PPT-Security II CS 161: Lecture 18

42017 Using Virtualization for Evil Deprivileging a Guest OS Using virtualization technology we can mediate how a Guest OS and its applications interact with the outside world Ex Direct execution wbinary translation and a baremetal VMM. Intro to IT. . COSC1078 Introduction to Information Technology. . Lecture 22. Internet Security. James Harland. james.harland@rmit.edu.au. Lecture 20: Internet. Intro to IT. . Introduction to IT. 11. Intrusion Detection (. cont. ). modified from slides of . Lawrie. Brown. Security Intrusion. : A security event, or a combination of multiple security events, that constitutes a security incident in which an intruder gains, or attempts to gain, access to a system (or system resource) without having authorization to do so.. 1: . Overview. modified from slides of . Lawrie. Brown. Outline. The focus of this . chapter is . on three fundamental questions:. What assets do we need to protect?. How are those assets threatened?. Overview. modified from slides of . Lawrie. Brown. Outline. The focus of this . chapter is . on three fundamental questions:. What assets do we need to protect?. How are those assets threatened?. What can we do to counter those threats?. Intrusion Detection. modified from slides of . Lawrie. Brown. Intruders. classes:. two most publicized threats to security are malware and intruders. generally referred to as a . hacker. or . cracker. Trusted Computing and Multilevel Security. modified from slides of . Lawrie. . Brown . and . Hesham. El-. Rewini. Computer Security Models. two fundamental computer security facts:. all complex software systems have eventually revealed flaws or bugs that need to be fixed. ingenuity cannot concoct a cipher which human ingenuity cannot resolve. .”. Edgar Allan Poe, 1841. CS-127 / CSCI E-127: Cryptography. Web page: . http://www.boazbarak.org/cs127. (Google . “. cs. 127 boaz”. Last Lecture . Prabhaker Mateti. Internet Growth. Internet host count. 213. 1986 5,089. 1998 29,670,000. 2000 93,047,785. 2005 317,646,084. 768,913,036. 818,374,269. 2013 996,230,757. modified from slides of . Lawrie. . Brown . and . Hesham. El-. Rewini. Computer Security Models. two fundamental computer security facts:. all complex software systems have eventually revealed flaws or bugs that need to be fixed. Rachel Greenstadt. January 30, 2017. Market Failures: Moral Hazard. https://www.youtube.com/watch?v=. 5v7TWKlYoN0. Amateurs Study Cryptography. Professionals Study Economics . A solved problem?. “You pay for content or services with anonymous electronic cash. You connect to content and service providers with an anonymizing mixnet. You authenticate yourself with anonymous credential schemes or zero-knowledge identification protocols. You download content via private information retrieval or oblivious transfer. You use secure function evaluation when interacting with services that require some information.” . Last Lecture . Prabhaker Mateti. Internet Growth. Internet host count. 213. 1986 5,089. 1998 29,670,000. 2000 93,047,785. 2005 317,646,084. 768,913,036. 818,374,269. 2013 996,230,757. Application security in a world of sensitive capabilities. Information Security – Theory vs. Reality. 0368-4474-01, Winter 2011. Guest Lecturer: . Roei. Schuster. 1. 2. Introduction to Smart Phone Security. . Patra. Quick Recall and Today’s Roadmap. >> . CCA Security, more stronger than CPA security . >. > . Break of CBC Mode CPA secure scheme under CCA- Padding Oracle Attack. >> MAC. . (PRGs). Let G be an efficient, deterministic algorithm . that expands a . short . seed. . into a . longer . output. Specifically, let |G(x)| = p(|x|). G is a PRG if: when the distribution of x is uniform, the distribution of G(x) is “indistinguishable from uniform”.