CS%20285%20Network%20Security

1
CS 285 Network Security

• Fall 2008

2
Course Information

• When and Where
• Tuesday/Thursday 11am-1215pm
• 209 Featheringill Hall
• Instructor Yuan Xue (yuan.xue_at_vanderbilt.edu)
• Office 383 Jacobs Hall, Phone 615-322-2926
• Office hours Monday/Thursday 2pm-3pm or by
  appointment.
• Web http//vanets.vuse.vanderbilt.edu/xue/cs285f
  all08/index.html

3
Books and References

• Textbook
• WS Cryptography and Network Security
  Principles and Practice (4th Edition) by William
  Stallings
• Reference books
• KPS Network Security Private Communication in
  a Public World (2nd Edition), by Charlie Kaufman,
  Radia Perlman, Mike Speciner
• CSP Security in Computing (3rd Edition), by
  Charles P. Pfleeger, Shari Lawrence Pfleeger
• MB Computer Security Art and Science, by
  Matthew A. Bishop

4
Course Component

• Lecture
• Slides white board
• Take note
• Online digest/slides
• Participation
• Discussion
• Presentation
• Homework
• 5 assignments
• Midterm
• Project

• Grading Policy
• Participation 10
• Homework 35
• Midterm 25
• Project 30

5
What you will learn from this course

• What is Security?
• Where the security problems come from?
• Potential threats to a system
• What are the solutions?
• Apply an appropriate mix of security measures
  (protective, defensive, etc)
• Knowing what has worked, what has failed.

• Security involves many aspects
• Operating system, programming language,
  administration and policy
• Our Focus
• Network Security

6
Course Topics

• Security Basics and Principles
• Symmetric/ Asymmetric Cryptography
• Basic concept, algorithm, mechanism,
• Design principles
• Security Practices
• Secure protocols, systems and applications
• Hand-on experiences
• Secure network programming
• Hot Topics and Recent Development
• Wireless security, DoS attack, etc.

7
Survey and Feedback

• Your input is important
• Online Survey
• http//www.zoomerang.com/Survey/?pWEB22873V62YWQ
• Feedback

8
What is security?

• In general, security is the condition of being
  protected against danger or loss. (Wikipedia)
• In computer security and network security
• What are the subjects that need to be protected?
• Lets start with some terms
• System
• computer, network, application, data, resource
• Principal an entity that participate in a system
• user, person

9
What is security?

• Computer Security
• Confidentiality means that only authorized people
  or system can access the data or resource.
• Integrity refers to the trustworthiness of data
  or resources.
• Data integrity means that data can only be
  modified by authorized people or system in
  authorized ways
• Origin integrity means that the source of the
  data is trustworthy, also called authentication.
• Message authentication means messages received
  are exactly as sent (i.e. no modification,
  insertion, deletion, or replay), and the ID of
  the sender is valid.
• Note timing information
• Availability means that people has the ability to
  use the information or resource desired.

10
Where the security problem comes from?

• Lets look at some example systems
• Bank
• Bookkeeping
• Core operations
• customer account, journals recording the
  transactions
• Who has the access to the information?
• Banks own staff what if they cheat?
• ATM
• Authenticate users based on card and ID number
• Lets go Internet
• The user how do we know they are the real
  (authenticate) user?
• Protect web servers and bookkeeping database

11
Where the security problem comes from?

• Hospital
• Patient record system
• Who can access the record?
• Many parties insurance company, care giver,
  researcher, etc
• Complicated -- role can change
• Privacy issue HIPPA
• Anonymize the record for research
• Is it sufficient?
• Show me all records of 59-year-old males who were
  treated for a broken collarbone on September 15,
  1966
• Drug management
• Lets go to Web
• .

12
Issues that will be addressed in this class
13
Network Security Issues
Network Security

• From a Computer to Internet
• Single computer
• Networking environment
• Secure communication in a public environment
• Computer system security with remote access

Application
Application
TCP/UDP
TCP/UDP
IP
IP
IP
IP
Link
Link
Link
Link
Internet
14
Some Simple Scenarios
Alice
Bob
Read content of the message from Bob to Alice
Darth
Application
Application
TCP/UDP
TCP/UDP
IP
IP
IP
IP
Link
Link
Link
Link
Internet
15
Some Simple Scenarios
Alice
Bob
Modify content of the message from Bob to Alice
Darth
Application
Application
TCP/UDP
TCP/UDP
IP
IP
IP
IP
Link
Link
Link
Link
Internet
16
Some Simple Scenarios
Alice
Bob
capture the message from Bob to Alice And replay
the message later
Darth
Application
Application
TCP/UDP
TCP/UDP
IP
IP
IP
IP
Link
Link
Link
Link
Internet
17
Some Simple Scenarios
Alice
Bob
Pretend to be Bob to send a message to Alice
Darth
Application
Application
TCP/UDP
TCP/UDP
IP
IP
IP
IP
Link
Link
Link
Link
Internet
18
Some Simple Scenarios
Alice
Bob
Interrupt
Darth
Application
Application
TCP/UDP
TCP/UDP
IP
IP
IP
IP
Link
Link
Link
Link
Internet
19
Some Simple Scenarios
Alice
Bob
Observe message pattern
Darth
Application
Application
TCP/UDP
TCP/UDP
IP
IP
IP
IP
Link
Link
Link
Link
Internet
20
What are the solutions?
21
Why many solutions fail?

• Protect wrong things
• Protect right things in the wrong way

22
What are the solutions?

• Security Basics and Principles
• Symmetric/ Asymmetric Cryptography
• Basic concept, algorithm, mechanism,
• Security Practices
• Secure protocol designs
• Secure systems and applications

23
How to study network security?

• Principle of Easiest Penetration
• An intruder are expected to use any available
  means of penetration.
• Computer security specialists must consider all
  possible means of penetration.
• Learning methodology
• examine all possible vulnerabilities of the
  system
• consider available countermeasures.