Professional Documents
Culture Documents
LecturesPart 1one
LecturesPart 1one
Programmes: BSc. ITS III, BSc. ICTB III & BSc. MICT EDU III
1 / 136
Code of conduct
▶ Observe the following code of conduct;
• Be in class on time. Late comers will not be allowed in.
• Mute or switch off your mobile phones while in class.
• All communications concerning CSS 325 lectures, tutorials,
notes, assignments, tests etc. will be done via CRs.
• Any excuse for not attending lecture or tutorial sessions
should be communicated at the beginning of the lecture/tutorial
via CR.
• Use English for all communications concerning CSS 325.
• Strictly adhere to the University academic timetable and
deadlines.
• No substitute assignment/test will be given to any students who
will fail to write them without good reasons.
• Read all references provided.
• Violation of academic integrity will not be tolerated, but
dealt with severely in accordance to MU academic regulations.
• Any communications via emails, including submission of
assignments, MUST be done via student's respective MU email
(@mustudent.ac.tz) and not otherwise.
2 / 136
Code of Conduct - Cont’d
▶ Course assessment:
• Quiz - Many.
• 2 Assignments @ 10%.
• 2 tests @ 15%.
• University Examination (UE) - 50%.
▶ Marks for assignments, tests or UE can not be compromised or
negotiated for.
▶ Hope to enjoy your maximum cooperation.
3 / 136
References
4 / 136
Computer Security: Key definitions
▶ Any part of a computing system can be a target of computer
attack.
▶ Computer system refers to a collection of hardware, software,
storage media, data, and people that an organization uses to
perform computing tasks.
▶ Ability to control users' access to computer systems, data,
and their actions must be addressed adequately.
▶ Computer security: A field covering processes and
mechanisms which protect computer resources and services
against unintended or unauthorized access, change, denial or
destruction.
▶ Network security: Protection of multiple computers and
other resources (data, programs etc) connected together in a
network.
▶ Other related terms are Information security oand
Information assurance which place the focus of security on
information (data) and not on hardware and programs that
process it.
5 / 136
Computer Security: Key definitions
▶ Resource: A computer asset such as hardware, a service,
system capability, information, applications etc. to be
protected against any kind of damage or misuse.
• It is also referred to as an asset
▶ Vulnerability: An actual weakness (flaw) in the system's
design, implementation, or operation and management that may
be exploited by a threat agent to attack the system and cause
harm (to an asset).
• Failure to verify user's identity
• The use of no or weak passwords
• The storage of unencrypted information
▶ Threat consequence: A loss, damage or harm occurring to an
organization, computer network, system or resource because of
a successful computer attack.
• Deception
• Usurpation
• Disruption
• Unauthorized data disclosure
• Financial loss
• Loss of business trust
6 / 136
Token-based authentication: Smart cards
8 / 136
Computer Security: Definitions
▶ Attack: An exploitation of a vulnerability in the security
system to realize a threat consequence (harm).
• Breaking into a server in order to access stored information.
• Defacing the organization website
▶ Countermeasure (Control): A defensive mechanism such as an
action, procedure, technique etc. incorporated into a
security system in order to remove or reduce its
vulnerabilities. E.g the use of password, encryption,
physical security.
• It may prevent, detect an attack, or recover from the effects
(damage)
• A countermeasure may itself introduce new vulnerabilities
▶ Security policy: A set of rules and practices that specify or
regulate how a system or organization provides security
services to protect sensitive and critical system resources.
▶ Adversary: An entity that attacks, or is a threat to, a
system. It is also known as threat agent.
▶ Risk: An expectation of loss expressed as the probability
that a particular threat will exploit certain vulnerability
with a particular harmful result.
9 / 136
Effects of lack of computer security (Threat consequences)
11 / 136
Confidentiality
▶ A security goal which defines methods and mechanisms to
protect private and confidential information against
unauthorized disclosure.
▶ It is probably the most known goal (aspect) of computer
security.
▶ It protects information (data) on storage and transmission.
▶ Users and organizations need to protect their information and
resources against malicious actions that can compromise the
confidentiality.
▶ Only authorized entities can access information through
authorized procedures.
• Military: Must protect intelligence, security & other sensitive
information.
• Industries: Protect proprietary information against competitors.
• Hospitals: Protect patients' records.
• Banks: Protect customers' bank details.
• Universities: Protect staff and students' records.
• Mobile cellular companies:Protect clients' records.
12 / 136
Achieving Confidentiality
13 / 136
Password-based authentication
▶ A primary method commonly used by users to gain access to
computer resources such as computer systems.
▶ It is a secret code or word which proves user's authorized
access to a computer system, application, email account,
computer network, website, bank account, online stores etc.
▶ It is commonly used together with a username for instance in
gaining access to computer systems, files or email accounts.
▶ It exists in other different forms including personal
identification number (PIN), one time password (OTP), access
codes etc.
▶ One of the weakest and easiest security measures to
circumvent.
▶ A stolen password can lead to;
• Gaining unauthorized access to private information in your
computer, mobile phone etc.
• Steal your identity
• Install and execute programs using your account
• Read and send emails that appear to be from you
• Access your bank account
• Access your mobile phone and make calls and send in your name
14 / 136
Problems with Password-based authentication
15 / 136
Problems with Password-based authentication
16 / 136
Problems with Password-based authentication
17 / 136
Common attacks on Passwords
▶ Guessing: Short (weak) or default passwords can easily be
guessed by trying different combinations of characters or
personal details (names, year of birth).
▶ Eavesdropping: An adversary can watch or record a user when
typing password, patterns on mobile phone can easily be
eavesdropped.
▶ Stealing: When passwords are written on papers, walls,
saved on applications (e.g., web browsers), devices or in any
other form.
▶ Dictionary attack:
• Assumes that your password is an ordinary word which can be
found in a dictionary
• Uses a list of words as potential passwords.
▶ Brute force attacks:
• Uses a predefined set of characters such as (a-z, A-Z, 0-9,
special characters etc.) and minimum and maximum password
length to break passwords.
▶ Hybrid attack: Combines dictionary attack and brute force
attack, taking advantage of common passwords used by users
such as 'mzumbe2022'
18 / 136
Components of a good password
▶ Passwords should be strong enough for adequate security,
while properly managed.
▶ A good password should;
• Be long enough, at least 8 character long.
• Not consist of dictionary or actual words.
• Not be the same as username or contain the username.
• Should not contain user's first name, last name, family name,
birth date or any other name that is easy for any one to
identify.
• Contains several;
♦ Uppercase letters, A-Z.
♦ Lowercase letters, a-z.
♦ Digits, 0-9.
♦ Special characters, @,$, &, #, ?, +, etc.
• Don't write it down or save on the applications (e.g., web
browsers).
• Don't share passwords with your friends etc.
• Change your password regularly.
• Keep your password unique but easy to remember
19 / 136
Biometric user authentication
▶ Biometric is a technical term referring to humans' physical
or behavioral traits
▶ Biometric authentication: A security process that relies on
unique biometric characteristics or behavioural traits of
individuals to verify their identities.
▶ It stores users' physical or behavioral traits
(characteristics) in a database in order to verify a user's
identity when that user accesses their account.
▶ Biometric authentication solutions create a data-generated
template that uniquely represents an individual, which cannot
be easily shared, lost or duplicated like passwords.
▶ Biometric characteristics are unique to individuals, and are
therefore more effective at uniquely verifying individuals'
identities than password-based or ID authentication systems.
▶ Biometric authentication system is more secure because it is
harder to forge, steal or guess than password-based
authentication system
20 / 136
Biometric user authentication
21 / 136
Biometric user authentication
22 / 136
Biometric user authentication
▶ The use of biometric-based authentication is growing fast and
is replacing password-based authentications in many systems
▶ User authentication on a biometric system involves either
verification or identification.
• Identification:
♦ The goal is to produce a match and identify the subject from a
list of many possible subjects, comparison is one-to-many (1:N)
♦ Involves comparing unknown person's biometric characteristic such
as fingerprint or DNA to similar characteristics in the database.
♦ The match is not always guaranteed as the person's biometric
characteristic may or may not be in the database
♦ Used by law enforcement agencies to match fingerprint or DNA
collected at crime scene against other samples in a database to
identify perpetrator or victim of the crime.
• Verification (authentication):
♦ The user enters an information such as PIN and biometric data.
♦ The system extracts corresponding feature to produce a template
which is compared to the user's template stored in the database
♦ The comparison is one-to-one (1:1).
♦ Extra information in addition to biometric data is provided
23 / 136
Characteristics of biometric user
authentication
24 / 136
Phases involved in building biometric user
authentication
▶ Two main phases of building biometric authentication systems;
• Enrollment phase
• Recognition phase
▶ Enrollment phase:
• Involves entering users' biometric data such as fingerprint,
voiceprint, facial recognition etc. into the system's database
to serve as biometric reference information for that person.
• Each individual to be included in the database of authorized
users must first be enrolled in the system.
• The system extracts biometric data (eg. fingerprint),
digitizes it to produce a template which is stored as a number
representing this unique biometric characteristic.
• This set of numbers is referred to as the user's template
• Most biometric authentication systems store templates produced
from biometric data, and not raw biometric data itself.
• The templates generated and stored are unique to a particular
model of recognition engine, manufacturer's biometric engine or
software versions from the same manufacturer.
• It is usually a complex and time consuming task
25 / 136
Phases involved in building biometric user
authentication
▶ Recognition phase:
• When the biometric detection system is used in practice to
verify or authenticate users based on the entered biometric
data
• The same biometric data is extracted and processed to generate
a template that is compared to the stored one to identify or
verify the user.
• It must be efficient i.e., must be quick, simple, and accurate.
26 / 136
Accuracy of the biometric user authentication
27 / 136
Accuracy of the biometrics user
authentication
▶ If a single user is tested by the system numerous times, the
matching score s will vary.
▶ A threshold value is selected thus that if the presented
value s ≥ t a match is assumed, and for s < t , a mismatch is
assumed.
▶ On average, any other individual should have a much lower
matching score
▶ For example, in the case of a fingerprint, the matching score
s may vary due to;
• Sensor noise
• Changes in the print due to swelling, dryness, hardening or
wetness of the fingers
• When the hands are oily, too clean (eg. washing hands with
hand sanitizer prior to using fingerprint scanner)
• Scars, cuts or other skin irregularities
• Finger placement
• Scanner might be dirty or smudged, which can interfere with its
ability to accurately capture your fingerprint
28 / 136
Challenges of biometric authentication
▶ Failure to enroll users: May occur when user's template can
not be successfully created from biometric data owing to
sensors' malfunction, poor environmental conditions, physical
or medical conditions, cultural and religious factors
▶ False acceptance and rejection rates: Caused by similar
biometric characteristics such as facial recognition by
identical twins, varied user-sensor interaction at enrollment
and recognition stages due to injuries, scars, illness,
different poses, ageing, dryness/wetness/swelling/dirtiness.
• Unauthorized users are erroneously authenticated (False
positives): occur when a system matches an input data to a
non-matching template.
• Authorized users are denied access (False negatives): Occur
when systems fails to match an input data to a stored template.
▶ Spoofing: Occurs when a fake biometric characteristic (such
as fake face mask for face recognition, voice recordings for
voice prints) is created to fool a biometric sensor.
• It is a complicated task, and can be thwarted by using liveness
detection
29 / 136
Challenges of biometric authentication
▶ Compromised biometrics: Occurs when a database storing
users' biometric characteristics is compromised to illegally
access them.
• Can occur when raw biometric characteristics collected from
users are stored in the database
• Compromised biometric characteristics can be misused
• It is extremely difficult (if not impossible) to revoke or
cancel a compromised biometric data.
• Store users' templates instead of collected raw biometric
characteristics.
• When there is a need to store raw biometric characteristics,
implement tight security measures to prevent unauthorized
access to the biometric data.
▶ Scalability and compatibility issues: It can be expensive and
may not work well with large number of users, devices or
applications, or across platforms, standards or protocols and
hamper interoperability.
▶ Legal issues: May raise issues related to collection,
ownership, storage and use of biometric data.
30 / 136
Quiz
31 / 136
Token-based authentication: Memory cards
▶ They can store data but can not process it, though it can be
reprogrammed.
▶ The information is read by a card reader.
▶ Common examples are most of the bank cards (Automatic teller
machine (ATM)), cards for opening hotel rooms etc.
▶ They can be used alone for physical access such as cards for
accessing hotel rooms or with PIN or password to authenticate
users such as bank cards, giving it greater security.
▶ Challenges associated with memory cards involve;
• Requires card reader which increases the cost of using the
token and creates requirements to maintain security of the
reader's hardware and software.
• Loss of token may temporarily prevents card's owner from
gaining access to the system - door or bank account.
• Its use may be inconvenient to some use such as accessing
computer systems
32 / 136
Token-based authentication: Smart cards
▶ In addition to storing data, they can process it as they
contain an embedded microprocessor.
▶ Examples of smart cards include credit cards and electronic
identity cards such as national electronic identity (eID),
driving license etc.
▶ They possess variety shapes including calculator shape, key
shape, or other portable objects.
▶ They contain manual interfaces which include keypad, and
display for human interaction.
▶ Provides stronger user authentication.
▶ They contain electronic interface to communicate with a
compatible reader/writer which may be;
• Contact: It must be inserted into a card reader with a direct
connection to a conductive contact plate on the card surface
from which transmission of cards, data, and card takes place.
• Contactless: It requires only close proximity to a reader.
♦ Both card reader and smart card posses antenna which facilitate
communication bweteen them using radio frequencies.
♦ Generate power from electromagnetic signals or battery.
33 / 136
Token-based authentication: Smart cards
34 / 136
Token-based authentication: Smart cards
35 / 136
Token-based authentication: Smart cards
36 / 136
Token-based authentication: Smart cards
37 / 136
Token-based authentication: For accessing computer applications
▶ To be covered later
38 / 136
Access control
▶ It refers to security features used to prevent unauthorized
access to computer system or network.
▶ Access is the ability of the subject to interact with an
object (file, program or hardware).
▶ Subject: It is any entity such as individual or process
capable of accessing an object
▶ Object: It is a computer resource such as files,
directories, hardware, program, I/O device etc. to which
access by the subject is controlled.
▶ Access right: describes the way in which a subject may
access an object, including read, write (view, add, modify,
delete), execute.
▶ A subject has to first verify its identity to a system before
accessing an object
▶ Authentication: A process in which a subject verifies its
identity to a system before accessing an object such as by
using password, ID, biometric authentication etc.
▶ Upon successful authentication, access control mechanism
regulates actions (activities) of a subject on objects.
39 / 136
Access control
▶ In a well secured system, access to a computer system does
not mean granting access to all objects (resources).
▶ Access control deals with;
• Preventing unauthorized users from gaining access to resources
• Preventing legitimate users from accessing resources in an
unauthorized manner
• Enabling legitimate users to access resources in an authorized
manner
▶ Access control lists (ACLs) are one of the mechanisms
commonly used to implement access control
▶ ACL specifies a list of subjects with their associated access
rights to particular objects (resources) in the system.
▶ Typical access rights include read, write, and execute.
▶ Access control is commonly implemented based on the following
models of access;
• Discretionary access control (DAC)
• Mandatory access control (MAC)
• Role-based access control (RBAC)
• Rule-based access control (RBAC)
40 / 136
Access control
42 / 136
Access control: Mandatory access control
▶ A means of restricting access to objects based on sensitivity
of object (such as information) and formal authorization
(clearance) of subjects to access an object.
▶ It is implemented in computer security environments in which
different levels of security classifications (levels) exist.
▶ The security mechanism of the system controls access to all
objects and individual subjects can not change that access.
▶ It is a more restrictive regarding what a user is allowed to
access and perform on the system.
▶ Both object and subject are attached with a "label", which
helps the security mechanism to identify security level
associated with the object and subjects to access it.
▶ In military for instance, a file with a Top Security label
can only be access (viewed) by users with Top Secret security
clearance, and not by users with only Security clearance.
▶ Only the security mechanism can identify authorized users to
access the file, while denying access to unauthorized users.
▶ Security mechanism must also prevent authorized users from
changing security classification (label) of both file and
users. 43 / 136
Access control: Role-based access control
▶ Rather than using ACLs, the system assigns users with a set
of roles to perform.
▶ The roles are subsequently assigned appropriate access
permissions to perform the tasks associated with each role.
▶ Users are then granted permissions to objects based on their
roles (duties) they must perform rather than security
classifications.
44 / 136
Access control: Rule-based access control
45 / 136
Attacks threatening confidentiality
46 / 136
Data integrity
47 / 136
Attacks threatening data integrity
▶ Modification: An attacker accesses or intercepts data and
modify it for his/her benefit.
• Modification may also involves deletion or delays of message to
harm the system or benefits from it.
▶ Masquerading: Also called spoofing.
• An attacker impersonates another person - One steals customer's
password or bank card and PIN and pretends to be that customer
• An attacker pretends to be a receiveing entity such as bank or
cellular network after getting customer's information
▶ Replaying: An attacker obtains a copy of a message sent by
user and tries to replay (retransmits) it later.
▶ Repudiation: It is performed by one of the two parties
(sender or receiver) in the communication such as a bank
customer, newspaper customer, online shopping etc.
• A sender falsely deny to have sent the message.
• A receiver (recipient) falsely denies to have received the
message.
48 / 136
Repudiation
49 / 136
Achieving non-repudiation
50 / 136
Achieving data integrity
51 / 136
Achieving data integrity
▶ The receiver separates message digest from the received
information.
▶ Receiver computes a "new" message digest from the received
information.
▶ It then compares the "new" message digest with the "old" one.
▶ If the two message digests are identical then the message
(information) is unaltered.
▶ If they are not identical then the message was altered.
▶ The software which compute messages digests are called
Cryptographic hash functions.
▶ Hash functions are based on one-way mathematical functions.
▶ Examples of cryptographic hash functions are MD5, SHA,
SHA-256 and SHA-512.
▶ Message digests from MD5 and SHA are 128-bit and 160-bit long
respectively.
▶ SHA stands for Secure Hash Algorithm.
52 / 136
Availability
53 / 136
Attacks threatening availability
▶ Denial of Service (DoS)
• It is a very common type of attack which slows down or totally
disrupts the information service, such as a network.
• May have a specific target e.g. blocking all messages directed
to a particular destination.
• Achieved in many ways like overloading a server with bogus
messages, deleting client's requests or server's responses,
breaking data cables, an attack by malicious software (virus,
malware, ransomware etc).
• DoS exists in different forms, most common is distributed
denial of service (DDoS)
▶ Software error : An error may cause a server to fail, and
eventually to fail the entire network.
▶ Infrastructure failure: Failure of disk, switch or power cut
off.
▶ Malicious activity: A malicious activity by outsider or
insider user such as a disgruntled employee.
54 / 136
Attacks threatening availability
55 / 136
Enhancing availability
▶ Systems redundancy: The use of redundant hardware, and
software enforces automated failover, i.e., redundant system
automatically takes over when the main system fails.
• Hardware redundancy: Replicating critical infrastructure
components such as servers, networks, power supplies, storage
devices to ensure availability of services in case of hardware
failure.
• Software redundancy: Involves deploying redundant software
components or systems to minimize system failures. Involves
running redundant software modules, components or instances.
• Network redundancy: Redundant network links, routers, cables,
switches, help organizations maintain network connectivity and
availability to ensure uninterrupted communication and data
transfer.
▶ Regular data backups: Data backups ensures availability of
data when data in main system is inaccessible or corrupted.
• Data redundancy involves creating multiple copies of critical
data to protect against data loss
• Automated backup processes, RAID arrays, cloud backups
redundant storage systems
56 / 136
Enhancing availability
▶ Anti-DoS routers: Routers that detect possibility DoS
attacks
▶ Diverse data centers: Distributed data centers in
geographically diverse locations minimize the risk of a
single point of failure caused by local disasters, power
outages, or regional disruptions.
▶ Failover mechanisms: Automatically redirect traffic or
workload from a failed component to a redundant one, allowing
for uninterrupted service availability.
▶ Error detection and recovery: Mechanisms which detect errors
or failures and initiate recovery procedures.
▶ Load balancing: Techniques which distribute workload evenly
across multiple resources to prevent any single component
from becoming overwhelmed.
• They monitor the health and capacity of resources and direct
incoming requests to the most suitable resource to prevent
bottlenecks and improving overall system efficiency.
57 / 136
Types of computer attacks
▶ There are of two types:
• Passive attacks
• Active attacks
▶ Passive attacks
• The attacker's goal is just to obtain (access) the information.
• No modification of information or damage to the system is done.
• They are usually hard to detect.
• Examples are snooping (eavesdropping) and traffic analysis.
▶ Active attacks
• Aim at modifying information or harming the system.
• They are easy to detect than prevent.
• All attacks threatening data integrity and availability such as
replaying, masquerading, repudiation, modification and DoS.
▶ Based on their origin, attacks can be categorized as;
• Inside attack: Initiated by an entity inside the security
perimeter (an insider")
• Outside attack: Initiated from outside the perimeter, by an
unauthorized or illegitimate user of the system (an
outsider).
58 / 136
Cryptography
59 / 136
Cryptography
60 / 136
Cryptography
61 / 136
Cryptographic services
62 / 136
Foundation (basis) of Cryptography
63 / 136
Caesar cipher: The first encryption technique
64 / 136
Cryptography: Vigenere cipher
65 / 136
Encryption
▶ A process of disguising information in order to hide its
substance (meaning).
▶ Given E=Encryption, M=Message, K=Cryptographic key and
C=Ciphertext, then Encryption is denoted as EK (M ) = C
▶ Some ciphers use the same key for encryption and decryption,
others use separate keys.
▶ Much of the security being offered relies on cryptographic
key.
• Each cryptographic key causes a new output of cryptographic
operation.
• Cryptographic algorithms have large key space from which a key
is selected for each operation.
• Keys are randomly generated.
• The larger the key size, the stronger the security.”Doubling the
key size, squares the key space.”
▶ Large computing resources such as CPU cycles, RAM and storage
are needed to break the cipher.
▶ Usually the strength of algorithm is ahead of the processing
speed of the computer.
66 / 136
Decryption
67 / 136
Authentication
68 / 136
Authentication
▶ Authentication is commonly used in cases such as;
• When a server needs to know the identity of a client which is
accessing its information or site.
• When a client needs to know that the server is a system it
claims to be.
• When the user or computer has to prove its identity to the
server or client.
• When the computer has to prove the origin of the message (data
origin authentication).
▶ Access to resources may be granted only after the
authentication has been positive.
▶ Cryptography offers the most secure, reliable and effective
means of authenticating entities and messages in insecure
computing environments like networks through the use of;
• Certificate
• Digital signature
• Secret key
• Public key cryptography
• Specialized authentication schemes (protocols)
69 / 136
Cryptographic algorithms: Types
70 / 136
Symmetric algorithms
71 / 136
Symmetric algorithms: Strengths &
weaknesses
▶ Strengths:
• They operate on shorter keys such as 56, 64, 128 and 256 bits.
• They are faster, i.e have higher performance.
• They consume little computing resources such as memory (RAM),
CPU cycles and storage space.
▶ Weaknesses:
• Do not provide a mechanism for secure distribution of shared
secret keys.
• Security (i.e. ability to keep the ciphertex secret) relies on
secrecy of the shared secret key by communicating parties.
• They offer only encryption; fail to offer digital signature
necessary for non-repudiation and authentication.
• Require a large number of keys to be managed such that given n
users, a system manages n − 1 secret keys for one user and
n(n − 1)
for all users in a communication pool.
2
• Each pair of parties would need a single key that will be used
to both encrypt and decrypt the message between the two parties
72 / 136
Common Symmetric algorithms
73 / 136
Common Symmetric algorithms
▶ Double DES
• In response to the raised security concerns, NIST decided to
improve DES for greater security.
• The technique was to use double encryption, with two different
keys.
• The keys are used to provide two encryptions, one on top of
another such that E(k2 , E(k1 , m)).
• However, security experts and researchers concluded that this
technique gives a false sense of better (double) security.
74 / 136
Common Symmetric algorithms
75 / 136
Common Symmetric algorithms
76 / 136
Asymmetric algorithms
77 / 136
Asymmetric algorithms
▶ Because of their large key sizes and huge need for computing
resources, PKC are largely used for key agreement (exchange)
and digital signature and rarely used for encryption
▶ PKC were meant to solve the key distribution (exchange
problem) inherent to symmetric key algorithms.
▶ Examples: RSA, ECDH, ECDSA, El Gamal and NTRU.
▶ The public and private keys (key pair) of a given user
(device) are mathematically related.
▶ They are generated in such a way that it is prohibitively
expensive to determine the private key given the knowledge of
the public key.
▶ The generation of these keys is based on one way functions
(OWF).
▶ OWF are mathematical functions in which forward operations
can be done easily but reverse operations are impractical.
78 / 136
Asymmetric algorithms
79 / 136
Asymmetric algorithms: Strengths &
weaknesses
▶ Strengths
• They provide mechanism for key exchange and distribution.
• They provide both data confidentiality and digital signature.
♦ Practically, they are commonly used for key exchange/distribution
and digital signature.
♦ Digital signature is important for providing user/entity
authentication and non-repudiation services.
▶ Weaknesses
• They require larger key sizes, at least 1024 bit long, to offer
stronger level of security.
• They require more computing resources such as CPU, bandwidth,
memory and hard drive.
• They are generally slower than symmetric algorithms as they are
computationally intensive.
• Because of their poor performance and large demand for
computing resources, they are rarely used for encryption.
80 / 136
Public and Private key Generation
▶ Each user (device) must have two keys, public key and private
key, which form a key pair and which are mathematically
related.
▶ The private key, PrivK , is generated first.
▶ Then the private key is supplied to a function termed as U,
together with a constant C to generate the public key, PKpub .
▶ This can be expressed mathematically as follows:
PKpub = U (PrivK , C)
▶ Therefore a public key PKpub does contain components of
private key PrivK and constant C
81 / 136
Key Agreement (Exchange)
82 / 136
Key Agreement (Exchange)
83 / 136
Generation of constant G
84 / 136
Generation of constant G
▶ A practical example:
• Alice and Bob agree to use 5 and 23 for g and p , respectively.
• Alice chooses a secret integer 6 and sends Bob A = 56 mod 23 =
8
• Bob chooses a secret integer 15 and sends Alice B = 515 mod 23
= 19
• Alice computes G = 196 mod 23 = 2
• Bob computes G ′ = 815 mod 23 = 2
• G = G′
▶ Values p , g , g a mod p and g b mod p are sent in clear over
insecure channel.
▶ Only values a , b and G are kept secret.
▶ In practice, g , p , a and b are very large prime integers,
between 100 to 200 (or even more) long integer numbers.
▶ These numbers are randomly generated by the system.
▶ The problem of breaking RSA is known as integer factorization
problem.
85 / 136
Encryption issues associated with PKC
86 / 136
Solution to PKC Encryption issues
▶ The solution is to encrypt the message with B's PKB , and sign
(hash) it with A's PrivKA .
▶ At the destination, the message will be decrypted using B's
PrivKB and verified by using A's PKA .
▶ With this mechanism, the confidentiality of the message is
observed because only B's private key can decrypt a message
encrypted with his public key.
▶ Also, the origin of the message (user or entity
authentication) is verified because a message signed (hashed)
with A's private key can only be verified with his public
key.
▶ Although many users in a communication pool may have A's
public key to verify the message, they do not have B's
private key, which is necessary to first decrypt the message.
87 / 136
Common Asymmetric algorithms
▶ Rivest-Shamir-Addleman (RSA)
• It was invented by and named after its three inventors Ron
Rivest, Adi Shamir and Leonard Adleman at MIT in 1977.
• Since then, it has been the widely used public key algorithm.
• It usually uses 1024 and 2048-bit keys.
• It is a block cipher in which plaintext and ciphertext are
integers between 0 and n - 1, where n is 21024 .
• It is by far the easiest to understand and implement among all
other public key algorithms and is patent free.
• It is built upon strong mathematical foundation and its
security depends on integer factorization problem (IFP).
88 / 136
Common Asymmetric algorithms
▶ Rivest-Shamir-Addleman (RSA)
• It is not appropriate to encrypt large amount of data, and
therefore used to encrypt small amount of data such as secret
keys of symmetric algorithms.
• Both public key and private key can be used to encrypt data,
that is whatever one can encrypt data, the other one can
decrypt.
• It is therefore a preferred choice for Key agreement to text
encryption.
• Public and private keys are functions of a pair of large (100,
200 digits or even larger) prime numbers.
• It has withstood years of extensive cryptanalysis.
• It can be used for text encryption, digital signature and key
agreement.
89 / 136
Common Asymmetric algorithms
90 / 136
Common Asymmetric algorithms
91 / 136
Need for both Symmetric and Asymmetric
cryptography
92 / 136
Digital Signature
93 / 136
Digital Signature
94 / 136
Digital Signature
95 / 136
Digital Signature
96 / 136
Digital Signature
97 / 136
Digital Signature
98 / 136
Digital Signature
99 / 136
Digital Signature
100 / 136
Introduction to Linux security
▶ Linux is one of the most secure operating systems
▶ Available for various devices including desktops, network
servers, mobile devices and hand-held devices
▶ Different types of Linux operating systems include Ubuntu,
Fedora, Debian, OpenSUSE etc.
▶ Shell commands (text-based commands) are an important
component of Linux OS.
▶ Shell commands are more powerful than GUI-based commands;
▶ Strengths (benefits) include;
• Simple and faster than GUI-based commands
• Provides a stronger way of interacting with and managing the
system than GUI-based commands
• Consistency among Linux systems - use similar commands.
• Crucial for troubleshooting
• Useful for remote access
• Special shell features
• Scripting capabilities
101 / 136
Introduction to Linux security
▶ Linux file structure
▶ Managing users
• To display all users in the system
compgen -u
• To display all groups in the system
getent group
compgen -g
• Search for the group css325
getent group grep css325
• Checking members (users) of css325
grep css325 /etc/group
• Viewing group membership for rashid
groups rashid
105 / 136
Introduction to Linux security
▶ File permissions
• Objects such as files, directories and devices in Linux (and
Unix) systems are all treated as files.
• Permissions are designed to keep users from accessing other
users' private files and protect important system files.
• Three permissions are read (r), write (w) and execute (x).
• Because files and directories (folders) are different types of
objects then read, write and execute permissions on files and
directories mean different things.
• The superuser (root) has the ability to access any file on the
system.
106 / 136
Introduction to Linux security
107 / 136
Introduction to Linux security
▶ Changing permissions
108 / 136
Introduction to Linux security
▶ Changing permissions
• The first block on a line has 10 characters.
• The first character denotes whether the object is a file,
directory, device, link, socket or pipe.
• d means an object is a directory and - means a file.
• The next nine characters are split into three equal sections
namely owner, group and others (everyone else) respectively.
• The chmod command is used to modify the permissions of files
and directories
• There are two ways to modify file permissions which are;
♦ With numbers
♦ With letters
109 / 136
Introduction to Linux security
110 / 136
Introduction to Linux security
111 / 136
Introduction to Linux security
112 / 136
Introduction to Linux security
▶ chmod with numbers
• Each permission (read, write, and execute), is assigned a
number r = 4, w = 2, and x = 1, and you use each sets
total number to establish the permission For
• example, to make permissions wide open for yourself as owner,
you will set the first number to 7; which is obtained through
4+2+1
• Any combination of permissions can result from 0 (no
permission) through 7 (full permission)
Option Definition
#- - owner
-#- group
- -# other
1 execute
2 write
4 read
113 / 136
Introduction to Linux security
114 / 136
Introduction to Linux security
▶ Changing ownership of files and directories
• Ownership and group of files and directories is changed using
chown command
• By default, ownership of the file or directory belongs to the
user who created it
• Group: A set of users that share the same access permissions
(r,w,x).
• Three different groups in Linux are owning user, owning group
and others (everybody).
• Owning user and owning group are the user and group assigned
ownership of the file or group.
• Others means any user not the owner user nor the owning group.
• Common syntaxes are;
sudo chown owner − user filename
sudo chown owner − user : owner − group filename
sudo chown owner − user : owner − group directory
sudo chown [options] owner − user : owner − group filename
sudo chown :owner − group filename
• The most common option is −R (also −r ) which recursively
change owenership of files and (sub)directories
115 / 136
Malicious Software
116 / 136
Malicious Software - Threat consequences
(Payloads)
▶ Payloads are defined as actions performed by malware once it
reaches a target system which include;
• Deletion or corruption of data files
• Theft of information such as login credentials or other
personal information by keylogging or spyware
• Displaying unwanted or irrelevant information.
• Shutting down or restarting a computer.
• Causing the operating system (OS) to malfunctions.
• Lowering security settings.
• Allows unauthorized access to system resources such as disk,
RAM, and CPU
• Slowing down computer or web browser speeds.
• Creating problems connecting to networks.
• Frequent freezing or crashing of the computer.
• Disrupts operations of a computer or network system.
• Installing additional software.
• Creating unwanted popup ads.
• Redirecting web browser searches and changing homepages.
• Switching computer settings.
117 / 136
Malicious Software - Types
▶ Keyloggers: Captures keystrokes on a compromised system.
▶ Logic bomb: A malicious code that lies dormant until a
predefined condition is met.
▶ Virus: Malware that replicates itself into other machine or
script code when executed
▶ Worm: Runs independently and propagates a complete working
version of itself onto other hosts on a network by exploiting
software vulnerabilities in the victim's system
▶ Zombie: A malware activated on infected computer to launch
attacks on other machines. Commonly used in DoS attacks
▶ Adware: Advertising that is integrated into software
▶ Advanced Persistent Threat (APT): Cybercrime directed at
business and political targets, using a wide variety of
intrusion technologies and malware to specific target
✓ Aims at stealing intellectual property rights, security
information, infrastructure related data and physical
disruption of infrastructure.
118 / 136
Malicious Software - Types
▶ Downloaders: Installs other items on an infected machine
▶ Flooders: Used to generate a large volume of data to attack
networked computer systems, e.g. in DoS attacks.
▶ Trojan Horse: A malware that appears to have useful function
but also has a hidden and potentially malicious function that
circumvents security mechanism.
▶ Spyware: Collects information from a computer and transmit
it to another system by monitoring keystrokes, screen data,
network traffic, or scanning files.
▶ Spammer programs: Malware used to send large volumes of
unwanted emails.
▶ Backdoor (Trapdoor): Any software that bypasses a normal
security check to allow unauthorized access to functionality
in programs or onto compromised computers.
▶ Rootkit: It is a set of tools and utilities that hacker can
use to maintain access of a hacked system.
✓ Allows hackers to seek out usernames and passwords, launch
attacks, conceal their actions by hiding their files and
erasing activities from systems logs.
119 / 136
Malicious Software - Propagation
▶ Propagation mechanism include the following methods;
• Infection of existing executable or interpreted content by
viruses that subsequently spread to other systems.
• Exploiting vulnerabilities either locally over a network
• Social engineering attacks that convince users to bypass
security mechanism to install malware
• Phishing attacks
• Parasitic malware: machine code attaching itself to documents
(MS Word documents, Excel spreadsheets, PDF), system program,
boot sector etc.
• Through network transmitted files
• Downloading free software from the Internet that secretly
contains malware
• Downloading legitimate software that's secretly bundled with
malware
• Visiting a website that's infected with malware
• Clicking a fake error message or pop-up window that starts a
malware download
• Opening an email attachment that contains malware
120 / 136
Malicious Software - Computer virus
▶ Computer virus: A self replicating and executable malware
that interfere with operating system, application programs
and hardware.
▶ Major characteristics of computer virus include;
• They reside in the computer's memory (RAM and hard disks) like
any other computer program.
• They are capable of self replicating.
• They are executable i.e, they give instructions that can be
followed by the processor (CPU).
▶ A computer various has three parts;
• Infection mechanisms: The means by which a virus propagates
(spreads)
• Trigger: The event or condition that determines when the payload
is activated or delivered, which include;
✓ Specific data or time
✓ A number of replications made
✓ When some keys are pressed in a specified order
✓ When a certain program is executed
✓ Automatic execution
• Payload: The damage caused by the virus.
121 / 136
Malicious Software - Types of computer virus
▶ File virus
• They are known as Parasitic or Executable viruses
• They attach themselves to executable (program) or interpreted
files, driver files or compressed files.
• Activated when the host program is run and carry out the
harmful the malevolent (harmful) activities they are programmed
for
▶ Boot sector virus
• Affect the boot sector of the hard disks.
• Boot sector is a location where all information about the drive
is stored along with start up programs of the OS.
• By affecting the boot sector, boot sector viruses guarantee
that it loads into memory during every boot sequence.
• They seriously affect this boot sector causing the Operating
System fail to load
122 / 136
Malicious Software - Types of computer virus
▶ Macro virus
• Affect data files created using application software including
Microsoft's Office Word, Office Access, PowerPoint and Excel
• Most known type of computer viruses as their effects are felt
by many computer users.
▶ Email virus
• They can be a form of macro viruses that spread to all contacts
located in the host's email address book
• Attach themselves to the emails and email attachments sent from
infected computers and spread to new host computers.
123 / 136
Malicious Software - Combating malware
124 / 136
Malicious Software - Combating malware
▶ Avoid opening of files that are unknown to you or suspicious
files.
▶ Use a non-administrator account whenever possible
▶ Be careful about opening email attachments or images
▶ Don't trust pop-up windows that ask you to download software
▶ Avoid opening of files that are unknown to you or suspicious
files.
▶ Provide user awaneress and training on computer security
issues including malware, their attacks, damage and
countermeasures
▶ Back up data and test restore procedures
▶ Partition your computer network into segments
▶ Implement email security to prevent malware spread and
infections through an email attachment or malicious download
▶ Use security analytics to monitor network traffic
▶ Create a set of instructions for IT staff
▶ Update your frontline defenses including adherence to
policies and best practices for application, system, and
appliance security
125 / 136
Operating system security
126 / 136
Operating system security
127 / 136
Operating system security: OS installation
▶ System security begins with the installation of the OS.
▶ A network connected or unpatched OS is vulnerable to exploit
during its installation or continued use.
▶ Install the OS from an isolated network or protected network
with the OS image and patches transferred to it using secured
removable media such as DVDs, USB etc.
▶ The installation and hardening process should occur before
the system is deployed to the network.
▶ Initial installation should install the minimum required
features, with additional features getting installed when
needed.
▶ Be careful when installing additional features, device
drivers etc. - as they execute with full kernel level
privileges and ae often supplied by third party.
▶ A malicious software may circumvent (bypass) security
mechanisms to perform nefarious activities.
▶ Keep the OS and applications installed as up to date as
possible.
128 / 136
Operating system security: Remove
unnecessary services, applications and
protocols
▶ Owing to the fact that any system running on the OS may have
some security vulnerabilities, a system (OS) with fewer
applications running is less risky to security threats.
▶ You must find a balance between usability - software to be
installed, and security - limiting the amount of software to
be installed.
▶ Identify the appropriate services, applications and protocols
to be installed on computers within the organizations.
▶ Remove the default settings which for many systems aim at
maximizing ease of use and functionality rather than
security.
▶ Do not install unwanted software rather than installing and
then removing/disabling them because;
• Many uninstalled software fail to remove all its components
• Disabled software may be re-enabled should the system be
compromised
129 / 136
Operating system security: Configure users,
groups and authentication
▶ Not all users of the system will have the same access to all
system resources.
▶ Implement appropriate access controls to manage user access
to system resources.
▶ Identify categories of system users, appropriate privileges
needed by each category, resources to be accessed, and
authentication process.
▶ Share appropriate access levels to files and other resources
as required.
▶ Restrict elevated privileges to users who require them, and
use such elevated privileges when performing tasks that
require them.
▶ Remove or disable any default accounts that are part of the
system.
▶ Change default login credentials to new ones with appropriate
security.
130 / 136
Operating system security: Install additional
security controls
131 / 136
Operating system security: Test the security
132 / 136
Operating system security: Application
security
▶ After installing and securing the OS, you may install various
applications software and services.
▶ Install applications only required to meet its desired
functionalities to reduce the number and type of
vulnerabities that can be exploited by attackers.
▶ Be careful with software that provide remote access or
services as they can be a target of exploitation by attackers
to gain access to your system.
▶ Make appropriate application specific configurations,
including access rights to be granted to applications such as
we and files transfer files.
▶ Each installed application must updated to the most recent
version and well secured and updated.
▶ Attention be paid to applications with default accounts,
scripts, data etc.
133 / 136
Operating system security: Security
maintenance
134 / 136
Operating system security: Security
maintenance - Logging
135 / 136
Operating system security: Data backup and
archive
▶ Data backup is the process of making copies of data at
regular intervals, allowing recovery of lost or corrupted
data over relatively short period.
▶ Archive: The process of retaining copies of data over
extended periods of time, months, years etc.
▶ Data backup is an important control in maintaining the
integrity of the system as data may get lost for various
reasons including;
• Hardware or software failure
• Accidental corruption
• Deliberate corruption
▶ Legal or operational requirements may compel an organization
to back up and archive the data.
▶ Pre-determine the needs and policy related to backup and
archive of the data.
▶ Pre-determine whether the data are kept online or offline
etc.
136 / 136