishing

10
Common vulnerabilities

• Inadequate validation of user input
• Cross site scripting
• SQL Injection
• HTTP response splitting
• Broken session management
• Can lead to session hijacking and data theft
• Insecure storage
• Sensitive data stored in the clear.

11
Database Access Control

• grant/revoke
• views
• store procedure (invokers right/definers right)

12
Coming Attractions

• December 15
• Final Exam