ITU-T X.800 “Security Architecture for OSI”，it defines a systematic way of defining and providing security requirements.For us it provides a useful, if abstract, overview of concepts we will study Aspects of Security.

3 aspects of information security/三个信息安全方面

- security attack/安全攻击
- security mechanism: detect, prevent, recover/安全机制:检测、预防、恢复
- security service/安全服务

terms

threat – a potential for violation of security/威胁-潜在的安全威胁
attack – an assault on system security, a deliberate attempt to evade security services/攻击-对系统安全的攻击，故意企图逃避安全服务

5.Passive Attacks/被动攻击

Release of Message Contents/消息内容发布
Traffic Analysis(流量分析)：Passive attacks do not affect system resources.
Eavesdropping, monitoring /窃听、监视

Message transmission apparently normal.No alteration of the data
Emphasis on prevention rather than detection.By means of encryption

6.Active Attacks/主动攻击

Masquerade/冒充 Replay/重放
Modification of Messages/篡改 Denial of Service/拒绝服务

Active attacks try to alter system resources or affect their operation.Modification of data, or creation of false data.

Difficult to prevent---->The goal is to detect and recover

7.Security Service

enhance security of data processing systems and information transfers of an organization/加强组织的数据处理系统和信息传输的安全性。《》intended to counter security attacks/旨在反击安全攻击《》using one or more security mechanisms /使用一个或多个安全机制《》 often replicates functions normally associated with physical documents通常复制通常与物理文档关联的函数《》for example, have signatures, dates; need protection from disclosure, tampering, or destruction; be notarized or witnessed; be recorded or licensed

X.800:

“a service provided by a protocol layer of communicating open systems, which ensures adequate security of the systems or of data transfers”

- Authentication - assurance that communicating entity is the one claimed/身份验证
- have both peer-entity & data origin authentication/是否同时具有对等实体和数据源身份验证
- Access Control - prevention of the unauthorized use of a resource/访问控制-防止未经授权使用资源
- Data Confidentiality –protection of data from unauthorized disclosure/资料保密-保障资料不受未经授权的披露
- Data Integrity - assurance that data received is as sent by an authorized entity/数据完整性
- Non-Repudiation - protection against denial by one of the parties in a communication/不可否认
- Availability – resource accessible/usabl /可用性

RFC 2828:

“a processing or communication service provided by a system to give a specific kind of protection to system resources”

8.Security Mechanism/安全机制

feature designed to detect, prevent, or recover from a security attack/用于检测、防止或从安全攻击中恢复的特性
no single mechanism that will support all services required/没有单一的机制可以支持所有需要的服务
one particular element underlies many of the security mechanisms in use:cryptographic techniques/特殊元素：加密

9.Model for Network Access Security/网络访问安全模型

using this model requires us to:

1.select appropriate gatekeeper functions to identify users /选择适当的gatekeeper函数来标识用户

2.implement security controls to ensure only authorised users access designated information or resources/实施安全控制，确保只有授权用户才能访问指定的网站

Standards/标准

NIST: National Institute of Standards and Technology

FIPS: Federal Information Processing Standards

SP: Special Publications

ISOC: Internet Society

Home for IETF (Internet Engineering Task Force) and IAB (Internet Architecture Board)

RFCs: Requests for Comments

第二章网络安全要点Network Security Essentials

1.Symmetric Encryption/对称加密

or conventional / private-key / single-key，sender and recipient share a common key发送方和接收方共享一个公共密钥。all classical encryption algorithms are private-key.was only type prior to invention of public-key in 1970’s.and by far most widely used.

Some Basic Terminology/一些基本术语

plaintext - original message /纯文本-原始消息

ciphertext - coded message /密文-密文编码的信息

cipher - algorithm for transforming plaintext to ciphertext /密码-将明文转换为密文的算法

key - info used in cipher known only to sender/receiver /密钥-密码中使用的信息，只有发送方/接收方知道

encipher (encrypt) - converting plaintext to ciphertext /加密——将明文转换为密文

decipher (decrypt) - recovering ciphertext from plaintext/解密-从明文恢复密文

cryptography - study of encryption principles/methods/密码学-研究加密原理/方法

cryptanalysis (codebreaking) - study of principles/ methods of deciphering ciphertext without knowing key/密码分析(密码破译)-研究在不知道密钥的情况下破译密文的原理/方法

cryptology - field of both cryptography and cryptanalysis/密码学-密码学和密码分析领域

Symmetric Cipher Model/对称加密模型

Requirements

two requirements for secure use of symmetric encryption:

- - a strong encryption algorithm
  - a secret key known only to sender / receiver

mathematically have:

Y = E(K, X) X = D(K, Y)

assume encryption algorithm is known/假设加密算法已知

implies a secure channel to distribute key/用于分发密钥的安全通道

Cryptography/密码学（can characterize cryptographic system by:/可以表征密码系统）

- type of encryption operations used/使用的加密操作的类型

（1）substitution （2）transposition （3）product

- number of keys used/使用的密钥数
  - single-key or private
  - two-key or public
- way in which plaintext is processed/处理明文的方法
  - block OR stream

Cryptanalysis/密码分析

objective to recover key not just message/目的恢复密钥而不仅仅是消息
general approaches:
- cryptanalytic attack/cryptanalytic攻击
  - - ciphertext only ：only know algorithm & ciphertext, is statistical, know or can identify plaintext

- - - known plaintext ：know/suspect plaintext & ciphertext
    - chosen plaintext ：select plaintext and obtain ciphertext
    - chosen ciphertext ：select ciphertext and obtain plaintext
    - chosen text ：select plaintext or ciphertext to en/decrypt

- brute-force attack/蛮力攻击
  - - always possible to simply try every key
    - most basic attack, proportional to key size
    - assume either know / recognise plaintext
if either succeed all key use compromised/如其中一个成功，所有密钥的使用都受损

An encryption scheme: computationally secure if:/加密方案

1.The cost of breaking the cipher exceeds the value of information/破译密码的代价超过了信息的价值

2.The time required to break the cipher exceeds the lifetime of information/破解密码所需的时间超过了信息的生命周期

Feistel Cipher Structure/Feistel 密码结构

- Horst Feistel devised the feistel cipher
  - based on concept of invertible product cipher
- partitions input block into two halves
  - process through multiple rounds which/经过多轮的处理
  - perform a substitution on left data half/对左数据一半执行替换
  - based on round function of right half & subkey/基于右半边和子键的轮函数
  - then have permutation swapping halves/然后置换一半
- implements Shannon’s S-P net concept

2.Symmetric Block Cipher Algorithms/对称分组密码算法

DES (Data Encryption Standard)

3DES (Triple DES)

AES (Advanced Encryption Standard)

DES

most widely used block cipher in world
adopted in 1977 by NBS (now NIST)
- as FIPS PUB 46
encrypts 64-bit data using 56-bit key
has widespread use
has considerable controversy over its security/对其安全性有相当大的争

DES Design Controversy/DES设计争议

- although DES standard is public, considerable controversy over design
  - in choice of 56-bit key (vs Lucifer 128-bit)
  - and because design criteria were classified
- subsequent events and public analysis show in fact design was appropriate
- use of DES has flourished
  - especially in financial applications
  - still standardised for legacy application use

Time to Break a DES Code (assuming 10^6 decryptions/us)

Multiple Encryption & DES/多重DES

Triple DES

Triple-DES with Two-Keys

hence must use 3 encryptions

would seem to need 3 distinct keys

but can use 2 keys with E-D-E sequence

C = EK1(DK2(EK1(P)))
nb encrypt & decrypt equivalent in security
if K1=K2 then can work with single DES

standardized in ANSI X9.17 & ISO8732

no current known practical attacks

several proposed impractical attacks might become basis of future attacks

[Ex]Why is the middle portion of 3DES a decryption rather than an encryption?

it is compatible with the older single DES by repeating the key.

no cryptographic significance

Double-DES

could use 2 DES encrypts on each block
- C = EK2(EK1(P))
issue of reduction to single stage
and have “meet-in-the-middle” attack
- works whenever use a cipher twice
- since X = EK1(P) = DK2(C)
- attack by encrypting P with all keys and store
- then decrypt C with keys and match X value
- takes O(256) steps

Triple-DES with Three-Keys

although no practical attacks on two-key Triple-DES have some concerns

Two-key: key length = 56*2 = 112 bits
Three-key: key length = 56*3 = 168 bits

can use Triple-DES with Three-Keys to avoid even these

C = EK3(DK2(EK1(P)))

has been adopted by some Internet applications, eg PGP, S/MIME

Origins of AES

clearly a replacement for DES was needed
- have theoretical attacks that can break it
- have demonstrated exhaustive key search attacks
can use Triple-DES – but slow, has small blocks
US NIST issued call for ciphers in 1997
15 candidates accepted in Jun 98
5 were shortlisted in Aug-99
- MARS

- RC6
- Rijndael-----AES
- Serpent
- Twofish
Rijndael was selected as the AES in Oct-2000
issued as FIPS PUB 197 standard in Nov-2001

The AES Cipher - Rijndael

designed by Rijmen-Daemen in Belgium
has 128/192/256 bit keys, 128 bit data
an iterative(迭代) rather than feistel cipher
- processes data as block of 4 columns of 4 bytes/将数据处理为4列4字节的块
- operates on entire data block in every round/每轮操作整个数据块
designed to be:
- resistant against known attacks
- speed and code compactness on many CPUs
- design simplicity

Comparison

Algorithm	Key Size	Block Size	Round
DES	56	64	16
Tri-DES	112/168	64	48
IDEA	128	64	8
AES	128/192/256	128/192/256	10/12/14

Random Numbers

many uses of random numbers in cryptography
- nonces in authentication protocols to prevent replay/用于防止重播的身份验证协议中的nonces
- session keys/会话密钥
- public key generation/公共密钥生成
- keystream for a one-time pad/一个一次性键盘的密钥流
in all cases its critical that these values be /在所有情况下，这些值都是至关重要的
- statistically random, uniform distribution, independent/统计随机，分布均匀，独立
- unpredictability of future values from previous values/未来价值与以前价值的不可预测性
true random numbers provide this/真随机数提供了这个
care needed with generated random numbers

Pseudorandom Number Generators (PRNGs)/伪随机数生成器

often use deterministic algorithmic techniques to create “random numbers”/经常使用确定性算法技术来创建“随机数”
- although are not truly random
- can pass many tests of “randomness”
known as “pseudorandom numbers”
created by “Pseudorandom Number Generators (PRNGs)”

Random & Pseudorandom Number Generators

PRNG Algorithm Design/算法设计

Purpose-built algorithms/专门的算 E.g. RC4
Algorithms based on existing cryptographic algorithms/基于现有密码算法的算法
- Symmetric block ciphers/对称块密码
- Asymmetric ciphers/非对称密码
- Hash functions and message authentication codes/哈希函数和消息身份验证代码

3.Stream Cipher Structure/流密码结构

some design considerations are:
- long period with no repetitions /长时间不重复
- statistically random /统计随机
- depends on large enough key, e.g. 128 bits/取决于足够大的键
- large linear complexity/大型线性复杂度
properly designed, can be as secure as a block cipher with same size key
but usually simpler & faster

Linear feedback shift register/线性反馈移位寄存器

A 4-bit Fibonacci LFSR with its state diagram. The XOR gate provides feedback to the register that shifts bits from left to right. The maximal sequence consists of every possible state except the "0000" state.

一个4位Fibonacci LFSR及其状态图。XOR门向寄存器提供反馈，寄存器将位从左向右移动。最大序列由除“0000”状态之外的所有可能状态组成。

RC4

a proprietary cipher owned by RSA DSI
another Ron Rivest design, simple but effective
variable key size, byte-oriented stream cipher
widely used (web SSL/TLS, wireless WEP/WPA)
key forms random permutation of all 8-bit values
uses that permutation to scramble input info processed a byte at a time

RC4 Security

claimed secure against known attacks/声称安全防范已知的攻击
- have some analyses, none practical /有一些分析，没有实际的
result is very non-linear /结果非常非线性
since RC4 is a stream cipher, must never reuse a key /由于RC4是一个流密码，所以决不能重用密钥
have a concern with WEP, but due to key handling rather than RC4 itself /关注WEP，但由于键处理而不是RC4本身

4.Cipher Block Modes

The Most Important Modes

Electronic Codebook Mode (ECB)
Cipher Block Chaining Mode (CBC)
Cipher Feedback Mode (CFB)
Counter Mode (CTR)

Electronic Codebook Book (ECB)

message is broken into independent blocks which are encrypted /消息被分成独立的块，这些块被加密
each block is a value which is substituted, like a codebook, hence name /每个块都是一个被替换的值，就像代码本一样，因此得名
each block is encoded independently of the other blocks /每个块独立于其他块进行编码
- Ci = EK(Pi)
uses: secure transmission of single values /用途:安全传输单个值

Advantages and Limitations of ECB

message repetitions may show in ciphertext /消息的重复可能显示在密文中
- if aligned with message block /如果与消息块对齐
- particularly with data such as graphics /特别是图形等数据
- or with messages that change very little, which become a code-book analysis problem /或者使用更改很少的消息，这将成为一个代码本分析问题
weakness is due to the encrypted message blocks being independent /缺点是加密消息块是独立的
main use is sending a few blocks of data /主要用途是发送几个数据块

Cipher Block Chaining (CBC)

message is broken into blocks /消息被分成多个块
linked together in encryption operation /连接在一起的加密操作
each previous cipher blocks is chained with current plaintext block, hence name /前面的每一个密码块都与当前的明文块链接在一起，因此得名
use Initial Vector (IV) to start process /使用初始向量(IV)启动进程
- Ci = EK(Pi XOR Ci-1)
- C0 = IV
uses: bulk data encryption, authentication/用途:批量数据加密、认证

If C1 has one bit error during transimision, which block(s) will be corrupted?

P1 and P2

Cipher FeedBack (CFB)

message is treated as a stream of bits /消息被视为比特流
added to the output of the block cipher /添加到块密码的输出中
result is feed back for next stage (hence name) /结果是下一阶段的反馈(因此得名)
standard allows any number of bit (1,8, 64 or 128 etc) to be fed back /标准允许任何数量的比特(1、8、64或128等)被返回
- denoted CFB-1, CFB-8, CFB-64, CFB-128 etc /表示CFB-1、CFB-8、CFB-64、CFB-128等
most efficient to use all bits in block (64 or 128)/最有效地使用块中的所有位(64或128)
- Ci = Pi XOR EK(Ci-1)
- C0 = IV
uses: stream data encryption, authentication/用途:流数据加密、认证

Advantages and Limitations of CFB/优点和局限性

appropriate when data arrives in bits/bytes
most common stream mode
Limitation: need to stall while doing block encryption after every n-bits /限制:在每n位之后进行块加密时需要停止
note that the block cipher is used in encryption mode at both ends /注意，块密码在两端都以加密模式使用
errors propagate for several blocks after the error /错误在错误之后会传播几个块

Counter (CTR)

a “new” mode, though proposed early on
similar to OFB but encrypts counter value rather than any feedback value
must have a different key & counter value for every plaintext block (never reused)
- Oi = EK(i)
- Ci = Pi XOR Oi
uses: high-speed network encryptions

efficiency

can do parallel encryptions in h/w or s/w
can preprocess in advance of need/可以在需要前进行预处理
good for bursty high speed links/适用于突发性高速链接
random access to encrypted data blocks/对加密数据块的随机访问
provable security (good as other modes)/可证明的安全性(与其他模式一样好)
but must ensure never reuse key/counter values, otherwise could break (cf OFB)/但必须确保永远不要重用键/计数器值，否则可能会破坏(cf OFB)

Output Feedback Mode (OFB)

第三章网络安全的本质Network Security Essentials

1.Glossary

authentication 认证 signature 签名

infeasible 不可行 performance 性能，表现

degradation 降解，下降

2.Message Authentication/消息认证

message authentication is concerned with:
- protecting the integrity of a message /保护消息的完整性
- validating identity of originator /验证发起者的身份
- non-repudiation of origin (dispute resolution)/不可否认产地来源(争议解决)
the three alternative functions used:

- message encryption/消息加密
- message authentication code (MAC)/消息验证码(MAC)
- hash function/哈希函数

If the ciphertext is modified during the transmission, can receiver find any problem?

如果在传输过程中修改密文，接收方会发现问题吗?

Yes

MACM=F(KAB, M)

Message not altered/信息没有改变
The alleged sender confirmed/涉嫌发送人证实
The proper sequence of messages assured/确保消息的正确顺序

Similar to encryption/类似于加密

NIST recommends the use of DES/NIST建议使用DES
difference: authentication algorithm need not be reversible, less vulnerable/区别是:认证算法不需要可逆，不那么脆弱

3.Hash Functions

condenses arbitrary message to fixed size h = H(M) /将任意消息压缩到固定大小
- No secret key needed/不需要密钥
- usually assume hash function is public/通常假设哈希函数是公共的
- hash used to detect changes to message/用于检测消息更改的散列
want a cryptographic hash function/需要加密哈希函数
- computationally infeasible to find data mapping to specific hash (one-way property)在计算上无法找到到特定散列的数据映射(单向属性)
- computationally infeasible to find two data to same hash (collision-free property)/在计算上不可能找到两个数据到同一个散列(无碰撞属性)

Hash Function Requirements/哈希函数的要求

4.Attacks on Hash Functions

have brute-force attacks and cryptanalysis/有暴力攻击和密码分析
a preimage or second preimage attack/预映像或第二次预映像攻击
- find y s.t. H(y) equals a given hash value
collision resistance/耐碰撞
- find two messages x & y with same hash so H(x) = H(y)
hence value 2m/2 determines strength of hash code against brute-force attacks
- 128-bits inadequate, 160-bits suspect

5.Secure Hash Algorithm/安全散列算法

want a MAC based on a hash function /想要一个基于哈希函数的MAC
- because hash functions are generally faster/因为哈希函数通常更快
- crypto hash function code is widely available/加密哈希函数代码是广泛可用的
hash includes a key along with message/哈希包含一个键和消息
original proposal:KeyedHash = Hash(Key|Message)
some weaknesses were found with this ，eventually led to development of HMAC

6.HMAC Design Objectives/HMAC设计目标

use, without modifications, hash functions/无需修改即可使用散列函数
allow for easy replaceability of embedded hash function/允许嵌入哈希函数的易替换性
preserve original performance of hash function without significant degradation/保持哈希函数的原始性能，不发生显著的性能下降
use and handle keys in a simple way./以简单的方式使用和处理密钥
have well understood cryptographic analysis of authentication mechanism strength/对认证机制强度的密码学分析有很好的理解

7.HMAC Security

proved security of HMAC relates to that of the underlying hash algorithm
attacking HMAC requires either:
- brute force attack on key used/使用蛮力攻击
- birthday attack /生日攻击
choose hash function used based on speed verses security constraints/选择基于速度和安全约束的哈希函数

8.Authenticated Encryption/经过身份验证的加密

simultaneously protect confidentiality and authenticity of communications/同时保护通信的机密性和真实性
- often required but usually separate
approaches
- Hash-then-encrypt: E(K, (M || H(M))
- MAC-then-encrypt: E(K2, (M || MAC(K1, M))
- Encrypt-then-MAC: (C=E(K2, M), T=MAC(K1, C)
- Encrypt-and-MAC: (C=E(K2, M), T=MAC(K1, M)
decryption /verification straightforward/解密/验证简单

9.Private-Key Cryptography/私钥加密

traditional private/secret/single key cryptography uses one key /传统的私有/秘密/单密钥密码学使用一个密钥

shared by both sender and receiver /由发送方和接收方共享

if this key is disclosed communications are compromised /如果这个密钥被公开，通信就会受到危害

also is symmetric, parties are equal /也是对称的，两边相等

hence does not protect sender from receiver forging a message & claiming is sent by sender

因此不保护发送方免受接收方伪造消息&声明是由发送方发送的

probably most significant advance in the 3000 year history of cryptography /可能是密码学3000年历史上最重要的进步

uses two keys – a public & a private key/使用两个密钥——一个公钥和一个私钥

asymmetric since parties are not equal /不对称，因为双方不平等

uses clever application of number theoretic concepts to function/巧妙地运用数论概念进行函数运算

complements rather than replaces private key crypto/补充而不是取代私钥密码

10.Why Public-Key Cryptography?

developed to address two key issues:
- key distribution – how to have secure communications in general without having to trust a KDC with your key
- digital signatures – how to verify a message comes intact from the claimed sender
public invention due to Whitfield Diffie & Martin Hellman at Stanford Uni in 1976
- known earlier in classified community
public-key/two-key/asymmetric cryptography involves the use of two keys:

a public-key, which may be known by anybody, and can be used to encrypt messages, and verify signatures

a related private-key, known only to the recipient, used to decrypt messages, and sign (create) signatures

infeasible to determine private key from public/从公钥确定私钥是不可行的

is asymmetric because those who encrypt messages or verify signatures cannot decrypt messages or create signatures/不对称是因为加密消息或验证签名的人无法解密消息或创建签名

We can use public key to encrypt and private key to decrypt. Can we use private key to encrypt and public key to decrypt? Yes！

Symmetric vs Public-Key

RSA

best known & widely used public-key scheme

based on exponentiation in a finite (Galois) field over integers modulo a prime

nb. exponentiation takes O((log n)3) operations (easy)

uses large integers (eg. 1024 bits)

security due to cost of factoring large numbers

nb. factorization takes O(e log n log log n) operations (hard)

RSA En/decryption

to encrypt a message M the sender:/若要加密发送人的讯息
- obtains public key of recipient PU={e,n} /获取接收方的公钥PU={e,n}
- computes: C = Me mod n, where 0≤M<n/计算:C = Me mod n，其中0≤M/计算:C = Me mod n，其中0≤M
to decrypt the ciphertext C the owner:
- uses their private key PR={d,n} /使用它们的私钥PR={d,n}
- computes: M = Cd mod n /计算:M = Cd mod n
M must be smaller than the modulus n (block if needed)/消息M必须小于模量n(如果需要，块)

RSA Key Setup

each user generates a public/private key pair by:
selecting two large primes at random: p, q
computing their system modulus n=p.q
- note ø(n)=(p-1)(q-1)
selecting at random the encryption key e
- where 1<e<ø(n), gcd(e,ø(n))=1
solve following equation to find decryption key d
- e.d=1 mod ø(n) and 0≤d≤n
publish their public encryption key: PU={e,n}
keep secret private decryption key: PR={d,n}

Why RSA Works

because of Euler's Theorem:
- a^ø(n)mod n = 1 where gcd(a,n)=1
in RSA have:
- n=p.q
- ø(n)=(p-1)(q-1)
- carefully chose e & d to be inverses mod ø(n)
- hence e.d=1+k.ø(n) for some k
hence : Cd = M^(e.d) = M^(1+k.ø(n)) = M1.(M^ø(n))k = M1.(1)^k = M1 = M mod n

RSA Example - Key Setup

Select primes: p=17 & q=11

Calculate n = pq =17 x 11=187

Calculate ø(n)=(p–1)(q-1)=16x10=160

Select e: gcd(e,160)=1; choose e=7

Determine d: de=1 mod 160 and d < 160 Value is d=23 since 23x7=161= 1x160+1

Publish public key PU={7,187}

Keep secret private key PR={23,187}

RSA Example - En/Decryption

sample RSA encryption/decryption is:

given message M = 88 (nb. 88<187)

encryption:

C = 88^7 mod 187 = 11

decryption:

M = 11^(23) mod 187 = 88

Encryption

Map a-z to 0-25

（n，e）＝（33，3）

（n，d）＝（33，7）

Set plaintext M＝public

E(p)=15^3 = 9 mod 33

E(u)=20^3 = 14 mod 33

E(b)=1^3 = 1 mod 33

E(l)=11^3 = 11 mod 33

E(i)=8^3 = 17 mod 33

E(c)=2^3 = 8 mod 33

c ＝ E（M）＝ 09 14 01 11 17 28＝ joblri

Decrytion

Decrypt with d=7

D(j)= 09^7 = 15 mod 33, p

D(o)= 14^7 = 20 mod 33, u

D(b)= 01^7 = 1 mod 33, b

D(l)= 11^7 = 11 mod 33, l

D(r)= 17^7 = 8 mod 33, i

D(i)= 08^7 = 2 mod 33, c

If we use a very large modulus in previous encryption, is this method secure? No

11.Diffie-Hellman Key Exchange

first public-key type scheme proposed
is a practical method for public exchange of a secret key
used in a number of commercial products

a public-key distribution scheme /公开密钥分发方案
cannot be used to exchange an arbitrary message /不能用于交换任意消息
rather it can establish a common key /相反，它可以建立一个公共密钥
known only to the two participants /只有两名参与者知道
value of key depends on the participants (and their private and public key information) /key的值取决于参与者
based on exponentiation in a finite (Galois) field (modulo a prime or a polynomial) - easy/基于指数在有限(伽罗瓦)领域(模a '或多项式)-容易
security relies on the difficulty of computing discrete logarithms (similar to factoring) – hard/安全性依赖于计算离散对数(类似于因式分解)的难度——很难

Key Exchange Protocols

users could create random private/public D-H keys each time they communicate/用户可以在每次通信时创建随机的私有/公共D-H密钥
users could create a known private/public D-H key and publish in a directory, then consulted and used to securely communicate with them/用户可以创建一个已知的私有/公共D-H密钥，并将其发布到一个目录中，然后进行查询并使用它与用户进行安全通信
both of these are vulnerable to a man-in-the-Middle Attack/这两种攻击都很容易受到中间人的攻击
authentication of the keys is needed/需要对密钥进行身份验证

12.Digital Signatures

have looked at message authentication /消息验证

but does not address issues of lack of trust/但并没有解决缺乏信任的问题

digital signatures provide the ability to: /数码签署提供以下功能

verify author, date & time of signature/验证作者、日期和签名时间

authenticate message contents /验证消息内容

be verified by third parties to resolve disputes/经第三方核实，解决争议

hence include authentication function with additional capabilities/因此包含具有附加功能的身份验证功能

思科网院课件第七章 Network Attacks: A Deeper Look

7.1 Network Monitoring and Tools

Network Monitoring Methods/网络监控方法

Tools used to help discover normal network behavior（用于帮助发现正常网络行为的工具） include IDS, packet analyzers, SNMP, NetFlow, and others.
Traffic information capture methods/流量信息获取方法
- Network TAPs – Network test access points that forward all traffic including physical layer errors to an analysis device. /网络抽头——将包括物理层错误在内的所有通信转发给分析设备的网络测试接入点。
- Port mirroring – enables a switch to copy frames of one or more ports to a Switch Port Analyzer (SPAN) port connected to an analysis device./端口镜像——使交换机能够将一个或多个端口的帧复制到连接到分析设备的交换机端口分析器(SPAN)端口。

Network Taps/网络利用

A network tap（网络分流器） is typically a passive splitting device implemented inline between a device of interest and the network. A tap forwards all traffic including physical layer errors to an analysis device.
Taps are also typically fail-safe, which means if it fails or loses power, traffic between the firewall and internal router is not affected.//发生故障，防火墙和内部路由器之间的通信不会受到影响

Traffic Mirroring and SPAN /流量镜像

Port mirroring enables the switch to copy frames of one or more ports to a Switch Port Analyzer (SPAN) port connected to an analysis device./端口镜像使交换机能够将一个或多个端口的帧复制到连接到分析设备的开关端口分析器(SPAN)端口。
the switch will forward ingress traffic on F0/1 and egress traffic on F0/2 to the destination SPAN port G0/1 connecting to an IDS.
The association between source ports and a destination port is called a SPAN session. In a single session, one or multiple ports can be monitored.

Network Security Monitoring Tools

Monitoring Tools:
- Protocol Analyzers（捕获流量） – Are programs used to capture traffic. 如Wireshark、Tcpdump.
  - Analysts can use protocol analyzers such as Wireshark and tcpdump to see network exchanges down to the packet level./分析人员可以使用协议分析程序(如Wireshark和tcpdump)查看网络交换到数据包级别的情况。
  - Network protocol analyzers are also very useful for network troubleshooting, software and protocol development, and education. In security forensics, a security analyst may reconstruct an incident from relevant packet captures./网络协议分析器在网络故障排除、软件和协议开发以及教育方面也非常有用。在安全取证中，安全分析人员可以根据相关的数据包捕获重构事件。
- NetFlow – Provides a complete audit trail of basic information about every IP flow forwarded on a device. /提供关于设备上转发的每个IP流的基本信息的完整审计跟踪。
  - NetFlow is a Cisco IOS technology that provides 24x7 statistics on packets flowing through a Cisco router or multilayer switch.
  - NetFlow can be used for network and security monitoring, network planning, and traffic analysis; however, it does not capture the content./可以用于网络和安全监控、网络规划和流量分析;但是，它不能捕获内容。
  - NetFlow collectors like Cisco Stealthwatch can also perform advanced functions including:
    - Flow stitching: It groups individual entries into flows./流拼接:它将单个条目分组到流中。
    - Flow deduplication: It filters duplicate incoming entries from multiple NetFlow clients.
    - NAT stitching: It simplifies flows with NAT entries./NAT拼接:它通过NAT条目简化了流。
- SIEM – Security Information Event Management systems provide real time reporting and long-term analysis of security events. /提供对安全事件的实时报告和长期分析。
  - SIEM includes the following essential functions:
    - Forensic analysis – The ability to search logs and event records from sources throughout the organization. It provides more complete information for forensic analysis./能够从整个组织的来源搜索日志和事件记录。它为法医分析提供了更完整的信息。
    - Correlation – Examines logs and events from different systems or applications, speeding detection of and reaction to security threats./相关性——检查来自不同系统或应用程序的日志和事件，加快对安全威胁的检测和响应。
    - Aggregation - Aggregation reduces the volume of event data by consolidating duplicate event records./聚合——聚合通过合并重复的事件记录来减少事件数据的量。
    - Reporting - Reporting presents the correlated and aggregated event data in real-time monitoring and long-term summaries./报告实时监控和长期总结中显示相关和聚合的事件数据。
  - SIEM Systems
    - Splunk is one of the more popular proprietary SIEM systems used by Security Operation Centers.
    - As an open source option, this course uses the ELK suite for SIEM functionality. ELK is an acronym for three open source products from Elastic:
    - Elasticsearch - Document oriented full text search engine
    - Logstash - Pipeline processing system that connects "inputs" to "outputs" with optional "filters" in between
    - Kibana - Browser based analytics and search dashboard for Elasticsearch
- SNMP – Simple Network Management Protocol provides the ability to request and passively collect information across all network devices./提供了跨所有网络设备请求和被动收集信息的能力。
Log files – It is also common for security analysts to access Syslog log files to read and analyze system events and alerts./日志文件—安全分析人员访问Syslog日志文件来读取和分析系统事件和警报也是很常见的。

7.2 Attacking the Foundation

IPv4 and IPv6

It is important for security analysts to understand the different fields in both the IPv4 and IPv6 headers because threat actors can tamper with packet information./篡改数据包信息

ICMP Attacks

ICMP was developed to carry diagnostic messages and to report error conditions when routes, hosts, and ports are unavailable. ICMP messages are generated by devices when a network error or outage occurs. /ICMP用于携带诊断消息，并在路由、主机和端口不可用时报告错误情况。ICMP消息由设备在发生网络错误或中断时生成。
Common ICMP messages of interest to threat/威胁 actors include:
- ICMP echo request and echo reply – This is used to perform host verification and DoS attacks.

CMP echo请求和echo - 用于执行主机验证和DoS攻击。

- ICMP unreachable – This is used to perform network reconnaissance and scanning attacks.

ICMP不可访问-这是用来执行网络侦察和扫描攻击。

- ICMP mask reply – This is used to map an internal IP network.

ICMP掩码应答——用于映射内部IP网络。

- ICMP redirects – This is used to lure a target host into sending all traffic through a compromised device and create a MITM attack./ICMP重定向-这是用来引诱目标主机发送所有流量通过一个受损的设备，并创建一个MITM攻击。
- ICMP router discovery – This is used to inject bogus route entries into the routing table of a target host./ICMP路由器发现——用于将伪路由条目注入目标主机的路由表。

DoS Attacks

The goal of a Denial of Service (DoS) attack is to prevent legitimate users from gaining access to websites, email, online accounts, and other services.
There are two major sources of DoS attacks:
- Maliciously Formatted Packets – Threat actors craft a maliciously formatted packet and forward it to a susceptible host, causing the host to crash or become extremely slow./恶意格式化的包——威胁行动者精心制作一个恶意格式化的包，并将其转发给易受攻击的主机，导致主机崩溃或变得极其缓慢。
- Overwhelming Quantity of Traffic – Threat actors overwhelm a target network, host, or application, causing them to crash or become extremely slow./压倒性的流量——威胁行动者淹没目标网络、主机或应用程序，导致它们崩溃或变得极其缓慢。
A distributed DoS (DDoS) attack combines multiple DoS attacks.

Amplification and Reflection Attacks/放大和反射攻击

Threat actors often use amplification and reflection techniques to create DoS attacks. The example in the figure illustrates how an amplification and reflection technique called a Smurf attack is used to overwhelm a target host:

1. Amplification - The threat actor forwards ICMP echo request messages that contain the source IP address of the victim to a large number of hosts.

2. Reflection - These hosts all reply to the spoofed IP address of the victim to overwhelm/压倒 it.

DDoS Attacks

A DDoS attack is larger in magnitude than a DoS attack because it originates from multiple, coordinated sources. DDoS attacks introduced new terms such as botnet, handler systems, and zombie computers.
A DDoS attack could proceed as follows:

1. The threat actor builds or purchases the use of a botnet of zombie hosts.Command-and-control (CnC) server communicates with zombies over a covert channel/隐蔽通道 using IRC, P2P, DNS, HTTP, or HTTPS.

2. Zombie computers continue to scan and infect more targets to create more zombies.

3. When ready, the botmaster uses the handler systems to make the botnet of zombies carry out the DDoS attack on the chosen target.

Address Spoofing Attacks

IP address spoofing attacks occur when a threat actor creates packets with false source IP address information to either hide the identity of the sender or to pose as another legitimate user. The attacker can then gain access to otherwise inaccessible data or circumvent/绕过 security configurations.

TCP Attacks

Although the TCP protocol is a connection-oriented and reliable protocol, there are still vulnerabilities that can be exploited.
TCP attacks target expected protocol behaviors:
- TCP SYN flood attack
- TCP reset attack
- TCP session hijacking

UDP and UDP Attacks

UDP is a simple protocol that provides the basic transport layer functions. UDP is commonly used by DNS, TFTP, NFS, and SNMP. It is also used with real-time applications such as media streaming or VoIP. UDP is a connectionless transport layer protocol.
By default, UDP is not protected by any encryption. The lack of encryption allows anyone to look at the traffic, change it, and send it on to its destination.
UDP protocol attacks target the lack of protocol behaviors (UDP):
- UDP checksum attack
- UDP flood attack
- UDP DoS attacks

7.3 Attacking What We Do

ARP Vulnerabilities

Hosts broadcast an ARP Request to other hosts on the segment to determine the MAC address of a host with a particular IP address.
All hosts on the subnet receive and process the ARP Request.
The host with the matching IP address in the ARP Request sends an ARP Reply.

ARP Cache Poisoning

ARP cache poisoning attacks deliberately poison the cache of another computer with spoofed IP address to MAC address mappings.

DNS Attacks

DNS servers resolve names to IP addresses and are a major target of attackers. Some DNS exploits are:
- DNS Open Resolvers (public name servers)/DNS打开解析器(公共名称服务器)
- DNS Stealth Attacks/DNS隐形攻击
- DNS Shadowing Attacks – hijacked domains are used to create subdomains which are used to resolve to malicious web sites /DNS跟踪攻击——被劫持的域名用于创建子域名，用于解析恶意网站
- DNS Tunneling Attacks - hides malicious instructions inside DNS queries and responses/DNS隧道攻击——在DNS查询和响应中隐藏恶意指令

DNS Tunneling

Threat actors who use DNS tunneling place non-DNS traffic within DNS traffic. This method often circumvents security solutions. For the threat actor to use DNS tunneling, the different types of DNS records such as TXT, MX, SRV, NULL, A, or CNAME are altered. /使用DNS隧道的威胁参与者将非DNS流量放置在DNS流量中。这种方法通常会绕过安全解决方案。对于使用DNS隧道的威胁参与者，将更改不同类型的DNS记录，如TXT、MX、SRV、NULL、A或CNAME。

DHCP

A DHCP attack could result in every host on the network communicating with malicious DNS servers and gateways. A DHCP spoofing attack creates a rogue DHCP server to serve falsified information./DHCP攻击可能导致网络上的每台主机都与恶意DNS服务器和网关通信。会创建流氓DHCP服务器来提供伪造的信息。

HTTP and HTTPS

Browsing the Web is possibly the largest vector of attack. Security analysts should have in depth knowledge of how web attacks work.
- Malicious iFrames – an iFrame allows a page from a different domain to be opened inline within the current page. The iFrame can be used to launch malicious code./恶意iFrame——iFrame允许在当前页面内内联打开来自不同域的页面。iFrame可以用来启动恶意代码。
- HTTP 302 cushioning – allows a web page to redirect and open in a different URL. Can be used to redirect to malicious code./允许web页面以不同的URL重定向和打开。可用于重定向到恶意代码。
- Domain shadowing – malicious web sites are created from subdomains created from a hijacked domain.域跟踪——恶意网站是由被劫持域创建的子域创建的。

Email messages are accessed from many different devices that are often not protected by the company’s firewall.
- Attachment-based attacks – email with malicious executable files attached./基于附件的攻击
- Email spoofing – phishing attack where the message appears to come from a legitimate source./钓鱼攻击，其中的消息似乎来自一个合法的来源。
- Spam email – unsolicited email with advertisements or malicious content. /垃圾邮件
- Open mail relay server – massive amount of spam and worms can be sent by misconfigured email servers./打开邮件中继服务器-大量的垃圾邮件和蠕虫可以发送错误配置的电子邮件服务器。
- Homoglyphs – phishing scheme where text characters (hyperlinks) look similar to real text and links./同形文字-网络钓鱼方案，其中的文本字符(超链接)看起来类似于真实的文本和链接。

Web-Exposed Databases

Web applications commonly connect to a relational database. Because relational databases often contain sensitive data, databases are a frequent target for attacks.
- Command injection attacks – insecure code and web application allows OS commands to be injected into form fields or the address bar./命令注入攻击
- XSS Cross-site scripting attacks – insecure server-side scripting where the input is not validated allows scripting commands to be inserted into user generated forms fields, like web page comments. This results in visitors being redirected to a malicious website with malware code.
- SQL injection attacks – insecure server-side scripting allows SQL commands to be inserted into form fields where the input is not validated.
- HTTP injection attacks – manipulation of html allows executable code to be injected through HTML div tags, etc./HTTP注入攻击——html的操作允许通过html div标签等注入可执行代码。

第五章 Transport-Level Security

1.Web Security

Internet & Web are vulnerable, and have a variety of threats

- integrity confidentiality/保密
- denial of service authentication/认证
need added security mechanisms/需要添加安全机制

2.Web Security Threats

In terms of passive and active attacks
In terms of location of the threat

Web server、Web browser、Network traffic between browser and server

3.Web Traffic Security Approaches/Web流量安全方法

4.SSL (Secure Socket Layer)

transport layer security service
originally developed by Netscape
version 3 designed with public input
subsequently became Internet standard known as TLS (Transport Layer Security)
uses TCP to provide a reliable end-to-end service
SSL has two layers of protocols

5.SSL Architecture/ssl 架构

Can we find TCP three-way handshakes in a SSL traffic stream? Yes

SSL connection

a transient, peer-to-peer, communications link

associated with 1 SSL session

SSL session

an association between client & server/客户机和服务器之间的关联

created by the Handshake Protocol

define a set of cryptographic parameters/定义一组密码参数

may be shared by multiple SSL connections/可以由多个SSL连接共享

confidentiality

using symmetric encryption with a shared secret key defined by Handshake Protocol/使用对称加密和握手协议定义的共享密钥，如AES, IDEA, RC2-40, DES-40, DES, 3DES, Fortezza, RC4-40, RC4-128

message is compressed before encryption/加密前压缩消息

message integrity

using a MAC with shared secret key /使用共享密钥的MAC

similar to HMAC but with different padding/与HMAC相似，但填充不同

·SSL Handshake Protocol

Can SSL/TLS defend against SYN Flooding attack? No

SSL Record Protocol Operation/SSL记录协议操作

SSL Record Format/SSL记录格式

SSL Change Cipher Spec Protocol/SSL更改密码规范协议

one of 3 SSL specific protocols which use the SSL Record protocol/使用SSL记录协议的三个SSL特定协议之一

a single message

causes pending state to become current/使挂起状态变为当前状态

hence updating the cipher suite in use/因此更新正在使用的密码套件

SSL Alert Protocol/SSL警报协议

conveys SSL-related alerts to peer entity
severity/严重程度
- warning or fatal/警告或致命
specific alert
- fatal: unexpected message, bad record mac, decompression failure, handshake failure, illegal parameter/致命:意外消息，坏记录mac，解压失败，握手失败，非法参数
- warning: close notify, no certificate, bad certificate, unsupported certificate, certificate revoked, certificate expired, certificate unknown/警告:关闭通知，无证书，坏证书，不支持的证书，证书已撤销，证书过期，证书未知
compressed & encrypted like all SSL data/像所有SSL数据一样压缩和加密

SSL Handshake Protocol

allows server & client to:
- authenticate each other
- to negotiate encryption & MAC algorithms
- to negotiate cryptographic keys to be used
comprises a series of messages in phases/分阶段包含一系列消息

Establish Security Capabilities/建立安全功能
Server Authentication and Key Exchange/服务器身份验证和密钥交换
Client Authentication and Key Exchange/客户端身份验证和密钥交换
Finish

6.Cryptographic Computations/加密计算

master secret creation/创建主密钥
- a one-time 48-byte value
- generated using secure key exchange (RSA / Diffie-Hellman) and then hashing info/使用安全密钥交换(RSA / Diffie-Hellman)生成，然后哈希信息
generation of cryptographic parameters/生成密码参数
- client write MAC secret, a server write MAC secret, a client write key, a server write key, a client write IV, and a server write IV/客户端写MAC secret，服务器写MAC secret，客户端写密钥，服务器写密钥，客户端写IV，服务器写IV
- generated by hashing master secret/由哈希主密钥生成

7.TLS (Transport Layer Security)

IETF standard RFC 5246 similar to SSLv3
with minor differences
- in record format version number
- uses HMAC for MAC
- a pseudo-random function expands secrets
  - based on HMAC using SHA-1 or MD5
- has additional alert codes
- some changes in supported ciphers
- changes in certificate types & negotiations
- changes in crypto computations & padding

8.HTTPS

HTTPS (HTTP over SSL)
- combination of HTTP & SSL/TLS to secure communications between browser & server
  - documented in RFC2818
  - no fundamental change using either SSL or TLS
use https:// URL rather than http://
- and port 443 rather than 80
encrypts
- URL, document contents, form data, cookies, HTTP headers

In HTTPS， port 443 is usually used by Server！

HTTPS Use

connection initiation
- TLS handshake then HTTP request(s)
connection closure
- have “Connection: close” in HTTP record
- TLS level exchange close_notify alerts
- can then close TCP connection
- must handle TCP close before alert exchange sent or completed

9.Secure Shell (SSH)

protocol for secure network communications
- designed to be simple & inexpensive
SSH1 provided secure remote logon facility
- replace TELNET & other insecure schemes
- also has more general client/server capability
SSH2 fixes a number of security flaws
- documented in RFCs 4250 through 4256
SSH clients & servers are widely available
method of choice for remote login/ X tunnels

10.SSH Protocol Stack/SSH协议栈

SSH Transport Layer Protocol

server authentication occurs at transport layer, based on server/host key pair(s)/服务器身份验证发生在传输层，基于服务器/主机密钥对
- server authentication requires clients to know public host keys in advance/服务器身份验证要求客户端提前知道公共主机密钥
packet exchange/包交换
- establish TCP connection /建立TCP连接
- can then exchange data/然后可以交换数据
  - identification string exchange, algorithm negotiation, key exchange, end of key exchange, service request/识别字符串交换，算法协商，密钥交换，密钥交换结束，服务请求
- using specified packet format/使用指定的分组格式

SSH User Authentication Protocol

authenticates client to server
three message types:

SSH_MSG_USERAUTH_REQUEST||SSH_MSG_USERAUTH_FAILURE ||SSH_MSG_USERAUTH_SUCCESS

authentication methods used
- public-key, password, host-based

SSH Connection Protocol

runs on SSH Transport Layer Protocol
assumes secure authentication connection
used for multiple logical channels
- SSH communications use separate channels
- either side can open with unique id number
- flow controlled
- have three stages:
  - opening a channel, data transfer, closing a channel
- four types:
  - session, x11, forwarded-tcpip, direct-tcpip.

SSH Connection Protocol Exchange

11.Port Forwarding/端口转发

convert insecure TCP connection into a secure SSH connection/不安全的TCP连接转换为安全的SSH连接
- SSH Transport Layer Protocol establishes a TCP connection between SSH client & server/SSH传输层协议在SSH客户机和服务器之间建立TCP连接
- client traffic redirected to local SSH, travels via tunnel, then remote SSH delivers to server/客户机流量重定向到本地SSH，通过隧道传输，然后远程SSH将数据发送到服务器
supports two types of port forwarding/支持两种类型的端口转发
- local forwarding – hijacks selected traffic/本地转发-劫持选定的流量
- remote forwarding – client acts for server/远程转发——客户端代理服务器

第六章 Wireless NetWork Security

1.IEEE 802.11

IEEE 802 committee for LAN standard

charter to develop a protocol & transmission specifications for wireless LANs (WLANs)/特许为无线局域网(wlan)开发协议和传输规范

since then demand for WLANs, at different frequencies and data rates, has exploded/从那时起，对wlan的需求，以不同的频率和数据速率，出现了爆炸式增

2.Wi-Fi Alliance/无线网络联盟

initially for 802.11b, later extended to 802.11g
concerned with a range of WLANs markets, including enterprise, home, and hot spots

3.IEEE 802 Protocol Architecture/IEEE 802协议架构

4.Network Components & Architecture/网络组件及架构

5.802.11 Wireless LAN Security

wireless traffic can be monitored by any radio in range, not physically connected/无线电监控，非物理连
original 802.11 spec had security features
- Wired Equivalent Privacy (WEP) algorithm，but found this contained major weaknesses
802.11i task group developed capabilities to address WLAN security issues
- Wi-Fi Alliance Wi-Fi Protected Access (WPA)
- final 802.11i Robust Security Network (RSN)

6.802.11i RSN Services and Protocols/802.11i健壮安全网络(RSN)

802.11i RSN Cryptographic Algorithms/802.11i RSN密码算法

802.11i Phases of Operation/操作阶段

802.11i Discovery and Authent-ication Phases/发现和创作阶段

IEEE 802.1X Access Control Approach/IEEE 802.1X访问控制方法

802.11i Key Manage-ment Phase

802.11i Protected Data Transfer Phase/802.11i保护数据传输阶段

have two schemes for protecting data
Temporal Key Integrity Protocol (TKIP)/时间密钥完整性协议(TKIP)
- s/w changes only to older WEP/s/w只更改为较老的WEP
- adds 64-bit Michael message integrity code (MIC)/添加64位Michael消息完整性代码(MIC)
- encrypts MPDU plus MIC value using RC4/使用RC4加密MPDU加MIC值
Counter Mode-CBC MAC Protocol (CCMP)/计数器模式- cbc MAC协议(CCMP)
- uses the cipher block chaining message authentication code (CBC-MAC) for integrity/使用密码块链接消息验证码(CBC-MAC)实现完整性
- uses the CRT block cipher mode of operation/使用CRT分组密码操作模式

7.Other Security Problem

WEP Crack
DoS – Jamming
Evil Twin AP

第七章 Electronic Mail Security

1.Email Security

email is one of the most widely used and regarded network services
currently message contents are not secure
- may be inspected either in transit
- or by suitably privileged users on destination system

2.Email Security Enhancements/电子邮件安全增强

confidentiality保密性：protection from disclosure/防止披露
authentication认证性：of sender of message/消息发送者
message integrity消息完整性：protection from modification /防止修改
non-repudiation of origin不可否认性：protection from denial by sender/防止发件人拒绝

3.Pretty Good Privacy (PGP)

widely used de facto secure email/广泛使用的事实上的安全电子邮件
developed by Phil Zimmermann
selected best available crypto algs to use/选择可用的最佳加密算法
integrated into a single program/集成到一个单独的程序
on Unix, PC, Macintosh and other systems
originally free, now also have commercial versions available

PGP Operation – Authentication

sender creates message
make SHA-1160-bit hash of message
attached RSA signed hash to message
receiver decrypts & recovers hash code
receiver verifies received message hash

PGP Operation – Confidentiality

sender forms 128-bit random session key

encrypts message with session key
attaches session key encrypted with RSA
receiver decrypts & recovers session key
session key is used to decrypt message

PGP Operation – Confidentiality & Authentication /PGP操作-机密性和认证

can use both services on same message

- create signature & attach to message
- encrypt both message & signature
- attach RSA/ElGamal encrypted session key

PGP Operation – Compression/压缩

by default PGP compresses message after signing but before encrypting
- so can store uncompressed message & signature for later verification
- & because compression is non deterministic
uses ZIP compression algorithm

PGP Operation – Email Compatibility/电子邮件的兼容性

when using PGP will have binary data to send (encrypted message etc)
- however email was designed only for text
hence PGP must encode raw binary data into printable ASCII characters/PGP必须将原始二进制数据编码为可打印的ASCII字符
uses radix-64 algorithm
- maps 3 bytes to 4 printable chars/将3个字节映射到4个可打印字符
- also appends a CRC/附加一个CRC
PGP also segments messages if too big/如果消息太大，PGP也会对消息进行分段

PGP Operation – Summary

PGP Session Keys

need a session key for each message
- of varying sizes: 56-bit DES, 128-bit CAST or IDEA, 168-bit Triple-DES
generated using ANSI X12.17 mode
uses random inputs taken from previous uses and from keystroke timing of user

PGP Public & Private Keys

since many public/private keys may be in use, need to identify which is actually used to encrypt session key in a message
- could send full public-key with every message
- but this is inefficient
rather use a key identifier based on key
- least significant 64-bits of the key
- will very likely be unique
also use key ID in signatures

PGP Message Format/PGP消息格式

PGP Key Rings

each PGP user has a pair of keyrings:

- public-key ring contains all the public-keys of other PGP users known to this user, indexed by key ID
- private-key ring contains the public/private key pair(s) for this user, indexed by key ID & encrypted keyed from a hashed passphrase
security of private keys thus depends on the pass-phrase security

PGP Message Generation

PGP Message Reception

PGP Key Management

rather than relying on certificate authorities
in PGP every user is own CA
- can sign keys for users they know directly
forms a “web of trust”
- trust keys have signed
- can trust keys others have signed if have a chain of signatures to them
key ring includes trust indicators
users can also revoke their keys

PGP Trust Model Example

4.S/MIME (Secure/Multipurpose Internet Mail Extensions)

security enhancement to MIME email/MIME电子邮件的安全增强
- original Internet RFC822 email was text only/原始Internet RFC822电子邮件仅为文本
- MIME provided support for varying content types and multi-part messages/对不同内容类型和多部分消息的支持
- with encoding of binary data to textual form/以文本形式对二进制数据进行编码
- S/MIME added security enhancements/添加了安全增强功能
have S/MIME support in many mail agents/邮件代理中具有S/MIME支持: MS Outlook, Mozilla, Mac Mail etc

S/MIME Certificate Processing/S/MIME认证处理

S/MIME uses X.509 v3 certificates (Ch.4)
managed using a hybrid of a strict X.509 CA hierarchy & PGP’s web of trust
each client has a list of trusted CA’s certs
and own public/private key pairs & certs
certificates must be signed by trusted CA’s

Certificate Authorities/证书颁发机构

have several well-known CA’s
Verisign one of most widely used/Verisign是应用最广泛的
Verisign issues several types of Digital IDs/Verisign发行几种类型的数字id
increasing levels of checks & hence trust/增加检查级别&因此增加信任

Class Identity Checks Usage

1 name/email check web browsing/email

2 + enroll/addr check email, subs, s/w validate

3 + ID documents e-banking/service access

Internet Mail Architecture

第八章 IP 安全/IP Security

1.Chapter 8 IP Security

IPv4 Header

IPv6 Header

2.IP Security Overview/IP安全概述

IPSec is not a single protocol. Instead, IPSec provides a set of security algorithms plus a general framework that allows a pair of communicating entities to use whichever algorithms provide security appropriate for the communication./IPSec不是一个单一的协议。相反，IPSec提供了一组安全算法和一个通用框架，允许一对通信实体使用任何为通信提供适当安全的算法。

Applications of IPSec/IPSec的应用

Secure branch office connectivity over the Internet
Secure remote access over the Internet
Establsihing extranet and intranet connectivity with partners
Enhancing electronic commerce security

IP Security Scenario/IP安全场景

Benefits of IPSec/IPSec的好处
- Transparent to applications (below transport layer (TCP, UDP)/对应用程序透明(传输层(TCP、UDP)以下)
- Provide security for individual users/为个人用户提供安全性
IPSec can assure that:/IPSec可以保证
- A router or neighbor advertisement comes from an authorized router/路由器或邻居广告来自授权路由器
- A redirect message comes from the router to which the initial packet was sent/重定向消息来自发送初始包的路由器
- A routing update is not forged/路由更新不是伪造的

3.IP Security Architecture/IP安全架构

IPSec documents:
- RFC 2401: An overview of security architecture
- RFC 2402: Description of a packet encryption extension to IPv4 and IPv6
- RFC 2406: Description of a packet emcryption extension to IPv4 and IPv6
- RFC 2408: Specification of key managament capabilities

4.IPSec Document Overview/IPsec文档概述

5.IPSec Services

Access Control/访问控制 Connectionless integrity/无连接的完整性

Data origin authentication/数据来源认证 Rejection of replayed packets/拒绝重播包

Confidentiality (encryption)/保密(加密) Limited traffic flow confidentiallity/有限的交通流量保密

6.Security Associations (SA)/安全协会SA

A one way relationship between a sender and a receiver./发送方和接收方之间的单向关系。
Identified by three parameters:/由三个参数确定:
- Security Parameter Index (SPI)/安全参数索引(SPI)
- IP Destination address/IP目的地址
- Security Protocol Identifier/安全协议标识符

	Transport Mode SA	Tunnel Mode SA
AH	Authenticates IP payload and selected portions of IP header and IPv6 extension headers	Authenticates entire inner IP packet plus selected portions of outer IP header
ESP	Encrypts IP payload and any IPv6 extesion header	Encrypts inner IP packet
ESP with authentication	Encrypts IP payload and any IPv6 extesion header. Authenticates IP payload but no IP header	Encrypts inner IP packet. Authenticates inner IP packet.

Before applying AH

Tunnel Mode (AH Authentication)

Authentication Header

Provides support for data integrity and authentication (MAC code) of IP packets.

Guards against replay attacks.

End-to-end versus End-to-Intermediate Authentication

Encapsulating Security Payload/封装安全载荷

ESP provides confidentiality services/ESP提供保密服务

Encryption and Authentication Algorithms

Encryption:
- Three-key triple DES
- RC5
- IDEA
- Three-key triple IDEA
- CAST
- Blowfish
Authentication:
- HMAC-MD5-96
- HMAC-SHA-1-96

ESP Encryption and Authentication

Combinations of Security Associations

7.Key Management

Two types:
- Manual/人工
- Automated /自动化
  - Oakley Key Determination Protocol
    - Three authentication methods:

- - - - Digital signatures
      - Public-key encryption
      - Symmetric-key encryption

- - Internet Security Association and Key Management Protocol (ISAKMP)

第九章 INTRUDERS

1.Intruders/入侵者

significant issue for networked systems is hostile or unwanted access/网络系统的一个重要问题是恶意访问或不想要的访问
either via network or local/无论是通过网络还是本地
can identify classes of intruders:/可以识别入侵者的类别:
- masquerader/冒充者||misfeasor/违法行为者||clandestine user/秘密的用户
varying levels of competence/不同水平的能力

2.Examples of Intrusion

remote root compromise web server defacement
guessing / cracking passwords copying viewing sensitive data / databases
running a packet sniffer distributing pirated software
using an unsecured modem to access net impersonating a user to reset password
using an unattended workstation

3.Hackers

motivated by thrill/刺激 of access and status/访问和地位
- hacking community a strong meritocracy/黑客社区强有力的任人唯贤。
- status is determined by level of competence/地位是由能力水平决定的。
benign intruders might be tolerable/良性入侵者可能是可以容忍的

do consume resources and may slow performance||can’t know in advance whether benign or malign

IDS / IPS / WAF/ VPNs can help counter
awareness led to establishment of CERTs
- collect / disseminate vulnerability info / responses//收集/传播漏洞信息/响应

Hacker Behavior Example

select target using IP lookup tools
map network for accessible services
identify potentially vulnerable services
brute force (guess) passwords
install remote administration tool
wait for admin to log on and capture password
use password to access remainder of network

4.Criminal Enterprise/犯罪集团

organized groups of hackers now a threat/有组织的黑客团体现在是一个威胁
- corporation / government / loosely affiliated gangs/公司/政府/松散的帮派
- typically young/通常年轻
- often Eastern European or Russian hackers
- often target credit cards on e-commerce server/经常针对电子商务服务器上的信用卡
criminal hackers usually have specific targets/犯罪黑客通常有特定的目标
once penetrated act quickly and get out/一旦被渗透，迅速行动并出去
IDS / IPS help but less effective/id / ip有所帮助，但效果较差
sensitive data needs strong protection/敏感数据需要强有力的保护

Criminal Enterprise Behavior/犯罪行为

act quickly and precisely to make their activities harder to detect/迅速而准确地采取行动，使他们的活动更难被发现
exploit perimeter via vulnerable ports/利用周界通过脆弱的港口
use trojan horses (hidden software) to leave back doors for re-entry/使用木马(隐藏的软件)离开后门重新进入
use sniffers to capture passwords/使用嗅探器捕获密码
do not stick around until noticed/不要逗留，直到有人发现
make few or no mistakes. /少犯或不犯错误。

5.Insider Attacks/内部攻击者

among most difficult to detect and prevent/其中最难以发现和预防
employees have access & systems knowledge/员工具有访问和系统知识
may be motivated by revenge / entitlement/可能是出于报复/权利
- when employment terminated/当就业终止
- taking customer data when move to competitor/将客户数据转移到竞争对手那里
IDS / IPS may help but also need:/id / IPS可能有帮助，但也需要:
- least privilege, monitor logs, strong authentication, termination process to block access & mirror data/最少的特权，监控日志，强认证，终止进程来阻止访问和镜像数据

Insider Behavior Example

create network accounts for themselves and their friends
access accounts and applications they wouldn't normally use for their daily jobs
e-mail former and prospective employers
conduct furtive instant-messaging chats
visit web sites that cater to disgruntled employees, such as f'dcompany.com
perform large downloads and file copying
access the network during off hours.

6.Intrusion Techniques/入侵技术

aim to gain access and/or increase privileges on a system/目标是获得访问和/或增加系统上的特权
often use system / software vulnerabilities/经常使用系统/软件漏洞
key goal often is to acquire passwords/关键目标通常是获取密码
- so then exercise access rights of owner/然后行使所有者的访问权
basic attack methodology
- target acquisition and information gathering /目标获取和信息收集
- initial access /首次访问
- privilege escalation /特权升级
- covering tracks /覆盖跟踪

Password Guessing

one of the most common attacks
attacker knows a login (from email/web page etc)
then attempts to guess password for it
- defaults, short passwords, common word searches
- user info (variations on names, birthday, phone, common words/interests)
- exhaustively searching all possible passwords
check by login or against stolen password file
success depends on password chosen by user
surveys show many users choose poorly

Password Capture/密码捕获

another attack involves password capture
- watching over shoulder as password is entered
- using a trojan horse program to collect
- monitoring an insecure network login
  - eg. telnet, FTP, web, email
- extracting recorded info after successful login (web history/cache, last number dialed etc)
using valid login/password can impersonate user
users need to be educated to use suitable precautions/countermeasures

7.Intrusion Detection/入侵检测

inevitably will have security failures/将不可避免地出现安全故障
so need also to detect intrusions so can
- block if detected quickly/快速检测到阻塞
- act as deterrent/作为威慑
- collect info to improve security/收集信息以提高安全性
assume intruder will behave differently to a legitimate user/假设入侵者的行为与合法用户不同
- but will have imperfect distinction between

Anderson and the Audit Reduction Problem

Anderson wrote a report for the U.S. Air Force in 1980
Seminal work on intrusion detection
Changes to computer audit mechanisms to provide information
The goal is audit reduction
- The elimination of redundant of irrelevant records from security audit trails

Denning, Neumann, and IDES

Late 1980s – Real-time Intrusion Detection
- Principles formalized by D. Denning (from Purdue)
- Created the Intrusion Detection Expert System (IDES)/创建入侵检测专家系统(ide)
  - Hybrid of anomaly detection and an expert system/异常检测与专家系统的结合
  - Used adaptive statistical profiles and policy rules/使用自适应统计概要和策略规则
- Seminal work in intrusion detection. Many more followed
  - Haystack, MIDAS, NADIR, NSM, Wisdom and Sense

Information Source:System calls, system logs, application logs, audit…

信息来源:系统调用、系统日志、应用程序日志、审计……

Approaches to Intrusion Detection/入侵检测方法

statistical anomaly detection/统计异常检测

- attempts to define normal/expected behavior/试图定义正常/预期行为
- threshold/阈值
- profile based/基于配置文件
rule-based detection(or signature-based, or misuse detection)/基于规则的检测(或基于签名的检测，或误用检测)
- attempts to define proper/bad behavior/试图定义正确/错误的行为
- penetration identification/渗透识别

Statistical Anomaly Detection/统计异常探测

threshold detection/阈值检测
- count occurrences of specific event over time/计算特定事件在一段时间内的出现次数
- if exceed reasonable value assume intrusion/如超过合理值，则视为侵入
- alone is a crude & ineffective detector/单独是一种粗糙而无效的探测器
profile based/基于配置文件
- characterize past behavior of users/描述用户过去的行为
- detect significant deviations from this/检测明显的偏离
- profile usually multi-parameter/配置文件通常多参数

Audit Record Analysis/审计记录分析

foundation of statistical approaches/统计方法基础
analyze records to get metrics over time/分析记录以获得随时间变化的度量
- counter, gauge, interval timer, resource use
use various tests on these to determine if current behavior is acceptable/使用各种测试来确定当前行为是否可以接受
- mean & standard deviation, multivariate, markov process, time series, operational
- machine learning methods
key advantage is no prior knowledge used/关键优势是不使用先验知识

Strengths and Drawbacks/优缺点

Strengths
- Discover unknown vulnerabilities/发现未知的漏洞
- Do not require the constant updates/不需要不断更新
Drawbacks
- Perform batch mode processing/执行批处理模式
- Do not take into account the sequential relationships between events/不考虑事件之间的顺序关系
- High false alarm rates ( including false negative and false positive) /高误报率(包括假阴性及假阳性

Rule-Based Intrusion Detection/基于规则的入侵检测

observe events on system & apply rules to decide if activity is suspicious or not/观察系统上的事件并应用规则来判断活动是否可疑
rule-based detection
- analyze historical audit records to identify usage patterns & auto-generate rules for them/分析历史审计记录，以确定使用模式和自动生成规则
- then observe current behavior & match against rules to see if conforms/然后观察当前的行为和与规则的匹配，看看是否符合
rule-based penetration identification/基于规则的渗透识别

uses expert systems technology/使用专家系统技术
with rules identifying known penetration, weakness patterns, or suspicious behavior/通过规则识别已知的渗透、弱点模式或可疑行为
compare audit records or states against rules/根据规则比较审计记录或状态
rules usually machine & O/S specific/规则通常是机器和O/S特定的
rules are generated by experts who interview & codify knowledge of security admins/规则由访问和编纂安全管理员知识的专家生成
quality depends on how well this is done/质量取决于这项工作做得有多好

Strengths
- Accurate
- low false alarm rates ( including false negative and false positive)
Drawbacks
- Cannot discover unknown vulnerabilities
- Require the constant updates

Base-Rate Fallacy/基础概率谬误

practically an intrusion detection system needs to detect a substantial percentage of intrusions with few false alarms/实际上，入侵检测系统需要在几乎没有虚假警报的情况下检测出相当大比例的入侵
- if too few intrusions detected -> false security/如果检测到的入侵太少->假安全
- if too many false alarms -> ignore / waste time/如果太多的错误警报->忽略/浪费时间
this is very hard to do
existing systems seem not to have a good record

Demo-Snort

An open source network intrusion prevention and detection system (IDS/IPS)
Network-based
Approaches:
- Signature (or rule-based)
- Protocol
- Anomaly-based inspection

Distributed Intrusion Detection/分布式入侵检测

traditional focus is on single systems
but typically have networked systems
more effective defense has these working together to detect intrusions
issues
- dealing with varying audit record formats/处理不同的审计记录格式
- integrity & confidentiality of networked data/网络数据的完整性和保密性
- centralized or decentralized architecture/集中式或分散式架构

Agent Implementation/实现代理

8.Honeypots

decoy systems to lure attackers/引诱攻击者的诱饵系统
- away from accessing critical systems/远离关键系统
- to collect information of their activities/收集他们活动的资料
- to encourage attacker to stay on system so administrator can respond/鼓励攻击者留在系统上，以便管理员可以响应
are filled with fabricated information/是否充斥着虚假的信息
instrumented to collect detailed information on attackers activities/用于收集关于攻击者活动的详细信息
single or multiple networked systems：Honeynet

9.Intrusion Detection Exchange Format/入侵检测交换格式

Facilitate the development of distributed IDS
cf IETF Intrusion Detection WG standards
Interoperability
- IDS
- Response Systems
- Honeypot or Honeynet
- Firewall
- ……

10.Password Management

front-line defense against intruders/前线防御入侵者
users supply both:
- login – determines privileges of that user
- pasord – to identify them
passwords often stored encrypted/加密存储
- Unix uses multiple DES (variant with salt)/UNIX使用多个DES(带有SALT的变体)
- more recent systems use crypto hash function/更新的系统使用加密散列函数
should protect password file on system/应保护系统上的密码文件

思科网院课件第11章

11.1Technologies and Protocols

Syslog and NTP
- Syslog and Network Time Protocol (NTP) essential to work of cybersecurity analyst

- - Syslog is used for logging event messages from network devices and endpoints./设备和端点
  - Syslog servers typically listen on UDP port 514.
  - Syslog servers may be a target for threat actors.
  - Hackers may block the transfer of data, tamper with log data, or tamper with software that creates and transmits log messages.
  - Enhancements provided by syslog-ng (next generation).
- NTP/网络时间协议Network Time Protocol
  - Syslog messages are usually timestamped(时间戳) using the Network Time Protocol (NTP).
  - NTP operates on UDP port 123.
  - Timestamps are essential for detection of an exploit./时间戳对于检测利用漏洞是必不可少的
  - Threat actors may attempt to attack NTP to corrupt time information used to correlate logged network events./攻击NTP以破坏用于关联记录的网络事件的时间信息。
  - Threat actors use NTP systems to direct DDoS attacks.
DNS
- DNS is used by many types of malware.
- Attackers encapsulate different network protocols within DNS to evade security devices./攻击者在DNS中封装不同的网络协议以逃避安全设备。
- Some malware use DNS to communicate with command-and-control (CnC) servers and to exfiltrate data in traffic disguised as normal DNS queries. /某些恶意软件使用DNS与命令和控制（CnC）服务器通信，并在伪装成普通DNS查询的流量中泄露数据。
- Malware could encode stolen data as the subdomain portion of a DNS lookup for a domain where the nameserver is under control of an attacker. /恶意软件可以将被盗数据编码为名称服务器受攻击者控制的域的DNS查找的子域部分。
- DNS queries for randomly generated domain names, or extremely long random-appearing subdomains, should be considered suspicious, especially if their occurrence spikes dramatically on the network. /对随机生成的域名或极长随机出现的子域的DNS查询应该被认为是可疑的，特别是如果它们的出现在网络上出现严重影响。
HTTP and HTTPS
- All information carried in HTTP is transmitted in plaintext from the source computer to the destination on the Internet./明文形式传输.HTTP does not protect data from alteration or interception.
- Web-based threats consist of malware scripts that have been planted on webservers that direct browsers to infected servers by loading iframes. /基于Web的威胁包括安装在Web服务器上的恶意软件脚本，这些脚本通过加载iframe将浏览器定向到受感染的服务器。

- In iFrame injection, a threat actor compromises a webserver and plants malicious code which creates an invisible iFrame on a commonly visited webpage. /危及Web服务器并植入恶意代码，该恶意代码在通常访问的网页上创建不可见的IFRAME。
- When the iFrame loads, malware is downloaded/当IFrame加载时，将下载恶意软件。
- HTTPS adds a layer of encryption to the HTTP protocol by using secure socket layer (SSL).
- SSL makes the HTTP data unreadable as it leaves the source computer until it reaches the server.
- Encrypted HTTPS traffic complicates network security monitoring./HTTPS使网络安全监控复杂化。
- HTTPS adds complexity to packet captures.增加了数据包捕获的复杂性。

Email protocols
- Email protocols such as SMTP, POP3, and IMAP can be used by threat actors to spread malware, exfiltrate data, or provide channels to malware CnC servers.
  - SMTP sends data from a host to a mail server and between mail servers and is not always monitored. /将数据从主机发送到邮件服务器，在邮件服务器之间，并不总是被监视。
  - IMAP and POP3 are used to download email messages from a mail server to the host computer and can be responsible for bringing malware to the host./IMAP和POP3用于将电子邮件消息从邮件服务器下载到主机，并负责将恶意软件带到主机。
  - Security monitoring can identify when a malware attachment entered the network and which host it first infected./安全监控可以识别恶意软件附件何时进入网络以及最初感染的主机。
ICMP——can be used to craft a number of types of exploits./制作多种类型的漏洞

- Can be used to identify hosts on a network, the structure of a network, and determine the operating systems at use on the network. /可用于标识网络上的主机、网络结构以及确定网络上使用的操作系统。
- Can also be used as a vehicle for various types of DoS attacks.
- ICMP can also be used for data exfiltration through ICMP traffic from inside the network.
  - ICMP tunneling - Malware uses crafted ICMP packets to transfer files from infected hosts to threat actors. /使用精心编制的ICMP数据包将文件从受感染的主机传输到威胁参与者。
ACLs--ACLs may provide a false sense of security./ACL可能提供错误的安全感
- Attackers can determine which IP addresses, protocols, and ports are allowed by Access Control Lists (ACLs), by port scanning, penetration testing, or through other forms of reconnaissance./确定访问控制列表(ACL)、端口扫描、渗透测试或其他形式的侦察允许哪些IP地址、协议和端口。
- Attackers can craft packets that use spoofed source IP addresses or applications can establish connections on arbitrary ports. /攻击者可以手工创建使用欺骗源IP地址的数据包，或者应用程序可以在任意端口上建立连接。
NAT and PAT——can complicate security monitoring./会使安全监控复杂化

- Multiple IP addresses are mapped to one or more public addresses that are visible on the Internet./多个IP地址映射到Internet上可见的一个或多个公有地址
- Hides the individual IP addresses that are inside the network./隐藏网络内的各个IP地址
Encryption, Encapsulation, and Tunneling/加密、封装和隧道
- Encryption
  - Makes traffic contents unreadable by cybersecurity analysts./流量内容无法被安全分析人员读取
  - Part of Virtual Private Network (VPN) and HTTPS.
- Virtual point-to-point connection between an internal host and threat actor devices
  - Malware can establish an encrypted tunnel that rides on a common and trusted protocol, and use it to exfiltrate data from the network./恶意软件建立加密隧道，并从网络中渗出数据。
- Peer-to-Peer Networking and Tor
  - Peer-to-Peer network activity
  - Can circumvent firewall protections and is a common vector for the spread of malware. /传播恶意软件的媒介
    - Three types of Peer-to-Peer applications exist: file sharing, processor sharing, and IM/存在三种类型的对等应用程序：文件共享、处理器共享和IM。
    - File-sharing P2P applications should not be allowed on corporate networks./公司网络上不应允许文件共享P2P应用程序
- Tor is a software platform and network of Peer-to-Peer hosts that function as Internet routers on the Tor network. ToR是对等主机的软件平台和网络，用作ToR网络上的Internet路由器。
  - Allows users to browse the Internet anonymously using a special browser./允许用户使用特殊浏览器匿名浏览Internet。
  - Can be used to hide identity of threat actors and used by criminal organizations/可用于隐藏威胁行为者的身份并被犯罪组织使用
Load Balancing
- Load balancing is the distribution of traffic between devices or network paths to prevent overwhelming network resources.负载平衡是在设备或网络路径之间分配流量，以防止网络资源过多。
  - Some load balancing approaches use DNS to send traffic to resources that have the same domain name but multiple IP addresses. /一些负载平衡方法使用DNS将流量发送到具有相同域名但具有多个IP地址的资源。
  - his can result in a single Internet transaction being represented by multiple IP addresses on the incoming packets. /HIS可以导致单个因特网事务由传入分组上的多个IP地址来表示。
  - This may cause suspicious features to appear in packet captures. /导致可疑特征出现在数据。

11.2 Log Files

Alert Data/警报数据

Alert Data consists of messages generated by IPSs or IDSs in response to traffic that violates a rule or matches the signature of a known exploit. /警报数据由IPS或IDS响应违反规则或匹配已知利用漏洞的签名的流量而生成的消息组成
A network IDS (NIDS), such as Snort, comes configured with rules for known exploits. /配置有已知的规则
Alerts are generated by Snort and are made readable and searchable by applications such as Sguil, which are part of the Security Onion suite of NSM tools./警报由Snort生成，可由Sguil等应用程序读取和搜索，这些应用程序是安全Onion NSM工具套件的一部分。

Session and Transaction Data/会话和事务数据

Session Data is a record of a conversation between two network endpoints.
- Includes a session ID, the amount of data transferred by source and destination, and information related to the duration of the session.会话持续时间
- Bro is a network security monitoring tool./BRO是一种网络安全监控工具。
Transaction data consists of the messages that are exchanged during network sessions/事务数据由在网络会话期间交换的消息组成
- Can be viewed in packet capture transcripts. /可以在数据包捕获记录中查看

Full Packet Capture/完整数据包捕获

Full Packet Capture contains the actual contents of the conversations themselves, including the text of email messages, the HTML in webpages, and the files that enter or leave the network.

Statistical Data/统计数据

Statistical Data is about network traffic.
- Created through the analysis of other forms of network data.
- Allow conclusions to be made that describe or predict network behavior.
- Normal network behavior can be compared to current traffic to detect anomalies.
Cisco Cognitive Threat Analytics is a NSM tool.
- Able to find malicious activity that has bypassed security controls, or entered through unmonitored channels (including removable media), and is operating inside an organization’s environment.

Host Logs

Host-based intrusion protection (HIDS) runs on individual hosts.
- HIDS not only detects intrusions, but in the form of host-based firewalls, can also prevent intrusion.
- Creates logs and stores them on the host.
- Microsoft Windows host logs are visible locally through Event Viewer.
- Event Viewer keeps four types of logs: Application logs, System logs, Setup logs, and Security logs.

Syslog

Many types of network devices can be configured to log events to syslog servers.
- Client/server protocol
- Syslog messages have three parts: PRI (priority), HEADER, and MSG (message text).
  - PRI consists of two elements, the Facility and Severity of the message.
  - Facility consists of broad categories of sources that generated the message, such as the system, process, or application, directs message to appropriate log file.
  - Severity is a value from 0-7 that defines the severity of the message.

Server Logs

Server Logs are an essential source of data for network security monitoring.
- Email and web servers keep access and error logs.
- DNS proxy server logs document all DNS queries and responses that occur on the network.
- DNS proxy logs can identify hosts that visited dangerous websites and identify DNS data exfiltration and connections to malware CnC servers.

Apache Webserver Access Logs

Apache Webserver access logs record the requests for resources from clients to the server.
- Two log formats
  - Common log format (CLF)
  - Combined log format, which is CLF with the addition of the referrer and user agent fields

IIS Access Logs

Microsoft IIS creates access logs that can be viewed from the server with Event Viewer.

SIEM and Log Collection

- Security Information and Event Management (SIEM) technology
  - Provides real-time reporting and long-term analysis of security events.
  - Uses the following functions: Log collection, Normalization, Correlation, Aggregation, Reporting, Compliance
  - A popular SIEM is Splunk..

TCPdump

Tcpdump command line tool is a popular packet analyzer.
- Displays packet captures in real time, or writes packet captures to a file.
- Captures detailed packet protocol and content data.
- Wireshark is a GUI built on tcpdump functionality.
tcpdump命令行工具是一个流行的数据包分析器。实时显示数据包捕获，或将数据包捕获写入文件。捕获详细的数据包协议和内容数据。Wireshark是基于tcpdump功能构建的GUI。

NetFlow

Application Visibility and Control

Content Filter Logs

Devices that provide content filtering
- Cisco Email Security Appliance (ESA)
- Cisco Web Security Appliance (WSA)
Provide a wide range of functionalities for security monitoring. Logging is available for many of these functionalities.

Logging from Cisco Devices

Cisco devices can be configured to submit events and alerts to security management platforms using SNMP or syslog.

Proxy Logs

Proxy servers contain valuable logs that are a primary source of data for network security monitoring.
- Proxy servers make requests for resources and return them to the client.
- Generate logs of all requests and responses.
- Can be analyzed to determine which hosts are making the requests, whether the destinations are safe or potentially malicious, and to gain insights into the kind of resources that have been downloaded.
Web proxies provide data that helps determine whether responses from the web were generated in response to legitimate requests or only appear to be responses.
Open DNS offers a hosted DNS service that extends the capability of DNS to include security enhancements.
- DNS super proxy
- Apply real-time threat intelligence to managing DNS access and the security of DNS records

NextGen IPS

Cisco NexGen IPS devices extend network security to the application layer and beyond.
- Provide more functionality than previous generations of network security devices.
- Include reporting dashboards with interactive features that allow quick reports on very specific information without the need for SIEM or other event correlators.
- Use FirePOWER Services to consolidate multiple security layers into a single platform.
- FirePOWER services include application visibility and control, reputation and category-based URL filtering, and Advanced Malware Protection (AMP).

思科网院课件第12章Intrusion Data Analysis

12.1 Evaluating Alerts

Security Onion

Security Onion is an open-source suite of Network Security Monitoring (NSM) tools that run on an Ubuntu Linux distribution./Security Onion是在Ubuntu发行版上运行的网络安全监控(NSM)工具的开源套件。
Some components of Security Onion are owned and maintained by corporations, such as Cisco and Riverbend Technologies, but are made available as open source.

Detection Tools for Collection/用于收集的检测工具

CapME provides the cybersecurity analyst with an easy-to-read means of viewing an entire Layer 4 session./CapME为网络安全分析师提供了查看整个第4层会话的易于阅读的方法
Snort uses rules and signatures to generate alerts./Snort使用规则和签名来生成警报。
Bro uses policies, in the form of scripts that determine what data to log and when to issue alert notifications./BRO使用脚本形式的策略，以确定要记录哪些数据以及何时发出警报通知。
OSSEC actively monitors host system operations, including conducting file integrity monitoring, local log monitoring, system process monitoring, and rootkit detection./OSSEC积极监视主机系统操作，包括执行文件完整性监视、本地日志监视、系统进程监视和rootkit检测。
Suricata uses native multithreading, which allows the distribution of packet stream processing across multiple processor cores./Suricata使用本机多线程，这允许跨多个处理器核心分发数据包流处理。

Analysis Tools

Sguil – This provides a high-level cybersecurity analysts’ console for investigating security alerts from a wide variety of sources./提供了一个高级网络安全分析员控制台，用于调查来自各种来源的安全警报。
ELSA – Logging sources such as HIDS, NIDS, firewalls, syslog clients and servers, domain services, and others can be configured to make their logs available to ELSA databases./可以配置ELSA日志记录源(如HID、NID、防火墙、syslog客户端和服务器、域服务等)，使其日志可用于ELSA数据库。
Wireshark – This is a packet capture application that is integrated into the Security Onion suite.这是集成到Security Onion套件中的数据包捕获应用程序。

Alert Generation/生成警报

Alerts are generated in Security Onion by many sources including Snort, Bro, Suricata, and OSSEC, among others./警报由许多来源(包括Snort、Bro、Suricata和OSSEC等)在Security Onion中生成。
Sguil provides a console that integrates alerts from multiple sources into a timestamped queue./SGUIL提供了一个控制台，它将来自多个源的警报集成到一个带时间戳的队列中。
Alerts will generally include the following five-tuples information:/五元组
- SrcIP - the source IP address for the event.
- SPort - the source (local) Layer 4 port for the event.
- DstIP - the destination IP for the event.
- DPort - the destination Layer 4 port for the event.
- Pr - the IP protocol number for the event

Rules and Alerts

Alerts can come from a number of sources:
- NIDS - Snort, Bro and Suricata
- HIDS – OSSEC
- Asset management and monitoring - Passive Asset Detection System (PADS)/资产管理和监控.被动资产检测系统(PADS)
- HTTP, DNS, and TCP transactions - Recorded by Bro and pcaps
- Syslog messages - Multiple sources

Evaluating Alerts/评估警报

Alerts can be classified as follows:
- True Positive: The alert has been verified to be an actual security incident/实际安全事件
- False Positive: The alert does not indicate an actual security incident.误报：警报不表示实际的全事件
- True Negative: No security incident has occurred. /确实没有安全事件
- False Negative: An undetected incident has occurred./漏报：发生了未检测到的事件

Deterministic Analysis and Probabilistic Analysis/确定性分析与概率分析

Statistical techniques can be used to evaluate the risk that exploits will be successful in a given network. /统计技术可用于评估在给定网络中利用漏洞将成功的风险
- Deterministic Analysis – evaluates risk based on what is known about a vulnerability./确定性分析-基于已知的漏洞评估风险
- Probabilistic Analysis – estimates the potential success of an exploit by estimating the likelihood that if one step in an exploit has successfully been completed that the next step will also be successful./概率分析-通过估计攻击中的一个步骤成功完成的可能性，估计下一步也将成功的可能性，来估计攻击的潜在成功。

12.2 Working with Network Security Data

Enterprise Log Search and Archive (ELSA) is an enterprise-level tool for searching and archiving NSM data that originates from multiple sources. /企业日志搜索和归档是用于搜索和归档源自多个源的NSM数据的企业级工具。

Data Reduction/数据缩减

Data reduction is the identification of data that should be gathered and stored to reduce the burden on systems./数据缩减是对应该收集和存储的数据的标识，以减少系统的负担。
By limiting the volume of data, tools like ELSA will be far more useful./通过限制数据量，工具更加有用。

Data Normalization/数据规范化

Data normalization is the process of combining data from a number of sources into a common format for indexing and searching./数据规范化是将来自多个源的数据组合成用于索引和搜索的通用格式的过程。

Types of Evidence

In legal proceedings, evidence is broadly classified:/在法律诉讼中，证据大致分类如下
- Direct evidence was indisputably in the possession of the accused, or is eyewitness evidence from someone who observed criminal behavior. /直接证据无可争议地由被告人掌握，或者是观察到犯罪行为的人的目击者证据
- Best evidence is evidence that is in its original state./最好的证据是证据处于原始状态
- Corroborating evidence supports an assertion that is developed from best evidence./确凿证据支持从最佳证据发展出来的断言
- Indirect evidence, in combination with other facts, establishes a hypothesis. Also know as circumstantial evidence间接证据与其他事实相结合，建立了一个假设。也被称为间接证据。

第十章 Malicious Software

1.Types of Malicious Software

Backdoor or Trapdoor

secret entry point into a program/程序的秘密入口点
allows those who know access bypassing usual security procedures/允许那些知道访问绕过通常的安全程序
have been commonly used by developers/已经被开发人员普遍使用
a threat when left in production programs allowing exploited by attackers/在生产程序中留下的一种威胁，允许攻击者利用它
very hard to block in O/S/很难阻挡
requires good s/w development & update/需要良好的s/w开发和更新

Logic Bomb/逻辑炸弹

one of oldest types of malicious software/最古老的恶意软件之一
code embedded in legitimate program/嵌入合法程序的代码
activated when specified conditions met/满足指定条件时激活
- eg presence/absence of some file
- particular date/time
- particular user
when triggered typically damage system/触发时通常会损坏系统
- modify/delete files/disks, halt machine, etc

Trojan Horse

program with hidden side-effects /具有隐藏副作用的程序
which is usually superficially attractive
- eg game, s/w upgrade etc
when run performs some additional tasks/运行时执行一些额外的任务
- allows attacker to indirectly gain access they do not have directly/允许攻击者间接获得他们没有的访问权限
often used to propagate a virus/worm or install a backdoor/常用于传播病毒/蠕虫或安装后门
or simply to destroy data/或者只是破坏数据

Mobile Code

program/script/macro that runs unchanged/程序/脚本/宏运行不变
- on heterogeneous collection of platforms/在异构的平台集合上
- on large homogeneous collection (Windows)/在大型同类集合（Windows）
transmitted from remote system to local system & then executed on local system/从远程系统传输到本地系统，然后在本地系统上执行
often to inject virus, worm, or Trojan horse/经常注入病毒，蠕虫或特洛伊木马
or to perform own exploits或者进行自己的攻击
- unauthorized data access, root compromise/未经授权的数据访问，root妥协

Multiple-Threat Malware

malware may operate in multiple ways/恶意软件可能以多种方式运行
multipartite virus infects in multiple ways/多方病毒以多种方式感染
- eg. multiple file types
blended attack uses multiple methods of infection or transmission/混合攻击使用多种感染或传播方法
- to maximize speed of contagion and severity/最大化传染速度和严重程度
- may include multiple types of malware/可能包括多种类型的恶意软件
- eg. Nimda has worm, virus, mobile code/例如。 Nimda有蠕虫，病毒，移动代码
- can also use IM & P2P/也可以使用IM和P2P

2.Viruses

piece of software that infects programs/感染程序的软件
- modifying them to include a copy of the virus/修改它们以包含病毒的副本
- so it executes secretly when host program is run/所以它在运行主程序时秘密执行
specific to operating system and hardware/特定于操作系统和硬件
- taking advantage of their details and weaknesses/利用他们的细节和弱点
a typical virus goes through phases of:/典型的病毒经历了以下阶段：
- dormant/休眠
- propagation/传播
- triggering/触发
- execution/执行

Virus Structure

components:/组件
- infection mechanism - enables replication/感染机制 - 启用复制
- trigger - event that makes payload activate/trigger - 使有效负载激活的事件
- payload - what it does, malicious or benign/有效载荷 - 它的作用，恶意或良性
prepended / postpended / embedded 前置/后置/嵌入式
when infected program invoked, executes virus code then original program code/当被感染的程序被调用时，执行病毒代码
can block initial infection (difficult) or propagation (with access controls)/可以阻止初始感染（困难）或传播（使用访问控制）

Virus Classification

By target
- boot sector
- file infector
- macro virus
By concealment strategy
- encrypted virus
- stealth virus
- polymorphic virus
- metamorphic virus

Macro Virus/宏病毒

became very common in mid-1990s since
- platform independent/平台独立
- infect documents/感染文件
- easily spread/容易传播
exploit macro capability of office apps/利用办公应用的宏功能
- executable program embedded in office doc/嵌入办公室文档的可执行程序
- often a form of Basic/通常是一种基本形式
more recent releases include protection
recognized by many anti-virus programs/被许多反病毒程序认可

E-Mail Viruses

more recent development
e.g. Melissa
- exploits MS Word macro in attached doc
- if attachment opened, macro activates
- sends email to all on users address list
- and does local damage
then saw versions triggered reading email
hence much faster propagation

3.Viruses Countermeasures/病毒对策

prevention - ideal solution but difficult/预防 - 理想的解决方案但很难
realistically need:
- detection/发现
- identification/定位
- removal/清楚
if detect but can’t identify or remove, must discard and replace infected program/如果检测到但无法识别或删除，则必须丢弃并替换受感染的程序

Anti-Virus Evolution/反病毒进化

virus & antivirus tech have both evolved
early viruses simple code, easily removed
as become more complex, so must the countermeasures
generations
- first - signature scanners
- second - heuristics
- third - identify actions
- fourth - combination packages

Generic Decryption

runs executable files through GD scanner:/通过GD扫描程序运行可执行文件
- CPU emulator to interpret instructions/CPU模拟器解释指令
- virus scanner to check known virus signatures/病毒扫描程序检查已知的病毒签名
- emulation control module to manage process/仿真控制模块来管理进程
lets virus decrypt itself in interpreter/让病毒在解释器中解密自己
periodically scan for virus signatures/定期扫描病毒签名
issue is how long to interpret and scan/问题是解释和扫描多长时间
- tradeoff chance of detection vs time delay/权衡检测机会与时间延迟

Digital Immune System/数字免疫系统

Behavior-Blocking Software

4.Worms

replicating program that propagates over net/复制通过网络传播的程序
- using email, remote exec, remote login /使用电子邮件，远程执行，远程登录
has phases like a virus:/像病毒一样的阶段：
- dormant, propagation, triggering, execution/休眠，传播，触发，执行
- propagation phase: searches for other systems, connects to it, copies self to it and runs/传播阶段：搜索其他系统，连接到它，自我复制并运行
may disguise itself as a system process/可能将自己伪装成一个系统过程
concept seen in Brunner’s “Shockwave Rider”
First implemented by Xerox Palo Alto labs in 1980’s

Morris Worm

one of best know worms
released by Robert Morris in 1988
various attacks on UNIX systems
- cracking password file to use login/password to logon to other systems
- exploiting a bug in the finger protocol
- exploiting a bug in sendmail
if succeed have remote shell access
- sent bootstrap program to copy worm over

Worm Propagation Model/蠕虫传播模型

Recent Worm Attacks

Code Red
- exploiting MS IIS bug
- probes random IP address, does DDoS attack
Code Red II variant includes backdoor
SQL Slammer
- early 2003, attacks MS SQL Server
Mydoom
- mass-mailing e-mail worm that appeared in 2004
- installed remote access backdoor in infected systems
Warezov family of worms
- scan for e-mail addresses, send in attachment

Worm Technology

multiplatform
multi-exploit
ultrafast spreading
polymorphic
metamorphic
transport vehicles
zero-day exploit

Mobile Phone Worms

first appeared on mobile phones in 2004
- target smartphone which can install s/w
they communicate via Bluetooth or MMS
to disable phone, delete data on phone, or send premium-priced messages
CommWarrior, launched in 2005
- replicates using Bluetooth to nearby phones
- and via MMS using address-book numbers

Worm Countermeasures/蠕虫对策

overlaps with anti-virus techniques
once worm on system A/V can detect
worms also cause significant net activity
worm defense approaches include:
- signature-based worm scan filtering
- filter-based worm containment
- payload-classification-based worm containment
- threshold random walk scan detection
- rate limiting and rate halting

Proactive Worm Containment

Network Based Worm Defense

5.DDoS

Distributed Denial of Service Attacks (DDoS)

Distributed Denial of Service (DDoS) attacks form a significant security threat/分布式拒绝服务（DDoS）攻击形成重大安全威胁
making networked systems unavailable by flooding with useless traffic/通过无用流量泛滥使网络系统无法使用
using large numbers of “zombies” /使用大量的“僵尸”
growing sophistication of attacks/越来越复杂的攻击
defense technologies struggling to cope/防御技术正在努力应对

DDoSFlood Types

Constructing an Attack Network/构建攻击网络

must infect large number of zombies/必须感染大量的僵尸
needs:
software to implement the DDoS attack/用于实施DDoS攻击的软件
an unpatched vulnerability on many systems/许多系统上未修补的漏洞
scanning strategy to find vulnerable systems/扫描策略以找到易受攻击的系统
- random, hit-list, topological, local subnet/随机，命中列表，拓扑，本地子网

DDoS Countermeasures

three broad lines of defense:/三大防线

attack prevention & preemption (before)/攻击预防和抢占（之前）
attack detection & filtering (during)/攻击检测和过滤（期间）
attack source traceback & ident (after)/攻击源追溯和身份（后）

huge range of attack possibilities/大范围的攻击可能性
hence evolving countermeasures/演变的对策

【作业题】

【附录：信息安全术语中英文对照】

（N）中继	(N)-relay	数据保密性	data confidentiality	网络安全	network security	安全操作系统	secure operating system
抽象语法	abstract syntax	数据损害	data contamination	网络服务	network service	安全路径	secure path
访问/存取	access	数据完整性	data integrity	网络可信计算基	network trusted computed base	安全状态	secure state
访问控制	access control	数据原发鉴别	data origin authentication	抗抵赖	non-repudiation	安全管理员	security administrator
访问（存取）控制证书	access control certificate	数据串（数据）	data string(data)	抗抵赖交换	non-repudiation exchange	安全报警	security alarm
访问控制判决功能	Access control Decision Function(ADF)	数据单元完整性	data unit integrity	抗抵赖信息	non-repudiation information	安全报警管理者	security alarm administrator
访问控制判决信息	Access control Decision Information(ADI)	解密/脱密	decipherment	创建抗抵赖/抗创建抵赖	non-repudiation of creation	安全关联	security association
访问控制实施功能	Access control Enforcement Function(AEF)	降级	degradation	交付抗抵赖/抗交付抵赖	non-repudiation of delivery	安全保证	security assurance
访问控制信息	access control information	委托	delegation	原发抗抵赖	non-repudiation of origin	安全属性	security attribute
访问控制列表	access control list	委托路径	delegation path	接收抗抵赖/抗接收抵赖	non-repudiation of receipt	安全审计	security audit
访问控制机制	access control mechanisms	交付机构	delivery authority	发送抗抵赖/抗发送抵赖	non-repudiation of sending	安全审计消息	security audit message
访问控制策略	access control policy	增量证书撤销列表	delta-CRL(dCRL)	提交抗抵赖/抗提交抵赖	non-repudiation of submission	安全审计记录	security audit record
访问控制策略规则	access control policy rules	拒绝服务	denial of service	抗抵赖策略	non-repudiation policy	安全审计踪迹	security audit trail
访问控制令牌	access control token	依赖/依赖性	dependency	抗抵赖服务请求者	non-repudiation service requester	安全审计者	security auditor
访问列表	access list	数字签名	digital signature	公证	notarization	安全机构	security authority
访问周期	access period	目录信息库	Directory Information Base	公证权标	notarization token	安全证书	security certificate
访问请求	access request	目录信息树	Directory Information Tree	公证方/公证者	notary	安全证书链	security certificate chain
访问类型	access type	目录系统代理	Directory system Agent	公证方（公证机构）	notary(notary authority)	安全通信功能	security communication function
认可/审批	accreditation	目录用户代理	Directory user Agent	NRD权标/NRD令牌	NRD token	安全控制信息	security control information
主动威胁	active threat	可区分名	distinguished name	NRO权标	NRO token	安全域	security domain
主动搭线窃听	active wiretapping	可区分标识符	distinguishing identifier	NRS权标	NRS token	安全域机构	security domain authority
报警处理器	alarm processor	加密	Encipherment、encipher、encryption	NRT权标	NRT token	安全要素	security element
应用级防火墙	application level firewall	加密算法	encryption algorithm	客体	object	安全交换	security exchange
资产	Assets	终端实体	end entity	对象方法	object method	安全交换功能	security exchange function
赋值	assignment	终端系统	end system	客体重用	object reuse	安全交换项	security exchange item
关联安全状态	association security state	终端实体属性证书撤销列表（EARL）	End-entity Attribute Certificate Revocation List	离线鉴别证书	off-line authentication certificate	安全特征	security features
保障/保证	assurance	终端实体公钥证书撤销列表（EPRL）	End-entity Public-key Certificate Revocation List	离线密码运算	offline crypto-operation	安全过滤器	security filter
非对称认证方法	asymmetric authentication method	端到端加密	end-to-end encipherment	单向函数	one-way function	安全功能	security function
非对称密码算法	asymmetric cryptographic algorithm	实体鉴别	entity authentication	单向散列函数	one-way hash function	安全功能策略	security function policy
非对称密码技术	asymmetric cryptographic technique	环境变量	environmental variables	在线鉴别证书	on-line authentication certificate	安全信息	security information
非对称加密系统	asymmetric encipherment system	评估保证级	evaluation assurance level(EAL)	在线密码运算	online crypto-operation	安全内核	security kernel
非对称密钥对	asymmetric key pair	评估机构	evaluation authority	开放系统	open system	安全等级	security level
非对称签名系统	asymmetric signature system	评估模式	evaluation scheme	组织安全策略	organizational security policies	安全管理信息库	Security Management Information Base
属性	attribute	事件辨别器	event discriminator	原发者	originator	安全目的	security objective
属性管理机构撤销列表（AARL）	Attribute Authority Revocation List(AARL)	证据	evidence	OSI管理	OSI Management	安全周边	security perimeter
属性管理机构(AA	Attribute Authority(AA)	证据生成者	evidence generator	带外	out-of-band	安全策略	security policy
属性证书	Attribute certificate	证据请求者	evidence requester	包	package	安全恢复	security recovery
属性证书撤销列表（ACRL）	Attribute Certificate Revocation List(ACRL)	证据主体	evidence subject	包过滤防火墙	packet filter firewall	安全关系	security relationship
审计/审核	audit	证据使用者	evidence user	填充	padding	安全报告	security report
审计分析器	audit analyzer	证据验证者	evidence verifier	成对的密钥	pair wise key	安全需求	security requirements
审计归档	audit archive	交换鉴别信息	exchange authentication information	被动威胁	passive threat	安全规则	security rules
审计机构	audit authority	外部IT实体	external IT entity	被动窃听	passive wiretapping	安全规范	security specifications
审计调度器	audit dispatcher	外部安全审计	external security audit	口令	password	安全状态	security state
审计提供器	audit provider	故障访问	failure access	口令对话	password dialog	安全目标	security target
审计记录器	audit recorder	故障控制	failure control	对等实体鉴别	peer-entity authentication	安全测试	security testing
审计踪迹	audit trail	容错	fault tolerance	渗透	penetration	安全变换	security transformation
审计跟踪收集器	audit trail collector	特征	features	渗透轮廓	penetration profile	安全相关事件	Security-related event
审计跟踪检验器	audit trail examiner	反馈缓冲器	feedback buffer	渗透痕迹	penetration signature	敏感信息	sensitive information
鉴别/认证	authentication	取数保护	fetch protection	渗透测试	penetration testing	敏感性	sensitivity
认证证书	authentication certificate	文件保护	file protection	个人识别号	person identification number(PIN)	敏感标记	sensitivity label
鉴别数据	authentication data	防火墙	firewall	人员安全	personal security	屏蔽	shield
鉴别（认证）信息	authentication information	固件	firmware	物理安全	physical security	短时中断	short interruption
鉴别（认证）发起方	authentication initiator	形式化证明	formal proof	明文	plain text	安全服务	security service
鉴别（认证）令牌	authentication token(token)	形式化顶层规范	formal top-level specification	策略	policy	简单鉴别	simple authentication
鉴别（认证）符	authenticator	形式化验证	formal verification	策略映射	policy mapping	单项结合安全关联	single-item-bound security association
授权用户	authorized user	完全CRL	full CRL	端口	port	单级装置	single-level device
授权机构/机构	Authority	粒度	granularity	表示上下文	presentation context	中级功能强度	SOF-medium
授权机构证书	authority certificate	接地网	ground grid	表示数据值	presentation data value	源认证机构	Source of Authority (SOA)
授权	authorization	接地电阻	ground resistance	表示实体	presentation-entity	欺骗	spoofing
授权管理员	authorized administrator	接地	grounding	预签名	pre-signature	待机模式、休眠模式	stand-by mode 、sleep-mode
自动安全监控	automated security monitoring	接地电极	grounding electrode	本体	principal	强鉴别	strong authentication
可用性	availability	接地系统	grounding system	最小特权原则	principle of least privilege	主体	subject
数据可用性	availability of data	握手规程	handshaking procedure	服务优先权	priority of service	管态	supervisor state
备份规程	backup procedure	散列函数（哈希函数）	hash function	隐私	privacy	对称鉴别方法	symmetric authentication method
基础证书撤消列表	base CRL	散列代码	hash-code	保密变换	privacy transformation	对称密码算法	symmetric cryptographic algorithm
分组/块	block	散列函数标识符	hash-function identifier	私有解密密钥	private decipherment key	对称密码技术	symmetric cryptographic technique
分组链接	block chaining	隐藏	hide	私有密钥（私钥）	private key	对称加密算法	symmetric encipherment algorithm
界限检查	bounds checking	持有者	holder	私有签名密钥	private signature key	系统完整性	system integrity
简码列表	brevity lists	主机	Host	特权指令	privileged instructions	系统完整性规程	system integrity procedure
浏览	browsing	宿主单元	host unit	规程安全	procedural security	系统安全功能	system security function
CA证书	CA-certificate	标识	identification	产品	product	技术攻击	technological attack
回叫	call back	标识数据	identification data	证明	proof	终端标识	terminal identification
权能/能力	capability	抗扰度	immunity(to a disturbance)	保护表示上下文	protecting presentation context	威胁	threat
证书	certificate	假冒	impersonation	保护传送语法	protecting transfer syntax	威胁监控	threat monitoring
证书策略	certificate policy	印章	imprint	保护映射	protection mapping	防雷保护接地	thunder proof protection ground
证书序列号	certificate serial number	交错攻击	interleaving attack	保护轮廓	protection profile	时间戳	time stamp
证书用户	certificate user	不完全参数检验	incomplete parameter checking	保护环	protection ring	时变参数	time variant parameter
证书确认	certificate validation	间接攻击	indirect attack	保护接地	protective earthing	时间相关口令	time-dependent password
认证	certification	间接CRL	indirect CRL (iCRL)	协议数据单元	protocol data unit	令牌	token
认证机构	certification authority	信息系统安全	information system security	协议实现一致性声明	protocol implementation conformance statement	通信业务流保密性	traffic flow confidentiality
认证机构撤销列表（CARL）	Certification Authority Revocation List (CARL)	信息系统安全管理体系结构	information system security management architecture	代理服务器	proxy server	通信业务流安全	traffic flow security
认证路径	certification path	信息技术设备	information technology equipment	伪缺陷	pseudo-flaw	陷门	trap door
信道/通道	channel	初始编码规则	initial encoding rules	公开加密密钥	public encipherment key	特洛伊木马	Trojan horse
密文	ciphertext	初始化值	initialization value	公开密钥基础设施（PKI）	Public Key Infrastructure (PKI)	可信/信任	trust
申明鉴别信息	claim authentication information	发起者	initiator	公开密钥（公钥）	public key	可信信道	trusted channel
许可权	clearance	完整性	integrity	公开密钥证书（证书）	public key certificate(certificate)	可信计算机系统	trusted computer system
明文	cleartext	禁止	interdiction	公开密钥信息	public key information	可信计算基	trusted computing base
无碰撞（冲突）散列函数	collision resistant hash-function	交错攻击	interleaving attack	公开验证密钥	public verification key	可信实体	trusted entity
混合型防火墙	combination firewall	内部通信信道	internal communication channel	消除	purging	可信主机	trusted host
共用接地系统	common grounding system	内部安全审计	internal security audit	随机数	Random number	可信路径	trusted path
通信安全	communications security	隔离	isolation	随机化	Randomized	可信软件	trusted software
分割	compartmentalization	密钥	key	实开放系统	Real open system	可信第三方	trusted third party
构件/组件/部件	component	密钥协商	key agreement	接收方/接收者	Recipient	可信时间戳	trusted time stamp
泄漏	compromise	密钥确认	key confirmation	恢复规程	Recovery procedure	可信时间戳机构	trusted time stamping authority
已泄露证据	compromised evidence	密钥控制	key control	冗余	Redundancy	无条件可信实体	unconditionally trusted entity
泄漏发射	compromising emanations	密钥分发中心	key distribution centre	参照确认机制	reference validation mechanism	单向鉴别	unilateral authentication
计算机系统	computer system	密钥管理	key management	细化	refinement	不间断供电系统	uninterrupted power supply system
隐蔽系统	concealment system	密钥转换中心	key translation centre	反射攻击	reflection attack	用户鉴别	user authentication
配置管理	configuration management	标记	label	反射保护	reflection protection	用户标识	user identification(user ID)
配置管理系统	configuration management system	主、客体标记	label of subject and object	中继系统	relay system	用户-主体绑定	user-subject binding
不带恢复的连接完整性	connection integrity without recovery	最小特权	least privilege	可依赖方	relying party	确认	validation
无连接保密性	connectionless confidentiality	雷电电磁脉冲	lightning electromagnetic pulse	重放攻击	replay attack	验证	verification
无连接完整性	connectionless integrity	雷电防护区	lightning protection zones	抵赖	repudiation	验证函数	verification function
连通性	connectivity	受限访问	limited access	资源分配	resource allocation	验证密钥	verification key
应急计划	contingency plan	链路加密	link encryption	受限区	restricted area	验证过程	verification process
控制区	control zone	逐链路加密	link-by-link encipherment	保留的ADI	retained ADI	验证者	verifier
可控隔离	controllable isolation	本地系统环境	local system environment	揭示	reveal	脆弱性	vulnerability
受控访问	controlled access	漏洞	loophole	撤销证书	revocation certificate
受控可访问性	controlled accessibility	故障	malfunction	撤销证书列表	revocation list certificate
受控共享	controlled sharing	管理信息	Management Information	风险	risk
成本风险分析	cost-risk analysis	强制访问控制	mandatory access control	风险分析	risk analysis
对抗	countermeasure	冒充	Masquerade	风险管理	risk management
隐蔽信道	covert channel	测量	measurement	角色	role
隐蔽存储信道	covert storage channel	消息	message	角色分配证书	role assignment certificate
隐蔽时间信道	covert timing channel	消息鉴别码	message authentication code	角色规范证书	role specification certificate
凭证	credentials	仿制	mimicking	回退	rollback
CRL分发点	CRL distribution point	监控器（监控机构）	monitor(monitor authority)	根	root
串扰	cross-talk	监控	monitoring	循环函数/轮函数	round-function
密码分析	cryptanalysis	多级装置	multilevel device	路由选择	routing
密码算法	crypto-algorithm	多级安全	multilevel secure	路由选择控制	routing control
密码链接	cryptographic chaining	多访问权终端	multiple access rights terminal	基于规则的安全策略	rule-based security policy
密码校验函数	cryptographic check function	相互鉴别	mutual authentication	SA属性	SA-attributes
密码校验值	cryptographic check value	n位分组密码	n-bit block cipher	安全保护（大）地	safety protection earth
密码同步	cryptographic synchronization	网络实体	network entity	封印/密封	seal
密码体制	cryptographic system; cryptosystem	网络层	network layer	秘密密钥	secret key
密码编码（学）	cryptography	网络协议	network protocol	安全配置管理	secure configuration management
密码运算	crypto-operation	网络协议数据单元	network protocol data unit	安全信封（SENV）	secure envelope
密码安全	crypto-security	网络中继	network relay	安全交互规则	secure interaction rules

声明：本文内容由网友自发贡献，转载请注明出处：【wpsshop博客】