David Brumley dbrumleycmuedu Carnegie Mellon University Today Overview Course Staff Trusting Trust Course Overview Example Applications Course Mechanics CMU CTF Team 2 You will find a ID: 734406
Download Presentation The PPT/PDF document "Introduction to Computer Security" is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.
Slide1
Introduction to Computer Security
David Brumley
dbrumley@cmu.edu
Carnegie Mellon UniversitySlide2
Today: OverviewCourse Staff
Trusting Trust
Course Overview
Example ApplicationsCourse MechanicsCMU CTF Team
2Slide3
You will finda
t least one
error
on each set of slides.
:)
3Slide4
4
David Brumley
B.A. Math UNC 1998
M.S. CS Stanford 2003
Ph.D. CS
CMU 2008
Computer security officer, Stanford University, 1998-2002
Assistant Professor, CMU, Jan 2009Slide5
Current Research ThrustsAutomatic Exploit Generation
AEG and Mayhem
Binary code analysis
Decompilation
Vetting whole systems
5Slide6
Teaching Assistants
Zack Weinberg
Peter Chapman
6Slide7
Trust
Trusting
7Slide8
Do you trust his
Software
?
8
Photo
from http://
culturadigitalbau.wikispaces.com
/
file
/view/thompson.c1997.102634882.lg.jpg/212982274/thompson.c1997.102634882.lg.jpgSlide9
Ken Thompson
Co-Creator of
UNIX
and
C
Turing Award: 1983
9Slide10
10
Compiler
011001001111010Slide11
11
Compiler
011001001111010
...
if(program == “login”)
add-login-backdoor();
if(program == “compiler”)
add-compiler-backdoor()
;Slide12
Ken Thompson
Co-Creator of
UNIX
and
C
Turing Award: 1983
12
HackerSlide13
Would you trust
Mother Teresa’s
software?
13Slide14
14
Sanitize the environment when invoking external programs
Do not call system() if you do not need a command processor
Exclude user input from format strings
Use the
readlink
() function properly
Do not subtract or compare pointers that do not refer to the same array
Mask signals handled by
noninterruptible
signal handlers
Ensure that unsigned integer operations do not wrap
Guarantee that array and vector indices are within bounds
Would you trust
Mother Teresa’s
software?Slide15
15
Surely cryptographers code must be secure?
Ron
Rivest
Adi
Shamir
Len
Adleman
Picture from http://
www.usc.edu
/
dept
/molecular-science/RSA-2003.
htmSlide16
Perfect Cryptography Exists!
We’re no better off guessing what an encrypted message contains given the
ciphertext
.
- Claude Shannon
16Slide17
But implementations may still leak...
17
message
decrypt
(
ciphertext
c
,
private_key
k
){
plaintext
m
;
if(
k
==
1
)
m
= time t
1
decryption ops; return
m
;
if(
k
==
2
)
m
= time t
2
decryption ops; return
m
;
if(
k
==
3
)
m
= time t
3
decryption ops; return
m
;
....
}Slide18
18
Isn’t this networking?
Routers run an
operating system
,
which hackers now targetSlide19
Even GPS runs:
Webservers
FTP servers
Network time daemons
19Slide20
20
Security is many thingsSlide21
This Class: Introduction to the Four Research Cornerstones of Security
21
Software Security
Network Security
OS Security
CryptographySlide22
22
Course Topics
Your job: become conversant in these topicsSlide23
Software Security
23Slide24
Control Flow Hijacks
24
shellcode
(aka payload)
padding
&
buf
computation
+
control
Allow attacker ability to run arbitrary code
Install malware
Steal secrets
Send spamSlide25
25Slide26
26Slide27
27Slide28
Software Security
Recognize and exploit vulnerabilities
Format string
Buffer overflowGist of other control flow hijacks, e.g., heap overflow
Understand defenses in theory and practice
ASLRDEP
Canaries
Know the limitations!
28Slide29
Cryptography
29Slide30
Everyday Cryptography
ATM’s
On-line banking
SSHKerberosSlide31
Alice
Bob
M
Public Channel
Adversary Eve:
A very clever personSlide32
Alice
Bob
M
Public Channel
Adversary Eve:
A very clever person
Cryptography’s Goals:
Data Privacy
Data Integrity
Data AuthenticitySlide33
Alice
Bob
M
Public Channel
Adversary Eve:
A very clever person
Cryptonium
PipeSlide34
Alice
Bob
M
Public Channel
Adversary Eve:
A very clever person
Cryptonium
Pipe
Cryptography’s Goals:
Privacy
Integrity
AuthenticitySlide35
35Slide36
GoalsUnderstand and believe you should never, ever invent your own algorithm
Goals
Encryption
Integrity
Authentication
ConceptsSymmetric key crypto
Hashes
Macs
Signatures
Example pitfalls
36Slide37
OS/Systems Security
37Slide38
38
Principal
Reference
Monitor
Object
Requested
Operation
Approved
Operation
Source
Guard
Resource
Authentication
Authorization
In security, we isolate reasoning
about the guardSlide39
39Slide40
OS GoalsKnow Lampson’s “gold” standard
Au
thorization
AuthenticationAu
dit
Know currently used security architectures
40Slide41
Network Security
41Slide42
42Slide43
43Slide44
44Slide45
Networking GoalsUnderstand the base rate fallacy and it’s application to IDS
Be able to recognize and perform basic web attacks
State what a
DDoS
is, and how CDN’s mitigate their effect
45Slide46
Course Mechanics
46Slide47
BasicsPre-
req
:
Basic UNIX development (gcc,
gdb
, etc.)15-213 or similar is recommended
Read
all
papers before lecture
ReadUnderlineQuestionReview
Course website:
http://
www.ece.cmu.edu
/~
dbrumley
/courses/18487-f14/www
47Slide48
Workload3 homework assignments
3 exams, keep highest 2 grades
CTF
48Slide49
CTF Component: Learn Outside the Course
Solve 10 CTF problems
Not
picoctf.com
Videotape the solutions, put on a private
youtube.
Make videos private
for now
See livectf.com for fun
49Slide50
Basic Mechanics
Grading based on:
3
homeworks (35%)Highest 2 out of 3 tests (30% each)
Participation and CTF (5%)
No late days except under exceptional circumstances.
I guarantee at least the following:
90-100%: A
80-89%: B
70-79%: C60-69%: D< 59%: F
50Slide51
ETHICS!
Obey the law
Do not be a nuisance
Don’t cheat, copy others work, let others copy, etc.
51Slide52
Capture the Flag
52Slide53
53
CMU Capture the Flag TeamSlide54
54
Red Team
Vulnerability Discovery
Exploitation
Network mapping
Web security
Blue Team
Intrusion detection
Hot-patching
Firewalls
Work-
aroundsSlide55
55Slide56
56Slide57
10,000 Students in 2,000 teams
57
Size of circle proportional to number of teamsSlide58
58Slide59
59Slide60
Example Network Forensics
60Slide61
PicoCTF10,000 students
600 teams solving advanced problems
ROP attacks
Breaking incorrect use of modern crypto
Identified the best of the best
“I learned more in one week than the last two years in CS courses.”
61
If you get an A, you may be eligible to help with PicoCTF 2014Slide62
62
Questions?Slide63
END