cs 5950/6030 network security class 35 (m, 11/21/05) leszek lilien department of computer science...
Post on 21-Dec-2015
230 Views
Preview:
TRANSCRIPT
CS 5950/6030 Network SecurityClass 35 (M, 11/21/05)
Leszek LilienDepartment of Computer Science
Western Michigan University
Based on Security in Computing. Third Edition by Pfleeger and Pfleeger.Using some slides (as indicated) courtesy of:Prof. Aaron Striegel — at U. of Notre Dame
Prof. Barbara Endicott-Popovsky and Prof. Deborah Frincke — at U. WashingtonProf. Jussipekka Leiwo — at Vrije Universiteit (Free U.), Amsterdam, The
Netherlands
Slides not created by the above authors are © by Leszek T. Lilien, 2005Requests to use original slides for non-profit purposes will be gladly granted upon a written
request.
2
7. Security in Networks...
7.3. Networks Security Controls...
7.4. Network Security Tools 7.4.1. Firewalls
a) Introductionb) What is a firewall c) Firewall designd) Types of firewallse) Comparison of firewall typesf) Example firewall configurationsg) What firewalls can—and can’t—block
© by Leszek T. Lilien, 2005
Class 34
3
7.4.1. Firewalls Outline
a) Introductionb) What is a firewall c) Firewall designd) Types of firewalls
i. Packet filters(i-1) Simple packet filters(i-2) Stateful packet filters
ii. Application proxies(ii-1) Guards (“top model” subcategory)
iii. Personal firewallse) Comparison of firewall typesf) Example firewall configurationsg) What firewalls can—and can’t—block
© by Leszek T. Lilien, 2005
5
7. Security in Networks...
7.3. Networks Security Controls...
7.4. Network Security Tools 7.4.1. Firewalls
...
7.4.2. Intrusion Detection Systemsa) Introductionb) Types of IDSs
i. Signature-based IDSsii. Anomaly-based IDSsiii. Other IDSs
c) Goals for IDSsd) IDS strengths and limitations
7.4.3. Secure E-Maila) Introductionb) Security for e-mailc) Design of PEM (Privacy-enhanced Electronic Mail)d) Example secure e-mail systems
i. PGPii. S/MIME
© by Leszek T. Lilien, 2005
Class 34
Class 35
6
7.4.2. Intrusion Detection Systems
Outlinea) Introductionb) Types of IDSs
i. Signature-based IDSsii. Anomaly-based IDSsiii. Other IDSs
c) Goals for IDSsd) IDS strengths and limitations
© by Leszek T. Lilien, 2005
7
a. Introduction (1) It is better to prevent attack than to detect it after it
succeedsUnfortunately, not all attacks can be prevented
Some attackers become intruders — succeed in breaking defenses
Intrusion prevention — first line of defenseIntrusion detection — second line of defense
Intrusion detection system (IDS) - a device (typically a seprate computer) monitoring system activities to detect malicious / suspicious events
IDSs attempt to detect Outsiders breaking into a systemOR Insiders (legitimate users) performing illegitimate
actions Accidentally OR deliberately
© by Leszek T. Lilien, 2005
8
Introduction (2)
IDS runs constantly in the background Alarms when it detects something suspicious
We’ll be talking only about real-time IDSs Ignoring off-line IDSs (early IDSs reviewed logs after th fact)
IDS should operate in stealth mode — be invisible to outside world
IDS interfaces (cf. Fig. 7-43, p.471)
1) Alarm interface through which raises alarm On a completely separate control network
2) Monitoring interface to protected (sub)network Never sends msgs on this interface! Preferably, IDS has no published address
through the monitored=> router does not even know IDS platform exists=> router can not send anything to IDS
directly© by Leszek T. Lilien, 2005
9
Introduction (3)
IDS terminology Anomaly — abnormal behavior Misuse — activity that violates the
security policy(subset of “anomaly”)
Intrusion — misuse by outsiders and insiders
Audit — activity of looking at user/system behavior, its effects, or collected data
Profiling — looking at users or systems to determine what they usually do
© by Leszek T. Lilien, 2005
10
---[OPTIONAL]--- Introduction (4)
Superset of IDS functions Monitoring users and system activity Auditing system configuration for vulnerabilities
& misconfigurations Assessing integrity of critical system and app
files Recognizing known attack patterns Identifying abnormal activities through statistical
analysis Managing audit trails (logs) and highlighting
misuses or anomalies in user activities Correcting system config errors Installing & operating traps (honeypots) to learn
about intruders
© by Leszek T. Lilien, 2005
11
b. Types of IDSs (1) IDS types w.r.t. scope:
Host-based Runs on a host Monitors activities on this host only
Network-based Stand–alone device Monitors entire (sub)network
IDS types w.r.t. operationi. Signature-based IDSsii. Anomaly-based IDSs (heuristic IDSs)
(ii-1) Misuse intrusion detectioniii. Other IDS types
© by Leszek T. Lilien, 2005
12
Types of IDSs (2)
i. Signature-based IDS Looks for unacceptable system activities (attack)
Each known attack characterized by its „signature” (pattern)
To detect attack, matches current activities to known attack signatures
Even attack with signature „similar” to signature of a known attack can be detected
Example signature for port scan attack Syn to port 80 Syn to port 25 Syn to port 161 ...
© by Leszek T. Lilien, 2005
13
Types of IDSs (3)
Problems with signature-based IDSs(1) Can not detect attack with unknown signature
Must know (exact or very similar) attack signature to detect attack
(2) Attacker can „pad” attack with packets that break known signature into unknown patterns
(3) False alarms occur When legitimate data accidentally match
attack signature
Solution to (1) and (2): anomaly-based IDSs
© by Leszek T. Lilien, 2005
14
Types of IDSs (4)
ii. Anomaly-based IDS (heuristic IDS) Uses model of acceptable user behavior
Recall that signature-based IDS uses models (signatures) of unacceptable system activities (system behavior)
Watches user activities Watches for deviations from model behavior
Raises alarm upon detection of suspicious behavior If false alarm, admin can „teach” IDS to accept
such behavior in the future
© by Leszek T. Lilien, 2005
15
Types of IDSs (5)
Example model of acceptable user’s behavior Logs in Reads e-mail User word processor ...
Note: Use of sensitive system management utilities
would be a deviation from the model of acceptable user’s behavior
© by Leszek T. Lilien, 2005
16
Types of IDSs (6)
(ii-1) Misuse IDS — can be considered a subset of anomaly detection (since misuse is a subset of anomaly – see above)
Uses model of unacceptable user behavior Recall that „regular” anomaly-based IDS uses models
of acceptable user behavior Recall that signature-based IDS uses models
(signatures) of unacceptable system activities (system behavior) Could misuse IDS be considered a variation of
signature-based IDS?
Example model of unacceptable user’s behavior Attempt to copy pwd file Attempt to open pwd file ...
© by Leszek T. Lilien, 2005
17
Types of IDSs (7)
iii. Other IDSs E.g., hybrid IDSs (combining signature- and
anomaly-based IDSs), immune-system-based IDSs
---[OPTIONAL]--- Under more liberal definiton of IDS, the following are called IDSs:
Tripwire program — cf. p. 471 Produces hash value for each file when installed,
values saved in secure place Later can be called to verify that file was not
compromised Vulnerability scanners Honeypots
© by Leszek T. Lilien, 2005
18
c. Goals for IDSs (1) IDS goals
1) Detect all attacks correctly Avoid false positives (false alarms)
False alarms annoy sysadmins, users, ... Avoid false negatives (not recognizing attacks)
2) Little overhead / performance impacts
Range of IDS alarms Write a record to audit log ... Page security administrator
© by Leszek T. Lilien, 2005
Urgency
19
Goals for IDSs (2)
Categories of IDS responses1) Monitor, collect data, collect more data
For attacks with modest impact Invisible to attacker Can be used to study attacker’s actions (like
honeypot)
2) Protect, reduce exposure E.g., making certain files unavailable to any access May be very visible to attacker
3) Call a human For attacks with highest impact potential Calling a human preceded by some automatic
actions Since humans take very long time (compared to computer
time) to respond
Any combination of (1), (2) , (3) into single response is possible
© by Leszek T. Lilien, 2005
20
d. IDS strengths and limitations IDS strengths
Becoming more effective (e.g., DBs of attack signatures grow)
Becoming cheaper Becoming easier to administer
IDS limitations Attackers use avoidance strategies to avoid
detection by IDS IDS sensitivity is difficult to measure and adjust
Must strike a balance false alarms and missing attacks Only as good as the process/people using it
© by Leszek T. Lilien, 2005
21
7.4.3. Secure E-Mail Outline
a) Introductionb) Security for e-mailc) Design of PEM (Privacy-enhanced Electronic Mail)d) Example secure e-mail systems
i. PGPii. S/MIME
© by Leszek T. Lilien, 2005
22
a. Introduction E-mail is the most heavily used network-based
applicationYet, ordinary email is very public, exposedIt has no C / I (confid./integ)
Unencrypted message contents can be peeked at either in transit or by privileged users at destination host
© by Leszek T. Lilien, 2005
23
b. Security for e-mail (1) Threats to e-mail Controls
Msg interception (confidentiality) encryption Msg interception (blocked delivery) no S/R controls Msg interception+replay encryption (+seq.nr) Msg content modification encryption Msg origin modification encryption
Msg content forgery by outsider encryption Msg origin forgery by outsider encryption
Msg content forgery by recipient (R) publ.key encr. Msg origin forgery by recipient publ.key encr.
Repudiation (denial) by sender (S) publ.key encr.
© by Leszek T. Lilien, 2005
24
Security for e-mail (2)
Secure e-mail requirements: Msg confidentiality (protection from disclosure)
Msg integrity (protection from modification) Sender authentication Non-repudiation (preventing denial by sender)
Not every msg requires all 4 capabilitiesbut all 4 needed to cover requirements of all kinds of msgs
© by Leszek T. Lilien, 2005
25
c. Design of PEM (1) Standard for encrypted e-mail
Privacy-enhanced Electronic Mail (PEM) [Bishop-CS-A&S, p.286]
Developed by Internet Society (1985-1993)
One of design goals: Allowing PEM msgs travel as ordinary mail msgs
For legacy reasons Protection occurs within msg body
We’ll look in turn at:1) Confidentiality in PEM2) Other security features in PEM
© by Leszek T. Lilien, 2005
26
Design of PEM (2)
1) Confidentiality in PEM Scenario: S sends msg M to R (using PEM)
S picks random symm.encr. key K (corr. to session key)
S creates new cleartext header [a] S encrypts K with KPUB-R: E(K, KPUB-R) [b]
Additionally, unprintable characters are converted into „regular” characters Since unprintable characters used as control signals by
e-mail handlers S encrypts M with K: E(M, K) [c]
Entire M, with original header is encrypted
=> Summarizing, „enveloping” msg sent by S to R is:
[a] = new „external” header (plaintext)
[b] = encrypted symm. key K
[c] = encrypted msg M
© by Leszek T. Lilien, 2005
(cf. Fig. 7-44, p. 475)
27
---[OPTIONAL]--- Design of PEM (3)
Example of subfields within field [b]: (M = original msg)
Proc-Type:indicates applied privacy-enhancement services (e.g., „ENCRYPTED”)
DEK-Info: (DEK=data encipherment key, corr. to session key)
includes symmetric key K (used to encr. M)
ANDindicates kind of corresponding symmetric key encr. alg. (e.g., DES-CBC)
Actually not just K but whole field [b] (including K) is encrypted under KPUB-R,that is, E([b], KPUB-R )
Variant of PEM standard: Using only symmetric key encryption
Requires establishing common secret beforesending e-mail
© by Leszek T. Lilien, 2005
28
Design of PEM(4)
2) Other security features in PEM PEM msgs always carry a digital signature in [b]
Provide S’s authentication & non-repudiation Hash within digital signature assures msg
integrity S can be anonymous in external header [a]
S’s identity encrypted in [c]
Multiple encryption algorithms are supported by PEM
„Unenhanced” & and PEM msgs can be mixed by sender at will
© by Leszek T. Lilien, 2005
29
Design of PEM(5)
Problems with PEM Problem 1: key mgmt (as always with public key
exchange) Solution 1a: Using certificate scheme Solution 1b: Using PGP (to be discussed next)
Problem 2: endpoint vulnerability (S and R ends) Attacker penetrating S’s or R’s host can
subvert PEM code or install Trojan for leaking keys
© by Leszek T. Lilien, 2005
30
d. Example secure e-mail systems (1)
Many encrypted e-mail systems exist (both academic and commercial)
Two popular encrypted e-mail systems:i. PGP (Pretty Good Privacy)ii. S/MIME
© by Leszek T. Lilien, 2005
31
Example secure e-mail systems (2)
i. PGP (Pretty Good Privacy) Widely used, de facto secure email standard
Available on most operating systems Originally free Commercial versions available
Confidentiality — IDEA encryption (IDEA = International Data Encryption Algorithm; popular in Europe)
Integrity – RSA-encrypted MIC (Message Integrity Check/hash, MD5)
Authentication & non-repudiation – RSA-encrypted MIC
Uses common key distribution Trusted „introducers” used to validate keys No certification authority hierarchy needed
© by Leszek T. Lilien, 2005
32
Example secure e-mail systems (3)
PGP in practice The application must be integrated into
existing email Each user has a keyring of known keys
Containing their own public and private keys (protected by a password)
Public keys given to you directly by a person Public keys signed by trusted introducers
Keys used for signing or encrypting messages to be sent and validate messages received
© by Leszek T. Lilien, 2005
33
Example secure e-mail systems (4)
ii. S/MIME Internet standard for secure e-mail attachments Very much like PGP Principal difference: method of key exchange
PGP: user exchanging keys with all potential recipients Establishing ring of trusted recipients
S/MIME: uses hierarchically validated certificates for key exchange Usually in X.509 format=> S and R do not have to exchange keys in advance if have a common trusted certifier
Supports many ciphers, incl. DES, AES, RC2 Integrated into many commercial e-mail packages
=> likely to dominate the secure e-mail market© by Leszek T. Lilien, 2005
top related