CS CS 322 376 322 376: Information & : Information &

Communication Technology Communication Technology

Security Security
1-1
2011 Chakchai So-In
CS 322 376 Khon Kaen University
Chakchai So-In, Ph.D.
Department of Computer Science
Faculty of Science, Khon Kaen University
123 Mitaparb Rd., Naimaung,
Maung, Khon Kaen, 40002 Thailand
chakso@kku.ac.th
http://web.kku.ac.th/chakso/322376_Fall10/
Agenda Agenda
What is SECURITY in CS/IT world?
Goal of this Course
Contact/Office Hour
Grading
Contents of the Course
Tentative Schedule
1-2
2011 Chakchai So-In
CS 322 376 Khon Kaen University
Tentative Schedule
Term Project and Project Guideline
Security Background Security Background
Information Security requirements have changed in recent
times.
Traditionally security is provided by physical and
administrative mechanisms.
Computer use requires automated tools to protect files and
other stored information.
Use of networks and communications links requires measures
1-3
2011 Chakchai So-In
CS 322 376 Khon Kaen University
Use of networks and communications links requires measures
to protect data during transmission.
Definitions Definitions
Computer Security - generic name for the collection of tools
designed to protect data and to thwart hackers
Network Security - measures to protect data during their
transmission
Internet Security - measures to protect data during their
transmission over a collection of interconnected networks
Information security - about how to prevent attacks, or failing
1-4
2011 Chakchai So-In
CS 322 376 Khon Kaen University
Information security - about how to prevent attacks, or failing
that, to detect attacks on information-based systems
Security Components Security Components
Confidentiality: Need access control, Cryptography, Existence
of data
Integrity: No change, content, source, prevention mechanisms,
detection mechanisms
Availability: Denial of service attacks,
Confidentiality, Integrity and Availability (CIA)
1-5
2011 Chakchai So-In
CS 322 376 Khon Kaen University
Services, Mechanisms, Attacks Services, Mechanisms, Attacks
Need systematic way to define requirements
Consider three aspects of information security:
Security Attack
Security Mechanism
Security Service
Consider in reverse order
1-6
2011 Chakchai So-In
CS 322 376 Khon Kaen University
Consider in reverse order
Security Service Security Service
Is something that enhances the security of the data processing
systems and the information transfers of an organization
Make use of one or more security mechanisms to provide the
service
Replicate functions normally associated with physical
documents
E.g. have signatures, dates; need protection from disclosure,
1-7
2011 Chakchai So-In
CS 322 376 Khon Kaen University
E.g. have signatures, dates; need protection from disclosure,
tampering, or destruction; be notarized or witnessed; be
recorded or licensed
Security Mechanism Security Mechanism
A mechanism that is designed to detect, prevent, or recover
from a security attack
No single mechanism that will support all functions required
However one particular element underlies many of the security
mechanisms in use: cryptographic techniques
Hence our focus on this area
1-8
2011 Chakchai So-In
CS 322 376 Khon Kaen University
Services and Mechanisms Relationship Services and Mechanisms Relationship
Security Attack Security Attack
Any action that compromises the security of information
owned by an organization
Have a wide range of attacks
Can focus of generic types of attacks
Note: often threat & attack mean same
Threat a potential for violation of security
1-10
2011 Chakchai So-In
CS 322 376 Khon Kaen University
Threat a potential for violation of security
Attack an assault on system security, a deliberate attempt
to evade security services
OSI Security Architecture OSI Security Architecture
Defines a systematic way of defining and providing security
requirements
ITU-T X.800 Security Architecture for OSI (Open Systems
Interconnection)
X.800 defines it as: a service provided by a protocol layer of
communicating open systems, which ensures adequate security
of the systems or of data transfers
1-11
2011 Chakchai So-In
CS 322 376 Khon Kaen University
of the systems or of data transfers
RFC 2828 (Request for Comment) defines it as: a processing or
communication service provided by a system to give a specific
kind of protection to system resources
X.800 defines it in 5 major categories
Authentication, Access Control, Data Confidentiality, Data
Integrity, Non-Repudiation
5 5 Categories (X. Categories (X.800 800))
Authentication - assurance that the communicating entity is
the one claimed
Access Control - prevention of the unauthorized use of a
resource
Data Confidentiality protection of data from unauthorized
disclosure
Data Integrity - assurance that data received is as sent by an
1-12
2011 Chakchai So-In
CS 322 376 Khon Kaen University
Data Integrity - assurance that data received is as sent by an
authorized entity
Non-Repudiation - protection against denial by one of the
parties in a communication
Classify Security Attacks as Classify Security Attacks as
Passive attacks - eavesdropping on, or monitoring of,
transmissions to:
Obtain message contents, or
Monitor traffic flows
Active attacks modification of data stream to:
Masquerade of one entity as some other Masquerade of one entity as some other
Replay previous messages
Modify messages in transit
Denial of service
Model for Network Security Model for Network Security
Using this model requires us to:
Design a suitable algorithm for the security transformation
Generate the secret information (keys) used by the algorithm
Develop methods to distribute and share the secret information
Model for Network Access Security Model for Network Access Security
Using this model requires us to:
Select appropriate gatekeeper functions to identify users
Implement security controls to ensure only authorised users
access designated information or resources
Goal of This Course Goal of This Course
Our focus is on Internet Security
Comprehensive course on Computer/Information
Technology/Network Security
Broad coverage of key areas
Consists of measures to deter, prevent, detect, and correct
security violations that involve the transmission of information
1-16
2011 Chakchai So-In
CS 322 376 Khon Kaen University
Lots of independent reading (also on basic computer
networking)
Lab-based independent learning
WhiteHat vs. BlackHat Attack
Independent Study on Term Group Project (Information
Technology, Computer and Network Security) + Small Project
(Translation)
Contact and Office Hour Contact and Office Hour
Instructor: Chakchai So-In, Ph.D. chakso@kku.ac.th
Office: SC 6706
Office Hours: Wednesday from 09.00am to 12.00pm at SC6706
Location:
Section I = Wednesday 02.30pm to 05.30pm @SC8405
Section II = Monday 09.00am to 12.00pm @SC6204C
1-17
2011 Chakchai So-In
CS 322 376 Khon Kaen University
Section II = Monday 09.00am to 12.00pm @SC6204C
Section III = Monday 01.00pm to 04.00pm @SC8505
Class Homepage: http://web.kku.ac.th/chakso/322376_Fall11/
Teaching Assistance:
Natnicha Veeramongkonleod, nattyjang42@gmail.com,
Friday 05.00pm to 07.00pm @6706
Kanokmon Rujirakul, ace.kamikaze@hotmail.com, Tuesday
05.00pm to 07.00pm @Ph.D. Common Room
Contact and Office Hour (Cont.) Contact and Office Hour (Cont.)
Facebook Group:
http://www.facebook.com/groups/268896419808221/
All of you MUST join = HW0
Class Email: cs322376@gmail.com
1-18
2011 Chakchai So-In
CS 322 376 Khon Kaen University
Textbooks and Supplementary Textbooks and Supplementary
Textbooks: please READ all Computer and Network Security
Wiki related topics.
Cryptography and Network Security: Principles and
Practice by William Stallings, 2010
Master in Security 2nd edition (Thai) by Jatuchai Pangjun,
2010
1-19
2011 Chakchai So-In
CS 322 376 Khon Kaen University
Textbooks and Supplementary (Cont.) Textbooks and Supplementary (Cont.)
Supplementary
Network Security: Private Communication in a Public
World by Charlie Kaufman, Radia Perlman, and Mike
Specimner, 2002
Law (ICT) Thailand
Network and Computer Security Specialist #1, #2, #3
(Thai) by Minister of ICT, Thailand
1-20
2011 Chakchai So-In
CS 322 376 Khon Kaen University
(Thai) by Minister of ICT, Thailand
Hands-on Ethical Hacking and Network Defense by Michael
T. Simpson, Kent Backman, and James E. Corley, 2010
Hacking Exposed: Network Security Secrets and Solutions by
Stuart McClure, Joel Scambray, and George Kurtz, 2009
CISSP Certified Information Systems Security Professional
STUDY GUIDE by SYBEX, 2010
Prerequisite Prerequisite
Basic Data Communication/ Computer Networks OR any
Computer Networking/Inter-Networking
Computer Networks: A Top-Down Approach (5th edition) by
J. F. Kurose and K. W. Ross, 2009
Computer Networks by a.. .-a ., 2011
Basic Operating System
Operating System Concepts by Abraham Silberschatz, 2008
..::v:.. (OPERATING SYSTEMS) by u++ .++, 2002
Basic Computer Architecture
Computer Organization and Architecture: Designing for
Performance by William Stallings, 2009
av.a...+.u.... (COMPUTER ORGANIZATION AND
ARCHITECTURE) by +ar .....a, 2003
Basic Programming Language, e.g., C/C++/C#/Java/Python
Grading Grading
Midterm Exam 20%
Final Exam 25%
Homework + Lab Homework + Quiz + Class Participation
20%+5%
Small Project 5%+5%
Term Project 25+5% Term Project 25+5%
Group Project but grading individually *write who do what?*
Extra Credits +5% 1
st
round competition; +10% = winner
(Published Paper/NSC/Network Security Contest/CISSP
Certification/CCNA or CCIE Security Certification/Imagine Cup)
Taking Network Security Contest Exam >1% (31/10-Register)
Time Management
Average 12 Hrs/week/person on project
Average 9 Hrs/week/person on class
Homework Homework
#Homework: 4 to 6 throughout the semester
Submission: Hard-copy ONLY; MUST turn in 7 min. before
class (except HW0 = email)
For any reasons, late penalty (~30%) will be applied.
No late homework is accepted more than ONE day OR after
the answer has been discussed.
1-23
2011 Chakchai So-In
CS 322 376 Khon Kaen University
Due: 2 weeks after announcement (except HW#0 - 1week)
Emergency = Soft-copy allowed: include
322376_Fall2011_XX:HWY in subject (XX = Section
Number, Y = Homework Number); cs322376@gmail.com
Tentative Homework:
Basic Computer and Network Security I, PKI and Digital
Signature, Authentication Protocols, Application Security
Homework/Lab Submission Homework/Lab Submission
Each homework/lab submission
/******************322 376: Information and
Communication Technology Security
Name/Last Name:
Student ID: .
Section No: . Section No: .
Date: .
I have worked with other students listed below WITHOUT
copying word by word! all penalties will be concurred
otherwise
..
*******************/
http://web.kku.ac.th/chakso/cover.pdf
Homework/Lab WILL NOT be credits without the beginning
part!
Exam Exam
2 exams (Midterm and Final)
Allow: calculator (talks to the department for specific models)
The final exam material will be after the mid-term; however, all
related contents will be also covered.
Each exam includes
True/False (+1, -1, and 0)
1-25
2011 Chakchai So-In
CS 322 376 Khon Kaen University
True/False (+1, -1, and 0)
Numerical and Analysis
Fill in the blank
Providing detailed description and/or explanation
The final grade will be curved based on the overall performance
of the whole class (also scale based on the standard, say, A 80)
Academic Integrity Academic Integrity
Cheating: (not limited to)
Submission of work that is not the student's own for papers,
assignments or exams.
Submission or use of falsified data.
Theft of or unauthorized access to an exam.
Use of unauthorized material including textbooks, notes or
1-26
2011 Chakchai So-In
CS 322 376 Khon Kaen University
Use of unauthorized material including textbooks, notes or
computer programs in the preparation of an assignment or
during an examination.
Supplying or communicating in any way unauthorized
information to another student for the preparation of an
assignment or during an examination.
Ref: [http://www.cmu.edu/policies/documents/Cheating.html]
Academic Integrity (Cont.) Academic Integrity (Cont.)
Collaboration in the preparation of an assignment. Unless
specifically permitted or required by the instructor,
collaboration will usually be viewed by the university as
cheating.
Submission of the same work for credit in two courses
without obtaining the permission of the instructors
beforehand.
1-27
2011 Chakchai So-In
CS 322 376 Khon Kaen University
beforehand.
Plagiarism includes, but is not limited to, failure to INDICATE
the source with quotation marks or footnotes where appropriate
if any of the following are reproduced in the work submitted by
a student:
A phrase, written or musical; A graphic element; A proof;
Specific language; An idea derived of another person.
Tentative Schedule (Subject to Change) Tentative Schedule (Subject to Change)
Class Day Date Topic
1 Monday 10/10/2011 Course Overview
2 Monday 10/17/2011 Encryption Techniques
3 Monday 10/24/2011 Block Ciphers and Encryption Standards
4 Monday 10/31/2011 Advanced Encryption Standard
5 Monday 11/07/2011 Public Key Infrastructure + Encouragement
+ Project Topic Selection
1-28
2011 Chakchai So-In
CS 322 376 Khon Kaen University
+ Project Topic Selection
6 Monday 11/14/2011 (Cont.)
7 Monday 11/21/2011 Proposal Project Presentation + Paper
Selection + Dhamma #1
8 Monday 12/12/2011 MAC and Hashing
9 Monday 12/19/2011 Review for Midterm
10 Monday 12/26/2011 Mid-Term Exam (week 12/23-12/29)
For Section I; date+2 say Monday 10/10 = Wednesday 10/12
Tentative Schedule (Cont.) Tentative Schedule (Cont.)
Class Day Date Topic
11 Monday 01/02/2012 2012 New Year (no class)
12 Monday 01/09/2012 Authentication Protocols
13 Monday 01/16/2012 Email Security + IP Security
14 Monday 01/23/2012 Web Security + Small Project Submission
15 Monday 01/30/2012 Firewall + Intruder
16 Monday 02/06/2012 Review for Midterm + Final Project
1-29
2011 Chakchai So-In
CS 322 376 Khon Kaen University
16 Monday 02/06/2012 Review for Midterm + Final Project
Presentation/Demo
17 Monday 02/13/2012 Final Exam (week 02/13-03/01)
For Section I; date+2 say Monday 10/10 = Wednesday 10/12
Project Project
ONLY hands-on projects on topic of your choice (3-6 students)
The final outcome MUST be something VISUAL working and
running .
Worth for National Software Contest, Microsoft Imagine Cup,
Samart Innovation submission (NSC, Samart, MS Imagine
Cup)
Both Coding and Final Report Submission +PPT+Poster Both Coding and Final Report Submission +PPT+Poster
There is about 20 mins for story board and 30 mins for final
presentation and/or demo.
Project Ideas:
Ideas at Stanford.edu; Ideas at Berkeley.edu; Ideas
at MIT.edu; Ideas at DotCrime; Ideas at Sunysb.edu; Ideas
at Berkeley.edu; Ideas at Udel.edu; Ideas at Fsu.edu; Ideas
at Upenn.edu
*Think if you can use this project for your senior project.
Project Ideas (Cont.) Project Ideas (Cont.)
Network Attack Tools
Network Protection Tools
Wireless Network Attack Tools
Wireless Network Protection Tools
Digital Forensic Tools
Bot Nets
1-31
2011 Chakchai So-In
CS 322 376 Khon Kaen University
Bot Nets
Cross-Site Scripting
Anti-DNS Pinning
War Driving Techniques and Tools
Compilation of Security Algorithms in C
Efficient Algorithm to find the private key from a public key
Develop a root kit for Windows/Linux/MAC
Secure E-Voting With Blind Signature
Project Ideas (Cont.) Project Ideas (Cont.)
A tool to collect passwords in wireless
A tool to monitor network traffic in open ports
Using one the wireless attack tools to monitor the traffic and
Develop a web site to collect passwords
Firewall bypass using port 80
A honey pot to catch crackers
1-32
2011 Chakchai So-In
CS 322 376 Khon Kaen University
A honey pot to catch crackers
Multi-Pot (multiple base stations to lure victims)
WEP crackdown using passive monitoring and plain text attacks
A tool to fool routers
Identity Stealing Tool using web sites
Identity Stealing Tool using phishing
SPAM without detection
Hardware to locate/pinpoint wireless access points
Project Topics: Example Project Topics: Example (NSC (NSC11 11//12 12))
.u+v+.++.u+.!.v..r .u.a:. :v..++-
..::!:...+u+ ... .a::v+a.a
..::v:. . ClearOS a.aa!v. P2P Traffic ..a+...
a:a. aaa!-.+. .+-
- a..::v:. .++u..:+....a!.+...u.
++..u
1-33
2011 Chakchai So-In
CS 322 376 Khon Kaen University
++..u
.:a +.+a.. .
..::...:.4 .....+..a.a+++ ..::.v:+
..::a.a+....:...a+.+ua....a::...+a
..::.a.a....aa+.v.a....a!.+.a....a.a
.. a..a+....:..::.+.a.aa::..-
Project Topics: Example Project Topics: Example (NSC (NSC11 11//12 12))
..::.u.+..v+a.a .:..::v :. ..+.v...
..::...:a+.:.+..:+.. ....
..::.4 .....+... a+r!.+.a:...
..::......a..a.a+.au...a
..::...:.+a...- .u.....:..::v:. ..a.
1-34
2011 Chakchai So-In
CS 322 376 Khon Kaen University
..::...:.+a...- .u.....:..::v:. ..a.
..::...:a+.+aaa.vv + av. aa..+..u.....!-.
a.+. .:.+.:+...+.u..::.+..v+a.a
.:+.u+a...
Small Project Small Project
Paper (Recent Journal >2007) translation (computer and network
security) (Don't Submit the paper only after google translator)
Examples: (ieeexplore.ieee.org OR www.sciencedirect.com =
Search "computer network security survey") OR
Security issues and solutions in multicast content distribution
Intrusion detection in wireless ad hoc networks
A survey of covert channels and countermeasures in computer A survey of covert channels and countermeasures in computer
network protocols
A security framework for wireless sensor networks
Survey of networksecurity systems to counter SIP-based
denial-of-service attacks
Wireless mesh networksecurity: A traffic engineering
management approach
WhiteHat vs. BlackHat Hacking (two team = admin+hacker)
Set Linux/Window Server; mail/dns/web/ftp/ etc. then HACK
Project Schedule Project Schedule
Class Date/Topic
#1 11/07/2011
Project Topic Selection+5 mins Presentation (what is it?)
#2 11/21/2011
1. Outline Due+20 mins Presentation (story board -
theory/objective/limitation/use case/activity diagram/..etc.) theory/objective/limitation/use case/activity diagram/..etc.)
Click here for detail (page 33)
2. Paper Selection (Translation)
#3 01/23/2012
1. Small Project Submission (Translation)
2. CS Whitehat/Blackhat Hacker Report
#4 02/06/2012
Final Submission Click here for detail (page 36)+30 mins
Presentation/Demo + Poster
Thank you and Question? Thank you and Question?
1-37
2011 Chakchai So-In
CS 322 376 Khon Kaen University
Homework Homework 0 0 ((1 1 week due) week due)
1) Mail list below to cs322376@gmail.com,
Subject = 322376_Fall2011_XX:HW0
Name (English/Thai):
Email (including your gmail also):
Tel:
Year/ ICT or CS or SI Track:
Academic Advisor:
1-38
2011 Chakchai So-In
CS 322 376 Khon Kaen University
Academic Advisor:
Research/Project Interest:
What do you want to do after graduation?
Join Facebook Group Yet?: Yes/No
By submitting Homework 0 and entering this class, the student
has accepted all rules abiding by Chakchai So-In as a lecturer
without exception. Yes/No
Homework Homework 0 0 (Cont.) (Cont.)
2) How much point have you got on Quiz0? .
3) List your group members (3-6 students)
- StudentID SecNo. Name LastName
- StudentID SecNo. Name LastName
- .
4) List of 5 Computer or Network Security application/tools (at
1-39
2011 Chakchai So-In
CS 322 376 Khon Kaen University
4) List of 5 Computer or Network Security application/tools (at
least 3 opensource)
- Title =
- Description = What/Platform/Language/How to use/
- Opensource = Yes/No
- Website (Reference) =