Final Flashcards

Question

Spheres of Protection

Answer 1

``` between each layer of use there must exist a layer of protection to prevent access to next inner layer  shaded bands in the figure … (Avoidance) controls that can be applied to humans! (Avoidance) controls that can be applied to technology! ```

Answer 2

``` selective restriction of access to a physical place, computer system or other resource  the act of ‘accessing’ may mean entering, using, consuming … ```

Answer 3

``` identification – obtain identity of an entity requesting access to a logical or physical area (obtain credentials)  authentication – confirm identity of the entity seeking access …  making sure user’s credentials are not false – the user ‘is’ who they claim to be  authorization – determine whether the authenticated entity is permitted to access a particular system (e.g., OS, firewall, router, database, …) and its resources (e.g., system’s files)  typically implemented by means of access control lists / rules ```

Answer 4

‘Authorization profile’ of the user is matched against | ‘Access profile’ of a specific/requested object.

Answer 5

it does not mean they are given access to anything and everything. Authorization ensues that the requested object or activity on an object is possible based on the privileges assigned to the subject.

Answer 6

``` mechanism that provides info about an unverified entity – aka supplicant – that wants to be granted access to a logical or physical area  must be a unique value that can be mapped to one and only one entity within the administered domain  in most organizations, identification = name OR (initial + surname) ```

Answer 7

``` process of validating a person’s (supplicant’s) purported identity  types of authentication mechanisms: 1) something you know  password or passphrases 2) something you have  cryptographic tokens or smart cards 3) something you are - static biometrics  fingerprints, palm prints, iris scans, … 4) something you produce - dynamic biometrics  pattern recognition of voice, signature / handwriting, typing rhythm ```

Answer 8

``` Something you know …  authentication mechanisms based on use of passwords/pins and passphrases  password – combination of characters that only the user should know  challenge: should be simple enough to remember, and complex enough for cracking  bad examples: name of spouse, child, pet  passphrase – plain-language phrase typically longer but stronger than a password, from which a virtual password is derived  examples: Linksys, Windows 7 and up Authentication: Something you know … CPIMFF = Cheese Pizza Is My Favorite Food ```

Answer 9

``` Password cracking is becoming very trivial with the vast amount of computing power readily available for anyone who desires so. At a current rate of 25$ per hour, an AWS p3.16xlarge nets you a cracking power of 632GH/s (assuming we’re cracking NTLM hashes). This means we’re capable of trying a whopping 632.000.000.000 different password combinations per second! ```

Answer 10

objects used for purpose of user authentication are called ‘tokens’  token + PIN/password provides significantly greater security than password alone  an adversary must gain physical possession of the token (or be able to duplicate it) in addition to ‘cracking’ the password  types of tokens:  static tokens  dynamic synchronous (one-time password) tokens  dynamic asynchronous (challenge-response) tokens

Answer 11

e.g.: swipe card, smart card, RFID tags  swipe cards - ID and ATM cards  aka ‘dumb cards’, transmit same credential every time – the credential (base secret) is impractical to memorize  PIN/password not on the card – ATM encrypts PIN provided by user and sends it to a database for verification …  smart card - swipe cards with a chip  chip contains a CPU, memory blocks (RAM, ROM, …) and on-chip encryption module  stores 100x data stored on magnetic strip: encrypted PIN & other info about card holder  card checks user’s PIN & generates a certificate to authorize transaction process …

Answer 12

Synchronous (One-Time Password) Tokens  small LCD device that generates a unique new password periodically (e.g., every 60 seconds)  token combines ‘base secret’ with a clock to generate new password  token and authentication server must have their clocks synchronized – which is often a challenge!

Answer 13

``` instead of time, token uses a challenge/nonce provided by the system to generate the password  e.g., token can generate the password by 1) applying a unique hash function to (user’s base secret + nonce) 2) encrypting nonce using user’s/token’s public key ```

Answer 14

``` authentication mechanisms that takes advantage of users’ unique physical characteristics, including  fingerprints  facial characteristics  retina  iris  in contrast to password/token authentic., biometric systems do not look for a 100% match – person’s characteristics are inherently ‘noisy’  pattern recognition must be involved  very effective but costly if a large number of biometric readers need to be installed! ```

Answer 15

is required

Answer 16

``` A sample of biometric reading is captured. The sample is processed into feature set. Feature set is converted into a template. enrolment stage in biometric systems is much more involved !!! it is hart if not impossible in some type of biometrics to achieve 100% match ```

Answer 17

is required

Answer 18

different types of biometric information / measurements that can be used to discriminate between different individuals

Answer 19

Universality – all individuals must be characterized by this information • Uniqueness / Distinctiveness – this information must be as dissimilar as possible for two different individuals • Permanency / Stability – this information should be present during the whole life of an individual • Collectability / Measurability – this information should be measured in an easy manner • Performance – this information can be used to build accurate, fast and robust biometric/authentication systems • Acceptability – how willing individuals are to have this biometric information captured and assessed Performance – this information can be used to build accurate, fast and robust biometric/authentication systems

Answer 20

Resistance to Attack – how easy it is for this information | to be forged

Answer 21

``` Iris scanner Authentication: Something you are … IRIS - colored section of an eye scan = 2 seconds of near IR imaging  subject can be at some distance  alcohol consumption changes iris  ```

Answer 22

RETINA - cannot be seen by naked eye - the network of blood vessels most reliable biometrics, aside from DNA  but can be affected by eye-disease  scan = 15 seconds of low-energy IR scanning  subject has to be close to scanner 

Answer 23

many biometric systems are | based on image processing

Answer 24

1) systems for IDENTIFICATION  perform 1:n comparison to identify a user from a database of n users 2) systems for AUTHENTICATION  perform 1:1 comparison to check whether a user matches his profile Authentication: Something you are …  Types of Biometric Systems something you know – to identify the user

Answer 25

in all biometrics schemes, some physical characteristic of the individual is mapped into digital representation  however, physical characteristics may change  facial contours and color may be influenced by clothing, hairstyle, facial hair, …  the results of fingerprint scan may vary as a function of: finger placement, finger swelling and skin dryness …  multiple mappings may have to be taken in order to create a (statistically) useful biometric representation / profile  a biometric sensor must be able to adapt to a broad range of appearances

Answer 26

``` statistical distribution of ‘match score’ between user’s new scan and user’s stored profile/record unfortunately, range of scores/features for any particular user is likely to overlap with scores/ /features of other users  by moving the ‘decision threshold’, sensitivity of biomet. system changes move t to left ⇒ system more tolerant to noise , but also system more likely to accept wrong person ```

Answer 27

% of authorized users who are denied access  false negatives do not represent a threat to security but an annoyance to legitimate users

Answer 28

% of unauthorized / fraudulent users who are allowed access to system  represent serious security breach

Answer 29

1-FR the higher the FR, the less convenient an application is because more subjects are incorrectly rejected …

Answer 30

1-FA the lower the FA, the fewer imposter users (adversaries) are incorrectly accepted into the system

Answer 31

point at which FRR = FAR – Operating Point of choice for most biometric systems – provides balance between sensitivity & performance (i.e., convenience & security)  techniques with 1% CER superior to 5% CER as threshold moves to the left, system becomes ‘less sensitive’ and the value of FRR decreases but the value of FAR increases as threshold moves to the right, system becomes ‘more sensitive’ and the value of FRR increases but the value of FAR decreases

Answer 32

Assume a system where each airport passenger is identified with a unique frequent flyer number and then verified with a fingerprint sample. The systems false reject (FR) rate for finger is: 0.03 (= 3%). 5000 people / hour are requesting access to the airport during a 14 hour day. How many people will fail to be verified in a day? # rejected passengers = = (5000 * 0.03) [rejects / hour] * 14 [hours] = = 150 [rejects / hour] * 14 [hours] = = 2100 [rejects]

Answer 33

authentication mechanisms that makes use of something the user performs or produces:  signature recognition  voice recognition  keystroke recognition  less costly than ‘what you are’ systems, but not as reliable  signature, voice, keystroke pattern may change significantly with time and under different circumstances

Answer 34

``` Authentication that examines normal actions performed by the user, e.g. keystroke dynamics. measure/observe various time-related parameters during a user’s interaction with a keyboard ```

Answer 35

With keystroke dynamics the biometric template used to identify an individual is based on the typing pattern, the rhythm and the speed of typing on a keyboard. The raw measurements used for keystroke dynamics are dwell time and flight time. Dwell time is the time duration that a key is pressed Flight time is the time duration in between releasing a key and pressing the next key When typing a series of characters, the time the subject needs to find the right key (flight time) and the time he holds down a key (dwell time) is specific to that subject, and can be calculated in such a way that it is independent of overall typing speed. The rhythm with which some sequences of characters are typed can be very person dependent. For example someone used to typing in english will be quicker at typing certain character sequences such as ‘the’ than a person with french roots. There exists software which combines keystroke dynamics with other interactions the user has with the computer, such as mouse movements (acceleration time, click frequency).

Answer 36

Organizations implementing biometrics must carefully balance a system’s effectiveness against its perceived intrusiveness and acceptability to users …

Answer 37

``` breaking (try to ‘get into’ the system by using a legitimate password) disabling (prevent legitimate user from getting into the system) ```

Answer 38

``` Standard DoS Attack Attacker’s goal is to prevent victimserver from providing access/service to all legitimate user. Targeted DoS Attack Attacker’s goal is to prevent one particular victim-user from obtaining access/service from a server. Most systems ‘lock-out’ a user after multiple login attempts using false password …. ```

Answer 39

Systems that use one authentication credential (e.g. something you know) are known as one-factor authentication systems. Most computer systems / applications are one-factor authentication systems – they rely on passwords only. Systems that require strong protection typically combine multiple authentication mechanisms – e.g. something you have and something you know. They are known as two-factor authentication systems. For example, access to a bank’s ATM requires a banking card + a personal identification number (PIN).

Answer 40

Spoof biometric data as someone else. Modify the signal processing unit to (e.g.) cause DoS on legitimate users. ``` Spoof the signal between the sensor and signal processing unit. (e.g. replay voice) ``` Alter the content of the template database. Alter the matching process / software.

Answer 41

a secret word/string of characters used to authenticate a user into a system  critical (often only) defense against intruders  ideal password: easy to remember, hard to ‘crack’  Google frequently releases lists of common password types which are insecure as they are too easy to guess / get off social media  name of a pet, child, family member, spouse  names of birthplaces, favorite sports teams  birthdays, anniversary dates  overly complex passwords are as dangerous as very simple ones  the user likely to write it down or to reuse it

Answer 42

\storing in plane text is bad idea

Answer 43

```  in most systems, passwords are stored in a protected (hash) form ⇒ snooper that gains internal access to system cannot easily retrieve/steal passwords  every time a user logs in, password handling software runs the hash algorithm  if (new hash = stored hash), access is granted ```

Answer 44

storing hash instead | of password

Answer 45

testing a password against stored hash

Answer 46

try every password at login prompt in real time  very slow! 8-character password of 76 possible characters (upper & lower case, digits, common symbols) = 1.1x1015 possibilities 2 to 3 passwords a second ⇒ 5,878,324 years to guess a password  extremely noisy! most systems block the victim account after several failed login attempts

Answer 47

assumes the possession of passwd/hash file

Answer 48

``` password hashes are stored in Security Account Manager (SAM) file  stored in C:\Windows\System32\config or HKEY_LOCAL_MACHINE\SAM registry - neither of them can be opened/copied on normal boot-up of the OS (i.e., while computer running) – file used by OS ```

Answer 49

Accessing SAM – requires administrative privileges | File in Windows to be copied / dumped

Answer 50

``` Copy of SAM file is now stored on C drive as a file named ‘sam’. However, this file is encrypted using SysKey!!! So, a dump of SYSTEM hive/file is also needed! ```

Answer 51

The SAM file is encrypted with the SysKey which is stored in %SystemRoot%\system32\config\system file. During the boot-time of Windows the hashes from the SAM file get decrypted using the SysKey and these hashes are then loaded to the registry and used for authentication purpose. Both system and SAM files are unavailable (i.e., locked by kernel) during Windows’ runtime. Tools like mimikatz (on Windows) and samdump2 (on Linux) can be used to extract hashes from SAM

Answer 52

text file: /etc/shadow (/etc/passwd)  readable by system administrator (root) only getent shadow admin When a new user is created in Linux it affects 4 files /etc/passwd /etc/group /etc/shadow /etc/gshadow /etc/passwd file is essentially the user account database in which Linux stores valid accounts and related information about these accounts; typically has file system permissions that allow it to be readable by all users of the system When a new user is created in Linux it affects 4 files /etc/passwd /etc/group /etc/shadow /etc/gshadow /etc/shadow file contains hashed passwords and bookkeeping information; accessible only by the super user

Answer 53

etc/passwd Format From the above image: ``` Username: It is used when user logs in. It should be between 1 and 32 characters in length. Password: An x character indicates that encrypted password is stored in /etc/shadow file. Please note that you need to use the passwd command to computes the hash of a password typed at the CLI or to store/update the hash of the password in /etc/shadow file. User ID (UID): Each user must be assigned a user ID (UID). UID 0 (zero) is reserved for root and UIDs 1-99 are reserved for other predefined accounts. Further UID 100-999 are reserved by system for administrative and system accounts/groups. Group ID (GID): The primary group ID (stored in /etc/group file) User ID Info (GECOS): The comment field. It allow you to add extra information about the users such as user’s full name, phone number etc. This field use by finger command. Home directory: The absolute path to the directory the user will be in when they log in. If this directory does not exists then users directory becomes / Command/shell: The absolute path of a command or shell (/bin/bash). Typically, this is a shell. Please note that it does not have to be a shell. For example, sysadmin can use the nologin shell, which acts as a replacement shell for the user accounts. If shell set to /sbin/nologin and the user tries to log in to the Linux system directly, the /sbin/nologin shell closes the connection. ```

Answer 54

Username : It is your login name. Password : It is your encrypted password. The password should be minimum 8-12 characters long including special characters, digits, lower case alphabetic and more. Usually password format is set to $id$salt$hashed, The $id is the algorithm used On GNU/Linux as follows: $1$ is MD5 $2a$ is Blowfish $2y$ is Blowfish $5$ is SHA-256 $6$ is SHA-512 Last password change (lastchanged) : Days since Jan 1, 1970 that password was last changed Minimum : The minimum number of days required between password changes i.e. the number of days left before the user is allowed to change his/her password Maximum : The maximum number of days the password is valid (after that user is forced to change his/her password) Warn : The number of days before password is to expire that user is warned that his/her password must be changed Inactive : The number of days after password expires that account is disabled Expire : days since Jan 1, 1970 that account is disabled i.e. an absolute date specifying when the login may no longer be used.

Answer 55

``` In the case of brute-force password cracking, there is no particular strategy when generating password guesses. The entire possible space of passwords is explored. ```

Answer 56

``` a method of gaining unauthorized access to a computer system by trying different passwords  cracking difficulty ∼ size of password space & ‘diversity’ of password characters ```

Answer 57

``` aka exhaustive password search  entire password space is ‘tried’  starts by using simple combinations of characters, and then gradually moves to more complex/longer ones  (may be) effective for passwords of small size, but too time consuming for long passwords  examples of brute-force crackers  Cryptool  Cain and Able  John the Ripper  Ophcrack ```

Answer 58

a) On 26-letter alphabet, password of length exactly 1/2/n ``` S1-Letter= 261 S2-Letter= 26*26 = 262 Sn-Letter= 26*26*…*26 = 26n ``` b) On A-character alphabet (lett. + numb.), passw. of length n: Sn-character= A^n = 36^n c) On A-character alphabet, passwords up-to n characters

Answer 59

``` Tina has to create a password for the security of a software program file. She wants to use a password with 3 letters. How many passwords are allowed if no letter is repeated and the password is not case sensitive? L1 L2 L3 : A (B-Z) (C-Z) 26*25*24 = 15,600 Password Cracking (cont.) 26 25 24 ```

Answer 60

A system allows passwords consisting of 4 lower-case letters followed by 3 digit numbers. How many passwords are possible if there are no restrictions. L1 L2 L3 L4 D1 D2 D4 264 *103 = 456,976,000

Answer 61

``` the search space is further reduced by focusing on most likely combinations of words and/or numbers … Attack Example: Biased Attack on 4-Digit Pins Assume a system requires that access passwords be comprised of 4 digits. Total unbiased search space: Many people use some important personal dates to generate 4-digit passwords. Biased search space: any number between 0000 – 9999 (10,000) only 366 possible combinations! ```

Answer 62

users often create passwords using common dictionary words  instead of trying every password, dictionary attack probes only common dictionary words  faster than brute force, as it uses smaller (more likely) search space  still might take considerable time, and might fail in the end

Answer 63

Many studies on effectiveness of dictionary attack have been conducted. Not 100% effective, but enough passwords were cracked to make the use of this attack worthwhile.

Answer 64

``` achieves TIME-SPACE tradeoff by pre-computing a list of hashes of dictionary words  pre-computed hashes are compared against those in a stolen password file  rainbow tables 1) pregenerated sets/lists of hashes – n*Gbyte size!!!  2) allow extremely rapid searching ```

Answer 65

``` adding a unique random value to each password before hashing  both the hash and salt are stored  does not fully prevent against password cracking, but makes it harder / more time consuming ``` ``` It is hard, if not impossible, to prevent users from choosing ‘weak’ passwords So, ideally, the system would additionally ‘strengthen’ user passwords. ``` hello Found in most attack dictionaries and rainbow tables! hello3ab9 Cannot be found in common dictionaries or rainbow tables

Answer 66

storing hash & salt instead of password logging into an existing account: testing a password against stored hash

Answer 67

For every word in a dictionary (or an ‘extended’ dictionary): 1) add the User’s salt 2) hash 3) compare

Answer 68

in case of a compromised Password File  (simple) dictionary and rainbow attacks impossible to perform  prevents duplicate passwords from being visible in password file  becomes impossible to find out whether a person has used the same password on multiple systems

Answer 69

Company A requires that its employees pick 6-character passwords made up of combinations of lowercase letters, uppercase letters, and digits (62 possibilities). No other characters are allowed, and a given user’s password must not use any character twice. Example: ab98CD Company B requires that its employees pick 12-character passwords, where each of the 12 can be any of 100 possible characters. Unlike for Company A, Company B’s employees can reuse characters in their passwords. However, Company B finds that users often make mistakes with these long passwords, so if an authentication attempt fails, the login server helps the user by telling them how many of the initial letters were correct. For example, if a password entered was ‘abcdefgij’ and the server replies “Wrong, but the first 4 letters were correct”, then ‘abcd’ are correct, ‘e’ is wrong, and nothing is revealed about the correctness of the letters after ‘e’. Suppose an attacker is trying to guess/crack the password of user U1 at Company A, and user U2 at Company B. Both usernames are valid at the respective companies, and the users have chosen passwords that conform with the policy. a) Write down an expression for the # of attempts the attacker needs for guessing the password of user U1 at Company A. Solution: Example: ab98CD Total # of allowed characters = 26 + 26 + 10 = 62 Total # of possible passwords = 62*61*60*59*58*57 = = 4.4 * 1010 Example: Password policies – which one is better?! b) Write down an expression for the # of attempts the attacker needs for guessing the password of user U2 at Company B. Solution: The key for this part of the problem is that the attacker can use feedback provided by the login process to speed up the ‘cracking’ process. To start, the attacker can try 100 passwords that each differ in their first character. One of these must succeed. In addition, when it succeeds, in the worst case the attacker is told that the second character in the attempted password is incorrect. Therefore, once the attacker learns that the first character is correct, they also can eliminate 1 of the possibilities for the second character. Password: bszi1289AMLK 1st round of 100 guesses: aa, ba, ca, da, … 2nd round of 99 guesses: bba, bca, bda, bea, …, bsa, bta, … At this point, they make another 100 − 1 = 99 guesses, each of which uses the first character learned in the previous step, and tries a different second character (excluding the character that the attacker has already learned is not correct for the second position). This process continues until they try candidates for all 12 positions, requiring at worst a total of: # of possible passwords = 100+99+99+ ... + 99 = = 100 + 99 · 11 = 1189 38 Password Example (cont.) b is correct, a is not. In the next round, do not check a

Answer 70

Damage must be quantifiable! Threat has to be real (probable)! ``` Threat Vulnerability Asset People Procedure Data Software Hardware Networking Act of human error or failure Deliberate act of trespass Deliberate act of extortion Deliberate act of sabotage Deliberate software attacks Technical software failures Technical hardware failures Forces of nature Etc ``` sheer existence of a vulnerability does NOT mean there is an actual RISK (i.e., harm will be caused

Answer 71

``` provides relative numerical risk ratings/scores for each vulnerability  in risk management, it is not the presence of a vulnerability that really matters, but the associated risk! ```

Answer 72

1) possibility that a threat acts upon a vulnerability AND is successful 2) how severe the consequences would be R = P * V ``` P = probability of risk-event occurrence V = value lost / cost to organization ```

Answer 73

R = Pa ⋅ Ps ⋅ V Pa = probability that an attack/threat (against a vulnerability) takes place  Ps = probability that the attack successfully exploits the vulnerability V = value lost / cost to organization

Answer 74

``` R = Pa ⋅ (1-Pe) ⋅ V Pe = probability that the system’s security measures effectively protect against the attack (reflection of system’s security effectiveness) R = Pa ⋅ (1-Pe) ⋅ V Ps Ps = probability that the attack is successfully executed (i.e., system defences are NOT effective) Pe = probability that the attack is NOT successfully executed (i.e., system defences are effective) ```

Answer 75

R = P ⋅ V – CC ⋅ (P ⋅ V) + UK ⋅ (P ⋅ V) LE = Loss Expectancy (i.e. Potential Loss / Risk before Control is Applied)= P ⋅ V ⋅ [ 1 – CC + UK ] P = probability that certain vulnerability (affecting a particular asset) gets exploited – equivalent to Pa  V = value of information asset ∈ [1, 100]  CC = current control = percentage/fraction of risk already mitigated by current control  UK = uncertainty of knowledge = fraction of risk that is not fully known

Answer 76

Asset A Has a value of 50. Has one vulnerability, with a likelihood of 1.0. No current control for this vulnerability. Your assumptions and data are 90% accurate. Asset B Has a value of 100. Has two vulnerabilities: * vulnerability #2 with a likelihood of 0.5, and a current control that addresses 50% of its risk; * vulnerability #3 with a likelihood of 0.1 and no current controls. Your assumptions and data are 80% accurate. Which asset/vulnerability should be dealt with first ?!

Answer 77

The resulting ranked list of risk ratings for the three vulnerabilities is as follows: Asset A: Vulnerability 1 rated as 55 = 50 * 1 * (1.0 - 0 + 0.1) Asset B: Vulnerability 2 rated as 35 = 100 * 0.5 * (1 - 0.5 + 0.2) Asset B: Vulnerability 3 rated as 12 = 100 * 0.1 * (1 – 0 + 0.2)

Answer 78

1) Information asset inventory worksheet 2) Weighted asset worksheet 3) Weighted threat worksheet 4) TVA worksheet 5) Ranked vulnerability risk worksheet  extension of TVA worksheet, showing only the assets and relevant vulnerabilities  assigns a risk-rating ranked value for each uncontrolled asset-vulnerability pair

Answer 79

Once all vulnerabilities/risks are evaluated, the company has to decide on the ‘course of action’ – often influenced by 1) risk level ($$$) 2) cost of treatment ($$$) ...

Answer 80

Avoidance  do not proceed with the activity or system that creates this risk  Reduced Likelihood (Control) - implement  by implementing suitable controls, lower the chances of the vulnerability being exploited  Transference  share responsibility for the risk with a third party  Mitigation  reduce impact should an attack still exploit the vulnerability  Acceptance - do not implement  understand consequences and acknowledge risks without any attempt to control or mitigate

Answer 81

``` strategy that results in complete abandonment of activities or systems due to overly excessive risk  usually results in loss of convenience or ability to preform some function that is useful to the organization  the loss of this capacity is traded off against the reduced risk profile ``` • Avoidance – strategy that results in complete abandonment of activities or systems due to overly excessive risk  usually results in loss of convenience or ability to preform some function that is useful to the organization  the loss of this capacity is traded off against the reduced risk profile Recommended for vulnerabilities with very high risk factor that are very costly to fix.

Answer 82

``` Risk control strategy that attempts to prevent exploitation of vulnerability by means of following techniques:  application of technology  implementation of security controls & safeguards, such as: anti-virus software, firewall, secure HTTP and FTP servers, etc.  policy  e.g. insisting on safe procedures  training and education  change in technology and policy must be coupled with employee’s training and education Likelihood (Control) Recommended for vulnerabilities with high risk factor that are moderately- to low- costly to fix. ```

Answer 83

risk control strategy that attempts to shift risk to other assets, other processes or other organizations  if organization does not have adequate security experience, hire individuals or firms that provide expertise  ‘stick to your knitting’!  e.g., by hiring a Web consulting firm, risk associated with domain name registration, Web presence, Web service, ... are passed onto organization with more experience Recommended for vulnerabilities with high risk factor that are moderately costly to fix if employing outside expertise.

Answer 84

Risk control strategy that attempts to reduce the significance of impact caused by a vulnerability – includes 3 plans: Risk Control Strategies (cont.) • Mitigation – risk control strategy that attempts to reduce the significance of impact caused by a vulnerability – includes 3 plans: Recommended for vulnerabilities that are low (but not zero) risk and moderately to high costly to fix

Answer 85

assumes NO action towards protecting an an information asset – accept outcome ...  should be used only after doing all of the following  assess the probability of attack and likelihood of successful exploitation of a vulnerability  approximate annual occurrence of such an attack  estimate potential loss that could result from attacks  perform a thorough cost-benefit analysis assuming various protection techniques  determine that particular asset did not justify the cost of protection! steps to be discussed Risk Control Strategies (cont.) Recommended when vulnerability risk << cost of any control.

Answer 86

Risk that organization is willing to accept after implementing risk- mitigation controls

Answer 87

``` Risk that has not been completely removed, reduced or planned for, after (initial) risk-mitigation controls have been employed  goal of information security is not to bring residual risk to 0, but to bring it in line with companies risk tolerance  risk-mitigation controls may (have to) be reinforced until residual risk falls within tolerance ```

Answer 88

‘Spotting’ the most significant | vulnerabilities in the sea of potential vulnerabilities.

Answer 89

``` predicts level of monetary loss for each threat, and monetary benefit of controlling the treat  each element is quantified and entered into equations, e.g.:  asset value  threat likelihood/frequency/probability  severity of vulnerability  damage impact  safeguard cost ```

Answer 90

``` in a manner that would allow the same scale to be used across multiple risk assessments Quantitative Analysis ```

Answer 91

is the standard way of measuring risk in many fields, such as finance and insurance, but it is not commonly used to measure risk in information systems. Two of the reasons claimed for this are: 1) the difficulties in identifying and assigning a value to assets, and 2) the lack of statistical information that would make it possible to determine frequency. Thus, many of the risk assessment tools that are used today for information systems are measurements of qualitative risk.”

Answer 92

scenario based approach - uses labels & relative values (high/low) rather than numbers; blends in experience & personal judgment Example: threat likelihood/frequency (i.e., vulnerability exploitation) categories

Answer 93

``` • Requires simple (if any) calculations. • Considers hands-on opinions of individuals who know the process best ```

Answer 94

``` Easier to automate and evaluate. • Very useful in performance tracking - enables credible cost/benefit analysis. ```

Answer 95

``` aka economic feasibility study - quantitative decision-making process in which for each high-risk vulnerability:  determine the loss in value if the asset (with this vulnerability) remained unprotected  determine the cost(s) of protecting the asset using various approaches  compare available alternatives and arrive at a decision with best financial outcome … ``` Company should not spend more to protect an asset than the asset is worth!

Answer 96

``` combination of the following:  cost of buying/developing hardware, software, service  cost of installing, maintaining, upgrading hardware, software, service  cost to train and re-train personnel  as well as the direct profit gained from the utilization of the asset ! ```

Answer 97

Exposure – percentage loss that would occur from a given vulnerability being exploited by a given threat Factor (EF)

Answer 98

most likely loss (in value) from an attack SLE = AV * EF Example: A Web-site’s SLE due to a DDoS Attack Estimated value of a Web-site: AV = $ 1,000,000. A DDoS on the site would result in 10% losses of the site value (EF=0.1). SLE for the site: AV * EF = $ 100,000. Quantitative Risk Analysis (cont.) Would it be worth investing in anti-DDoS system that costs $150,000 a year?

Answer 99

``` indicates how often an attack is expected to successfully occur in a year (e.g., 2x a year => ARO=2)  if an attack occurs once every 2 years ⇒ ARO = 0.5 ```

Answer 100

``` Annualized Loss – overall loss incurred by an attack (i.e. by exploiting a vulnerability) in each year Expectancy (ALE) ```

Answer 101

A widget manufacturer has installed new network servers, changing its network from P2P, to client/server-based network. The network consists of 200 users who make an average of $20 an hour, working on 200 workstations. Previously, none of the workstations involved in the network had an anti-virus software installed on the machines. This was because there was no connection to the Internet and the workstations did not have USB/disk drives or Internet connectivity, so the risk of viruses was deemed minimal. One of the new servers provides a broadband connection to the Internet, which employees can now use to send and receive email, and surf the Internet.

Answer 102

* 200 employees * 200 workstations * $20 hour ``` One of the managers read in a trade magazine that other widget companies have reported an annual 75% chance of virus infection after installing T1 lines, and it may take up to 3 hours to restore the system. A vendor will sell licensed copies of antivirus for all servers and the 200 workstations at a cost of $4,700 per year. The company has asked you to determine the annual loss that can be expected from viruses, and whether it is cost effective to purchase licensed copies of anti-virus software. ```

Answer 103

Very simplistic scenario. Other losses could be: erased (IP) documents, lost emails, impact on reputation, etc. ARO = 0.75 SLE = 200 user * ($ 20 / user-hour) * 3 hours = $ 12,000 ALE = ARO * SLE = $ 9,000 ACS = $ 4,700 Because the ALE is $9,000, and the cost of the software that will minimize this risk is $4,700 per year, this means the company would save $4,300 per year by purchasing the software ($9,000 - $4,700 = $4,300).

Answer 104

– expresses cost benefit of a safeguard – i.e., determines whether a particular control is worth its cost safeguard is justified if it results in NRRB>0 GROSS risk reduction benefit NRRB = [ALE(prior) - ALE(post)] – ACS NET Risk Reduction Benefit (money saved) ALE(prior) – ALE before implementing control  ALE(post) – ALE after implementing control  ACS – annual cost of safeguard

Answer 105

Your organization has decide to centralize anti-virus support on a server which automatically updates virus signatures on user’s PCs. When calculating risk due to viruses, the annualized loss expect. (ALEprior) is $145,000. The cost of this anti-virus countermeasure Is estimated to $24,000/year, and it will lower the ALEpost to $65,000. Is this a cost-effective countermeasure? Why or why not? ALE (prior) = $145 k ALE (post) = $65 k ACS = $24 k NRRB = ALE (prior) – ALE (post) – ACS = = $145 k - $65 k - $24 k = = $56 k, so there are + cost benefits of this solution

Answer 106

ALE (prior) = AV*EF*ARO = $106 *0.1*0.2 = $20,000 ALE (post) = $0 (best case scenario - safeguard 100% eff.) ACS = ? For NRRB ≥ 0, safeguard of up to $20,000 acceptable.

Answer 107

``` Cost-benefit analysis in case of 100% effective safeguard Quantitative Risk Analysis (cont.) Time ALE ALE(prior) before safeguards GRRB gross risk reduction benefit ALE(post) after safeguards ACS annual. cost of safeguards NRRB net risk reduction benefit ```

Answer 108

• Quantitative cost-benefit analysis determines whether a security control measure is feasible economically. • Other factors and ‘measures of feasibility’, when evaluating a security control, should be considered: NRRB = [ALE(prior) - ALE(post)] – ACS =AROpost *AVpost *EFpost

Answer 109

``` – examines how well a proposed security control will contribute to organization’s strategic objectives  e.g. a firewall might be a good security safeguard, but may prevent effective flow of multimedia data ```

Answer 110

``` – examines user’s and management’s acceptance and support of a proposed security control  e.g. if users do not accept a new policy/ technology/program, it will inevitably fail  most common methods for obtaining user acceptance are:  communication – affected parties must know the purpose and benefits of the proposed change  education – affected parties must be educated on how to work under the new constraints  involvement – affected parties must be given a chance to express what they want and what they will tolerate from the system ```

Answer 111

``` – determine whether organization has or can acquire technology and/or necessary technical expertise to implement and support a control  e.g. use of VPN may require special software hardware support / installation on all computers ```

Answer 112

``` – determines what can and cannot be done based on consensus and relationship between different departments …  IT and Info. Sec. department might have to compete for same resources Feasibility ```

Answer 113

Rather than using quantitative or qualitative risk analysis an organization may resort to relative risk analysis of a control, including: • Benchmarking – study practices used in other organizations that obtain results you would like to duplicate • Due Care or – implement a minimum level of security  failure to maintain a standard of due care can open an organization to legal liability – especially important if dealing with customer data

Answer 114

study practices used in other organizations that obtain results you would like to duplicate

Answer 115

``` implement a minimum level of security  failure to maintain a standard of due care can open an organization to legal liability – especially important if dealing with customer data ```

Answer 116

``` ‘best practices’ according to Microsoft:  use antivirus software  use strong passwords  verify your software security setting  update product security  build personal firewalls  back up early and often  protect against power surges and losses ```

Answer 117

implement controls beyond best practices – for those that strive to be ‘the best of the best’

Answer 118

process/technique(s) of converting data into unintelligible form in order to ensure: confidentiality, data integrity, and authentication  requirement 1: no data should be lost during encryption  requirement 2: decryption should ensure perfect data recovery

Answer 119

original message that should be ‘protected’

Answer 120

performs various substitutions, | permutations and transformations on plaintext

Answer 121

variable data that is input into encryption algorithm together with plaintext  determines exact substitutions, permutations and transformations performed on plaintext

Answer 122

scrambled message produced as output

Answer 123

encryption algorithm run in | reverse

Answer 124

in modern cryptography encryption/decryption algorithm is not a secret encryption goal: make the entire decryption process very difficult/long for attacker

Answer 125

If the key-size is N [bits], | how big is the key ‘space’? nkeys = 2^N

Answer 126

keys × tone-decryption BEST case for hacker: nkeys = 1 WORST case for hacker: nkeys = 2^N

Answer 127

brute force attack on ciphertext – all possible keys are tried until an intelligible translation into plaintext is obtained  with current processing capabilities, 56 bit keys are not considered safe

Answer 128

Encryption that keep intruder ‘busy’ for | > ∆t seconds may be good enough!

Answer 129

describe different possible attack scenarios – i.e., type of access a cryptanalyst (hacker) has to a system under attack when attempting to ‘break’ ciphertext

Answer 130

hacker does NOT have access to crypto-system

Answer 131

hacker has access | to crypto-system

Answer 132

goal is to find the plaintext

Answer 133

goal is to find the key and then | apply it to the entire ciphertext

Answer 134

goal is to find the key

Answer 135

``` goal is to find the key Any plaintext of hacker’s choice! Any ciphertext of hacker’s choice! Eve gets access to the system once, manages to ‘crack’ the key and then (re)uses this key to decrypt any subsequent messages ... ```

Answer 136

humans have been using cryptographic techniques for 1000s of years – what have changed are the complexity and creativity of cryptographic techniques

Answer 137

more of an art than science  schemes were designed in an ad-hoc manner and then evaluated based on their perceived complexity/cleverness  true ‘strength’ of these schemes was in ‘secrecy’ of their respective protocols

Answer 138

based on scientific foundations  the strength is NOT in secrecy of protocols but in sound mathematical and computational principles  it is now possible to formally argue about the security protocols  used for more than just data confidentiality - can protect data integrity, enable user authentication, etc.

Answer 139

he units of plaintext (letters) are kept in the same original sequence, but the units themselves are altered

Answer 140

monoalphabetic substitution cipher in which each letter in the plaintext is replaced by a letter some fixed number of positions down the alphabet Example: Caesar Cipher with k=3

Answer 141

Ciphertext: WKH TXLFN EURZQ IRA MXPSV RYHU WKH ODCB GRJ Plaintext: THE QUICK BROWN FOX JUMPS OVER THE LAZY DOG

Answer 142

``` Ti - i-th character of the plain text Ci - i-th character of the cipher text i = 0, 1, 2, .. , m-1 in English m - length of the alphabet k - shift Encryption: Ci = (Ti + k) mod m Decryption: Ti = (Ci - k) mod m NOTE: -b mod m = (-b + m) mod m ```

Answer 143

simple substitution cipher in which each letter is replaced with a graphical symbol  alphabet is written in 4 grids shown below  each letter is replaced with a symbol that corresponds to the portion of the pigpen grid that contains the letter  used by Freemasons in the 18th Century to keep their records private

Answer 144

``` complex substitution cipher - instead of shifting each character by the same number, characters located at different positions are shifted by different numbers – key keeps changing!  key (word) must be provided  key is aligned with plaintext – key-letter determines the value of cipher-letter ```

Answer 145

``` Ti - i-th character of the plain text Ci - i-th character of the cipher text Ki - i-th character of the key phrase i = 0, 1, 2, .. , m-1 m - length of the alphabet Encryption: Ci = (Ti + Ki) mod m Decryption: Ti = (Ci - Ki) mod m ```

Answer 146

``` Key is not know, but the keyword size is = n. Plaintext: HOW ARE YOU TODAY ... Key: MUSICMUSICMUSICMUSIC Ciphertext: TIO ITQ SGC VAXSG Total number of keys = 26n. ```

Answer 147

order of letters in the ciphertext | is rearranged according to some predetermined method

Answer 148

transposition cipher in which the plaintext is written downwards and upwards on successive ‘rails’ of an imaginary fence  the message is then read off in rows

Answer 149

HLOWRDEL OL Decrypting algorithm: 1) Count the letters in the cipher. 2) Divide the letters in 2 equal parts. 3) Draw/write the letters in a 2-rail zigzag pattern with ½ of the letters on the top and ½ of the bottom rail. If number of letters is odd, add extra letter to the top rail. H L 0 W R D E L _ O L HELLO WORLD

Answer 150

Decrypting algorithm: 1) Count the number of letters. 2) Make an outline of the zigzag pattern with the given number of rails and given number of letters. 3) Arrange the letters at the allocated spaces ...

Answer 151

mechanical devices for implementing complex substitution cipher  in widespread use 1920 – 1970 – most famous example is German Enigma machine from World War II  consists of keyboard (input letter), set of rotors, lights (output letter)  every time a key is pressed, some of the rotors change position, producing different output letter

Answer 152

Different but | related keys!

Answer 153

private-key encryption - uses the same secret/private key to encrypt & decrypt information  symmetric key = shared secret – must only be known to the communicating parties – challenge # 1  to ensure full confidentiality in a group of N users, each pair of users must share a unique key – challenge # 2 total number of keys required = (N-1)+(N-2)+(N-3)+...+1 = ((N-1)*N)/2

Answer 154

n systems deploying symmetric encryption both the number and distribution of keys is a problem. Solution: Key Distribution Center (KDC) - trusted 3rd party/server. Each entity shares a secret key with KDC - N keys in total. KDC hands out keys to each pair of communicating entities (M) on demand, to enable confidential communication between them. After use, keys are ‘recycled’. total number of keys in use in the system = = N + M

Answer 155

esired crypto properties ...  confusion = making the plaintext-ciphertext substitution (i.e., relationship between the key and the ciphertext) as complex and involved as possible diffusion (permutation) = ensuring that the statistics of the plaintext is dissipated in the statistics of the ciphertext ``` One block of ciphertext should not depend only on one particular block of plaintext ```

Answer 156

Symmetric Encryption Encrypt digits (bytes) of a message one at a time  advantage: speed of transformation – each symbol is encrypted as soon as it is read  disadvantage: low diffusion – all information of a plain- text symbol is contained in a single ciphertext symbol  disadvantage: sensitivity to tampering – an interceptor can splice together pieces of previous messages and transmit a new message that looks authentic  examples: RC4, ChaCha, FISH, SEAL, ... Improvement: pseudo-randomized key key changes in pseudo-random manner – hard for attacker to predict, yet fully known to communicating parties

Answer 157

ata is divided into fixed length blocks – all block bits are then acted upon to produce an output  advantage: high diffusion – information from one plaintext symbol is diffused into several ciphertext symbols  disadvantage: slowness of encryption – an entire block must be accumulated before encryption / decryption can begin => slows down real-time app.  examples: DES, 3DES, AES

Answer 158

``` Data Encryption Standard  one of the first widely used symmetric-key block ciphers  initially proposed by IBM (1974), later modified & adopted by US National Bureau of Standards (1977) as an official Federal Information Processing Standard (FIPS)  takes a 64-bit block of plaintext and a 56-bit key to produce a ciphertext block of 64 bits  in 1999, Electronic Frontier Foundation managed to break DES in 22 h, 15 min  officially retired in 2005  3DES attempted to solve the problem ``` ``` With todays computing powers, DES can be broken within seconds!!! ```

Answer 159

``` 1) plaintext is fractioned into 64-bit locks 2) each block is broken into two parts – left (L) and right (R) 3) permutation and substitution are repeated 16 times/rounds 4) each round also uses a 48-bit subkey from the original 56-bit key 5) in the end, two parts are re- joined and undergo inverse initial permutation ``` ``` In 3DES, there is 3 x 16 rounds of these permutation & substitutions ```

Answer 160

 symmetric-key block cipher which applies DES 3 times to each data block = Encrypt + Decrypt + Encrypt Ciphertext = EK3(DK2(EK1(Plaintext)))  proposed in 1978, accepted as FIPS in 1999  a simple method of strengthening (increasing key size of) DES, without the need to design a completely new algorithm  current use – electronic payment industry (until 2023!)

Answer 161

``` Option 1: all three keys are independent * total key size = 168 bits * effective security = 112 bits * strongest  Option 2: K1 and K2 are independent, K3=K1 * total key size = 112 bits * effective security = 80 bits * retired in 2015  Option 3: all three keys the same K1=K2=K3 * total key size = 56 bits * weak – just a ‘very slow’ version of regular DES * not approved ```

Answer 162

 theoretical brute-force complexity: 2x56=112-bit key space  applies to any block-cipher that is sequentially processed (i.e., attempts to increase ‘strength’ by adding multiple components/stages) * instead of focusing only on input/plaintext & output/ciphertext of entire chain/system, transitional value(s) between components are utilized  attack works only if a known plaintext-ciphertext is given !! 2DES (112-bit key) But which key was used ?? X1 X2 E.g., store in a hash table that allows quick search.

Answer 163

3DES, key option 1, still in use, but will be deprecated in 2023 * many devices in the financial industry (e.g., POS terminals) as well as networking equipment (e.g., firewalls) use 3DES and are challenging to upgrade  DES was designed for efficient hardware implementation - software implementation is very slow, 3DES even slower   DES and 3DES use 64-bit block size – to improve efficiency and security larger block sizes would be preferable

Answer 164

Advanced Encryption Standard  NIST issued call for a 3DES replacement in 1997 with requirements: * symmetric block cipher * block size 128 * key lengths 128, 192 or 256  initially 15, then 5 competing standards were evaluated  Rijndael cipher was selected as the most suitable for AES  AES became a US FIPS in November 2001  AES is intended to replace 3DES, but this process is taking longer than expected ...

Answer 165

Like DES, AES is an iterated block cipher in which a block of plaintext is subject to multiple rounds of processing, with each round applying the same overall function.  Unlike DES, AES applies transformation operation to the entire incoming block in each iteration, while in DES one-half of incoming block passes unchanged.  Unlike DES which is bit-oriented, AES is byte-oriented ⇒ allows convenient and fast software implementation.  Unlike DES, where 1/64 bits of a plaintext affected roughly 31/64 bits of the ciphertext, in AES (due to shift-row and mix-column steps) each bit of the plaintext affects every bit of the ciphertext.

Answer 166

Is use of symmetric encryption with a single master encryption key a good way to protect passwords in a system ??

Answer 167

On Dec. 23, 2013, Target confirmed malware was to blame for an infection of its point-of-sale system that likely exposed details associated with 40 million debit and credit cards (50GB of encrypted data) between Nov. 27 and Dec. 15. In its statement, Target notes that: “The most important thing for our guests to know is that their debit card accounts have not been compromised due to the encrypted PIN numbers being taken.“ “... PINs are encrypted at the keypad with what is known as Triple DES” - a standard the retailer refers to as being highly secure and used broadly throughout the U.S. “Most people object to 3DES because it’s an ancient algorithm that was designed as a patch for (now broken) DES until AES was finalized,” ... “Now we’ve had AES for more than a decade, it’s questionable why we’d be using 3DES.”

Answer 168

An Encrypting PIN Pad is an apparatus for encrypting an identifier such as a PIN as soon as it is entered on a keypad. These are used in ATM and POS terminals to ensure that the unencrypted PIN is not stored or transmitted anywhere in the rest of the system and thus cannot be revealed accidentally or through manipulations of the system.

Answer 169

3DES decryption is time consuming as it requires the search through 168-bit key space! Plus, passwords are hard to validate (likely not plain English words). But, what if ‘chosen plaintext’ attack is conducted ?? If hacker knows one pin (e.g., his own) and its respective ciphertext, he can conduct (faster) Meet-in-the-Middle attack, and once he finds the key, he can crack all other pins from the same POS device!

Answer 170

``` aka Public-Key Encryption – involves the use of two separate but related keys: public key and private key  public key is made public for others to use, private key is known only to its owner  either key can encrypt a message – the other key must be used for decryption  first truly revolutionary advance in encryption, with profound consequences in the areas of * confidentiality * authentication * key distribution ```

Answer 171

Public key is sent only to other people/entities with whom Alice wants to confidentially communicate !!! The overall number of different keys generated (in the ‘existence’): O(2*N) = O(N) <<< O(N2)

Answer 172

1) Each user generates a pair of keys. (2) Each user places one of the keys in a public register - this becomes the public key; the other is private key. (3) If Bob wishes to send a private message to Alice, he uses Alice’s public key. (4) To decrypt Bob’s message, Alice uses her private key. No other recipient can decrypt Bob’s message as only Alice knows her key.

Answer 173

common misconceptions (1) public-key encryption is a general-purpose technique that has made symmetric encryption obsolete * public-key encryption is versatile but very slow – symmetric encryption is still needed for encryption of large messages! * public-key encryption is used for authentication, digital signatures, and exchanges of secret keys! (2) exchange of asymmetric/public keys is much simpler than exchange of symmetric/secret keys * both schemes require a well established system and protocols

Answer 174

irst published public-key encryption algorithm (1976)  currently used in TLS (Transport Layer Security), SSH IPSec protocol  purpose: enable two users to securely reach agreement (i.e., generate) a secret key for subsequent symmetric encryption without the involvement of a Key Dist. Cent. (KDC)  property: private key A and public key B generate the same result as private key B and public key A

Answer 175

1) Before establishing a symmetric key, two parties choose/obtain two integer numbers: p – large prime number with 1024 bits (300 decimal digits) g – base or generator (primitive root of mod p) – often 2, 3, 7 (2) Alice chooses a large random number x (1 ≤ x ≤ p-1) and calculates Rx = gx mod p. (3) Bob chooses another large random number y (1 ≤ y ≤ p-1) and calculates Ry = gy mod p. (4) Alice sends Bob Rx, Bob sends Alice Ry. (5) Alice calculates K = (Ry)x mod p. (6) Bob calculates K = (Rx)y mod p. K = (gy mod p)x mod p = (gx mod p)y mod p = gxy mod p

Answer 176

Assume that p = 23 and g = 7. 1. Alice picks x = 3 and calculates R1 = 73 mod 23 = 21. 2. Bob picks y = 6 and calculates R2 = 76 mod 23 = 4. 3. Alice sends the number 21 to Bob. 4. Bob sends the number 4 to Alice. 5. Alice calculates K = 43 mod 23 = 64 mod 23 = 18. 6. Bob calculates K = 216 mod 23 = 85766121 mod 23 = = 18. 7. The value of K is the same for both Alice and Bob. gxy mod p = 718 mod 23 = 18.

Answer 177

No built-in mechanism to | authenticate other users!!!

Answer 178

Rivest, Shamir, Adleman (1978, MIT)  first practically deployable public-key algorithm for secure data transmission and other applications  was patented, but patent expired in 2000  RSA Security LLC – manufactures security solutions deploying RSA, was later sold to Dell ...  spin-off company: VeriSign (1995), bought by Symantec and now DigiCert  based on practical difficulty of factoring the product of two large prime numbers  like DH uses modulus arithmetic, but in a different way DH is used to generate a secret key [key agreement] ... RSA is used to exchange a secret key [key transport] ... for subsequent symmetric encryption.

Answer 179

TSL, SSH, IPsec

Answer 180

basics of the math behind key establishment (1) Choose two random large prime numbers p and q. The larger the numbers, the more difficult it is to break RSA, but longer it also takes to perform encoding and decoding!!! RSA Laboratories recommends that the product of p and q be 1024 bits long. (2) Compute n = p⋅q and z = (p-1)⋅(q-1). (3) Choose a number e < n with no common factors with z other than 1. (e,n) – used in encryption, public key. (4) Find a number d such that ed-1 is exactly divisible by z. That is, choose d such that ed mod z = 1. (d,n) – used in decryption, private key. (5) Kpublic = (n, e), Kprivate = (n, d)

Answer 181

``` RSA – the basics of the math ...  how can we prove: 1) modulo rules allow: 2) theory of large prime numbers allows: Asymmetric Ciphers: RSA (cont.) P = (Pe mod n)d mod n = (Ped mod n) mod n = Ped mod n = = Ped mod n = = P - when P ```

Answer 182

1) Given (e, n) = Kpublic it is/should be impossible to compute (d, n) = Kprivate. 2) The public and private keys are ‘commutative’. Asymmetric Ciphers: RSA (cont.)  RSA – important properties Kpublic(Kprivate(P)) = Kprivate(Kpublic(P)) = P K+(K-(P)) = K-(K+(P)) = P provided p and q are properly randomized !!!

Answer 183

``` Bob chooses p=5, q=7. Then n=35, z=24. e=5 (so e, z relatively prime). d=29 (so ed-1 exactly divisible by z). m me c = m mod ne 12 24832 17 c m = c mod nd 17 481968572106750915091411825223071697 12 cd Encrypt: (e,n) Decrypt: (d,n) Encrypting 8-bit message: 0000 11002 = 1210 . Plaintext must be converted to a decimal number!!! ```

Answer 184

``` Jennifer creates a pair of keys for herself: p=397 and q= 401 => n=159197 and z= 158400. She then chooses e=343 and d=12007. Show how Ted can send a 2-letter text message to Jennifer if he knows e and n. Each letter encoded as a 2-digit number between 0 and 25, instead of using ASCII values (65 – 90). Not necessary to encrypt each letter/number separaterly ```

Answer 185

 protect. of data confidentiality & user/message authenticity  other possible more common uses: a) digital envelopes = fast exchange of confidential messages (secret message & secret key sent at once) b) digital signature = = message integrity + message authentication, where message integrity – guarantees that the message has not been changed message authentication – authenticates the sender of the message

Answer 186

use of asymmetric encryption for fast exchange of confidential messages 1) generate random symmetric key K symmetric 2) encrypt message using K symmetric – digital letter 3) encrypt K symmetric using receiver’s public key K+ - protective digital envelope 4) send the two together !!!

Answer 187

``` use of asymmetric encryption to protect message integrity + sender authenticity Public Key A+ A- A- A+ In some cases the confidentiality is not required - data sent in plaintext) but we want to be able to ensure . ```

Answer 188

Example: Public encryption for all three – message integrity, authentication and confidentiality (digital signatures + confidentiality)

Answer 189

ust involve a trusted third party  Certificate Authority – a trusted government agency or a for-profit institution that issues Digital Certificates  IdenTrust, DigiCert, GlobalSign, ...  Digital Certificate – digital document that binds a public key to an identity (person or organization) and contains

Answer 190

all three transform message into another ‘format’  encoding and encryption are reversible, hashing is not! 1) message encoding – transforms data to another format so that it can be properly/safely consumed by a different type of system  does not aim to keep information secret  does not require a key  encoding scheme is publicly available and relatively simple/fast to perform ``` 2) message encryption – transforms data to another format that cannot be easily consumed by anybody but the intended recipient(s)  aims to keep information secret  requires a key  encryption scheme is publicly available but quite complex to perform/break ``` ``` 3) message hashing – used to validate the integrity of a given content by producing a fixed-length string with following attributes:  does not require a key  hashing algorithms are publically available  the same input will always produce the same output  any modification to the input should result in a drastic change to the output ```

Answer 191

accomplished through the use of cryptographic hash functions  hash function creates a small fixed-size digital ‘summary’ of the message that can be used as a message fingerprint, aka hash or message digest  typical hash size: 128, 160, 256, 512 bits  popular standards: (a) Message Digest 5 (MD5) – no longer secure (b) Secure Hash Algorithm (SHA-2: SHA 256 & SHA 512)

Answer 192

to be eligible for a hash a function needs to meet 6 important criteria:  Hash function h can be applied to block of data of any size.  Hash function h produces a fixed-length output.  h(M) is relatively easy to compute for any given M, making both hardware and software implementation practical.  Collision Resistance.  Preimage Resistance.  Second Preimage Resistance.

Answer 193

two messages create the same digest

Answer 194

must be extremely difficult to find any two M and M’ such that h(M) = h(M’)  if strong collision is possible => digital signatures become meaningless  also relevant to online password cracking

Answer 195

given a hash function h and y=h(M), it must be extremely difficult for Eve to find any message M’ such that y=h(M’)  we should not be able to work ‘backwards’ and (re)create the original message from a given hash  relevant for off-line password cracking

Answer 196

Eiven M and its hash h(M) it should be extremely difficult for Eve to find a second/another message M’ such that h(M)=h(M’)  property intended to prevent an adversary from appending a falsified message to a given hash

Answer 197

companies: trade secrets, intel. prop., customer records, ...  governments: classified information, citizen records, ...  individuals: personal & sensitive information (protect from hackers and/or authorities)

Answer 198

Techniques of digital information protection can be grouped in two major categories:  Information Encryption  the content is ‘scrambled’ using a crypto-key, so it becomes meaningless  however, the presence of information is ‘obvious’  no matter how ‘unbreakable’, encrypted message will arose suspicion  Information Hiding  the goal is not just to prevent others from accessing hidden information, but to make others unaware of the very existence of the hidden information

Answer 199

unauthorized users will be aware of the existence of confidential data but will not be able to ‘read’ it the actual existence of the confidential data is entirely obscured from unauthorized users Can be used when protecting both – data ‘at rest’ and data ‘in transit’ !

Answer 200

leading post- exploitation tool that dumps passwords from memory, as well as hashes, PINs and Kerberos tickets

Answer 201

small hard- to-detect piece of code

Answer 202

teganography - Greek word for “concealed writing”  art and science of hiding information in some cover media for the purpose of protecting information confidentiality  digital steganography – cover media: image, text, audio, video ``` unauthorized users cannot find/read confidential info ```

Answer 203

also aims to make information invisible, but for the purpose of protection of intellectual property unauthorized users cannot use or appropriate somebody’s IP

Answer 204

embedding user-unique marking to different copies of content for the purpose of tracking of intellectual property users can be tracked/identified

Answer 205

The main difference between watermarking and fingerprinting is that the WM remains the same for all copies of the IP while the FP is unique for each copy. As such, FPs ... enable tracking of IP misuse conducted by a specific user.

Answer 206

the need to protect information from unsolicited access, by making it obscure, precedes our digital age  in ancient Greece, a message would be tattooed on the shaved head of a messenger; the hair would be grown over  in era of printed press, different typefaces were used to ‘encode’ a message  in WW2, the French resistance used invisible ink (e.g., wax) to write messages on the back of regular currier

Answer 207

process of hiding information in digital multimedia files and in network packets  elements of digital steganography system include  cover media (C) that will hold the hidden data  secret message (M) - may be plain text or any other type of data  stego function (Fe) and its inverse (Fe-1)  an optional stego-key (K) or password to hide and unhide the message  stego object (S) = cover media + secret message

Answer 208

digital steganography takes advantage of 1) space redundancy in cover media 2) data redundancy in cover media in combination with inherent weaknesses of human perception  e.g., in computer/text file steganography, information can be hidden in unused areas of the file/text  e.g., in image steganography, information can be embedded in the Least Significant Bits (LSBs) of an image (introduced change is insignificant for human eye)  e.g., in audio steganography, information can be embedded in high frequencies of audio spectrum (human ear is insensitive to slight variations in high audio frequencies)

Answer 209

sender sends 1) text message / text file = stego object 2) a series of integer number = key  secret message is hidden within the respective positions of subsequent words in cover media The weather is sunny and wonderful. They have gone running at the beach. 2 2 1 1 2 2 1 1 4 1 0 0 2 He is not here. Example: Plaintext Steganography with Selected Characters The weather is sunny and wonderful. They have gone

Answer 210

e.g., lines are shifted down by a small fraction  shift present = 1, shift not present = 0  e.g., words are shifted right by a small fraction  shift present = 1, shift not present = 0  encoded bits are extracted and compared against a predefined Codebook

Answer 211

``` Image is broken into a finite number of areas that contain the same color/shade. There is finite number of colors/shades available. ``` any image can be digitized – i.e., represented by a discrete (finite) set of display elements holding same-color content

Answer 212

``` a 2D (NxM) array/grid of m-bit pixels ```

Answer 213

``` fundamental same-color display element in a digital image  each pixel is made up of one or more bits  monochrome image: pixel = 1 bit => (black/white)  grayscale image: pixel = 8 bits => 256 shades of gray  RGB image: pixel = 24 bits => 8 bits for each – red, green, blue => 16777216 different color shades ```

Answer 214

200 x 300 x 8 = 480,000 bits = 60,000 bytes = 60 kbytes = 58.59 KBytes ``` kbyte = 103 bytes = 1000 bytes KByte = 210 bytes = 1024 bytes ```

Answer 215

relative importance of different pixels is different  LSB – least significant bit – last bit  MSB – most significant bit – 1st bit ``` LSB carries the least information – it changes most rapidly  MSB carries the most information – it changes least rapidly ```

Answer 216

easiest and surprisingly effective way of hiding information in an image  LSB(s) of each pixel in cover object/image are used to hide the most significant bits of another image  algorithm: (1) load up host image and image to hide (2) choose the number of LSBs you whish to hide the secret image in more bits used => better quality of hidden image  => more distortion in cover image  (3) to get original image back, pick out the LSBs according to the number used in (2)

Answer 217

hiding’ capacity low – better stego-image  worse recovered image

Answer 218

``` the (un)predictability of a region with respect to an assumed model of simplicity. ```

Answer 219

ecret bits can be embedded in LSBs of cover image in two ways:  sequentially  simple embedding & extraction of secret bits   statistics of cover image abruptly changed - easy to detect   randomly  the key to generate pseudorandom numbers must be sent   secret bits scattered throughout cover image - hard to detect

Answer 220

``` Should not ‘mess up’ pixel values in areas of ‘low entropy’. What is a better place to hide secret bits: - same-color background - part of image with lots of detail ??? ```

Answer 221

DCT is one of key components of JPEG compression  JPEG algorithm: (1) algorithm is split in 8x8 pixel squares (2) each square is transformed via DCT to 64 frequency components (3) each DCT coefficient is quantized against a reference table – many bits get removed  more bits are used for low-freq. and fewer for high-freq. components (human eye is more sensitive to low-freq. info) (4) many coefficients are (now) close in value => run/variable length coding can be used

Answer 222

Possible Approaches to Hiding Data in DCT (A) hide secret data in LSBs of selected or non- significant DCT coefficients (high. frequencies) (B) hide secret data in LSBs of DCT coefficients (C) hide one bit of data in each 8x8 block of DCT: 0 => all coefficients even 1 => all coefficients odd

Answer 223

LSB of each audio sample is replaced with a secret bit

Answer 224

secret bit is spread across cover audio in form of | high-frequency noise

Answer 225

IP Identification Field = 16 bits long - used to uniquely | identify an IP packet - useful in case of fragmentation

Answer 226

TCP Sequence Number = 32 bits - keeps track of | byte order in payload - useful in payload reassembly

Answer 227

outlines different goals / trade-off of digital steganography  capacity: how much bits can be hidden in a cover image  imperceptibility: how easy it is to spot hidden data  robustness: hidden message in stego-object unaffected by  rotation  compression  cropping  additive noise CAPACITY ROBUSTNESSIMPERCEPTIBILITY tradeoff triangle of ‘data hiding’ features (invisibility / secrecy)

Answer 228

Example: tradeoff triangle – | steganography vs. watermarking

Answer 229

security: embedded info. cannot be removed unless attacker has the full knowledge of algorithm and/or secret key  extraction complexity: computational effort/time to extract hidden information  embedding complexity: computational effort/time to embed hidden information

Answer 230

Process Components / Terminology  Watermark (W)  each owner has a unique watermark (e.g., ‘layer’ of 1 bit/pixel)  Marking Algorithm  incorporates the watermark into the image  Verification Algorithm  determines the integrity/ownership of the image

Answer 231

Private – a secret key was used in watermarking process => only authorized users can recover it (can be used by owner to demonstrate ownership once he discovers illicit use)  Public – anyone can read watermark – key is not a ‘secret’ (can be used to actually discover all illicit uses – e.g., by providing the watermark key to search crawlers)

Answer 232

is a new information-stealing malware that contains the functionality to steal login credentials, credit card data, cryptocurrency and more. This harvested data is returned to the attacker via SMTP and the Telegram Bot API. ChromeRecovery begins by scanning the infected machines for any potential login credentials for web browsers, FTP clients and email clients. In the screenshot below, the malware can be seen searching through the directories of various well known web browsers, including Chrome™ and Opera

Answer 233

captures keystrokes | in a compromised system

Answer 234

Not ‘classical’ malware – does not require any software or drivers to be installed on the victim machine. Logger is plugged in between USB keyboard (connector) and USB port. All keyboard activity is logged to its internal memory. Effective against antivirus protection; no ‘physical trace’ stays on the victim machine => challenge for forensics analysis!

Answer 235

Steals data when processed in memory  best place to steal data - everything is decrypted

Answer 236

takes screenshots of the desktop (e.g.) when mouse clicked or keyboard pressed  disadvantage: amount of that that needs to be stored / transmitted

Answer 237

 RANSOMWARE – holds data or access to systems containing data until the victim pays a ransom  subcategories of ransomware based on implementation Threat Events: Software Attacks (cont.) 1) CryptoLockers – encrypts victim’s data or entire hard-drive get encrypted 2) ScreenLockers – user is locked out and denied login to the system

Answer 238

malicious programs that aim to scare users into installing a program and sometimes even paying for it  program is ‘supposed’ to solve a problem that does not exist!

Answer 239

Software that spies on users by gathering information without their consent, thus violating their privacy  example: Zango – transmits detailed information to advertisers about Web sites you visit  legal spyware – parental monitoring of Internet usage by children

Answer 240

software that delivers advertising content in a manner that is unexpected and unwanted by the user

Answer 241

can be ‘on-line’ and ‘off-line’  off-line crackers attempt to reverse-calculate a password  requires that a copy of Security Account Manager (SAM) - a registry data file - be obtained  SAM file (c:\windows\system32\config\SAM) contains the hashed representation of the user’s password – LM or NTLM hash algorithms are used  cracking procedure: hash any random password using the same algorithm, and then compare to the SAM file’s entries  SAM file is locked when Windows is running: cannot be opened, copied or removed (unless pwdump is run by the administrator)  off-line copy of SAM’s content can be obtained (e.g.) by booting the machine on an alternate OS such as NTFSDOS or Linux

Answer 242

brute force – every possible combination/password is tried  dictionary – a list of commonly used passwords (the dictionary) is used  guessing – the attacker uses his/her knowledge of the user’s personal information and tries to guess the password

Answer 243

attacker sends a large number of requests to a target  target gets overloaded and cannot respond to legitimate requests  distributed DoS = DDoS - a coordinated stream of requests is launched from many locations (zombies) simultaneously  zombie/bot – a compromised machine that can be commanded remotely by the master machine  botnet – network of bots + master machine

Answer 244

In 2000, a number of major firms were subjected to devastatingly effective distributed denial-of-service (DDoS) attack that blocked each of their e-commerce systems for hours at a time. Victims of this series of attacks included: CNN.com, eBay, Yahoo.com, Amazon.com, Dell.com, ZDNet, and other firms. The Yankee Group estimated that these attacks cost $1.2 billion in 48 hours: $100 million from lost revenue $100 million from the need to create tighter security $1 billion in combined market capitalization loss. At first, the attack was thought to be the work of an elite hacker, but it turned to be orchestrated by a 15-year-old hacker in Canada. He was sentenced to eight months detention plus one year probation and $250 fine.

Answer 245

insertion of forged Internet identification data in order to gain an illegitimate advantage (in packets, web-requests, emails)  types of spoofing  IP Spoofing – creation of IP packets with a forged source IP address, e.g. for the purpose of ‘passing through a firewall

Answer 246

creation of email messages with a forged sender address, e.g. for the purposes of social engineering and data phishing

Answer 247

Referrer or User Agent Spoofing – creation of HTTP requests with forged fields in order to gain access to a protected web-site * some sites allow access to their material only from certain approved (login) pages and/or only to humans

Answer 248

``` use of a program or device that can monitor data traveling over a network  unauthorized sniffers can be very dangerous – they cannot be detected, yet they can sniff/extract critical information from the packets traveling over the network  wireless sniffing is particularly simple, due to the ‘open’ nature of the wireless medium  popular sniffers: Wireshark – wired medium Cain & Abel – wireless medium Kismet – wireless medium ```

Answer 249

gives an illusion that two computers are communicating with each other, when actually they are sending and receiving data with a computer between them  spoofing and/or sniffing can be involved  examples:  passive – attacker records & resends data at a later time (acts as a signal/packet repeater)  active – attacker intercepts, alters and sends data before or after the original arrives to the recipient

Answer 250

Domain Name System (DNS) poisoning and spoofing are types of cyberattack that exploit DNS server vulnerabilities to divert traffic away from legitimate servers towards fake ones. Once you’ve traveled to a fraudulent page, you may be puzzled on how to resolve it — despite being the only one who can. You’ll need to know exactly how it works to protect yourself. DNS spoofing and by extension, DNS cache poisoning are among the more deceptive cyberthreats. Without understanding how the internet connects you to websites, you may be deceived into thinking a website itself is hacked. In some cases, it may just be your device. Even worse, cybersecurity suites can only stop some of the DNS spoof-related threats.

Answer 251

process of using social skills to manipulate people into revealing vulnerable information  either by believing that an email came from a legitimate person or believing that a web-site is the real web-site, or both! g) Phishing – involves fake/spoofed emails + ...  attempt to gain sensitive personal information by posing as a legitimate entity  SIMPLE PHISHING: an email is sent to the victim informing them of a problem (e.g. with their email or banking account) and asking them to provide their username, password, etc.; ‘From’ email address is spoofed to look legitimate, ‘Reply To’ email address is an account controlled by the attacker

Answer 252

In email is sent to the victim containing a link to a bogus website that looks legitimate Example: Phishing using URL Links Embedded in HTML-based Emails

Answer 253

involves a fake Web-site (remember Lab 1)  phishing is accomplished by getting users to type in or click on a bogus URL  pharming redirects users to false website without them even knowing it – typed in or clicked on URL looks OK  performed through DNS poisoning – user’s local DNS Cache or DNS server are ‘poisoned’ by a virus

Answer 254

Information security should balance protection & access - a completely secure information system would not allow anyone access!

Answer 255

Consider a network consisting of N machines and a worm that uses ‘local network’ propagation model. In particular, at time t=0, the worm has infected only 1 machine. In each subsequent minute, every infected machine contacts and successfully infects k=2 other machines on the same network. (You can also ssume: 1) All the machines in this network are ‘vulnerable’ to the given worm. 2) The worm is ‘smart’ so that an infected machine never tries to infect another infected machine.) If N = 200, how many minutes does it take to infect all the machines in the system? Solution 1st minute: 1 old + 2 new infected = 3 infected machines 2nd minute: 3 old + 3*2 new infected = 9 infected machines 3rd minute: 9 old + 9*2 new infected = 27 infected machines 4th minute: 27 old + 27*2 new infected = 81 infected machines 5th minute: 81 old + 81*2 new infected = 243 infected machines

Answer 256

state of worm technology i) multi-platform / cross-platform - target a variety of platforms / OSs ii) multi-exploit - penetrate systems in a variety of ways (through email, browsers, file sharing, ...) iii) ultrafast spreading - use various techniques to to identify as many vulnerable machines in a short period of time iv) polymorphic v) metamorphic vi) multi ‘transport vehicle’ - can carry a variety of payloads (rootkits, spam generators, bots, etc.) vii) zero-day exploit - try to exploit new/unknown vulnerabilities

Answer 257

rst multi-exploit worm – used 5 different infection paths: * via email * via browsing of compromised web sites – an injected java-script would allow the downloading of Nimda * via open network shares on LANs * via exploiting of vulnerabilities in Microsoft’s IIS server * via back doors left behind by the Code Red Nimda cost an estimated $635 million in damages. https://www.techrepublic.com/article/learn-what-nimda-worm-does-and-how-to-combat-it/ https://www.eweek.com/security/nimda-takes-over-the-net/ Nimda itself does not contain a destructive payload beyond modification of Web content to continue to propagate itself. DoS may occur because of the volume of e-mail traffic triggered by this worm, but it doesn’t appear to be targeting specific systems with a DoS attack.

Answer 258

a highly sophisticated worm that used a variety of advanced techniques to spread, including: - by the use of shared infected USB drives (spreads even between computers that are not connected to the Internet); - by connecting to systems using a default SQL database password; - by searching for unprotected administrative shares of systems on the LAN; ... While it was programmed to spread from system to system, it was actually searching for a very specific type of system to execute – programmable logic controller (PLC) system made by Siemens and run on devices that control and monitor industrial processes. When it found such a system, it executed a series of actions designed to destroy centrifuges attached to the Siemens controller.

Answer 259

a computer-software vulnerability NOT known to or addressed by the vendor and users of the vulnerable software

Answer 260

ogram launched in 1999 by MITRE to identify and catalog vulnerabilities in software and firmware  MITRE – US non-profit funded by Cybersecurity and Infrastructure Security Agency, part of the US Department of Homeland Security  CVE database – list of publicly disclosed computer security flaws  CVE entry/report – brief description of a reported vulnerability – does not include technical data or information about risk and fixes  CVE reports can come from anywhere: a vendor, a researcher, a clever user ...  CVSS = CV Scoring System - set of open standards for assigning a number/score to a vulnerability to assess its severity [ scores range from 0 to 10 ]

Answer 261

``` malware that looks legitimate and is advertised as performing one activity but actually does something else; it does NOT self-replicate  example: AOL4Free - advertised free access to AOL Internet Service; would delete hard drive  common types of Trojans:  destructive – designed to destroy data or kill the system – not common today  remote access – designed to give an attacker control over the victim’s system (client-server model)  data sending – designed to capture and redirect data (keystrokes, passwords, ...) to an attacker ``` common types of Trojans (cont.)  Denial of Service – designed to conduct a DoS attack on a predefined IP address  FTP – designed to set up the infected system to serve as an FTP server for illegal software, pirated movies and music, etc.

Answer 262

the host computer, but instead use its resources for illegal purposes through a client-server connection.

Answer 263

most Trojan ‘exfiltrate’ or ‘infiltrate’ data to/from remote machines (over the Internet) ``` common techniques of Trojan detection:  on the infected computer – run netstat and look for unusual ports and connections  from the infected network – scan the network with nmap and look for systems with unusual open ports ```

Answer 264

malware typically installed by an authorized user; lies dormant until triggered by a specific logical event; once triggered, it can perform any number of malicious activities  trigger events: 1) a certain date reached on the calendar – check for organization payroll data; 2) a person was fired – files deleted once his account got disabled

Answer 265

In 2002, disgruntled system administrator for UBS Investment Bank was accused of planting a logic bomb shortly before quitting his job. The bomb had been designed to wipe out 2,000 files on the main servers for UBS, and cripple the company. His plan was to drive down the company’s stock, and eventually profit from that (put option contract). During the downtime caused by the logic bomb, brokers could not access the UBS network or make trades. According to one employer: "Every branch was having problem. Every single broker was complaining. They couldn't log onto their desktops and [get to] their applications because the servers were down. ..." In 2006, Duronio was convicted and sentenced to 8 years and 1 month in prison as well as $3.1 million restitution to UBS.

Answer 266

stealthy software with root/administrator privileges – aims to modify the operation of the OS in order to facilitate a nonstandard or unauthorized functions  unlike virus, rootkit’s goal is not to damage computer directly or to spread, but to hide the presence and/or control the function of other (malicious) software  since rootkits change the OS, the only safe and foolproof way to handle a rootkit infection is to reformat the hard drive and reinstall the OS

Answer 267

n 2005, Sony included a rootkit program Extended Copy Protection (XCP) on many of its music CDs in an attempt to limit the user’s ability to access the CD and prevent illegal copying. The software was automatically installed on Windows desktop computers (in a hidden directory + modified the OS) when customers tried to play the CD. Threat Events: Software Attacks (cont.) https://www.eff.org/cases/sony-bmg-litigation-info XCP (Extended Copy Protection) and MediaMax - software for copy protection and digital rights management used by Sony

Answer 268

Whitelisting and blacklisting prevent malware but they do this in opposite ways. blacklisting vs. whitelisting – which is faster, which is stricter ?!?

Answer 269

``` allow everything block some good for detecting yesterday’s (known) threats ```

Answer 270

``` block everything allow some - aka “zero trust” good for detecting zero-day threats ```

Answer 271

``` The concept also applies to: • Web Domains (in a browser) • IP addresses (in a firewall) • email addresses (in email client) • Intrusion Detection System (IDS) signatures ... ```

Answer 272

``` A sandbox typically provides a tightly controlled set of resources for guest programs to run in. Network access, the ability to inspect the host system or read from input devices are usually disallowed or heavily restricted. ```

Answer 273

classification of viruses by concealment strategy i) polymorphic virus – mutates (changes its appearance) with every infection to avoid ‘signature’ (bit pattern) detection iv) metamorphic virus - mutates (changes its behavior dynamic binary/opcode/) with every infection while remaining ‘functionally equivalent’ ii) encrypted virus - a portion of the virus creates a random key and encrypts the remainder - special case of polymorphic virus iii) stealth virus - uses special techniques to conceal its presence on the OS  makes sure that ‘last modified’ date of host file remains unchanged  makes sure that the size of host file appears/ stays the same - aka cavity viruses

Answer 274

Look for some variations in the sequence of 0s and 1s. Look for an identical sequence of 0s and 1s. ``` A malware packer is a tool used to mask a malicious file. Packers can encrypt, compress or simply change the format of a malware file to make it look like something else entirely. (Sequence of instructions in the malicious code unchanged.) ```

Answer 275

alware actively seeks out more machines to infect and then each infected machine serves as an automated launching pad for attacks on other machines  worms exploit software vulnerabilities in client or server programs to gain access to a new system (worm = power of virus + convenience of Internet)  IMPORTANT: viruses vs. worms  viruses need a carrier medium (document or program to ‘attach’ itself to) and then require user action to propagate  worms do not always need a carrier or human action to move (can some times ‘move’ on their own), are typically spread through the Internet, does not always rely on user to replicate/infect

Answer 276

classification of worms by replication strategy 1) electronic mail or instant messaging - worm emails a copy of itself to other systems, or sends itself as an attachment via an instant message service 2) file sharing - worm copies itself on removable media such as USB drives; it, then, executes when the drive is connected to another system 3) remote login capability - worm logs onto a remote system as a user and then uses commands to copy itself from one system to another 4) remote file access or transfer capability - worm uses a remote file access or transfer service to another system to copy itself etc. ....

Answer 277

``` VIRUS: Malware ‘sits’ inside a ‘carrier’ (program/document) and requires the user to manually move the carrier ‘onto’ a USB (on one computer) and ‘from’ a USB (to another computer) and to click on it ``` Worm: Malware on its own infects the USB (copies itself as autoran.inf); when plugged into a new host, automatically executed & infects the new machine.

Answer 278

``` Methods worms use to first gain access to the victim machine: - drive-by- download - email - file sharing etc. Methods worms use to transfer the rest of its body to the target: - file transfer - HTTP etc. Once the worm is running on the victim machine it starts looking for new victims to attack - email address - host lists - different IPs targets etc. Using addresses generated by the target engine, the worm actively scans across the network to determine suitable victims Chunk of code designed to implement some specific action on behalf of the attacker on a target system. It is what the worm does when it gets to a target ... - opening a backdoor - planting a DDoS bot - performing a complex math operation (e.g., cryptominer) ```

Answer 279

Propagation Engine Warhead - small hard- to-detect piece of code Target Selection Algorithm + Scanning Engine Payload

Answer 280

a) random - each compromised host probes random addresses in IP addr. space - fast development, but 1) unknown results (many machines may not be vulnerable), 2) some machine may already infected b) hit list - the attacker pre-compiles a long list of potentially vulnerable machines, each infected machine uses a part of this list - time consum. devel. c) topological - worm uses information contained on the infected machine to find more hosts to scan - e.g., worms infecting/exploiting P2P applications d) local subnet - worm uses the subnet address to find other vulnerable machine on the same network (works well against firewall-protection)

Answer 281

a deliberate action aimed to violate / compromise a system’s security through the use of specialized software  types of attacks base on the type of malicious software: a) Use of Malware b) Password Cracking c) DoS and DDoS d) Spoofing e) Sniffing f) Man-in-the-Middle g) Phishing h) Pharming

Answer 282

``` person that conducts a deliberate software attack Script Kiddies: Individuals with (only) enough understanding of computer systems to be able to download and run scripts that others have developed. Vast majority of attack activity on the Internet is carried out by these individuals. Script Writers: Individuals capable of writing scripts to exploit known vulnerabilities. Elite Hackers: Individuals capable of discovering new vulnerabilities and writing programs (scripts) that exploit those vulnerabilities. Threat Events: Software Attacks (cont.) (can be distinguished based on their ‘skill level’ & their ‘mission’) ```

Answer 283

MALWARE – a program that is inserted into the victim system, usually covertly, with the intention to: 1) compromise the CIA of the victim’s data, application(s) or the OS 2) misuse the resources of the victim computer, or 3) otherwise annoy or disrupt the victim (malware examples: virus, worm, trojan, key-logger, ...) Threat Events: Software Attacks (cont.) • Common Malware Targets/Objectives  steal credit card data, passwords, ....  destroy files, boot records, ...  store illegal music, movies, pirated software, ..

Answer 284

corruption of system or data files - virus & worms  turning the victim into a zombie - bot/botnets for DDoS  theft of information (logins, passwords, ...) - keyloggers & spyware  hiding of its presence - backdoors & rootkits • Malware Based on How It Spreads/Propagates  carried/spread by ‘carriers’ + replicate = virus  spread over a network on their own + replicate = worms  use ‘social engineering’ to ‘sneak in’ = trojans local machine harm remote machine harm produce copies of themselves no machine harm

Answer 285

```  Virus  Worm  Trojan horse  Logic Bomb  Rootkit  Information Stealer  Ransomware  Scareware  Spyware  Adware ```

Answer 286

piece of software that ‘infects’ other host programs (executable) by modifying them  once a virus attaches to an executable, it can do anything that the executable is permitted to do (e.g., erase files & programs, change settings, etc.) ``` When viruses attach themselves to the executable files, they alter the instruction pointer of the executable programs in such a way that the virus code gets executed first before the actual executable code. ```

Answer 287

1) dormant phase - the virus is idle and eventually gets activated by some event (date, presence of another program or file, ...) - not always present 2) propagation/infection phase - the virus places a copy of itself into other programs - each infected program will contain a clone of the virus which itself will enter a propagation/replication phase 3) triggering phase - the virus is activated to perform the function for which it was intended - again, it can be caused by a variety of system events (e.g., number of times that the virus has replicated) 4) execution phase - the malicious function is performed and can be  harmless, (e.g.) a message on the screen  harmful, (e.g.) destruction of programs or files

Answer 288

viruses need ‘2 factors’ to replicate - carrier = document or host program, and user = to initiate the propagation/triggering phase

Answer 289

classification of viruses by target / means of execution a) boot sector infector - infects a master boot record and spreads when a system is booted from the disk containing the virus - nowadays rare b) file infector - infects executable files (.exe, .com) c) macro virus - infects files with macro or scripting code that are interpreted by an application -  easily spread, as ‘documents’, not applications are commonly exchanged among users today d) multipartite virus - uses multiple ‘attack vectors’, e.g., both boot sector and executable files on hard drive - most difficult to eradicate

Answer 290

``` The Master Boot Record (MBR) is the information in the first sector of any hard disk or diskette that identifies how and where an operating system is located so that it can be boot (loaded) into the computer's main storage or random access memory. ```

Answer 291

[found in .exe, .com programs]

Answer 292

[found in .doc, .pdf files that get interpreted by MSWord and Acrobat] macro - list of ‘shortcut instructions’ in a document (e.g., in Visual Basic) https://www.slideshare.net/lastlinesecurity/introduction-to-malware-part-1 Infect data files rather than programs !!!

Answer 293

fire, flood, earthquake, hurricane, tsunami, dust contamination, ...  cannot be fully predicted/prevented  organization must implement controls to limit damage as well as develop incident response plans and business continuity plans

Answer 294

cannot be fully predicted/prevented by the organization  causes of hardware failures: wear, tear, age, operating environment (e.g., high temperature, moisture, dust), ...  best defences against hardware failures:  redundancy (e.g., backup servers)  continuous monitor hardware devices (where & how deployed)  causes of software failures: difficulty of testing software for all possible inputs & all possible operating conditions; OS evolutions and software incompatibilities ...  best defences against software failures:  keep up-to-date with software updates and vulnerabilities  continuously monitor and maintain software system

Answer 295

organization’s own employee’s are one of its greatest threats  examples:  revelation of classified data (e.g., phishing)  accidental deletion or modification of data  failure to protect data  storing data in unprotected areas  entry of erroneous data  preventative measures:  training and ongoing awareness activities  enhanced control techniques:  require users to type a critical command twice  ask for verification of commands by a second party Much of human error or failure can be prevented!

Answer 296

``` in organizations that relies on the Internet and Web, irregularities in available bandwidth can dramatically affect their operation  e.g., employees or customers cannot contact the system  possible ‘defence’: backup ISP or backup power generator ```

Answer 297

``` attempts to learn or make use of info. from the system but does not affect system resources  compromises Confidentiality  generally hard to detect !!!  examples: traffic sniffing ```

Answer 298

``` attempts to alter system resources or affect their operation  compromises Integrity or Availability  examples: man-in-the-middle, data/packet injection and DoS ```

Answer 299

IP = any intangible asset that consist of human knowledge & ideas – creations of the mind (copyright, patent, trade secret)  any unauthorized use of IP constitutes a security threat (MS Office, Adobe Acrobat)  defense measures:  use of digital watermarks and embedded code

Answer 300

In 2000, while still employed at Cisco Systems, Morch logged into a computer belonging to another Cisco software engineer, and obtained (burned onto a CD) proprietary information about an ongoing project. Shortly after, Morch started working for Calix Networks – a potential competitor with Cisco. He offered them Cisco’s information. Morch was sentenced to 3 years’ probation.

Answer 301

``` hacker or malicious insider steals information & demands compensation for its return or non-disclosure  example:  theft of data files containing customer credit card information ```

Answer 302

acker or malicious insider destroys an asset in order to cause financial loss or damage the organization’s reputation  example:  hackers accessing a system and damaging or destroying critical data

Answer 303

``` unauthorized access to info. that an organization is trying to protect (e.g., through stolen passwords)  low-tech e.g.: shoulder surfing  high-tech e.g.: hacking ```

Answer 304

any event (action/inaction) that may / may not happen, but has the potential to cause disclosure, alteration, loss, damage or unavailability of a company’s (or an individual’s) assets

Answer 305

arget [asset/resource with vulnerability]: organization’s system resource that might be attacked  information/data (its confidentiality, integrity, availability), software, hardware, communication facilities and networks, etc.  Agent [may or may not be present]: people/organizations originating the threat – intentional or non-intentional  employees, ex-employees, hackers, commercial rivals, terrorists, ...  Event: possible action that exploits target’s vulnerability  malicious / accidental destruction or alteration of information, misuse of authorized information, etc.

Answer 306

Asset with v. WiFi-signal carrying important data within outsider’ reach ``` Agent competitor or hacker actually interested in seizing data ``` ``` event it is possible for someone, by investing time & effort, to capture/sniff wireless data ``` NO EVENT ⇒ NO THREAT !!!

Answer 307

Example of insider causing accidental threat: SysAdmin has added a new software to the system and has forgotten to change the password ``` Asset with vulnerability Agent Event Threat deliberate or accidental outsider or inside ```

Answer 308

THREAT EVENT DELIBERATELY EXECUTED BY AGENT = ATTACK

Answer 309

asset identification  e.g. what are the company’s main assets: (a) web servers (e-commerce company), or (b) workstations (software develop. company)?  threat identification [ asset-vulnerability, agent, event ]  some assets have multiple vulnerabilities (e.g., web-server) but they are not all equally likely to be exploited ...  organizational strategy regarding risk  different threats pose different risks

Answer 310

some security experts feel that additional concept need to be added to (i.e., reinforced in) the traditional CIA triad:  authenticity - being able to verify that users are who they claim to be, and that each data input has come from a trusted source  accountability - being able to trace actions of an entity uniquely to that entity

Answer 311

We know that we want to protect the CIA of data. But, 1) Data can reside in several different states. 2) Data can be attacked/protected in several different ways – e.g., through technology or through people.

Answer 312

McCumber Cube – Rubik’s cube-like detailed model for establishment & evaluation of info. security  to develop a secure system, one must consider not only key security goals (CIA) but also how these goals relate to various states in which information resides and full range of available security measures data states objectives when protecting data means of protecting data

Answer 313

Storage - aka ‘data at rest’, is data stored in permanent (secondary) memory, such as hard disk, USB, removable drive  Transmission - aka ‘data in transit’ - data being transferred between systems, in electronic form OR physical form  Processing - aka ‘data in use’ - data being actively examined or modified

Answer 314

Technology - software and hardware solutions (e.g., antivirus, firewall, IDS system, cryptography, backups, etc.)  Policy and practices - administrative controls, such as management directives (e.g., acceptable use policies)  People - aka awareness, training, education - ensure that users are aware of their roles & responsibilities

Answer 315

Each of 27 cells in the cube represents an area that must be addressed to secure an information system  e.g., intersection between data integrity, storage and technology implies the need to use technology to protect data integrity of information while in storage  solution: new ‘file check sum’ (cryptographic hash) is calculated every time a critical file is modified ...

Answer 316

Scenario: An employee stores company information on a personal USB drive, in order to transfer it to another computer (e.g., work from home) Safeguard: Educate employees about the importance of carefully handling data and encrypting data before transferring it to insecure ‘movable’ media – in case that USB is infected or lost, encryption ensures that data cannot be read

Answer 317

``` Busy downtown office: WiFi used in an area that is within outside reach. Remote nuclear plant: WiFi used in an area that is NOT within outside reach. ```

Answer 318

“In the last 20 years, technology has permeated every facet of the business environment. The business place is no longer static – it moves whenever employees travel from office to office, from office to home, from city to city. Since business have become more fluid, ..., information security is no longer the sole responsibility of a small dedicated group of professionals, ..., it is now the responsibility of EVERY employee ....”

Answer 319

in addition to their own security team & employees, 3rd party employees are also important ...

Answer 320

key characteristics of information that must be protected by information security:  confidentiality - only authorized parties can view private information  integrity - information is changed only in a specified and authorized manner (by authorized users)  availability - information is accessible to authorized users whenever needed C.I.A. of Information Security Different organizations may view one of the CIA components as being more important than others!!!

Answer 321

Student grade – an information asset of high importance for student.  In US, release of such information is regulated by Family Educational Rights and Privacy Act (FERPA). Grade information should only be available to students, their parents and employees that require this information to do their job.  In Canada, the same issue is regulated by Personal Information Protection and Electronic Documents Act (PIPEDA).

Answer 322

``` cryptography  strong access control  limiting number of places where data can appear (e.g., cannot be stored on an USB) C.I.A. of Information Security (cont.) What is a potential drawback of protecting confidentiality through encryption?! ```

Answer 323

Patient information in a hospital – the doctor should be able to trust that the information is correct and current. Inaccurate info could result in serious harm to the patient end expose the hospital to massive liability.  In US, Health Insurance Portability and Accountability Act (HIPAA) regulates the collection, storage, and transmission of sensitive personal health care information. Hospital is responsible for safeguarding patient information against error, loss, defacing, tampering and unauthorized use. (Ontario’s Personal Health Information Protection Act - PHIPA)

Answer 324

strong access control - good at preventing attacks on data integrity cryptography (hashing) - detects attacks on data integrity documenting system activity (logging) - who did what and when - detects attacks on data integrity

Answer 325

Accessible and properly functioning web site – a key asset for an e-commerce company. E.g., a DDoS attack could make the site unavailable and cause significant loss in revenue and reputation.  In US, Computer Fraud and Abuse Act (CFAA) applies to DoS-related attacks.  In Canada, DoS activities are regulated under Criminal Code of Canada, Section 342: Unauthorized Use of Computer C.I.A. of Information Security (cont.) Do you know any other types of attack on data availability??

Answer 326

anti-DDoS system (in case of attack that attempt to prevent access by blocking the bandwidth/server): e.g., content distribution networks, scrubbing centers  well established backup procedure (in case of attacks that prevent access by encrypting or destroying data)

Answer 327

``` general purpose device that can be programmed to carry out a set of arithmetic or logical operations automatically  examples:  desktops  laptops, tablets  mobile phones  printers, servers  routers, firewalls  IoT devices  industrial controllers ...  alternative definition: electronic device for storing and processing of data/information ```

Answer 328

echnology involving development OR use of computer systems & networks for the purpose of processing & distribution of data/information  categories of IT jobs:  IT engineer - develops new or upgrades existing IT equipment (software or hardware)  IT architect - draws up plans for IT systems and how they will be implemented  IT administrator - installs, maintains, repairs IT equip./system  IT manager - oversees other IT employees, has authority to buy technology and plan budgets  IT security specialist - creates and executes security applications to maintain system security and safety

Answer 329

entire set of data as well as software, hardware, networks, people, procedures & policies that deal with processing & distribution of information (data) in an organization  each component has its own strengths, weaknesses, and its own security requirements

Answer 330

``` Information/data is - stored on computer hardware, - manipulated by software, - transmitted by networks, - used by people, - controlled by procedures & policies ```

Answer 331

terms are often used interchangeably, but ...  computer security (aka IT security) is mostly concerned with information in ‘digital form’  information security is concerned with information in any form it may take: electronic, print, etc.

Answer 332

a) your university suffers a data breach b) your bank suffers a data breach your PII compromised, your grades leaked can lead to identity theft or blackmail ... your online banking credentials stolen (user login, password) your money gone ... c) your hospital suffers a data breach your health information stolen your chances of getting employed reduced ...

Answer 333

direct, shorter term 1. operational disruption 2. cyber-security investigations 3. attorney fees 4. government fines 5. drop in stock price, ... * indirect, longer term 1. damage to brand and reputation 2. loss of intellectual property 3. increased insurance premium,

Answer 334

identification & exploitation of weaknesses in a computer system or a network in order to achieve a nefarious objective * an intentional attack typically conducted by a malicious outsider * could, but does not have to, result in a data breach / leak (e.g., DDoS, logic bomb)

Answer 335

1. weak or compromised credentials 2. careless / untrained employees (social engineering) 3. missing or poor encryption 4. misconfiguration (e.g., in a firewall) 5. vulnerabilities (e.g., in servers or workstations) 6. third- or fourth- party vendors,

Answer 336

``` Learn why it is important to protect the CIA of data, and how to do it. $$$ is at the bottom line !!! (prevent financial losses) • Steganography • Cryptography • Access Control / Passwords • Policy ... • IT Security Risk Management ```

Answer 337

exposing of sensitive, confidential and/or protected data to someone who should not have access to that data * could be deliberate or unintentional ! * common type of leaked information: 1. financial data (e.g., credit card numbers) 2. medical or personal health information 3. personally identifiable information (PII) 4. intellectual property

Answer 338

* an accidental insider  e.g., an employee using a co-worker’s computer & accessing files without having proper authorization, NO information is leaked outside the company  e.g., an employee fooled into disclosing data to a malicious actor – information leaked outside ... * a malicious insider  e.g., an employee purposely accesses and/or shares data with the intent of causing harm to an individual or company – may have legitimate authorization * a malicious outsider  e.g., a hacker uses various attack vectors to gather information from a network or an individual (e.g., finds vulnerability in a server, gains access to net., ...)

Final Flashcards

(363 cards)