Introduction to Computer Security

Bilal Ahmed
1
 Impact
• Global
• Diplomacy
• Economy
• Safety
• Technology

• Individual
• Financial
• Privacy
• Data
• Relationships
 Stuxnet (2010)
• The first discovered malware that spies on and subverts
industrial systems

• Targeted only Siemens supervisory control and data

acquisition (SCADA)

• Infects PLCs by subverting the Step-7 software

application that is used to reprogram these devices

https://en.wikipedia.org/wiki/Stuxnet
 USA NSA Leaks (2013)
• Operational details about the US
National Security Agency (NSA) and
its international partners

• Obtained them while working for Booz Allen

Hamilton, one of the largest contractors for
defense and intelligence in the US

• Snowden's cache reportedly contains

thousands of Australian, British and Canadian intelligence
reports

https://en.wikipedia.org/wiki/Edward_Snowden
 WannaCry (May 2017)

• Ransomware
cryptoworm
• Targeted computers
running the
Microsoft Windows
operating system
• Encrypts data and
demands ransom
payments

https://en.wikipedia.org/wiki/WannaCry_ransomware_attack
 AshleyMadison.com (2015)

• Canada-based online dating and social networking service

marketed to people who are married

• July 15, 2015, hackers from “The Impact Team” stole all of its
customer data—including emails, names, home addresses, and
credit card information

• Motives:
• Shut down the website
• Extortion

• 39 million members from 53 countries, including Pakistan

https://en.wikipedia.org/wiki/Ashley_Madison
 US Elections Impacted

• 2016 U.S. presidential election impacted by several cyber

attacks
• One month after 2018 Midterm Election, the National
Republican Congressional Committee (NRCC) confirmed its
email system was hacked by an unknown third party.
• The hackers reportedly (Russians) gained access to the
email accounts of senior NRCC aides
Comparison of these attacks
 Comparison of these attacks
• Stuxnet: Stuxnet was a highly sophisticated worm, believed to be a state-
sponsored cyberweapon, designed to disrupt Iran's nuclear program by targeting
industrial control systems.
• WannaCry: WannaCry was a global ransomware attack that infected computers
worldwide, encrypting data and demanding ransom payments in Bitcoin for
decryption.
• US Election Interference: US Election Interference refers to Russian interference in
the 2016 United States presidential election, involving disinformation campaigns
and cyberattacks on political organizations.
• Ashley Madison: The Ashley Madison data breach exposed user data from the
infidelity website, resulting in the release of personal information, impacting
individuals seeking discreet affairs.
• NSA Leaks: The NSA Leaks, specifically Edward Snowden's disclosures, revealed
extensive government surveillance programs, sparking global privacy debates and
concerns about civil liberties.

Each of these incidents had significant implications in the realms of cybersecurity,

privacy, and international relations, impacting individuals and organizations in
various ways.
 Overview
• What is Computer Security?
• What is the importance of Computer Security ?
• Why systems are not secure?
• Attacker Types and their Goals
• Common Vulnerabilities and Defenses
• Typical Attack Progression
• Components of Computer Security
• Threats
• Goals of security
• Trust and Assumptions
What is Computer Security?
• Traditionally provided through physical protection to:
• Prevent theft of or damage to the hardware
• Prevent theft of or damage to the information
• Prevent disruption of service
• Physical protection, solely, is not sufficient, particularly while
dealing with inside attackers.

• Protection of information and property from theft, corruption,

or collapse by unauthorized activities/untrustworthy
individuals and unplanned events respectively, while allowing
the information and property to remain accessible and
productive to its intended users.
 US DoD Classification of Computer Security
Class Title
A1 Verified Design
B3 Security Domains
B2 Structured Protection
B1 Labeled Security Protection
C2 Controlled Access
C1 Discretionary Access
D Minimal Protection

Security
Level

Trusted Computer System Evaluation Criteria (Orange Book)

DoDI 8500.02, March 14, 2014
 US DoD Classification of Computer Security
Class Title
A1 Verified Design
B3 Security Domains
B2 Structured Protection
B1 Labeled Security Protection
C2 Controlled Access
C1 Discretionary Access
D Minimal Protection

Security
Level

Trusted Computer System Evaluation Criteria (Orange Book)

DoDI 8500.02, March 14, 2014
The State of Computer Security
Malicious URLs

Semantec Internet Security Threat Report volume-24-2019

Semantec Internet Security Threat Report volume-24-2019
Semantec Internet Security Threat Report volume-24-2019
Semantec Internet Security Threat Report volume-24-2019
Semantec Internet Security Threat Report volume-24-2019
Where Does
Pakistan
Stand ?

Semantec Internet Security Threat Report volume-24-2019

Microsoft Digital Defense Report 2022
Microsoft Digital Defense Report 2022
Microsoft Digital Defense Report 2022
Microsoft Digital Defense Report 2022
Microsoft Digital Defense Report 2022
Microsoft Digital Defense Report 2022
Microsoft Digital Defense Report 2022
Microsoft Digital Defense Report 2022
Microsoft Digital Defense Report 2022
Microsoft Digital Defense Report 2022
 On average, it takes only 14 days for an exploit
to be available in the wild after a vulnerability
is publicly disclosed.

Microsoft Digital Defense Report 2022

Microsoft Digital Defense Report 2022
Microsoft Digital Defense Report 2022
Microsoft Digital Defense Report 2022
Microsoft Digital Defense Report 2022
So, what do attackers gain from it
The Underground Economy

Semantec Internet Security Threat Report volume-24-2019

The Underground Economy

Semantec Internet Security Threat Report volume-24-2019

 The Changing Nature Of Threat
• Intruders are prepared and ready

• Internet attacks are easy, low risk and hard to trace

• Intruder tools are:

 Increasingly sophisticated
 Easy to use, especially by novice intruders
 Designed to support large scale attacks

• The complexity of the Internet protocols and applications are

all increasing along with our reliance on them

• The Internet has become an infrastructure itself.

 Why Systems Are Not Secure?
• Security is an isolated effort– Not integrated
within the systems
• Reasons being:
– Security is fundamentally difficult
– Security is an afterthought
– Security is an impediment
– False solutions further impede progress
– The problem is people, not computers.
Why Systems Are Not Secure?
1. Security is Fundamentally Difficult
 Secure Systems Vs. Correct Systems
▪ No major operating system has ever worked perfectly but
these systems are reasonably dependable and do the job.
▪ This phenomena of correctness is not sufficient for security

 Likelihood of existence of a flaw Vs. Likelihood of a

flaw being exploited by a penetrator
▪ Not attaining perfect security
▪ But making the penetrator’s job so difficult, risky, and
costly that the value of successful penetration will not be
worth the effort

 Systematic Approach Vs. Ad hoc security measures.

 2. Security is an Afterthought
 Security appears at the bottom of the list like this:
▪ Functions: What does it do?
▪ Price: What does it cost?
▪ Performance: How fast does it run?
▪ Compatibility: Does it work with earlier products?
▪ Reliability: Will it perform its intended function?
▪ Human Interface: How easy is it to use?
▪ Availability: How often will it break?
▪ Security Functions: What protection features does it
provide?
▪ Security Assurance: How foolproof are the protection
features?
 3. Security is an Impediment
 Common user perception: Security is a nuisance
 Reason: Poorly integrated ad hoc solutions
▪ Vendors enhancements, made to existing systems at
minimal cost, often result in reduced convenience or
poor performance
▪ Limited access from remote terminals; restricted
physical access to local terminals and printers;
multiple passwords or logins; frequent password
changes; automatic disconnect after periods of
inactivity→ Security is painful.
 4. False Solutions Impede Progress
• Misconception regarding Data Encryption
– Securing an operating system is unnecessary if all
the files are encrypted
• Misconception regarding Use of Passwords
– A single password issued to several people
• Impossible to identify the mole
• Issues upon employee leaving/ fired
– Reenter the password periodically.
• Shoulder Surfing
• Trojan
5. The Problem is People, not Computers
5. The Problem is People, not Computers

• Insiders
– Computer crimes committed by insiders usually
do not involve a violation of internal security
controls
• Absence of Fine-grained Controls
– People routinely gain access to more information
than they need, either because
• the system is not tuned to provide adequate protection
or
• because implementing such protection is inconvenient
or costly.
 Common Goals of Attackers
• Trophy grabbing

• Information theft
• Service theft
• Identity theft

• Tampering

• Denial of service (DoS).

 Common Vulnerabilities
• Implicit trust

• Configuration error

• Public information

• Weak design

• Carelessness.
The Basic Concepts of Computer Security

The basic components

Operational Issues
Human Issues
 Coming Up …
• Goals of Security?
• Components of computer system that need
to be secured? (CIA-AA)
 Goals of Security
• Prevention
– Prevent attackers from violating security policy
 Goals of Security
• Detection
– Detect attackers’ violation of security policy
– When, how, and by whom
 Goals of Security
• Recovery
– Stop attack, assess and repair damage
– Continue to function correctly even if attack
succeeds
 Example 1 – Private Property
• Prevention
– locks at doors, window bars, walls around the
property.
• Detection
– stolen items are missing, burglar alarms, closed
circuit TV.
• Recovery
– call the police, replace stolen items, make an
insurance claim …
 Example 2 – E-Commerce
• Prevention
– encrypt your orders, rely on the merchant to
perform checks
• Detection
– an unauthorized transaction appears on your
credit card statement.
• Recovery
– complain, ask for a new card number, etc.
 Components/Services of Computer Security

• Confidentiality
– Protect information from unauthorized disclosure (need to know)
• Use of Access control mechanism e.g., Crypto
– Keeping data and resources hidden (existence)
• Integrity
– Protecting information from unauthorized modification or
destruction
– Data integrity (includes correctness & trustworthiness of data)
– Origin integrity.
 Components/Services of Computer Security

• Availability
– Enabling access to data and resources
– Denial of service

• Authenticity: “know whom you are talking to”

• Accountability (non-repudiation): prove that an
entity was involved in some event.
 The Security Life Cycle

Threats

Policy

Specification
Assurance

Design

Implementation

Operation & Maintenance

Threats

Policy
Specification
Assurance

Design

Implementation

Operation & Maintenance

The Security Life Cycle

 Threats
• Defined as a potential violation of security

• Violation does not need to occur for there to

be a threat

• If a violation might occur, its causes need to

be guarded against

• Actions causing a violation are called attacks

 Classes of Threats
• Disclosure
– Unauthorized access to information
• Deception
– Acceptance of false data
• Disruption
– Interruption or prevention of correct operation
• Usurpation
– Unauthorized control of some part of a system
 Some Common Threats (1)
• Snooping: unauthorized interception of information
– Threat Class: Disclosure
– Security Service: Confidentiality
• Modification or alteration: unauthorized change of
information
– Threat Class: Deception, Disruption and Usurpation
– Security Service: Integrity, availability
• Masquerading or spoofing: impersonation of one
entity by another
– Threat Class: Deception and Usurpation
– Security Service: Integrity, availability
 Some Common Threats (2)
• Repudiation of origin: a false denial that an entity
sent (or created) something
– Threat Class: Deception
– Security Service: Integrity
• Denial of receipt: a false denial that an entity
received some information or message.
– Threat Class: Deception
– Security Service: Integrity
 Some Common Threats (3)
• Delay: a temporary inhibition of a service
– Threat Class: Usurpation, Disruption
– Security Service: Availability
• Denial of service: a long-term inhibition of service
– Threat Class: Usurpation, Disruption
– Security Service: Availability
 Typical Attack Progression
Attack other
hosts

Gain user
access

Cover Install Take or alter

tracks backdoors information
Locate
system to
attack

Gain Engage in
privileged Other
access unauthorized
activity
Threats

Policy
Specification
Assurance

Design

Implementation

Operation & Maintenance

The Security Life Cycle

 Policies and Mechanisms
• Policy says what is, and is not, allowed
– This defines “security” for the site/system
– Language: natural or mathematical
Partitions of System States vis-à-vis security

Secure (R ⊂ S) Precise (R = S) Broad (R ⊄ S)

set of reachable states (R) set of secure states (S)

 Policies and Mechanisms
• Mechanisms enforce policies
– Technical or procedural (non-technical)
• Combination of policies
– If policies conflict, discrepancies may create
security vulnerabilities
 Trust and Assumptions
• Underlie all aspects of security
• Policies
– Unambiguously partition system states
– Correctly capture security requirements
• Mechanisms
– Assumed to enforce policy
– Trusting that mechanisms work, requires the
assumption that:
• Mechanisms are implemented, installed and
administered correctly
Threats

Policy
Specification
Assurance

Design

Implementation

Operation & Maintenance

The Security Life Cycle

• Example: Deploy a computer system that is secure …

 Assurance
• Can trust be quantified precisely?
• Specification, design and implementation can
provide a basis to quantify it
• This aspect of trust is called assurance
• “How much” trust do you have in a medicine
that you buy off the shelf? (What is the
assurance level?).
 Assurance
• Specification
– Arises from requirements analysis
– Statement of desired functionality
– Can be formal or informal, high or low level
• Design
– Translates specifications into components that will
implement them
• Implementation
– Programs/systems that carry out design.
 Assurance (Example)
• Asprine
o Certification by FDA
o Manufacturing standards
o Preventive sealing

76
Example: Secure Information System for an Organization

• Threat: Intruders
• Policy: Detect intruders and actively hunt for
new intrusion threats
• Specification
– Install Network and Host based IDS
– Install Honeypots
• Design
– Where to install NIDS and Honeypots?
• Implementation
– Which vendor to choose?
 Assurance
• Assurance techniques do not guarantee
correctness or security
• They do provide a firm basis for assessing
what one must trust in order to believe that a
system is secure
• They eliminate possible sources of error and
force designers to define precisely what the
system is to do

• Does security end with the implementation/deployment?

Threats

Policy
Specification
Assurance

Design

Implementation

Operation & Maintenance

The Security Life Cycle

 Operational Issues
• How to assess the effects of operational
issues on security?
– Cost-Benefit Analysis
• Is it cheaper to prevent or recover?
• A system with salary database and a system to print
checks
– Risk Analysis
• Should we protect something?
• How much should we protect it?
– Laws and Customs
• Are the desired security measures legal?
• Would people adopt them?
• Example: Legal to authenticate through DNA analysis,
would people do it?
 Operational Issues
• Risk Analysis
– A control, in most cases, should not be implemented
unless the annualized cost of loss exceeds the
annualized cost of the control itself

A facility is worth $100,000, it does not make sense

to spend $150,000 trying to protect it

81
 Operational Issues
• Risk Analysis

82
 Operational Issues
• Risk Analysis
– Exposure Factor: The exposure factor (EF) represents
the percentage of asset value that will be lost in any
incident
– For example, if a data warehouse has the asset value
of $150,000, if a fire were to occur, 25 percent of the
warehouse would be damaged

83
 Operational Issues
• Risk Analysis
– Single Loss Expectancy: SLE is an amount that
represents the company’s potential loss amount if a
specific threat was to take place
– Asset Value × Exposure Factor (EF) = SLE

84
 Operational Issues
• Risk Analysis
– The annualized rate of occurrence (ARO) is the value
that represents the estimated frequency of a specific
threat taking place
– if the probability of a fire taking place and damaging a
data warehouse is once every ten years, the ARO value
is 0.1

85
 Operational Issues
• Risk Analysis
– Annual Loss Expectancy
– ALE is an annual expected financial loss to an
organization's asset because of a particular threat
occurring within that same calendar year
– SLE × Annualized Rate of Occurrence (ARO) = ALE

86
 Operational Issues
• Risk Analysis
– if a data warehouse has the asset value of $150,000, it
can be estimated that if a fire were to occur, 25 percent
of the warehouse would be damaged, if the probability
of a fire taking place and damaging our data
warehouse is once every ten years, what is ALE ?

87
 Human Issues
• Organizational Problems
– Power and responsibility
– No direct financial benefits of security
• People problems
– Outsiders and insiders
– Social engineering.
 Tying It All Together
Threats

Policy
Specification
Assurance

Design

Implementation

Operation & Maintenance

Feedback Mechanism in The Security Life Cycle

 Key Points
• Policy defines security, and mechanisms
enforce security
– Confidentiality
– Integrity
– Availability
• Trust and knowing assumptions
• Importance of assurance
• The human factor.
 Coming Up …
• Goals of Security?
• Components of computer system that need
to be secured? (CIA-AA)
Components of Computer Security

92
 Overview
• Security objectives / services
– Confidentiality – Integrity – Availability –
Accountability – Authenticity – Privacy –
Reliability – Safety
• Fundamental Dilemma of Computer
Security
• Fundamental Design Principles of
Computer Security
• The layer below.
 Confidentiality
• Prevent unauthorised disclosure of information (prevent
unauthorised reading)
• Secrecy: protection of data belonging to an organisation
• Historically, security and secrecy were closely related;
security and confidentiality are sometimes used as
synonyms.
 Integrity
• Prevent unauthorised modification of
information (prevent unauthorised writing)
• Data Integrity (from the Orange book) - The state
that exists when computerized data is the same
as that in the source document and has not been
exposed to accidental or malicious alteration or
destruction
• Detection (and correction) of intentional and
accidental modifications of transmitted data.
 Integrity ...
• No user of the system, even if authorized, may be
permitted to modify data items in such a way that
assets or accounting records of the company are lost
or corrupted
• In the most general sense: make sure that everything
is as it is supposed to be
• Integrity is a prerequisite for many other security
services; operating systems security has a lot to do
with integrity.
 Availability
• The property of being accessible and usable upon
demand by an authorised entity
• Denial of Service or DoS : prevention or the delaying
of authorised access of resources of time-critical
operations
• Distributed denial of service (DDoS) receives a lot of
attention; systems are now designed to be more
resilient against these attacks.
 Denial of Service Attack - Example

• Attacker sends ICMP echo requests to a broadcast

address, with the victim’s address as the spoofed
sender address
• The echo request is distributed to all nodes in the
range of the broadcast address
• Each node replies with an echo to the victim
• The victim is flooded with many incoming messages
• Note the amplification: the attacker sends one
message, the victim receives many.
 Denial of Service Attack

attacker
A

sends echo request to

broadcast address with B
victim as source

victim echo replies

D
to victim
 Privacy
• Privacy: “a state in which one is not observed
or disturbed by other people.”
• “Put the user in control of their personal data
and of information about their activities.”
• Also: the right to be left alone, e.g. not to be
bothered by spam
• Taken now more seriously by companies that
want to be ‘trusted’ by their customers.
Privacy
 Accountability
• Actions affecting security can be traced to the
responsible party
• At the operating system level, audit logs record
security relevant events and the user identities
associated with these events
• If an actual link between a user and a “user identity”
can be established, the user can be held accountable.
 Non-repudiation
• Non-repudiation services provide unforgeable
evidence that a specific action occurred
• ISO 7498-2 defines two types of non-repudiation
services
– Non-repudiation of origin: protects against a sender of
data, denying that data was sent
– Non-repudiation of delivery: protects against a receiver of
data, denying that data was received
 Non-repudiation
• Typical application: signing emails; signatures in
S/MIME secure e-mail system
• Are such signatures analogous to signing a letter by
hand?
• In the legal system, hand-written signatures (on
contracts) indicate the intent of the signer.
• Can a digital signature created by a machine, and
automatically attached to each mail, indicate the
intent of a person?
 Reliability & Safety
• Reliability and safety are also related to security:
• Reliability Prevent accidental failures/errors and
addresses the consequences
• Safety: measure of the absence of catastrophic
influences on the environment, particularly on
human life.
 A Remark on Terminology
• There is no single definition of security
• When reading a document, be careful not to confuse
your own notion of security with that used in the
document
• A lot of time is being spent – and wasted – trying to
define an unambiguous notation for security
• Our working definition of computer security:
– Computer security deals with the prevention and detection of
unauthorized actions by users of a computer system.
Fundamental Dilemma of Computer Security

Security unaware users have specific

security requirements but no security
expertise.

• If you provide your customers with a standard

solution it might not meet their
requirements/expectations
• If you want to tailor your solution to your
customers’ needs, they may be unable to tell you
what they require.
 References
• Computer Security, by Matt Bishop
• Computer Security, by Dieter Gollmann
• Building A Secure Computer System, by Morrie
Gasser