yongdae kim kaist offense vs defense
play

Yongdae Kim KAIST Offense vs. Defense q Know your enemy. Sun Tzu q - PowerPoint PPT Presentation

Dec 26, 2023 •209 likes •732 views

EE515/IS523 Think Like an Adversary Lecture 1 Introduction Yongdae Kim KAIST Offense vs. Defense q Know your enemy. Sun Tzu q "the only real defense is active defense - Mao Zedong q security involves thinking like an

  1. EE515/IS523 Think Like an Adversary Lecture 1 Introduction Yongdae Kim KAIST

  2. Offense vs. Defense q “Know your enemy.” – Sun Tzu q "the only real defense is active defense” - Mao Zedong q “security involves thinking like an attacker, an adversary or a criminal . If you don’t see the world that way, you’ll never notice most security problems.” - Bruce Schneier

  3. Instructor, TA, Office Hours q Instructor ▹ Yongdae Kim » 8 th time teaching EE515/IS523 » 30 th time teaching a security class ▹ Email: yongdaek (at) kaist. ac. Kr yongdaek (at) gmail. com » Please include ee515 or is523 in the subject of your mail ▹ Office: N26 201 ▹ Office Hours: TBD q TA ▹ EE TA: Dohyun Kim dohyunjk (at) kaist.ac.kr Micheol Son mcson (at) kaist.ac.kr ▹ GSIS TA: Minjung Kim (mjkim9334 (at) kaist.ac.kr) ▹ security101_ta (at) syssec.kaist.ac.kr ▹ Office hours: by appointment only

  4. ��C��������������C����28�A�9�C 08������+9���9�A�8��2C��8��28�A�9�C����2C��8��28�A�9�C ���� ���� ���� ���� ���� �31� �2� ���23 �/0 q 25+ year career in security research ▹ Applied Cryptography, Group key agreement, Storage, P2P, Mobile/Sensor/Ad-hoc/Cellular Networks, Social networks, Internet, Anonymity, Censorship q Published about 80 papers (+6,400 Google scholar citations) �

  5. Class web page, e-mail q http://security101.kr ▹ Read the page carefully and regularly! ▹ Read the Syllabus carefully. ▹ Check calendar. q E-mail policy ▹ Include [ee515] or [is523] in the subject of your e- mail

  6. Textbook q Required: Papers! q Optional ▹ Handbook of Applied Cryptography by Alfred J. Menezes, Paul C. Van Oorschot, Scott A. Vanstone (Editor), CRC Press, ISBN 0849385237, (October 16, 1996) Available on-line at http://www.cacr.math.uwaterloo.ca/hac/ ▹ Security Engineering by Ross Anderson, Available at http://www.cl.cam.ac.uk/~rja14/book.html.

  7. Goals q To discover new attacks in emerging systems q The main objective of this course is to learn how to think like an adversary. q Review various ingenuous attacks and discuss why and how such attacks were possible. q Students who take this course will be able to analyze security of practical systems

  8. No Goals q In depth study of OS/Software/Network security and Cryptography q Hands-on Hacking Tutorial on Android, Windows, Embedded Systems, etc. 7

  9. Course Content q Overview q Case Studies ▹ Introduction ▹ Embedded Device Security ▹ Attack Model, Security ▹ Automobiles and IoT Security Economics, Legal Issues, Ethics ▹ Internet Protocols ▹ Cryptography and Key ▹ RF Security Management ▹ Low Level Attacks ▹ Cellular Network Security q Frequent mistakes ▹ Cryptographic Failures ▹ Sensing Security ▹ User Interface and Psychological Failures ▹ Critical Systems ▹ Software Engineering Failures ▹ Medical Device Security and Malpractices ▹ De-anonymization

  10. Evaluation (IMPORTANT!) q Approximately, ▹ Lecture (20%) ▹ Reading Report (14 x 3% = 42%) ▹ Project (38%)

  11. Group Projects q Each project should have some "research" aspect. q Group size ▹ Min 1 Max 5 q Important dates ▹ Pre-proposal: Sep 2 5 , 11:59 PM. ▹ Full Proposal: Oct 9 , 11:59 PM. ▹ Midterm report: Nov 4 , 11:59 PM ▹ Final report: Dec 11 , 11:59 PM. q Project examples ▹ Attack, attack, attack! ▹ Analysis ▹ Measurement

  12. Grading q Absolute (i.e. not on a curve) ▹ But flexible ;-) q Grading will be as follows ▹ 9 3 .0% or above yields an A, 90.0% an A- ▹ 85% = B+, 80% = B, 75% = B- ▹ 70% = C+, 65% = C, 60% = C- ▹ 55% = D+, 50% = D, and less than 50% yields an F.

  13. Reading Report (Precise and Concise) q Target System q Target Service q Vulnerability q Exploitation (Attacks) q Evaluation q Defense q Future Work: After reading this paper, what could be the next step? ▹ Any problem in evaluation? ▹ Other targets? ▹ Other vulnerabilities? 12

  14. And… q Incompletes (or make up exams) will in general not be given. ▹ Exception: a provably serious family or personal emergency arises with proof and the student has already completed all but a small portion of the work. q Scholastic conduct must be acceptable. Specifically, you must do your assignments, quizzes and examinations yourself, on your own.

  16. Security Engineering q Building a systems to remain dependable in the face of malice, error or mischance Attack Security System Service Deny Service, Degrade QoS, Prevent Attacks Misuse Communication Send message Eavesdrop Encryption Web server Serving web page DoS CDN? Computer ;-) Botnet Destroy Rate Control, Channel SMS Send SMS Shutdown Cellular Network separation Remote programming and Pacemaker Heartbeat Control Distance bounding? eavesdropping Music + Nike+iPod Tracking Don’t use it? Pedometer Recommendation Collaborative Control rating using Ballot ? system filtering stuffing

  17. TSA Body Scanner 16

  18. Design Hierarchy q What are we trying to do? ������ q How? ��������. q With what? �������������,������� q Considerations ▹ Top-down vs. Bottom-up ▹ Iterative ▹ Convergence ▹ environment change

  19. Goals: Confidentiality q Confidentiality of information means that it is accessible only by authorized entities ▹ Contents, Existence, Availability, Origin, Destination, Ownership, Timing, etc… of: ▹ Memory, processing, files, packets, devices, fields, programs, instructions, strings...

  20. Goals: Integrity q Integrity means that information can only be modified by authorized entities ▹ e.g. Contents, Existence, Availability, Origin, Destination, Ownership, Timing, etc… of: ▹ Memory, processing, files, packets, devices, fields, programs, instructions, strings...

  21. Goals: Availability q Availability means that authorized entities can access a system or service. q A failure of availability is often called Denial of Service: ▹ Packet dropping ▹ Account freezing ▹ Jamming ▹ Queue filling

  22. Goals: Accountability q Every action can be traced to ����������������� ������� q Example attacks: ▹ Microsoft cert ▹ Guest account ▹ Stepping stones

  23. Goals: Dependability q A system can be relied on to correctly deliver service q Dependability failures: ▹ Therac-25: a radiation therapy machine » whose patients were given massive overdoses (100 times) of radiation » bad software design and development practices: impossible to test it in a clean automated way ▹ Ariane 5: expendable launch system » the rocket self-destructing 37 seconds after launch because of a malfunction in the control software » A data conversion from 64-bit floating point value to 16- bit signed integer value

  24. Interacting Goals q Failures of one kind can lead to failures of another, e.g.: ▹ Integrity failure can cause Confidentiality failure ▹ Availability failure can cause integrity, confidentiality failure ▹ Etc…

  25. Threat Model q What property do we want to ensure against what adversary? q Who is the adversary? q What is his goal? q What are his resources? ▹ e.g. Computational, Physical, Monetary… q What is his motive? q What attacks are out of scope?

  26. Terminologies q Attack (Exploit): attempt to breach system security (DDoS) q Threat: a scenario that can harm a system (System unavailable) q Vulnerability: the ������ �������������������������������������� q Security goal: ��������� �������������������������������������

  27. Who are the attackers? q No more script-kiddies q State-sponsored attackers ▹ Attacker = a nation! q Hacktivists ▹ Use of computers and computer networks as a means of protest to promote political ends q Hacker + Organized Criminal Group ▹ Money! q Researchers 26

  28. State-Sponsored Attackers q 2012. 6: Google starts warning users who may be targets of government-sponsored hackers q 2010 ~: Stuxnet, Duqu, Flame, Gauss, … ▹ Mikko (2011. 6): A Pandora’s Box We Will Regret Opening q 2010 ~: Cyber Espionage from China ▹ Exxon, Shell, BP, Marathon Oil, ConocoPhillips, Baker Hughes ▹ Canada/France Commerce Department, EU parliament ▹ RSA Security Inc. SecurID ▹ Lockheed Martin, Northrop Grumman, Mitsubushi 27

  29. Hacktivists q promoting expressive politics, free speech, human rights, and information ethics q Anonymous ▹ To protest against SOPA, DDoS against MPAA, RIAA, FBI, DoJ, Universal music ▹ Attack Church of Scientology ▹ Support Occupy Wall Street q LulzSec ▹ Hacking Sony Pictures (PSP jailbreaking) ▹ Hacking Pornography web sites ▹ DDoSing CIA web site (3 hour shutdown) 28

  30. Security Researchers q They tried to save the world by introducing new attacks on systems q Examples ▹ Diebold AccuVote-TS Voting Machine ▹ APCO Project 25 Two-Way Radio System ▹ Kad Network ▹ GSM network ▹ Pacemakers and Implantable Cardiac Defibrillators ▹ Automobiles, … 29

  31. Rules of Thumb q Be conservative: evaluate security under the best conditions for the adversary q A system is as secure as the weakest link. q It is best to plan for unknown attacks.

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Cellular Security - What can we expect for 5G? - Yongdae Kim KAIST SysSec Lab SysSec Lab. v

Cellular Security - What can we expect for 5G? - Yongdae Kim KAIST SysSec Lab SysSec Lab. v

Cellular Security - What can we expect for 5G? - Yongdae Kim KAIST SysSec Lab SysSec Lab. v System Security Lab. @ KAIST, Korea Yongdae Kim Prof @ Electrical Engineering & Information Security Director @ Cyber Security Research

629 views • 46 slides
Is It Time To Play Offense or Defense with Defense Stocks? September 16, 2006 American

Is It Time To Play Offense or Defense with Defense Stocks? September 16, 2006 American

Is It Time To Play Offense or Defense with Defense Stocks? September 16, 2006 American Association of Individual Investors (DC Chapter) Kevin P. DeSanto, Vice President Houlihan Lokey Investment Banking Services Aerospace Defense

1.43k views • 79 slides
US Army War College Fellowship Cyber Defense/Offense Dr. Bill Young Department of Computer

US Army War College Fellowship Cyber Defense/Offense Dr. Bill Young Department of Computer

US Army War College Fellowship Cyber Defense/Offense Dr. Bill Young Department of Computer Science University of Texas at Austin Last updated: February 27, 2013 at 11:16 Dr. Bill Young: 1 Cyber Defense/Offense Some Sources Jeffrey Carr,

936 views • 60 slides
DDoS Defense by Defense by DDoS Offense Offense Published in ACM SIGCOMM06 Presented By:

DDoS Defense by Defense by DDoS Offense Offense Published in ACM SIGCOMM06 Presented By:

DDoS Defense by Defense by DDoS Offense Offense Published in ACM SIGCOMM06 Presented By: Marwa K. Elteir Outline Outline Problem definition Problem definition Related Work Related Work Speak Speak- -up up Model Model

458 views • 9 slides
The BIPA Blitz Get Your Offense Ready So You are Not on Defense 11/19/2019 The BIPA Blitz Get

The BIPA Blitz Get Your Offense Ready So You are Not on Defense 11/19/2019 The BIPA Blitz Get

The BIPA Blitz Get Your Offense Ready So You are Not on Defense 11/19/2019 The BIPA Blitz Get Your Offense Ready So You are Not on Defense Your presenters Jim Shreve Susan Lorenc slorenc@thompsoncoburn.com jshreve@thompsoncoburn.com

357 views • 12 slides
READ AND REACT OFFENSE WHAT ITS NOT Not motion offense Motion offense is good if you

READ AND REACT OFFENSE WHAT ITS NOT Not motion offense Motion offense is good if you

READ AND REACT OFFENSE WHAT ITS NOT Not motion offense Motion offense is good if you have 5 intelligent great multi-dimensional players Most offenses are predicated on a certain type of player. Its also not an offense set

1.2k views • 87 slides
IS511 Introduction to Information Security Lecture 3 Cryptography 2 Yongdae Kim Recap

IS511 Introduction to Information Security Lecture 3 Cryptography 2 Yongdae Kim Recap

IS511 Introduction to Information Security Lecture 3 Cryptography 2 Yongdae Kim Recap http://syssec.kaist.ac.kr/~yongdaek/courses/is511/ E-mail policy 4 Include [is511] 4 Profs + TA: IS511_prof@gsis.kaist.ac.kr 4 Profs + TA +

1.1k views • 43 slides
SOMETIMES A GOOD DEFENSE IS THE BEST OFFENSE: A Summary of Certain Useful Product Liability

SOMETIMES A GOOD DEFENSE IS THE BEST OFFENSE: A Summary of Certain Useful Product Liability

13 SOMETIMES A GOOD DEFENSE IS THE BEST OFFENSE: A Summary of Certain Useful Product Liability Affirmative Defenses b y J a s o n K e e h f u s a n d E m i l y B a k e r 12 that a fundamental requirement of strict liability theory is

226 views • 4 slides
THE BEST OFFENSE IS A GOOD DEFENSE Every soldier in the world wears a bulletproof vest; it is

THE BEST OFFENSE IS A GOOD DEFENSE Every soldier in the world wears a bulletproof vest; it is

THE BEST OFFENSE IS A GOOD DEFENSE Every soldier in the world wears a bulletproof vest; it is practically the main defensive gear for anyone who uses a firearm, for those working in security agencies, in companies specialized in the

433 views • 21 slides
Yongdae Kim KAIST Admin q Student Information Survey https://goo.gl/forms/VnjAyN5N1bmswLNP2 q

Yongdae Kim KAIST Admin q Student Information Survey https://goo.gl/forms/VnjAyN5N1bmswLNP2 q

EE817/IS893 Blockchain and Cryptocurrency Peer-to-Peer Systems Yongdae Kim KAIST Admin q Student Information Survey https://goo.gl/forms/VnjAyN5N1bmswLNP2 q Paper Presentation Survey https://goo.gl/forms/pGhbDPJqBr4MNff92 q Paper

393 views • 24 slides
Network Attacks I Yongdae Kim KAIST Two Planes Data Plane: Actual data delivery Control

Network Attacks I Yongdae Kim KAIST Two Planes Data Plane: Actual data delivery Control

Network Attacks I Yongdae Kim KAIST Two Planes Data Plane: Actual data delivery Control Plane To support data delivery (efficiently, reliably, and etc.) Routing information exchange In some sense, every protocol except data

751 views • 51 slides
How to Play the Best Offense and Defense When it Comes to Trade Secret Protection: A

How to Play the Best Offense and Defense When it Comes to Trade Secret Protection: A

How to Play the Best Offense and Defense When it Comes to Trade Secret Protection: A Comprehensive Guide from Recruitment to Separation Allison Bowers | allison@hutchesonbowers.com | 512.777.4449 @hutchesonbowers

520 views • 23 slides
Internet Control Plane Security Yongdae Kim KAIST Two Planes Data Plane: Actual data

Internet Control Plane Security Yongdae Kim KAIST Two Planes Data Plane: Actual data

Internet Control Plane Security Yongdae Kim KAIST Two Planes Data Plane: Actual data delivery Control Plane To support data delivery (efficiently, reliably, and etc.) Routing information exchange In some sense, every protocol

396 views • 39 slides
Overview Physical Security Blockchain and Cryptocurrency Self-Driving Car: Hyundai, KAIST

Overview Physical Security Blockchain and Cryptocurrency Self-Driving Car: Hyundai, KAIST

Korea vs USA Security Research - Case Study: Cellular Network - Yongdae Kim KAIST Syssec Overview Physical Security Blockchain and Cryptocurrency Self-Driving Car: Hyundai, KAIST Samsung: Blockchain ApplicaDon This aint your, Usenix WOOT

426 views • 8 slides
IS511 Introduction to Information Security Lecture 1 Introduction Yongdae Kim Instructor, TA,

IS511 Introduction to Information Security Lecture 1 Introduction Yongdae Kim Instructor, TA,

IS511 Introduction to Information Security Lecture 1 Introduction Yongdae Kim Instructor, TA, Office Hours Yongdae Kim 4 yongdaek (at) kaist. ac. kr, yongdaek (at) gmail. com 4 Office: N26 201 Insik Shin 4 insik.shin (at) cs.

836 views • 47 slides
AFRC Annual Meeting 2019 Legal Program Overview Offense Defense O&C Act Protect agency

AFRC Annual Meeting 2019 Legal Program Overview Offense Defense O&C Act Protect agency

AFRC Annual Meeting 2019 Legal Program Overview Offense Defense O&C Act Protect agency tools DNR Trust mandate Develop legal precedent Unsupported regulatory Defend timber volume decisions (Critical Habitat) Defend our members AFRC

324 views • 20 slides
COM-405 Mobile Networks Prof. Jean-Pierre Hubaux http://mobnet.epfl.ch (redirected to Moodle)

COM-405 Mobile Networks Prof. Jean-Pierre Hubaux http://mobnet.epfl.ch (redirected to Moodle)

COM-405 Mobile Networks Prof. Jean-Pierre Hubaux http://mobnet.epfl.ch (redirected to Moodle) 1 About this course g The course is about the system aspects of mobile networking g Therefore, it covers: - networking issues (MAC, network and

345 views • 31 slides

(thanks/blame mostly to Google Translate) Gianluca Baio University College London Department of Statistical Science g.baio@ucl.ac.uk

1.29k views • 94 slides
Embedded Devices Security Firmware Reverse Engineering Jonas Zaddach Andrei Costin August 11,

Embedded Devices Security Firmware Reverse Engineering Jonas Zaddach Andrei Costin August 11,

Embedded Devices Security Firmware Reverse Engineering Jonas Zaddach Andrei Costin August 11, 2013 Andrei Costin/Jonas Zaddach www.firmware.re 1/104 About Jonas Zaddach PhD. candidate on "Development of novel binary analysis

1.25k views • 104 slides
Transcript for Confirmation of Death Training To be read in conjunction with NHS Lothian Clinical

Transcript for Confirmation of Death Training To be read in conjunction with NHS Lothian Clinical

Transcript for Confirmation of Death Training To be read in conjunction with NHS Lothian Clinical Education and Training Department powerpoint presentation (if no sound available on computer) SLIDE 1 Title Slide Nurse Verification of Expected

301 views • 7 slides
1 2 3 ESA: Space weather refers to the environmental conditions in Earths magnetosphere,

1 2 3 ESA: Space weather refers to the environmental conditions in Earths magnetosphere,

1 2 3 ESA: Space weather refers to the environmental conditions in Earths magnetosphere, ionosphere and thermosphere due to the Sun and the solar wind that can influence the functioning and reliability of spaceborne and ground-based systems

1.3k views • 95 slides
Inside IHE: Patient Care Device Webinar Series 2017 Presented by Monroe Pattillo Practical

Inside IHE: Patient Care Device Webinar Series 2017 Presented by Monroe Pattillo Practical

Inside IHE: Patient Care Device Webinar Series 2017 Presented by Monroe Pattillo Practical Health Interoperability, LLC IHE PCD Planning Committee Co-Chair Patient Care Device (PCD) Domain Formed in 2005 to address Point-of-Care Medical

424 views • 24 slides
( 11 9 )

( 11 9 )

5/4/2016 ( 11 9 ) 1 5/4/2016 .

701 views • 47 slides
Implications of the AEMCs Implications of the AEMCs economic regulation of network service

Implications of the AEMCs Implications of the AEMCs economic regulation of network service

Implications of the AEMCs Implications of the AEMCs economic regulation of network service providers draft rule for consumers Ed Willett Acting AER Chairman EUAA Annual Conference - October 2012 Topics Rationale for the AERs

455 views • 7 slides

More recommend