EE579S Computer Security

Download Report

Transcript EE579S Computer Security

EE579T
Network Security
6: Hiding in Plain Sight
Prof. Richard A. Stanley
Spring 2001
© 2000, 2001, Richard A. Stanley
WPI
EE579T/6 #1
Thought for the Day
“I never give ‘em hell. I just tell
the truth and they think it’s hell.”
Harry S. Truman
Spring 2001
© 2000, 2001, Richard A. Stanley
WPI
EE579T/6 #2
Overview of Tonight’s Class
•
•
•
•
Review last week’s lesson
Look at network security in the news
Course project discussions
Hiding in plain sight
– Secure protocols
– Hiding information
Spring 2001
© 2000, 2001, Richard A. Stanley
WPI
EE579T/6 #3
Last Week...
• Attacking a network is no different from robbing a
bank; you have to plan if you expect to be
successful
• There are three basic steps to planning, which is
called vulnerability assessment:
– Acquire the target (case the joint)
– Scan for vulnerabilities (find the entry points)
– Identify poorly protected data (enumeration)
• This applies if you are inside or outside the
protected perimeter!
Spring 2001
© 2000, 2001, Richard A. Stanley
WPI
EE579T/6 #4
Security Last Week-1
• FBI counterintellingence agent Robert Hanssen
arrested for espionage
• What can we learn from this?
– He wasn’t caught because he was careless
– He knew all the tricks used to catch spies
– He was arrogant (Philby book)
– He did “exceptionally grave” damage to the nation, and
is probably directly responsible for at least two people
being executed
• So what does that have to do with network
security?
Spring 2001
© 2000, 2001, Richard A. Stanley
WPI
EE579T/6 #5
Network Security Last Week- 1
• “Anna” virus writer’s mayor praises him, calls
event a “joke,” offers job!
• U.K.'s Terrorism Act 2000 classifies those who put
lives in danger through computer manipulation as
terrorists.
• VBS_Valentin.A exploits hole in older Outlook
and Outlook Express versions
– runs in preview window
– deletes every file stored on a PC on the 8th, 14th, 23rd
and 29th of every month.
Spring 2001
© 2000, 2001, Richard A. Stanley
WPI
EE579T/6 #6
Network Security Last Week- 2
• NSA warns it can't keep up with rapid
changes in IT
• Kournikova virus inspires copy-cat
spammers. Are we surprised?
• Sm0ked Vandals say more attacks to come
• Canadian security e-mailer Neurocom
pulled an alert concerning a Hotmail
vulnerability
Spring 2001
© 2000, 2001, Richard A. Stanley
WPI
EE579T/6 #7
Course Projects - 1
• Port scanning technology
– Sullivan, Toomey
• Extensible authentication protocol
– Mizar, Hirsch, Tummala
• Honey Pot
– Kaps, Gaubatz
• Wired/Wireless security comparison
– Azevedo, Nguyen, H. Tummala
Spring 2001
© 2000, 2001, Richard A. Stanley
WPI
EE579T/6 #8
Course Projects - 2
• SOHO network security
– Davis, Syversen, Kintigh
• Sniffing switched networks
– Michaud, Lindsay, VanRandwyk
• Broadband access security
– Sumeet, Nurmit, Harsh
• Trojan Horse security
– Aparma, Subramanian
Spring 2001
© 2000, 2001, Richard A. Stanley
WPI
EE579T/6 #9
Course Projects - 3
• Java security
– Malloy
• Router security
– Mansour,
• DDoS Security
– Gorse, Pushee
• Network Security Processors
– McLaren, Brown
Spring 2001
© 2000, 2001, Richard A. Stanley
WPI
EE579T/6 #10
Projects -4
• Network cryptography
– Lee
Spring 2001
© 2000, 2001, Richard A. Stanley
WPI
EE579T/6 #11
HTTP
• Hypertext transfer protocol
• 4-stage transaction
–
–
–
–
Establish a connection
Client issues a request
Server issues a response to the request
Server terminates the connection
Spring 2001
© 2000, 2001, Richard A. Stanley
WPI
EE579T/6 #12
HTTP Characteristics
• Stateless
• Supports dynamic formats
– Client sends list of formats it recognizes
– Server replies, using appropriate format if it can
• Human-readable
• Generic protocol
– Message formats independent of protocol
Spring 2001
© 2000, 2001, Richard A. Stanley
WPI
EE579T/6 #13
Secure HTTP
• Extends HTTP instruction set to support
secure transmission
• Uses signature, encryption, message sender,
and authenticity checks for security
• Uses both symmetric & asymmetric keys
• Supports certificates and key signing
• Supports end-to-end encryption
• Useful only with HTTP
Spring 2001
© 2000, 2001, Richard A. Stanley
WPI
EE579T/6 #14
How S-HTTP Creates Messages
• Server obtains plain-text message it will
send to the client
• Server processes client’s crypto preferences
and keying material, which client provided
during initial handshake connection
• Server processes its own crypto preferencec
and keying material
Spring 2001
© 2000, 2001, Richard A. Stanley
WPI
EE579T/6 #15
How S-HTTP Recovers
Messages
• Client tries to match transmission against its
crypto preferences provided to server
• If no match, tries to match message against
client’s current crypto preferences & keys
• If still no match, client tries to decrypt
message using server’s previously-stated
crypto preferences
Spring 2001
© 2000, 2001, Richard A. Stanley
WPI
EE579T/6 #16
S-HTTP Key Arrangements
• In-band key
– server encrypts session key with client’s public
key and sends session key to client
• Externally arranged key
– server and client manually exchange secret key
prior to session
• In-band keying is by far the more common
Spring 2001
© 2000, 2001, Richard A. Stanley
WPI
EE579T/6 #17
Secure Sockets Layer
• Developed by Netscape
• Open, nonproprietary protocol, like S-HTTP
• Provides data encryption, server & client
authentication, message integrity
• Compatible with firewalls & tunneling
• Can be layered between HTTP and other
application protocols and TCP/IP
Spring 2001
© 2000, 2001, Richard A. Stanley
WPI
EE579T/6 #18
SSL and the Internet Protocol
Stack
Application layer
HTTP, SMTP, Telnet, FTP, etc.
SSL
Secure socket layer
Transport layer
TCP, UDP
Network layer
IP, ICMP, IGMP
Data-link layer
ARP, RARP
Physical layer
Spring 2001
© 2000, 2001, Richard A. Stanley
WPI
EE579T/6 #19
SSL Services
• Server authentication w/digital certificates
• Transmission security w/encryption
• Data integrity across end-to-end
connections
• SSL uses RSA private-key encryption
Spring 2001
© 2000, 2001, Richard A. Stanley
WPI
EE579T/6 #20
Client.Hello message
• Sent by client to server
• Server evaluates info in message
• If client supports an encryption type that is
supported by the server, and other SSL
protocols match server, server sends reply
• Reply is encrypted with client’s public key
• Reply includes server’s public key and
connection info
Spring 2001
© 2000, 2001, Richard A. Stanley
WPI
EE579T/6 #21
Server.Hello response
• Client receives, sends another request to
server
• Second request encrypted with server’s
public key from Client.Hello message
• Requests session key from server
Spring 2001
© 2000, 2001, Richard A. Stanley
WPI
EE579T/6 #22
Server response
• Session key, encrypted with client’s public
key
• Communications proceeds securely using
the protocol of the application running
above SSL
• How do you know when this has happened?
– The URL will have an “s” appended to
<scheme>, e.g. https vs. http
Spring 2001
© 2000, 2001, Richard A. Stanley
WPI
EE579T/6 #23
SSL Security Pointers
• Secure all the auth-clients ports
– An auth-client port lets anyone who can
connect to that port do SSL authentication as if
they were you, and use your certificate
• Secure all client mode ports
– A client mode port lets anyone who can connect
to the port transmit to other ports as if they
were your machine
Spring 2001
© 2000, 2001, Richard A. Stanley
WPI
EE579T/6 #24
So, with these protocols, everything is OK, right?
Not quite.
Spring 2001
© 2000, 2001, Richard A. Stanley
WPI
EE579T/6 #25
One Worry
• This is a stegosaurus
• We need to worry about steganography
Spring 2001
© 2000, 2001, Richard A. Stanley
WPI
EE579T/6 #26
Steganography
• “Covered writing”
– from the Greek steganos and graphos
– steganos = covered (or roofed)
– graphos = writing
• Includes such arcana as invisible ink,
hollow heels in shoes, open codes
• A real problem for network security, as we
shall see
Spring 2001
© 2000, 2001, Richard A. Stanley
WPI
EE579T/6 #27
Null Cipher Example
News Eight Weather: Tonight increasing snow.
Unexpected precipitation smothers eastern towns. Be
extremely cautious and use snowtires especially heading
east. The highways are knowingly slippery. Highway
evacuation is suspected. Police report emergency
situations in downtown ending near Tuesday.
Decodes as:
Newt is upset because he thinks he is President.
Spring 2001
© 2000, 2001, Richard A. Stanley
WPI
EE579T/6 #28
Actual WWII Null Cipher
Apparently neutral's protest is thoroughly discounted and ignored.
Isman hard hit. Blockade issue affects pretext for embargo on
by products, ejecting suets and vegetable oils.
Decodes as:
Pershing sails from NY June 1.
Spring 2001
© 2000, 2001, Richard A. Stanley
WPI
EE579T/6 #29
Another Example
S0:
S1:
Result:
Spring 2001
© 2000, 2001, Richard A. Stanley
WPI
EE579T/6 #30
Interesting, but So What?
• What if we were to replace the least
significant bits of a complex data file with
information we wanted to transmit secretly?
• File compression
– Lossless (e.g., GIF, BMP)
– Lossy (e.g. MPEG, JPEG)
• Downgrading information--how can you be
sure what you downgraded?
Spring 2001
© 2000, 2001, Richard A. Stanley
WPI
EE579T/6 #31
King’s College,
Cambridge (UK)
The image in which
another image will
be hidden using
steganography
Spring 2001
© 2000, 2001, Richard A. Stanley
WPI
EE579T/6 #32
Spring 2001
© 2000, 2001, Richard A. Stanley
WPI
EE579T/6 #33
Spring 2001
© 2000, 2001, Richard A. Stanley
WPI
EE579T/6 #34
Spring 2001
© 2000, 2001, Richard A. Stanley
WPI
EE579T/6 #35
Stego Summary
• Careful comparison of the two King’s
College photos shows the stego image is
slightly less sharp than the original
• Careful examination of the Pentagon aerial
photos shows the recovered image is
slightly less sharp than the original
• BUT…you knew what to look for
Spring 2001
© 2000, 2001, Richard A. Stanley
WPI
EE579T/6 #36
Stego Implications
• How can you be sure that what has been
downgraded does not hide other
information?
• Steganography can be used as a covert
channel that is very hard to find
• Steganography also provides a tool that can
be used to watermark a complex file
Spring 2001
© 2000, 2001, Richard A. Stanley
WPI
EE579T/6 #37
Fortunately, Steganography is so complex
and hard to implement that is not likely
the average hacker or crook would be
able to exploit it.
Equally fortunately, we have discovered that the
moon is made of green cheese.
Spring 2001
© 2000, 2001, Richard A. Stanley
WPI
EE579T/6 #38
Spring 2001
© 2000, 2001, Richard A. Stanley
WPI
EE579T/6 #39
Other Stego Uses
• Covert information distribution
– eBay images have been found which contain
stego information believed to be messages to
terrorist cells
– Much of the imagery on the Internet contains
stego data, which could be executables
• Don’t get too cute -- why would you
suddenly start trading pictures with
someone?
Spring 2001
© 2000, 2001, Richard A. Stanley
WPI
EE579T/6 #40
Some Thoughts
• What about Bell and Lapadula’s model?
– No write down?
– No read up?
• The Internet thrives on visual imagery.
What does this imply for security based on
what we have studied tonight?
• Why did it take 15 years to catch Hanssen?
How long would it find to uncover stego?
Spring 2001
© 2000, 2001, Richard A. Stanley
WPI
EE579T/6 #41
Summary
• Protocols exist to provide end-to-end
security over the Internet and other hop-byhop networks
• The existence of such protocols is not a
guarantee of security
• Steganography is one way for information
to leak out of a system
• Steganography can be very hard to find, but
it is very easy to implement at low cost
Spring 2001
© 2000, 2001, Richard A. Stanley
WPI
EE579T/6 #42
Homework - 1
1. Using the Internet, conduct a survey of
steganography tools available for download,
and -- to the best of your ability based on
the descriptions provided -- compare and
contrast them.
2. How would you protect your network
against steganography, both looking
inwards and looking outwards?
Spring 2001
© 2000, 2001, Richard A. Stanley
WPI
EE579T/6 #43
Assignment for Next Week
• Finalize your project outlines, with the members
of your team. Hand in next week.
• Read Chapter 16 in the course text.
• Next week’s topic: An Introduction to NetworkBased Attacks
Spring 2001
© 2000, 2001, Richard A. Stanley
WPI
EE579T/6 #44