20-751 ecommerce technology spring 2002 copyright © 2002 michael i. shamos access security
Post on 22-Dec-2015
215 views
TRANSCRIPT
20-751 ECOMMERCE TECHNOLOGY
SPRING 2002 COPYRIGHT © 2002
MICHAEL I. SHAMOS
Access Security
20-751 ECOMMERCE TECHNOLOGY
SPRING 2002 COPYRIGHT © 2002
MICHAEL I. SHAMOS
Outline
• Are web systems safe?• Authentication
– Passwords– Biometrics
• Network protection– Firewalls, proxy servers– Denial of service attacks– Viruses
20-751 ECOMMERCE TECHNOLOGY
SPRING 2002 COPYRIGHT © 2002
MICHAEL I. SHAMOS
Web Security• Client Side
– What can the server do to the client?• Fool it• Install or run unauthorized software, inspect/alter files
• Server Side– What can the client do to the server?
• Bring it down (denial of service)• Gain access (break-in)
• Network– Is anyone listening? (Sniffing)– Is the information genuine? Are the parties genuine?
20-751 ECOMMERCE TECHNOLOGY
SPRING 2002 COPYRIGHT © 2002
MICHAEL I. SHAMOS
Internet Sniffing
SOURCE: CERT
20-751 ECOMMERCE TECHNOLOGY
SPRING 2002 COPYRIGHT © 2002
MICHAEL I. SHAMOS
““10591059””
Methods of User Authentication
• Something you know . . .– Password, PIN, “mother’s maiden name”
• Something you have . . .
– Physical key, token, magnetic card, smartcard
• Something you are . . .
– Finger print, voice, retina, iris
• Someplace you are– GPS information
• Best to use two or more of the aboveSOURCE: SECURITY DYNAMICS
20-751 ECOMMERCE TECHNOLOGY
SPRING 2002 COPYRIGHT © 2002
MICHAEL I. SHAMOS
Biometrics
• Use of an unalterable body part or feature to provide identification
• History– For 1,000,000 years we couldn’t identify people– France used tattoos; abolished in 1832– Uniqueness of fingerprints 1890
• Verification v. identification• Weaknesses:
– Forgery– Replay attack
20-751 ECOMMERCE TECHNOLOGY
SPRING 2002 COPYRIGHT © 2002
MICHAEL I. SHAMOS
Fingerprints
SOURCE: C3i
MAIN SHAPES:
LOOPWHORLARCH
MINUTIAE:
END BIFURCATION ISLAND LAKE DOT
EACH PERSON HAS A UNIQUEARRANGEMENT OF MINUTIAE:
20-751 ECOMMERCE TECHNOLOGY
SPRING 2002 COPYRIGHT © 2002
MICHAEL I. SHAMOS
Fingerprint CaptureThompson-CSF FingerChip
(Thermal-sensed swipe)DEMO1, DEMO2
ST-Micro TOUCHCHIP(Capacitative)
American Biometric CompanyBioMouse (Optical) Biometric Partners
Touchless Sensor
20-751 ECOMMERCE TECHNOLOGY
SPRING 2002 COPYRIGHT © 2002
MICHAEL I. SHAMOS
Iris Scan
SOURCE: IRISCAN
• Human iris patterns encode ~3.4 bits per sq. mm
• Can be stored in 512 bytes
• Patterns do not change after 1 year of life
• Patterns of identical twins are uncorrelated
• Chance of duplication < 1 in 1078
• Identification speed: 2 sec. per 100,000 people
PERSONAL IRIS IMAGER
Companies: British Telecom, Iriscan, Sensar
20-751 ECOMMERCE TECHNOLOGY
SPRING 2002 COPYRIGHT © 2002
MICHAEL I. SHAMOS
Signature Dynamics
• Examines formation of signature, not final appearance
• DSV (Dynamic signature verification)
• Parameters• Total time
• Sign changes in x-y velocities
and accelerations
• Pen-up time
• Total path length
• Sampling 100 times/second
Companies: CyberSIgn, Quintet,PenOp, SoftPro SignPlus,
20-751 ECOMMERCE TECHNOLOGY
SPRING 2002 COPYRIGHT © 2002
MICHAEL I. SHAMOS
Network Security
SOURCE: CERT
REMOVABLEMEDIA
USER
MODEM +TELEPHONE
LOCAL AREANETWORK
REMOTELOCATION
INTERNETCONNECTION
“BACKDOOR”INTERNET
CONNECTION
ISP
REMOTEUSER
VENDORS ANDSUBCONTRACTORS
RADIOEMISSIONS
20-751 ECOMMERCE TECHNOLOGY
SPRING 2002 COPYRIGHT © 2002
MICHAEL I. SHAMOS
Sophistication v. Intruder Knowledge
SOURCE: CERT
20-751 ECOMMERCE TECHNOLOGY
SPRING 2002 COPYRIGHT © 2002
MICHAEL I. SHAMOS
Firewall Architecture
SOURCE: CHAPMAN, BUILDING INTERNET FIREWALLS
20-751 ECOMMERCE TECHNOLOGY
SPRING 2002 COPYRIGHT © 2002
MICHAEL I. SHAMOS
Network Attacks
SOURCE: CERT
20-751 ECOMMERCE TECHNOLOGY
SPRING 2002 COPYRIGHT © 2002
MICHAEL I. SHAMOS
Firewall
• A device placed between two networks or machines– All traffic in and out must pass through the firewall– Only authorized traffic is allowed to pass– The firewall itself is immune to penetration
Internet
FirewallCompany Network
SOURCE: ADAM COLDWELL
20-751 ECOMMERCE TECHNOLOGY
SPRING 2002 COPYRIGHT © 2002
MICHAEL I. SHAMOS
Proxy Server
SOURCE: CHAPMAN, BUILDING INTERNET FIREWALLS
20-751 ECOMMERCE TECHNOLOGY
SPRING 2002 COPYRIGHT © 2002
MICHAEL I. SHAMOS
Distributed Denial of Service Attack
SOURCE: CERT
VICTIM
INTRUDER
INTRUDER SENDSCOMMANDS TO
HANDLERS
20-751 ECOMMERCE TECHNOLOGY
SPRING 2002 COPYRIGHT © 2002
MICHAEL I. SHAMOS
DDOS Attack
SOURCE: CERT
20-751 ECOMMERCE TECHNOLOGY
SPRING 2002 COPYRIGHT © 2002
MICHAEL I. SHAMOS
DDOS Attack
SOURCE: CERT
20-751 ECOMMERCE TECHNOLOGY
SPRING 2002 COPYRIGHT © 2002
MICHAEL I. SHAMOS
Denial-of-Service Attacks
• Attack to disable a machine (server) by making it unable to respond to requests
• Use up resources– Bandwidth, swap space, RAM, hard disk
• FBI DOS attack (June 1999) 600,000 service requests per second
20-751 ECOMMERCE TECHNOLOGY
SPRING 2002 COPYRIGHT © 2002
MICHAEL I. SHAMOS
Ping Flooding
Victim System
Attacking System(s)
Internet
SOURCE: PETER SHIPLEY
20-751 ECOMMERCE TECHNOLOGY
SPRING 2002 COPYRIGHT © 2002
MICHAEL I. SHAMOS
Three-Way Handshake
ClientServer
SYNSYN | ACK
ACK
1: Send SYN seq=x
2: Send SYN seq=y, ACK x+1
3: Send ACK y+1SOURCE: PETER SHIPLEY
20-751 ECOMMERCE TECHNOLOGY
SPRING 2002 COPYRIGHT © 2002
MICHAEL I. SHAMOS
SMURF ATTACK
INTERNET
PERPETRATORVICTIM
ICMP echo (spoofed source address of victim) Sent to IP broadcast address
ICMP echo reply
SOURCE: CISCO
ICMP = Internet Control Message Protocol
INNOCENTREFLECTOR SITES
BANDWIDTH MULTIPLICATION:A T1 (1.54 Mbps) can easilyyield 100 MBbps of attack
1 SYN
10,000 SYN/ACKs -- VICTIM IS DEAD
20-751 ECOMMERCE TECHNOLOGY
SPRING 2002 COPYRIGHT © 2002
MICHAEL I. SHAMOS
Code Attacks
• Virus– executable code– that attaches itself to other executable code
(infection)– to reproduce itself (spread) replicator + concealer + payload
• Rabbit, Worm– program that makes many copies of itself and spreads them.
Each copy makes copies, etc. Worm spreads via networks.
• Trojan Horse– performs unauthorized activity while pretending to be
another program. Example: fake login program
20-751 ECOMMERCE TECHNOLOGY
SPRING 2002 COPYRIGHT © 2002
MICHAEL I. SHAMOS
Viral Phenomena
• Invented ~1985• More than 36,500 known viruses (NY Times, 6/10/99)
– More than in nature
• 10-15 new viruses per day• 35% are destructive (up from 10% in 1993)
• Virus attacks per computer doubles every two years• Written mostly by men 14-24
– India, New Zealand, Australia, U.S.
• Symantec employs 45 people full-time, spread over 24 hours, to detect and neutralize viruses
20-751 ECOMMERCE TECHNOLOGY
SPRING 2002 COPYRIGHT © 2002
MICHAEL I. SHAMOS
Exploiting System Bugs
• Buffer overflows– Program allocates 255 bytes for input.
– Hacker sends 500 bytes.
BUFFER (255 BYTES) PROGRAM CODE
245 BYTES ARE OVERWRITTEN WITH HACKER’S DATANOW HACKER’S CODE CAN BE EXECUTED
INPUT IS 500 BYTES LONG
BUFFER (255 BYTES) PROGRAM CODE
20-751 ECOMMERCE TECHNOLOGY
SPRING 2002 COPYRIGHT © 2002
MICHAEL I. SHAMOS
Viral Phenomena
• Stealth capability– Virus “hides” from detection. Installs memory-resident code.
– Intercepts file accesses. If attempt is made to access its disk sector, substitutes “clean” data instead.
• Mutation
– Accidental. Virus gets changed (corrupted) by system
– Deliberate. Creator inserts program modification code.“Self-garbling” - unscrambles itself before use
– Result: virus becomes hard to detect
• Virus toolkits
20-751 ECOMMERCE TECHNOLOGY
SPRING 2002 COPYRIGHT © 2002
MICHAEL I. SHAMOS
Virus Detection
• Some virus families have common characteristics– Presence or absence of particular strings
• Antiviral software– Only detects what it know how to detect.– Must be upgraded regularly for new viruses.– Symantec encyclopedia
• File virus– Compare size with known backup copy.– Presence of strings, like “.EXE”
• Retrovirus– Attacks or disables antivirus software
20-751 ECOMMERCE TECHNOLOGY
SPRING 2002 COPYRIGHT © 2002
MICHAEL I. SHAMOS
Key Takeaways
• Evaluate all risks, even internal ones• People do bizarre things when they think no one will
find out • Security is for professionals• Unexplored future in biometrics• Proxies give only thin protection• There is no current defense to DOS attacks• There is no defense to new viruses
(except Java for a while)
20-751 ECOMMERCE TECHNOLOGY
SPRING 2002 COPYRIGHT © 2002
MICHAEL I. SHAMOS
QA&