Computer Security
Computer Security
Computer Security
May 2024
Addis Ababa,
Ethiopia
Chapter 1: Information/Computer Security Issues o The data stored on the computer is the same as what is
1. Introduction intended.
Security is ―the quality or state of being secure—to be free Availability:
from danger.‖ o Ensuring timely and reliable access to and use of
o in other words, protection against adversaries —from information.
those who would do harm, intentionally or otherwise—is o Assures systems work promptly & service isn’t denied to
the objective. authorize users.
o National security, for example, is a multilayered system Authentication:
that protects the sovereignty of a state, its assets, its o Is proving a claim – usually that you are who you say you
resources, and its people. Achieving the appropriate level are.
of security for an organization also requires a multifaceted non-repudiation:
system. o Prevention of either the sender or receiver denying a
transmitted message.
2. Information Assurance?
o Prove the occurrence of a claimed event or action and its
The practice of assuring information and managing risks originating entities.
related to the use, processing, storage, and transmission of
information or data, the systems and processes used for 5. Information Assurance strategy
those purposes. Cyber security awareness and education
Includes protection of the integrity, availability, Strong cryptography
authenticity, non-repudiation and confidentiality of user Good security-enabled commercial information technology
data. An enabling global Security Management Infrastructure;
o Using physical, technical and administrative controls to and
accomplish these tasks. A civil defense infrastructure equipped with an attack
o not only digital but also analog or physical form sensing and warning capability and coordinated response
Includes restoration of information systems by mechanism
incorporating protection, detection, and reaction 6. Difference: InfoSec, computer security & IA
capabilities. IA: measures that protect and defend information and ISs
It is best thought of as a superset of information security, by ensuring their availability, integrity, authentication,
strongly related to the field of information security, and confidentiality, and non-repudiation.
also with business continuity. Information protection or InfoSec: protection of
3. Why Information Assurance is needed? information and ISs from unauthorized access, use,
To protect information exchanges between interconnected disclosure, disruption, modification, perusal, inspection,
computer systems. recording or destruction.
o Stand-alone COMPUSEC could not protect information Computer Security: (W. Stallings)
during storage, processing or transfer between systems. o Protection to an automated information system in order to
o to detect attacks and enable a response to those attacks attain the applicable objectives of preserving the
To add business benefit through the use of IRM confidentiality, integrity, and availability (CIA) of
(Information Risk Management). information system resources (includes hardware,
o improves business continuity software, firmware, information/data, and
Generally, to minimize risk and ensure business continuity telecommunications).
by implementing controls to limit the impact of a security Two major aspects of InfoSec are:
breach. o IT security (Sometimes computer security): is InfoSec
applied to technology (most often computer system).
4. Information Assurance pillars
o IA: The act of ensuring that data is not lost when
Confidentiality: critical issues like natural disasters, system malfunction,
o Preserving authorized restrictions on access and physical theft, etc. arise.
disclosure.
InfoSec, computer security & IA are frequently used
o Includes personal privacy and proprietary information
interchangeably;
protection.
o These fields are interrelated and share the common goals
Integrity: of protecting the CIA of information; however, there are
o protecting against improper information modification or some subtle differences.
damage
o differences lie primarily in the approach to the subject, the
methodologies used, and the areas of concentration.
2|Page
InfoSec: concerned with the CIA of data regardless of the Chapter 2: Information security models and
form the data may take: electronic, print, or other forms.
mechanisms
Computer security: can focus on ensuring the availability
and correct operation of a computer system without 1. Model for Computer Security
concern for the information stored or processed by the
computer.
IA: focuses on the reasons for assurance that information
is protected, and is thus reasoning about information
security.
7. Enterprise security & Cyber defense
Enterprise security: is about building systems to remain
dependable in the face of malice, error, or mischance.
Cyber defense: computer network defense mechanism
Example: If a company has antivirus software but does not
which includes response to actions and critical
use an anti-virus and keep the virus signatures up-to-date,
infrastructure protection and IA for possible networks.
this is vulnerability. The company is vulnerable to virus
Business-driven approach to enterprise security attacks. Similarly, if you fail to routinely update your
architecture means that security is about enabling the operating systems or application software, these will
objective of an organization by controlling operational remain vulnerable to software problems ("bugs") that have
risk. been identified and patched
8. Threats, vulnerabilities, risk, controls (W. Stallings) o Vulnerability: no antivirus/ un updated Signatures
Adversary (threat agent): An entity that attacks, or is a o Threat: Virus
threat to, a system. e.g. all hackers in the world o Attack: System Crash and/or destroy data and/or
Threat: any circumstances or events that can potentially data modification
harm an information system by destroying it, disclosing o The likelihood of a virus showing up in the
the information stored on the system, adversely modifying environment and causing damage is the risk.
data, or making the system unavailable. o The countermeasures in this situation are to update
Vulnerability: weaknesses or fault in an information the signatures and install the antivirus software on all
system or its components that could be exploited. computers
Attack: actual violation of security that derives from an 2. Goals of computer security
intelligent threat. 3 key objectives of computer security: CIA triad (W. Stallings)
Risk: An expectation of loss expressed as the probability Confidentiality: Data confidentiality and Privacy
that a particular threat will exploit a particular o is the prevention of unauthorized disclosure of
vulnerability with a particular harmful result. information.
o Risk = Threats x Vulnerabilities o In other words, confidentiality means keeping information
Control, safeguard, or countermeasure: An action, private or safe.
device, procedure, or technique that reduces a threat, a o it may be important for military, business or personal
vulnerability, or an attack by eliminating or preventing it, reasons.
by minimizing the harm it can cause, or by discovering o it may also be known as privacy or secrecy.
and reporting it so that corrective action can be taken. Integrity: covers Data integrity and System integrity
Security Policy: A set of rules and practices that specify or o the prevention of unauthorized writing or modification of
regulate how a system or organization protects sensitive information.
and critical system resources. o Integrity in a computer system means that there is an
System Resource (Asset): Data contained in an external consistency in the system – everything is as it is
information system; or a service provided by a system; or expected to be.
a system performance; or an item of system equipment o Data integrity: the data stored on the computer is the same
(i.e., a system component—hardware, software, or as what is intended.
documentation); or a facility that houses system operations Availability:
and equipment. o Assures that systems work promptly and service is not
denied to authorized users.
o Information should be accessible and usable upon
appropriate demand by an authorized user.
3|Page
o Denial of service (DOS) attacks are a common form of o Modification / Deception: unauthorized party
attack against computer systems whereby authorized users modifying a resource, acceptance of false data, E.g.,
are denied access to the computer system. providing wrong data (attack on data integrity)
Additional objectives: o Disruption/Interruption: destroyed/unavailable
Non-repudiation: is the prevention of either the sender or services/resources, DoS (attack on data availability)
the receiver denying a transmitted message. o Fabrication: unauthorized party inserts a fake
o It is the ability to prove the occurrence of a claimed event asset/resource, loss of confidentiality, authenticity and
or action and its originating entities integrity of the message
o It assures that a sender of data is provided with proof of Types of Attackers
delivery and the recipient is provided with proof of the o Amateurs: Opportunistic attackers (use a password
sender's identity, so neither can later deny having they found), Script kiddies
processed the data. o Hackers - nonmalicious
o often implemented by using digital signatures o Crackers – malicious
Authentication o Career criminals
o is proving a claim – usually that you are who you say you o State-supported spies and information warriors
are. 4. Countermeasure Methods to Risk
o for example it may be obtained by the provision of a Any means taken to deal with a security attack. It can be
password or by a scan of your retina. devised to prevent a particular type of attack. When
Access controls prevention is not possible, or fails in some instance, the
o provide the limitation and control of access to authorized goal is to detect the attack and then recover from the
users through identification and authentication. effects of the attack.
o A system needs to be able to identify and authenticate Five basic approaches to defense of computing systems
users for access to data, applications and hardware. o Prevent attack: from violating security policy, Block
o In a large system there may be a complex structure attack / Close vulnerability
determining which users and applications have access to o Deter attack: intended to discourage potential
which objects. attackers, Make attack harder,
Accountability o Deflect attack: Make another target more attractive
o Ensuring an entity’s action is traceable uniquely to that than this target
entity. o Detect attack: accept that an attack will occur; the
o Ascertains the responsibility of an entity (like a person) goal is to determine that an attack is under way, or has
for its actions and decisions. occurred, and report it.
o All relevant activities events and operations on a system, o Recover from attack: Stop attack, assess and repair
e.g., failed and successful authentication attempts, are damage or restore the operations of the business
recorded in a log.
5. Controls: Security policies & mechanisms
3. Security Attack for Today Computers
The agent carrying out the attack is referred to as an o Encryption: primary control that protects CIA, by
attacker, or threat agent. which Cleartext scambled into ciphertext.
We can distinguish two types of attacks: (W. Stallings) o Software controls: password checker, virus scanner,
o Active attack: an attempt to alter/affect system IDS (intrusion detection system)
resources or their operation. o Hardware controls: provide higher degree of security;
o Passive attack: an attempt to learn/make use of Locks, Smart cards, dongles, hadware keys...
information from the system that does not affect o Policies and procedures: Alignment with users’ legal
system resources. and ethical standards; eg. password policy
We can also classify attacks based on the origin of the o Physical controls: natural and man-made disaster
attack: protection; walls, locks, guards, security, cameras,
o Inside attack: Initiated by an entity inside the security backup copies and archives
perimeter (an ―insider‖).
6. Principles of Computer Security
o Outside attack: Initiated from outside the perimeter.
Principle of Easiest Penetration
Types of Attacks on Data CIA (W. Stallings)
Principle of Adequate Protection
o Disclosure/Interception: unauthorized party snooping,
or getting access to a resource, Attack on data Principle of Effectiveness: Controls must be efficient, easy
confidentiality: to use, and appropriate.
Principle of Weakest Link: Security can be no stronger
than its weakest link.
4|Page
Principles of Least Privilege: ―Do not give any more B. Brute-force attack: The attacker tries every possible
privileges than absolutely necessary to do/perform the key on a piece of ciphertext until an intelligible
required job‖. translation into plaintext is obtained. On average, half of
Defense in Depth: having more than one layer or type of all possible keys must be tried to achieve success.
defense C. Cryptanalysis: the process of breaking an encrypted
Minimization: ―do not run any software, or applications that code.
are not strictly required to do the entrusted job.‖ Ciphertext only Attack, Known plaintext Attack,
Compartmentalization: limits the damage in other Chosen plaintext Attack, Chosen ciphertext Attack,
compartments when one compartment is compromised. and Chosen text Attack
Keep Things Simple: Complexity is the worst enemy of 2. Class of Attacks
security. Reconnaissance: The hackers first identifies a target to
Fail Securely: if a security measure or control has failed for launch an attack, extract maximum information regarding
whatever reason, the system is not rendered to an insecure this target, understand its vulnerabilities, and then only
state. explore the best ways to exploit it.
Balancing Security and Access o Examples: Credential Theft using Keyloggers and
Chapter 3: Computer Threats/Attacks Spyware; Identity Theft using spam e-mail, phishing
attack and social engineering attack
1. Types of Threats/Attacks … (Chuck Eastom)
Access: Ones the attacker Reconnaissance the target, S/he
Physical Attack: Stealing, breaking or damaging of
starts a successful exploitation and continued access to the
computing devices
system. Then, the attacker is in control of the target.
Malware Attack: A generic term for software that has
Denial of Service: Ones the attacker having a successful
malicious purpose.
access to the system. S/he starts to deny users from
o Viruses accessing or using the service or system.
o Worms
o Trojan horses
Chapter 4: Application of Security Mechanisms
o Spy-wares 1. Cryptography and hash functions
o Zombie Cryptography is the science and art of secret, or hidden
o Botnets writing
o Bacterium Cryptanalysis is the science and art of breaking codes.
o Logic bomb Modern cryptography concerns with:
o Backdoor(Trapdoor) o Confidentiality - Information cannot be understood by
o Adware anyone.
o Flooders (DoS client) o Integrity - Information cannot be altered.
o Key loggers o Non-repudiation - Sender cannot deny his/her
o Rootkit intentions in the transmission of the information at a
o Spam/scam, identity theft, e-payment frauds, etc. later stage.
Hacking /Intrusion/ Attack: any attempt to intrude or gain o Authentication - Sender and receiver can confirm
each.
unauthorized access to your system either via some
operating system flaw or other means. The purpose may or Generally, the goal of the cryptography is to protect
may not be for malicious purposes. private communication in the public world.
Cracking: is hacking conducted for malicious purposes. Basic cryptographic terms
Denial of Service (DoS) Attack: Blocking access from o Plaintext - the original form of a message
legitimate users o Ciphertext - the coded/encrypted form of a message
Distributed DoS Attack: is accomplished by tricking o Cipher – an encryption method or process
routers into attacking a target or using Zombie hosts to encompassing the algorithm and key, or procedures
simultaneously attack a given target with large number of used to transform plaintext to ciphertext
packets. o Key - info used in cipher known only by the
Spoofing: Examples; MAC cloning, IP spoofing, and email sender/receiver. A Key is value that the cipher, as an
algorithm, operates on.
spoofing
If same key is used for encryption & decryption
Password attacks: guessing password; social engineering
the algorithm is called symmetric
attack, Dictionary attack
If different keys are used for encryption &
Cryptographic Attack:
decryption the algorithm is called asymmetric
A. Frequency Analysis attack: Guess values based on
frequency of occurrence
5|Page
o Encipher (encrypt) – the process of converting ciphertext character. Alice and Bob can agree on a table
plaintext to ciphertext showing the mapping for each character.
o Decipher (decrypt) - recovering plaintext from
ciphertext
o Cryptography – the study of encryption (2) Polyalphabetic Ciphers
principles/methods
o The relationship between a character in the plaintext to a
o Cryptanalysis (codebreaking) - the study of character in the ciphertext is one-to-many.
principles/ methods of breaking ciphertext without
o Autokey Cipher:
knowing key
o Cryptology - the field of study which deals with both
cryptography and cryptanalysis
Cryptography classification:
A. Classical/Conventional Cryptography: Substitution o Playfair Cipher
Cipher and Transposition Cipher o Vigenere Cipher
B. Modern Cryptography: Symmetric key cryptography o Exercise:
and Public key cryptography Encrypt the message ―She is listening‖ using the 6-
character keyword ―PASCAL‖.
Classical Cryptography
The initial key stream is (15, 0, 18, 2, 0, 11). The key
Substitution ciphers stream is the repetition of this initial key stream (as
Replaces one symbol with another. many times as needed)
Categories monoalphabetic or polyalphabetic ciphers. o Hill Cipher:
(1) Monoalphabetic Ciphers Key in the Hill cipher: The key matrix in the Hill cipher
o The relationship between a symbols in the plaintext to a needs to have a multiplicative inverse.
symbol in the ciphertext is always one-to-one.
o sometimes called additive cipher or shift cipher or Caesar
cipher (key of 3)
o When the cipher is additive, the plaintext, ciphertext,
and key are integers in Z26.
o Exercise:
Use additive cipher with key = 15 to encrypt the
message ―hello‖.
Use the additive cipher with key = 15 to decrypt
the message ―WTAAD‖.
o Multiplicative Ciphers: the plaintext and ciphertext are
integers in Z26; the key is an integer in Z26*. This set has
only 12 members: 1, 3, 5, 7, 9, 11, 15, 17, 19, 21, 23, 25.
o Exercise:
use a multiplicative cipher to encrypt the message Transposition Ciphers
―hello‖ with a key of K=7. The ciphertext is Does not substitute one symbol for another, instead it
―XCZZU‖. changes the location of the symbols (reorders symbols).
Decryption key is multiplicative inverse of K=7; K-1 A transposition cipher relies on an algorithm which
mod 26=7-1 mod 26. rearranges the order of the letters in a plaintext
o Affine Ciphers: uses a pair of keys in which the first key message
is from Z26* and the second is from Z26. The size of the (1) Keyless Transposition Ciphers
key domain is 26 × 12 = 312. o Permute the characters by writing plaintext in one way and
The additive cipher is a special case of an affine reading it in another way.
cipher in which k1 = 1. The multiplicative cipher is o rail-fence transposition: a plaintext message is
a special case of affine cipher in which k2 = 0. transposed into several rows
o Because additive, multiplicative, and affine ciphers have Ciphertext is produced by reading the resulting
small key domains, they are very vulnerable to brute- columns in sequence
force attack; Example with 2 rails (rows):
Solution: Monoalphabetic Substitution Cipher Plaintext: THEBIGBANGTHEORY
o Monoalphabetic Substitution Cipher: creates a mapping Plaintext arranged into 2 rows:
between each plaintext character and the corresponding THEBIGBA
NGTHEORY
6|Page
Ciphertext: tnhgetbhiegobray complexity of a brute-force attack:
o columnar transposition: a plaintext message is o If the key is 56 bits long, there are 256 possible keys.
transposed into several columns o Assuming a supercomputer can try a million keys a
Ciphertext is produced by reading the resulting second, it will take 2285 years to find the correct key.
rows in sequence o 256 /(1000,000*(365days*24hr*3600s))
Example with 2 columns: e.g. DES
Plaintext: SECRET There are three main types of modern cryptographic
Plaintext arranged into 2 columns: functions that are the building blocks of security:
S R 1) symmetric encryption
E E 2) Asymmetric encryption
C T 3) Hash Functions
Ciphertext: sreect Symmetric key cryptography
The key in a columnar transposition is the number of Uses conventional / secret-key / single-key.
columns! The secret key shared by both sender and receiver.
In the example above, the key is 2 All classical encryption algorithms are private-key.
(2) Keyed Transposition Ciphers o Use the same key (shared key) for encryption and
o Is to divide the plaintext into groups of predetermined decryption process.
size, called blocks, and then use a key to permute the If this key is disclosed communications are compromised.
characters in each block separately. Symmetric Cipher Model
o The permutation of each character in the plaintext into the o Alice can send a message to Bob over an insecure
ciphertext based on the positions. channel
o Permutation key: key used for encryption and decryption. with the assumption that an adversary, Eve, cannot
understand the contents of the message.
o The original message from Alice to Bob is referred to
as plaintext;
o the message that is sent through the channel is referred
(3) Combining Two Approaches to as the cipher text.
o Alice uses an encryption algorithm and a shared secret
key.
o Bob uses a decryption algorithm and the same secret
key.
9|Page
m is plain text
c is cipher text
Decryption: m = cd mod n
Public key is shared and the private key is hidden
(4) Digital Signature Algorithm (DSA):
o PKI relies on DS, which uses public key cryptography.
o The basic idea is that private key is only known by Figure 4.5 Examples of hash algorithms: MD5 , SHA-1
that entity & used for signing.
Public key derived from it: used for verifying 2. Application Security
signatures but cannot be used to sign. Vulnerability:
It is available to anyone, and is typically included in o any mistakes or weakness in the system security that
the certificate document. may result the possibility for intruders to get
o Digital Signature procedure unauthorized access
Sender encrypts message with its private key Vulnerability Assessment :
o a software testing technique to evaluate the sudden
Receiver can decrypt using sender’s public key
increase of risks involved in the system in order to
This authenticates sender, who has the matching key
reduce the probability of the event.
Does not give privacy of data i.e. Decrypt key is
o depends on two mechanisms:
public key.
Vulnerability Assessment: the process of scanning
(locating & reporting) vulnerabilities to provide a
way to detect and resolve security problems by
ranking the vulnerabilities.
Penetration Testing: an authorized simulated
attack on a computer system, performed to evaluate
the security of the system.
Types of vulnerability scanner:
o Host Based :
Fig 4.4 digital Signature algorithm (DSA) Identifies the issues in the host or the system.
carried out by using host-based scanners .
Hash functions o Network Based :
o A hash function H takes a variable-size message m as will detect the open port, and identify the unknown
input and produces a fixed-size output, referred to as a services running on these ports.
hash code or message digest or hash value H (m) carried out by using Network-based Scanners.
o no key is used in this algorithm. o Database Based :
o A fixed-length hash value is computed as per the identify the security exposure in the database
plain text systems to prevent from SQL Injections.
that makes it impossible for the contents of the plain Vulnerability Testing Methods:
text to be recovered. o Active Testing: While doing the test, the tester will
o also used by many operating systems to encrypt actively involve in the process of finding out the new
passwords.. test cases and analyzes the results.
o Hashing o Passive Testing: monitoring the result of running SW
the transformation of variable-length messages into under test without introducing new test cases or data.
fixed-length message digest that represents the o Network Testing: the process of measuring the state
original string. of network operation over a period of time to find out
o Hash value (or simply hash), also called a message the problems created by new services.
digest, is a number generated from a string of text. o Distributed Testing: applied for testing distributed
is much smaller than the text itself. applications.
o creates a unique, fixed- length signature for a specific o Penetration Test (pen test):
message or data set. To identify both weaknesses (vulnerabilities) &
even minor changes to that message result in a strengths, to enable a full risk assessment.
dramatically different hash. Therefore, it is very Determine whether a system is vulnerable, defenses
resistant to tampering. were sufficient and which defenses (if any) the test
defeated.
Secure Shell (SSH):
10 | P a g e
o A cryptographic protocol for operating NW services c) Circuit Level Gateway: Standalone Software that sets
securely over an unsecured NW. up two TCP connections (inside & outside). It
o Best-known application: for remote login to computer determines which connections will be allowed.
systems by users. Firewalls implementation
o Common applications: remote command-line login a) Hardware firewalls: a stand-alone product or
and execution. integrated into the router. It will have a minimum of
Secure Email: four network ports to connect other computers.
o Adds confidentiality and integrity protection to b) Software firewalls: installed on your computer and
ordinary e-mail. will protect your computer from outside and then
o E.g. PGP. determine whether the request is valid or not.
Secure Web servers: c) Combination of both
o The main vulnerability of web applications is Cross-Site 4. Physical security
Scripting (XSS).
Without physical security to protect hardware (i.e., doors
o Securing the website or web application itself and the that lock) nothing else about a computer system can be
network around it.
called secure
o Common web servers: Apache, and IIS.
TLS-based client digital certificates 5. Operations security
Apache or Oracle penetration testing As the software charged with controlling access to the
VPN Apps hardware, the file system, and the network, weaknesses in
Application firewall / proxy server an operating system are the most valued amongst
crackers.
3. Firewall
Most OS authentication is handled through user names
a program or network devices (e.g. router) which filters and passwords. Biometric (e.g. voice, face, retina, iris,
access to a protected network from the internet connection. fingerprint) and physical token-based (swipe cards, pin-
protects a local or network of systems from network-based generating cards) authentication are sometimes used to
security threats, augment simple passwords, but the costs and accuracy of
monitors & controls incoming & outgoing network traffic the technology limit their adoption.
based on predetermined security rules.
6. Access control
Firewall Objectives
Since many systems (such as router access control lists)
o Keep intruders, malicious code and unwanted traffic
out define which packets may and which packets may not pass
based on the sender's IP address
o Keep private and sensitive information in
An access enforcement mechanism authorizes requests
o security wall b/n private (protected) NW & outside
word. from multiple subjects (e.g. users, processes, etc.) to
perform operations (e.g., read, write, etc.) on objects (e.g.,
Categorizes of firewalls
files, sockets, etc.).
a) Network firewalls: Filter traffic b/n two or more
networks and run-on NW hardware. Network access control (NAC): is an umbrella term for
managing access to a net-work. NAC authenticates users
Implemented at a specific point in the network path
logging into the network and determines what data they can
and protects all computers on the internal side of the
access and actions they can perform. NAC also examines
firewall from all computers on the external side of
the health of the user’s computer or mobile device (the
the fire wall.
endpoints).
b) Host-based firewalls: Run on host computers and
An operating system provides an access enforcement
control network traffic in/out of those machines.
mechanism.
a) Packet Filtering Router: Examines TCP/IP header
information of network data packets going in both Two fundamental concepts of access control:
directions. Applies set of rules to each incoming IP o a protection system that defines the access control
specification and
packets & then forwards or discards the packets.
b) Application-Level Gateway (application firewall / o a reference monitor that is the system’s access
enforcement mechanism that enforces this specification.
proxy server): runs special software that acts as a
proxy for a service request. Proxy server receives 7. Plan, Design and manage security, security policies,
requests for Web pages, accesses the Web server on business continuity plans, disaster recovery plans, and
behalf of the external client, and returns the social and legal issues of information security
requested pages to the users. 8. Design secure systems for real world information
system services
11 | P a g e
Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.
Alternative Proxies: