

Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
Computer Security 1, Exercises - Computer Science - Prof. David Wagner.pdf, University of California (CA) - UCLA, United States of America (USA), Prof. David Wagner, Computer Science, Computer Security, Attack Trees, In-band and Out-of-band Signaling
Typology: Exercises
1 / 3
This page cannot be seen from the preview
Don't miss anything!


Please include the following at the top of the first page of your homework solution:
Your full name Your login name The name of the homework assignment (e.g. hw3) Your section number
Staple all pages together, and drop them off in drop box #2 (labeled CS161/Fall 2005) in 283 Soda by 11am on the due date.
Homework exercises:
1. (1 pts.) Any questions? Whatâs the one thing youâd most like to see explained better in lecture or discussion sections? A one-line answer would be appreciated. 2. (4 pts.) Getting started
(a) Read the course web page. Write on your homework, immediately after your name, the follow- ing sentence: âI understand and will comply with the academic integrity policy.â (b) What is the course policy regarding working on homework in groups? (c) Register with the grading system. These are the instruction for becoming registered for the class: i. Login to your instructional named account (cory account) ii. Set your environment variable $MASTERDIR to /home/ff/cs
3. (45 pts.) Attack Trees An attack tree is an AND-OR tree. Each node is labeled with an attack goal, i.e., an effect that an attacker might try to achieve by mounting some kind of attack. The root node corresponds to the ultimate attack goal (e.g., violate one of the security goals). The child nodes of a node represent subgoals that help the attacker make progress towards the goal at the parent. If the parent is an OR node, then achieving any one of the subgoals suffices to achieve the goal at the parent. If the parent is an AND node, then the goal at the parent is achieved when you achieve all of the subgoals at the children. You stop refining the goals when you reach an acceptable level of detail: e.g., when each leaf contains a simple elementary goal whose difficulty of achieving it can be easily assessed. You can find more information about attack trees, and a number of example trees (including the exam- ple from the Sept 8th sections) at: http://www.schneier.com/paper-attacktrees-ddj-ft. html
(a) Your attack target is to find the contents of a file owned by USER and belonging to GROUP with chmod value 640 on a UNIX file system (owner: read-write access; group: read-access). Here USER is some arbitrary username, and GROUP is some Unix group. Describe as many different ways to read the file as possible (at least four). For example, one way is to discover the root password. Express these goals using an attack tree with one level. (If you donât know how UNIX file system security works, you may refer to the textbooks or do a google search for this topic on the web, for example: http://tille.xalasys.com/training/unix/x262.html ) (b) For each of those goals, design successive sub-goals. For example, one way to get the root password is to watch the system administrator log in and remember his password. Incorporate these sub-goals into the attack tree from part (a). The final tree should include a total of 15 to 40 nodes (the more the better). (c) Once you have an attack tree, you can do interesting things with it. For instance, if you label each leaf with the cost of achieving the corresponding goal, then you can propagate costs up the tree by summing at each AND node and taking the min at each OR node; the result is the cost of achieving the top-level security goal (and the cheapest ways to do so). Assign rough costs to the tasks in your attack tree, measured in terms of t /( 1 â p ), where t = the time required to achieve the task, and p = the chance of detection. For example, watching the system administrator might require t = 8 hours (to catch the right time that he types his password) and the chance of detection is maybe p = 50%. This gives it a cost of 8/( 1 â 0. 5 ) = 16 units. (d) Calculate the total attack cost of reading a private file using your model. (e) Make a constructive suggestion (based on your attack tree) to make private UNIX files more secure. (f) Construct a new attack tree based upon your suggested change, and calculate the improvement in security that your change will have. (g) Do you think this is a good way to analyze security? Why or why not?
4. (30 pts.) In-band and Out-of-band Signaling
(a) In-band signaling in a communication architecture shares the same communication infrastruc- ture for both data (e.g., voice) and control information (e.g., connection setup, billing, connec- tion teardown).