Lecture 7 Outline

Reading: text, §24.1–24.2; [Bis07a, Bis07b, Wei95]
Due: Homework 2, on Apr. 19

1. Greetings and felicitations!
2. Puzzle of the Day
3. Penetration Studies
   1. Why? Why not direct analysis?
   2. Effectiveness
   3. Interpretation
4. Flaw Hypothesis Methodology
   1. System analysis
   2. Hypothesis generation
   3. Hypothesis testing
   4. Generalization
5. System Analysis
   1. Learn everything you can about the system
   2. Learn everything you can about operational procedures
   3. Compare to other systems
6. Hypothesis Generation
   1. Study the system, look for inconsistencies in interfaces
   2. Compare to other systems’ flaws
   3. Compare to vulnerabilities models
7. Hypothesis testing
   1. Look at system code, see if it would work (live experiment may be unneeded)
   2. If live experiment needed, observe usual protocols
8. Generalization
   1. See if other programs, interfaces, or subjects/objects suffer from the same problem
   2. See if this suggests a more generic type of flaw
9. Elimination
10. Where to start
    1. Unknown system
    2. Known system, no authorized access
    3. Known system, authorized access
11. Examples
    1. Burroughs system
    2. Corporate site
12. Attacks
    1. Attack trees
    2. Requires-provides model
    3. Incident response
13. Types of malicious logic
    1. Trojan horse
       1. Replicating Trojan horse
       2. Thompson’s compiler-based replicating Trojan horse
    2. Computer virus
       1. Boot sector infector
       2. Executable infector
       3. Multipartite
       4. TSR (terminate and stay resident)
       5. Stealth
       6. Encrypted
       7. Polymorphic
       8. Metamorphic
       9. Macro
    3. Computer worm
    4. Bacterium, rabbit
    5. Logic bomb
    6. Keystroke logger
    7. Ransomware
    8. Botnets

Discussion Problem. Many European countries (and a few others, too) have a “right to forget”. This enables a citizen to demand the removal of information about them from search engine results. It is an attempt to implement privacy, which can be defined as the right of the individual to control the dissemination of information about himself or herself, and to control what is done with that information.

1. What technical problems does doing this entail?
2. Assuming this cannot be implemented directly, what might be done to achieve a similar effect?
3. What problems might arise when someone, or some organization, exercises this right?

Matt Bishop Office: 2209 Watershed Sciences Phone: +1 (530) 752-8060 Email: mabishop@ucdavis.edu

ECS 153, Computer Security Version of April 18, 2016 at 10:20PM You can also obtain a PDF version of this.