Exam (by Lersch) Flashcards
Define passive and active attacks.
Passive attacks
- Eavesdropping: secretly listening to a conversation
- Traffic Analysis: the inference of information from observation of traffic flows
Active attacks
- Spoofing (Masquerading): the pretence by an entity to be a different entity
- Denial of Service (DoS): prevention or inhibition of the normal use or management of communication facilities
Which are the six Security Services?
- Authentication
- Access Control
- Confidentiality
- Integrity
- Non-repudiation
- Availability
How to attack each security services?
Authentication
- IP spoofing, cracking passwords
Access Control
- wire-tapping, breaking authentication
Confidentiality
- eavesdropping, traffic analysis
Integrity
- man-in-the-middle attack, replay attack
Non-repudiation
- deletion of log files, masquerading
Availability
- denial of service attacks
What is jamming?
Disrupting the communication by interference on
the same frequency/band. DoS attack.
What is an ideal jammer?
- Energy efficient
- low probability of detection
- High level of DoS
- Resistance to anti-jamming techniques
How to measure an ideal jammer?
PSR = packets set / packets intended to be sent PDR = packets successfully received / packets sent JSR = (Pj.Bt.Gjr.Grj.Dtr².Ltr) / (Pt.Bj.Gtr.Grt.Djr².Ljr) CI = |E'| / |V| . (|V|-1)
Which are the four jamming strategies?
- Constant jammer: continually emits radio signal
- Deceptive jammer: continually emits regular packets
- Random jammer
- Reactive jammer
How to detect a jammer?
Using statistics of Statefullnetwork activity.
How to mitigate a jammer?
- Channel surfing
- Spatial retreat
- JSR manipulation
Three broken security mechanisms of IEEE 802.11.
- Hidden SSID (sniff from header of management frames)
- MAC filtering (sniff allowed MACs and spoof them)
- WEP
WEP encryption and decryption.
M’ = IV || ((M || CRC(M)) XOR (RC4(IV || key)))
M = RC4(IV || key) XOR ((M || CRC(M)) XOR (RC4(IV || key)))
OBS: demux ICV and M from previous result. Calculate ICV from M and compare for integrity.
Two types of WEP authentication.
- Open System Architecture: AP associates all STA, authentication provided by ability to encrypt messages correctly after association.
- Shared Key Authentication: challenge-response algorithm.
WEP weaknesses.
- keys (no key management, length is only 40 bits)
- encryption (reuse of IV, affects confidentiality & integrity)
- shared key authentication:
ciphertext = RC4 XOR (challenge || CRC(challenge)) - key scheduling (recover secret key, needs IVs and first two octets of encrypted messages)
Which are the three categories of GSM channels?
- Traffic Channels (point-to-point between antenna & MS)
- Common Control Channels (signaling between previous)
- Dedicated Control Channels ( signaling related to services such and handover procedures or connection establishment)
Which are the three attacks on GSM networks?
- IMSI-Catcher (MitM, rogue antenna, turn off encryption)
- DoS (answer paging req. with channel req. before)
- Hijacking Services (GSM networks don’t authenticate all services, attacker can redirect to itself, use IMSI-Catcher to turn off encryption).
Which are the 4 ways to open your car and start the engine?
- Old-school metallic keys
- Immobilizers (chips in the key, close proximity, auth.)
- Active keyless entry (button on key, up to 100m)
- Passive keyless entry & start (detection of proximity)
How does the PKES security works?
- Authentication: challenge-response protocol
- Proximity inferred from the ability to receive messages
What are relay attacks on PKES?
Messages are relayed from one location to another in order to make one entity appear closer to the other. Does not require breaking cryptography.
Countermeasure for relay attacks on PKES?
Distance bounding by measuring propagation delay.
Which are the six attacks on WSN?
- Tampering (physical access of nodes, cold boot)
- Exhaustion & Interrogation (superfluous & expens. op.)
- Tampered forwarding (modify dev behaviour or rout. tab.)
- Wormholes (side-channel that provides advantage)
- Sybil attack (node with multiple ids and arbitrary location)
- HELLO flooding (broadcast of false neighbor status)
Which are the countermeasure for each of the WSN attacks?
- Tampering: camouflage, sensors to detect, use CPU registers or CPU cache, encrypt data in RAM)
- E&I: auth. requests, rate-limited responses (bases on recent history of request traffic), client puzzles
- Tampered fwd: disjoint routing paths, node listen channel to make sure neighbor transmited same message, auth. routing updates, periodic end-to-end probing, geo-location for routing, diversity coding)
- Wormholes: geographic fwd, auth. routing messages
- Sybil attack: auth. nodes and identities, loc. verification
- HELLO flooding: bi-directional verification of local links, auth. nodes
What is diversity coding?
Transmit data over multiple independent paths with redundancy. Split messages in N >= 2 chunks. Compute parity XORing all chunks. M-for-N diversity codes, recover M link failures when M+N links.
How to scan a network?
- ping
- nmap
How to mitigate scan?
- turn off response to echo protocols
- port knocking (sequence, packet payload, inter-arrival time of packets)
Which are the six DoS attacks?
- Ping of Death (old systems, send malformed packet)
- Teardrop (negative offset of fragmented packets, uint)
- Ping flood: send many pings to victim
- Smurf attack: broadcast ping using victim address
- SYN flood: TCP buffer for half-open connection is limited
- LAND: send SYN with victim as source and destination
Which are the two firewall strategies?
- Blacklisting
- Whitelisting
What is Ingress Filtering?
Routers know IP ranges of networks connected to each port. Avoid IP spoofing and related attacks.
Which are the two approaches for packet filtering?
- Stateless
- Statefull (record outgoing packets, match incoming packets)
Which are the five built-in chains in netfilter?
- Prerouting
- Forward
- Input
- Output
- Postrouting
Which are the limits for packet filters?
- Bugs in upper layers
- Only help against attacks from outside
- Port-forwarding and tunneling (encrypted, SSH)
Which are the three detection types of IDS?
- Signature-based: search intrusion-related signatures
- Anomaly-based: search changes in network activity
- Protocol-based: search misbehavior in protocols
What characterizes a good IDS?
- Accuracy
- Performance
- Fault tolerant
- Timeliness
Where an IDS should be placed?
- Router: for external attacks
- Switches: for internal attacks
Which are the limits for IDSs?
- Signature-based only detect known attacks
- The larger the signature DB, the higher the processing
- Scans over longer period of time with different sources
- Fragment packets sent over longer periods of time
- DoS: flood IDS with possibly invalid fragments
Describe the Man-in-the-Middle attack based on ARP.
ARP messages are kept in ARP cache of hosts.
- Alice broadcasts an ARP request to find Bob.
- Attacker respond to Alice saying it is Bob, but giving its own MAC.
- Alice updates her ARP cache and send messages to attacker.
- Attacker redirects Alice’s and Bob’s messages using ARP spoofing.
What are other attacks based on ARP?
ARP Cache Overflow: flood host with ARP replies.
ARP Storm: poison the caches with broadcast addresses (bring network performance down).
DoS: update ARP cache for all hosts with non-existing MAC addresses.
What are the defenses against ARP poisoning?
Switches can use IP-MAC-Port binding, accepting only fixed MAC addresses with fixed IPs at fixed Ethernet ports.
How to provide privacy on the internet?
- E2EE: SSL/TLS
What do SSL/TLS provides?
- Peer entity authentication
- User data confidentiality
- User data integrity
Why not use TLS to encrypt all web traffic?
- Slows down web servers
- Breaks internet caching (can’t cache encrypted sites)
- Not all information needs encryption
What are the steps for TLS Handshake?
- Client hello
- Server hello, certificate, key exchange, certificate request
- Certificate, key exchange, certificate verify
- Finished
5.
What does a TLS connection state between two parties holds?
- Compression algorithm
- Encryption algorithm (also the encryption key)
- MAC algorithm (also the hash key)
How does TLS verify a peer entity?
- Server request to be certified by CA
- CA sends server certificate encrypted with private key
- Browser has root certificates (pairs)
- Client connects to server
- Server sends client his certificate
- Client use CA public key to verify server certificate
Which are the three approaches for key exchange in TLS?
- RSA (mandatory)
- Diffie-Hellman (server certificate contain DH parameters)
- Anonymous Diffie-Hellman (vulnerable to MitM attack)
Which MAC algorithms are used in TLS?
- MD5 (broken)
- SHA (mandatory)
How does a Tor client negotiates a key with each selected onion router?
- Diffie-Hellman
Which are the limitations of Tor?
- Analyse traffic patterns and try to correlate
- Choose of bad entry and exit nodes
- Introduce special signal into sender traffic to identify it
- Directory attacks to advertise routes
- TCP only
- Cookies can reveal identity
- Compromised copy of Tor
What are Tor directory servers?
Multiple and redundant servers that advertise a list of all available onion routers by majority voting.
Which security mechanisms does OpenPGP provide?
- Encryption
- Digital signatures
- Compression
- Key management
- Certificate services
How does OpenPGP implements encryption?
Each message is encrypted with different key and symmetric cryptography. Key is encrypted with asymmetric cryptography.
How does OpenPGP provides authentication, integrity and non-repudiation?
With signatures. Sender creates hash sum of message. Sender uses his own private key to encrypt the hash sum.
Which is the problem with OpenPGP Signatures?
If hash function is not collision-free.
Which is the difference between viruses and worms?
Virus spread within the system. Worms self-propagate across the Internet.
How can we find new worms?
- Network telescope to monitor large range of unused add
- Honeypots
- IDS
Which are the five roles in a botnet?
- Developer
- Client
- Victim
- Passive participant
- Botmaster
How does the botmaster controls the botnet?
- Command & control messages via a C&C channel
Which are the three botnet architectures?
- Centralized (central C&C server)
- Distributed (bots are client and server simultaneously)
- Hybrid: distributed clusters of centralized botnets
Which is the most critical part of a botnet?
C&C channel. Single point of failure in centralized architecture. Channel is encrypted.
How can the C&C channel of a botnet be implemented?
- IRC (easy to set up and manage)
- Web-based (easy to use, scalable, encryption and obfuscation for stealthiness, fault tolerant with multiple servers, easy to sell in the black market)
- P2P
Which attacks can be executed with a botnet?
- DDoS
- Spamming
- Data stealing
- Click fraud
Which attacks can be done in the World Wide Web?
- SQL injection
- Dictionary attacks on hashed passwords
- Rainbow tables attacks on hashed password (trade-off between memory (less) and processing (more)).
How to protect against attacks that use rainbow tables?
- Salted hashes
HTTP is stateless. How can a browser implement sessions?
- Hidden values
- Cookies
In which ways can an attacker hijack a victim session?
- Sniffing (avoided with E2EE)
- Cross-site scripting
Which are the three types of XSS?
- Reflected
- Persistent
- Local or DOM-based
What is Cross-Site Request Forgery?
Attacker trigger HTTP requests via the victim’s browser.
How to prevent CSRF?
- Secret validation token (token for each transaction is embed as a hidden value in the webpage and stored in the server. Client has to send it back)
- Check referer/origin (URL which initiated the request is sent in the header)
How to avoid code injection attacks?
- Check user input
- Escape characters
- Blacklisting
- Whitelisting