Telecommunications Networking II Lecture 41a Information Assurance
Telecommunications Networking II Lecture 41a Information Assurance.
Dec 13, 2015
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Telecommunications Networking II
Lecture 41a
Information Assurance
Historical perspective• Ever since people have been able to express
their views about anything, they have expressed concerns about privacy:-British common law: “A man’s home is his castle”-the U.S. Constitution: protections against “search and seizure”- “Gentlemen don’t read each other’s mail” (President Harry Truman)
Historical perspective
• Ever since people have been able to express their views, they have expressed concerns about privacy (continued):-attorney/client, doctor/patient, and priest/parishioner….protections of information discussed from legal discovery-penalties for tampering with U.S. mail-“wiretapping” laws
Historical perspective• Ever since people began competing for power,
territorial control, physical assets, and money they have recognized the importance of timely and accurate information -lifting the “fog of war”-understanding the enemy’s intentions-“getting inside the enemy’s decision cycle”-“loose lips sink ships”(continued on next slide)
Historical perspective• Ever since people began competing for power,
territorial control, physical assets, and money they have recognized the importance of timely and accurate information (continued) -Understanding the customer’s needs -Understanding the competition (industrial espionage as well as legal industrial intelligence activities)
Historical perspective• Ever since people began competing for power,
territorial control, physical assets, and money, they have attempted to gain more information through whatever means is at their disposal; and they have also tried to disrupt their adversary’s information flows
• Likewise, they have tried to protect their information and their information infrastructures
Historical perspective• ...they have also tried to intercept and/or disrupt
their adversaries’ information flows- “steaming” open envelopes-electronic eavesdropping-cutting communication lines between enemy commanders and troops-jamming radio communications-sending intentionally misleading messages-code breaking (e.g., in WWII)
Historical perspective• ...they have tried to protect their information and their
information infrastructures-wax “seals”-cryptography-signatures-notarized documents-LPI (low probability of intercept) communication systems-“hardened” satellite communication systems
Information Assurance and Network Integrity: the Present
• More and more people and organizations are becoming dependent upon computers, networks, and network-based applications (e.g., electronic commerce moving toward $1T/year very rapidly)
Information Assurance and Network Integrity: the Present
• There is a growing concern with regard to:-Privacy (unauthorized access to personal/sensitive/proprietary/classified DoD information)-Theft (e.g., using stolen credit card numbers)-Reliability (i.e., will my network-based applications work when I need to use them?)
Information Assurance and Network Integrity: the Present
• If a single new virus, worm, or Trojan horse attack causes each of 100 million computer users to spend 1 hour learning about the new threat, downloading software to defend against the threat, taking other actions…… and if an hour of each person’s time is, on average, worth $50.00… …then each new “event” produces a societal cost of $5B
Information Assurance and Network Integrity: the Present
• Recent examples of information assurance problems:-Major loss of paging systems in the US (single satellite failure)-Increasing numbers of virus/worm/Trojan horse/etc., incidents-Intrusions into government/DoD systems-E-bay outage for ~24 hours
Information Assurance and Network Integrity: the Present
-Incorrect data downloaded into the Internet’s Domain Name System (DNS) root servers disrupted conversion of Internet “names” like [email protected] into Internet addresses like 144.118.31.1 for ~24 hours
-others that can’t be discussed in public
Information Assurance and Network Integrity: the Present
• Some of these problems are associated with things which we “do to ourselves”. I.e., no malicious intent
• Some of these problems are the result of intentional acts, ranging from mischief to criminal activities to state-sponsored terrorism
Information Assurance and Network Integrity: the Present
• Some of these problems are associated with violations of privacy, unauthorized access to information, providing false identities, or unauthorized modification of information
• Some of these problems are associated with “denial of service” (disrupting systems and applications)
Attacks
Types of attacks• Eavesdropping:
- I read your message while it is passing through a network- I listen in on your conversation with one or more other person(s)- I monitor which Web pages you are accessing- I monitor how many messages you send, and to whom they are sent (traffic analysis)- I monitor where you are, by looking at your messages
Types of attacks• Eavesdropping (continued):
Eavesdropping is a passive, read-only activity, in the sense that I don’t change anything about your messages.
Eavesdrop: To secretly listen in on a private conversation
Types of attacks• Unauthorized “read” access
I read a file that is stored on one of your servers or other computersThis requires that I obtain access to your computer, either via a network, or by some other means. E.g., I physically access your computer; I loan you a floppy disk that contains a malicious application, that copies your files on to the disk…which you return to me (Trojan horse attack)
Types of attacks• Content tampering
-I change the content of a message passing through a network, or I change the contents of a database (e.g., I change the information on one of your Web pages)Tampering with a message in transit can be done by substitutionTampering with the contents of a computer requires access and “write” privileges
Types of attacks• Impersonation
-I send you a document or a message that appears to have been sent by someone else
The ability to prove that a message is “authentic” : the sender is who he or she claims to be, and the content has not been modified since it was created by the authentic sender is called “non-repudiation”
Types of attacks• “Denial-of- service” attacks
-I prevent your messages from being delivered by attacking one or more routers or by attacking the domain name system-I cause congestion your network that prevents you from doing what you want to do (e.g., I send you a gigantic E-mail file, and clog your mail server)-I bombard you with junk messages-I disable your network’s password authentication system
Prognosis
• Of all of these attacks, denial-of-service attacks are the most problematic, on a forward-looking basis
• The attacker has the advantage. He or she only has to find one vulnerability to exploit. The defender needs to anticipate all possible attacks.
Related Documents
