ITIS 3200:
Introduction to Information
Security and Privacy
Dr. Weichao Wang
Syllabus
• See handout
– Homework will usually have 4-5 questions and due in
one week. It is due at the time that the class begins.
– Late homework and term paper
• Within 24 hours: 50% of full score
• After that: 0%
– Project/term paper
• Individual effort
– Conduct some hands-on experiments
– Or choose a security problem and write a survey paper
– A reference question list will be provided
– Midterm and final exam
– Misc: eating, drinking, and cell phone (text & twitter)
Before class
• An interesting question
– Two companies each has some private data.
They need to jointly calculate some result
without disclosing their information.
• Secure multiparty computation
• Is this solution useful?
– Zero knowledge proof:
• Can I prove to you that I know a secret without
telling you anything? (practically)
– Car key remote jammer
Perfect Storm of Social Networks
• By September 2012, Facebook announced they had
surpassed 1.01 Billion active users. Twitter claims
500M registered users (1 year ago, only 175M).
• Almost 68% of all Internet traffic is social media or
search
• Facebook is the 4th largest website in the world.
Having grown 157% between 2008 and 2009 –
1,928% in the US alone
• Social media marketing will grow from $714M in 2009
to $3.1B by 2014
• Attacks on social media sites is up 240% from
phishing attacks alone
Attacks Are On The Rise
Spam, phishing and malware attacks through social media
are growing:
• 70% rise in firms encountering
spam and malware attacks via
social networks in 2009
Organizations that have been
victims of attack through social
networking sites
‒ Over 50% received spam via
social networks
‒ Over 33% received malware
via social networks
5
Examples in real life
• Attack on Twitter
– Hack into the victim’s email account
– DDoS to paralyze Twitter, facebook, etc
• Data mining attacks on public database
– In NJ, a newspaper generates a database
about all residents that have CCW permits.
– In CA, there is a webpage listing all people
that donate to Proposition 8 ballot measure
– Groupon, Google Offer, and Amazon Local
Examples in real life
•
•
•
•
Worm attack on smart grid
Use social network to detect disease breakout
Remotely control insulin pump of a patient
Code during the war
– Navajo Code in WWII
– http://www.imdb.com/gallery/ss/0245562/W-266R.jpg
• Node impersonation attack: easier than you
think
– Computers have controlled our lives
• Medical, ATM, banking, business
• Air traffic control
Security overview
• Risks
– Why there are risks
• Adversaries
– Smart and dedicated
– Many of them, considering the high unemployment
rate
– Hiding in the dark
– From fun to profit (worm self-changing  botnet
 target at specific systems)
Security overview
• Physical security is not enough (can you
be sure that your physical security
methods are sound and enough? Example
in Las Vegas, supply chain attacks, ATM
machine, hotel doors)
• Networked computers can be accessed
remotely
Security overview
• What can go wrong
– Trojan war story (trojan horse): USB keys
– Corrupted internal worker
– Vulnerabilities of protocols or security
mechanisms (security patch has problems
too)
– By-passing protection walls
– Backdoors for systems (Linux password)
– Known attacks ignored (push and poll)
Information security
• Encryption
– You can read the information only when you
know the key
• Authentication
– You are who you claim you are
• Authorization
– The role and the right
Information security
• Information integrity
– The data has never been changed or changed in an
inappropriate way
• Non-repudiation
– Cannot deny your words (digital cash example)
• Privacy
– Who should know, how much, how to use the
information
• Your cell phone or medical records
• RFID
• Traffic cameras in Minnesota
Security overview
• Defending methods
– Prevention
•
•
•
•
Prevent (password, salt, private salt, searching)
Deter: raising the bar (password guessing, login slow)
Deflect: making other target more attractive
Diversify
– Detection
•
•
•
•
Monitoring (who, what, and how)
Intrusion detection (signature based, anomaly based)
IP telephony track
Authenticity of the evidence (digital media)
Security Overview
• Recovery
– Recover data (check point)
– Identify the damage
– Forensics
– Confinement
• Tolerance
– Maintain a decent service quality
– Automatically degrade video quality while
reserving bandwidth for voice