(default password for a new machine)

Hybrid: symmetric data sending + asymmetric channel

XSS: cross site scripting, a JS vulnerability on input scripting to save/process unsecured data.

        --> Input validation, content security policy

CSRF: cross site request forgery伪造. web app vulnerability. Server does not check for request trustability and just process (firewall, whitelist etc)

Security mis-configuration: leave default usr/pwd; Too simple

Firewall: Filter traffic by predefined rules, placed on boundary of trusted and untrusted networks.

Hacker News

Port Scanning: Send msg to gather network system info by analyzing received response.

VAPT report: executive summary explaining observations on high level info about scope, period of testing, no of observations, category wise split into high, medium, low. Include detailed observations along with replication steps, screenshots of POC along with the remediation.

Web responses: 1xx informational 2xx Success 3xx Redirection 4xx client side 5xx server side

Tracert/traceroute: If cannot ping final destination, tell you where's wrong. firewall? ISP? router? etc

Ddos (distributed deny of service):

• server unavailable to app as flooded with large number of requests it's not designed to handle.
• Mitigation: analyze and filter the traffic in scrubbing center which is the centralized data cleaning station for website traffic

Patch should be released as soon as they are ready, governed by Key Performance Indicators. Windows patch agreed KPI is 99%--> 99% of PCs have latest patch.

False positive more acceptable than false negative.

Blue team (defenser - Hard, knowlegable) vs Red team (attacker - Fun). "CSI Cyber"

Web server hardening:

• Filter unnecessary services running on various ports and remove default test scripts from servers. Yearly

Data leakage: email, prints, lost laptop, unauthorized upload to public, removable drivers, photographs to social media

• Internal encryption, restrict mail to internal network. restrict upload, print confidential printouts

Data classification: Top secret (trade secrets); Confidential (Within company); Public

Emails go to Spam:

• IP addr used for spam...(send through A to B)
• low open rates
• Emails not used for a long time but suddenly send lots of emails out
• Bad format. subject line missing; from [email protected]
• word "free" for too many times, sensitive illegal words, !!!, CAPS, drugs etc

Goals: Identify issues, design protective systems; Easiest Penetration, Adequate Protection

Opposing: NSA collect info about foreigners; Help: witness protection

Adversary:murphy,amateur(id=),scriptkiddy,crackers,crime,cyberwarrior, terrorist

Threats: loss/harm befall system. Threat model: undertake/defend what threats

Interception (key-logger, 别人写下药名，量，encryption)中途夺取

Interruption (delivery truck robbed) Modification (多要药，replace卖出去)

Fabrication (捏造extra browser pop-ups, 换placebo卖病人)

Defend threats：Prevent (immobilizer); Deter: harder in secure parking facility

Deflect: less attractive, sticker mention alarm, valuables out of sight

Detect (car alarms); Recover: insurance

Defense of computer systems:

Cryptography; Software/Hardware/Physical controls; Policies & procedures

Char* gets(char*) à fn not check against buffer size

Char fgets(char, int, FILE*) -> buffer size provided to method may be incorrect

Int getc(FILE*) -> when used in a loop, may forget to consider buffer size

Int vsprinf(char*, const char*, va_list) -> fn write past to end of file.

Buffer Overflow: check bound, non-Excu stack (w xor x), sk on rand virtualaddr, compiler canaries detect if sk changed(off-by-1, on heap, jumps to lib, program etc)

Integer Overflow: large unsigned -> signed -> wrap -> negative

Format String vulnerability: printf(var); printf(“%s%s%s”), %n write to addr on sk.

Incomplete mediation: Client-side mediation: js validate + server-side mediation

TOCTTOU: confirm constant. Copy & compare request; act on object itself, locks

Malware: 需execute by action or exploit existing flaw (BOF)

• Virus: transfer control. Propagation (copy itself) + payload (disable scan, activate)

Infect: Executable: program beginning; Macro: add self; Computer: boot time

Spreading: require user action, send by friends, p2p network

Spotting virus: scan entire computer state regularly

Signature-based protection: known list by signatures –More false negative实际有

缺陷Polymorphic, modified, new, encrypted->Search for decrypted routine,

Behavior-based protection: search by pattern, run in sandbox. More false-positive

Trojan horses: claims innocuous but hide malicious behavior; Logic bomb: already on, trigger once not insider; Hard to spot as user intentionally run

Dancing pigs; Scareware骗子帮你要付钱; Ransomware: 赎金

• Worm: self-contained, use security flaws, no user involved, search other to infect

Morris; Code Red; Slammer; Stuxnet; Flame

• Web bug; Back door; Salami attack (many smalls); Privilege escalation; Rootkits: (back door+stealth to hide existence(logs, modify ls, kernel) SONY XCP

• Man in the middle: - Interface illusions; Phishing

Keystroke loggers: application-specific, system/hardware keyboard loggers.

1. Convert channel: publish w TH, modify; Side channel: watch behavior learn action

Rabbits(replicate without limitation to resources)

Storage, file locks, blocking, graphics r fine. /dev/null cannot be observed.

Not a channel through which info can be sent convertly.

Software lifecycle: 1. Specification 2. Design:

Modularity-low coupling

Encapsulation: self-contained, share only if necessary -> low coupling know API

Info hiding: invisible internals from others; Mutual suspicion: (check all inputs); Confinement: suspicious in sandbox, ltd access

1. Implement: Static code analysis; Formal method (timely); Genetic diversity

4 Change management: multiple ppl on same code, how happened and prevent, git

5 Code review: open-source, guided code review, easter-egg w intentional flaw

6 Testing: Black-box (Fuzz, rand data, crash often), white/clear –box, regression

7 Documentation: didn’t work+caution;

8 Maintenance: std (each stage do what), formal process, audit

OS hardware shared sequentially (executives) and interleaving (based on monitors)

Separation: Physical: easy, expensive inefficient; Temporal; Logical; Cryptographic

Fence $; Base/Bounds $ pair; Tagged architecture: flexible overhead

Access control matrix huge & sparse

Goal: Check every access; Enforce least privilege; Verify acceptable use

ACL: columns. File1: Alice: orw, Bob, r …

Capabilities; rows, unforgeable but transferrable token, cannot withdraw/one-time

Combination: open() -> ACL -> approved then capability token to read/write

Problem: 1. ACL changed after token out. 2. Token out, file deleted, OS mem wasted

Role-based access control: Support hierarchical; multiple roles; separation of duty

Identification: who are you? (match name)

Authentication: prove it (match photo) – know, has (badge), is (bio), context (t >=2

Password: inconvenient, update hard if shared, disclosed unsafe else multifactor

Guessing: BF (root pre-post-fix), online(detectable)/offline(encrypted files) attack, write down, change regularly(cycling+similar123), site specific, not on public computers. Digital fingerprints with hash (still offline attacks)

User-specific salt+pwd ->iterated hash -> usrname, salt, pwd, slow down attack

Recovery: salt+pw<->MAC (input K, 1 direction) <-decrypt)->uname,salt,hash, pw

Interception AK: fobs(hash+t); challenge/cryptographic response (cha+pwd)

Graphical: shoulder surfing + choice not random ()

Keystroke logging, interface illusions/phishing, re-se across sites

Biometrics: physical characteristics, not good for remote, identification expensive, false+ (alice accepted as bob); false-(rejected incorrectly). Privacy, Accuracy, Secrecy

1. TrustedOS:policy(rules),model(implement policy),design(how),trust(=design)

1. Software: correct fn, enforce integrity, ltd privilege, appropriate confidence level

Need to know rule. S can access o iff level s >= o && compartment s )= o

Integrity: Clark-Wilson Security policy (well-formed transaction) Y duty separation

Conflict of Interest: Chinese wall security policy: need history, rights change often

ss-property: s can access object o iff, each o previously accessed by s either belongs to same company or belongs to different company than o does. (子/异公司)

*-property: s can write to o iff, all o readable by s belongs same as o or sanitized.

Lattice: >= transitive, asymmetric Unique lowest upper bound & greatest lower B

Bell La: info only flow up. Avoid leak J read TS to C, M with C now access. clearance

Ss-property: no read-up. s read o iff C(s) >= C(o)

*-property: no write down. s wite to o iff C(o) >= C(s).

Biba: prevent modification of data, order by integrity

Read access: s can read o if I(o) >= I(s)

Write access: s can modify o if I(s) >= I(o)

Subject low watermark property: if s read o, then Is = glb(Is, Io), info flow down

Object low watermark property: if s modifies o, then Io = glb(Is, Io), same above

Simple, not practice (both C & I, create o, declassification); leak by convert channel

Information flow control: Explicit: y:=x; Implicit: if x = 1 then y:=0; else y:=1

Program parameters with security classifications, compiler checks, updates, output

3. System Design:

Least privilege; Complete mediation: check every access; Ease of use (no/wrong use

Economy of mechanism: protection be simple & straightforward

Open design: secret key/pw but not algorithm

Permission based/fail safe defaults: default should be dos

Separation of privilege: access with >= 2 conditions

Least common mechanism: avoid convert channels

Trusted OS Features:

AC: Mandatory(central authority)/Discretionary(owner) access control; RBAC

Object reuse protection: erase mem before out(Defensive programming);hidden data

Complete mediation / Trusted path: check every access, untrusted sudo, fake screen

Accountability & Audit: 不能改audit logs, space/resrc vs useful (chunk)

Intrusion detection: correlate actual with normal behavior. Alarm. Audit logs + OS

TCB Trusted Computing Base r >= n reference monitor + logging mechanism圈图

Reference monitor: crucial(collection of AC), tamperproof, unbypassable, analyzable

Virtualization: provide logical separation. Degree:Virtual memory, virtual machines

Compartmentalization: split & apply least privilege each

OpenSSH: UserPrivilegeSeparation: privilege monitor + unprivileged child (jail)

SUID bit/setuid: (of owner) confused deputy attack. Execute under identity owner

Assurance: Testing, formal verification, validation(require checking, code review)

Evaluation Trusted OS: Orange book(D to A1)+Common criteria: protection profiles

Without Integrity, no system can provide confidentiality

a sensitive/clearance levels, b compartments, complete lattice has a*2^b labels

Port Scan: loose-lipped (version), how implement(N-map tool), Q->type,远程exploit

Social engineering: pretends in same organization, ask for help for password

Dumpster diving: paper shredder

Eavesdropping/passive wiretap: 铜导,光纤, microwave/satellite, WIFI, LAN, Email

Active wiretapping: modify/fabricate communication

Google: info on IE that should not be

Victim’s Facebook profile: email account, security Facebook questions

Impersonation: guess/sniff default pwd, social engineer, exploit trusts Rhost/rlogin

Spoofing: masquerades as another. URL, webpage, WIFI access (in sh & man-mid)

Session hijacking: masquerades as end point, change seq#, steal cookie

Traffic analysis: learn unique packet addr by sniffing packets

Integrity attack: change/delete/create/replay transmitting packet payload, addr,

DNS cache poisoning, wrong hostname, numerical addr mapping

Protocol failure: ignore slow-if-congested request, pkt format BO, WEP

Website vulnerability: bad URL / modified state server, code injection(XSS偷CSRF

DOS: cut wire, jam signal, flood node, smurf attack(spoof addr), SYN flood,

non-reassembale pkt, DNS attack, black hold/packet drop attack, ping flood, ping of death, crafted packet(all same hash)

DDos: zombie/bot,

botnet(fame/profit, Storm, P2P update, Domain Generation algo.Fast flux(1 host

Reflection(spoof src addr to victim)/amplified(respond q w more data) DDos

Active code: privilege + sandboxed; Script kiddies

Design & implement: always check input, use white not black list

Segmentation/separation: server on diff machine (fn/access; web server not trusted Redundancy: single point failure. Sync & Backup. Test

Access Control: ACL on router(drop黑单addr)贵if high traffic难log + firewall

Firewall: gate=choke point(不抵御内部攻击

Packet filtering gateway: simple by pkt header. Drop spoofed traffic

Stateful inspection firewall: by state, may需reassemble. Recognize pkt content.贵

Application proxy: client – proxy – server. Know communication, scan, log, filter

Personal firewall: protect against attacks on server

Demilitarized Zone(DMZ): Internal (on dmz)---|DMZ|…external firewall(保DMZ)

Honeypots/nets: trap, learn to identify & stop

Low(easy install/detect, limit gather info)/High interaction(more behavior难)

Host(easily subverted)/Network(on node) based IDS: Distributed IDS = combined

Signature-based IDS: polymorphic worms

Heuristic/anomaly-based IDS: model good/bad behavior, good/suspicious/未知

Stealth mode: 2 network interface (monitor traffic + admin & alarm)

Cryptography(txt->cyphertext, send over insecure medium); Cryptanalysis: break txt

Alice, Bob, Carol, Dave; Eve; Mallory; Trent

Confidentiality; Integrity; Authenticity components

Kerckhoff’s principle: Security of cryptosystem 不该 rely on secret难贵 change.

Many public class of methods, use key to specify which u use.

Strong cryptosystem: the best Even can do

Secret-key encryption/symmetric encryption

Perfect secret-key encryption: One time pad with XOR. Key-truly random(no psudo)

BOINC待机compute 40-56-128; compute越来越快,Easiest Penetration $5 wrench

• Stream cipher: 1-time pad+pseudorand. RC4. Fast. 1 bit/t. Bad WEP, PPTP.(bit flip)

• Block cipher:AES.Mode of operation. ECB(分开加密repeat bad). CBC w initialvalue.

Public-key encryption/asymmetric encryption己带锁箱子出去,自己钥匙解锁RSA

Hybrid cryptography: 128-b K, AES msg w K, encrypt K by public, send msg+encrd K

Integrity guarantee only: Cryptographic hash function y = h(str):

Pre-image(y->x)|2ndpre-image(x->x’)|collision resistance(no h(x)=h(x’))生日paradox

Message Authentication Code/tag: 多hash fns, shared key to pick correct fn.

Combine cypher and MAC: recommend Encrypt-then-MAC

Repudiation: B cann’t prove to 3rd A sent. Use Digital signature:A sign M w private k1, B verify w A’s public veri k2; Hybrid signature: unsigned M + signatured hash 快

Combine: Ak(enc, dec); Bk(signa,veri). A use B’s enc, sign; B veri check, dec

(sig, very)long-lived; (enc,dec)short-lived; if interactive, A只use secret-key enc SSH

B get A’s verification K:manual key (SSH), web of trust, 3rd party CAs(root veri,多-level

Security controls using cryptography

Secret-key problematic: secret be available to users but not adversaries

Public ok if local only access public k, only enc & very needed, allow only signed app

Encrypt code: processor-dependent key

Encrypt data: protect if laptop lost. (not allowed user, malware installer, has dec key

Network security & privacy

Link-layer: WEP(intend C, I, AC but none.), WPA, WPA2(AES,weak PSK)

Send: S & R share K(40-104b), checksum(M), RC4(rand IV V, K), XOR(M, c(M))=M+V

Receive: V, K->RC4(V,K); XOR(rc4, text)=<M’,c’>

P1:v24b;P2:checksum dup CRC, duplicate, independent of K V,linear c(M^D)=cM^cD

Msg injection: plaintext + cyphertext. Access point -challenge txt->client

P3: authentication protocol give plaintext & cyphertxt free, watch & prove know K

P4: execute authentication protocol itself and decrypt pkts…

P5: RC4 w similar keys outputs subtle weakness, recover keys<60s

WPA: v 48b, key常改,authentication server, CRC->MAC, compatible w old WEP硬件

Network Layer:

VPN(Doos, traffic analysis不护): Send to local VPN gateway w cryptography by tunneling(nest, IP-over-TCP), rev decrypt to destn

IPsec:

Transport mode(1,enc/auth源content); Tunnel mode(2 networks, content+header

Transport Layer:

TLS/SSL: 护TCP-based conn. Server/Client Auth, Msg C & I. Privacy enhance.

Come w browser, no configuration, protect communi content, but reveal IP addr

Tor: hide both metadata, content, and existence. Scattered onion routers, public-Ks

Send: Ek1( Ek2( Ek3(M) ) )->website; Reply: R to n3, Ek3(R) to n2… A用k1, k2, k3

But n3 to website not encrypted

Provide anonymity in TCP both unlinkably(long-term) &linkably(短期)判断同1人

Nymity Slider levels:容易改高，不易改低。所以先低后高

verinymity(govern id); persistentpseudonymity(blog);

linkable anonymity(prepaid电话卡, loyalty card); unlinkable anomymity(cash, Tor)

Application Layer: ssh, PGP, Mixminion, OTR

Remote login: C conn S, S send very K, key agreement protocol, C authenticate(pwd over enced channel | sign rand chall w private K), S accept login.

Email:

Type0 remailer: net conn not watched, operator machine trusty, mapping secret

Type1/Cypherpunk: encrypted steps of chained remailer, no reply. Delay+reorder

Type2/Mixmaster: Constant-len msgs by premail. Against replay, better reorder

Type3/Mixminion: better against reply & key compromise, psedonymity不成熟

Pretty Good Privacy: 护content. Enc content(hybrid ec),digital sig(hash then sign)

Interactive Messaging:

PGP: A sign w priva signature Ks, encrypt M & signature w B’s public encryption Ke

B decrypt w private Kp have M & signature, check w A’s public verification Kv.

Verify public key:

Fingerprint(2 friends): collision-resistent hash of K, shorter.

Web-of-trust: Sign keys: A verify B’s, A signs w Ksig. B attach sig on webpage

Plot twist: enc communication recorded, Bob’s laptop stolen, Ks discovered…

Off-the-record messaging: 两人说话，别人不知道除非录音，也不能证明说了什么

Perfect forward secrecy: Diffie-Hellman protocol, session key, not reveal past

Deniable authentication: non-repudiable, no prove; authen, Meg Auth Code

C(only B can read) & Auth (B sure from A)

Record, element, attribute, tuple, schema, sub-schema=query result

Security Requirements

Logical(DB corrupt)/Physical断电 database integrity: regular backup, trans logs

Element integrity: AC, Ele Ck, Change Log, detect ex, 2-Phase update, 343 control

Referential integrity: no dangling foreigner key

Auditability: audit log (granularity)

Access control: inference/efficiency problem by past/type of queries

User authentication/ Availability: time of day, 多人同时access update

Data Disclosure: Exact data; bounds; negative result; existence; probable value

Security vs precision: forbid bads vs reveal allowed

Data Inference: derive sensitive from non-sensitive;

-Direct (where lastname = ‘a’ or (sex != ‘M’ and sex != ‘F’)

-Indirect attack

• Statistical inference attack (Sum 1 ppl, Count, mean, median…)

suppress sensi, conceal to close, combined[],query analysis(costy);N records, >k%omit;sample db; rand data perturbate+-, differential privacy(+ noise -> release)

• Tracker attack: qC=q(C | T)+q(C | !T) – qS = 2qS – q(!C | T) – q(!C | !T)

• Data aggregation: ppl talk, aggregate outside of DBMS

Multilevel Security Database: each o with Classification & Compartments

*-Property: No read up | write down(需sanitization); can write up. Trust DBMS

Confidentiality: Poly instantiation: Hide-> dup primary key, diff clearance sensiti.

Partition: 1 classification level=1 DB. Simple. Redundant data. Hard: High->high+low

Encryption: 1 classification l w 1 key. Same record value diff cyphertext. Costly解密

Integrity lock: provide integrity + access control, not defense reply attack

Data+integrity level+signature(需space,重算after write, encrypt item,lock)贵

Secure DB design

Trusted front end: authenticate, forward, remove restricted. Most dropped…?

Commutative filter: FE rewrite(classification), post process. Discard早, db work快

Distributed/Federated DB: partition (!scale many Clearance levels) FE combine res

Views: not-allowed->undefined; help access control

Trueman(all success w incorrect res) &Non-TrueMan(only succeed precisely)

Data Mining: actively gather data from 3rd parties, to automatically find patterns

C (derive sensi, 会员卡),I(input/translation ex),A(compatiable dbs); which problem

Privacy-preserve release: anonymize before release. Link->identify. Structure->+salt

k-anonymity: min (k-1) other records w same exposed info + l-diversity+ t-closeness

– homogeneity attack(same data), background knowledge attack (val distribute)

Value swapping: trade privacy & accuracy, dec correlations…

Add noise:small +/- error, give distribution. Protect & accurate

Sampling/Synthetic data: subset(coarse geographical,top/btm coding. Distri model

Administering security

Security plan: goals, how to meet/stay. (Description + plan)

Policy: specify goals (CIA priority), responsibility码农, commitment(IT support)

Current State: risk analysis; actions; limits of responsibility

Requirements: what is/not allowed

Recommended controls: mechanics to achieve above 3

Accountability: 出问题找谁

Timetable: milestones to track

Continuing attention: periodic review & update plan

Business continuity plan (focus A)

-Catastrophic: advance planning-extra equipment/supply,regular backup, train人

-Long duration

Incident response plan:考虑legal issues, preserve evidence, record, public relation

Risk Analysis:

Identify assets(硬软数 ppl skills ,documentation, supply)

Determine vulnerabilities: tiger teams

Estimate likelihood of exploitation: frequency analysis

Compute: Risk exposure = probability * impact

Survey applicable controls:

Project savings due to control: Saving = Risk exposure = cost of control

Physical security:Nature + Human: vandal; thief; targeted attacker

Legal & Ethical issuesIntellectual: non-depletable, replicable, min marginal cost