Security Questions

(SEC)

  
(Fall 2015 - Paxon and Song)

1.  This question concerns botnets.

    (a) Briefly describe how botnets work.

    (b) How can attackers obtain botnets?

    (c) What sort of attacks can botnets make?

    (d) Describe 3 different ways of disrupting botnets.  Briefly
        comment on how effective they are, and any legal or ethical
        issues that they raise.

2. This question concerns memory safety.

    (a) Explain what memory safety refers to.

    (b) Give some examples of memory safety vulnerabilities.

    (c) Explain the difference between memory safety at the source level
        versus at the binary level.

    (d) Give examples of some techniques for detecting attacks that
        exploit memory safety vulnerabilities.

    (e) What is CFI?

    (f) Which attacks can still happen under CFI?

3.  This question concerns web service security.

    (a) Sketch a typical setup/architecture for a web service company such
        as Google or Airbnb.

    (b) Discuss the attack surface of this architecture.

    (c) Discuss how attacks may occur in this setting.

    (d) Discuss potential defenses.


  
(Fall 2014 - Doug Tygar and David Wagner):

Q1
You are asked to evaluate the security of a smart card that performs
RSA encryption.  Give at least three examples of side channels that
you would check for.

Q2
Consider Tor and an attacker who wishes to de-anonymize Tor users.

a. What assumptions do the Tor designers make about the threat model?

b. Now, ten years after the Tor paper, are those assumptions valid?
Either (a) defend those assumptions, or (b) propose a better
threat model.

c. Suppose that an attacker controls x% of Tor relays.  At what
value of x is a Tor user's anonymity at risk?  Defend your answer.

Q3
a. On mobile browsers, any web site you visit can enter full screen
mode and control everything displayed on the phone's display.
Name one risk of this.  Then, name one mitigating factor.

b. What could a user, Alice, do to protect herself from this risk?

c. Suppose we wanted to defend against this sort of attack.
Suggest a plausible defense that the mobile browser could implement.

Q4
You have a dual-boot machine.  You boot into the Windows partition
to surf the web; you don't care that your Windows partition ends up
infested with viruses, spyware, and other malware, because hey, it's
only websurfing.  However, when you boot into the Linux partition
you do very sensitive tasks, like logging into accounts on a remote
server containing critical data.

a. Name a security risk with this setup.

b. Design a mechanism so that you have a way to boot into Linux
securely: i.e., it is possible for you to tell whether you have
successfully booted into an untampered copy of Linux.  What kind
of hardware support would you need?

(Spring 2014 - Vern Paxson and Doug Tygar): (1) Two confidentiality modes of operation for block ciphers are ECB (electronic codebook) and CBC (cipher block chaining) (a) Draw diagrams showing how both modes of operations work. (b) What advantages does CBC have over ECB? (c) One criticism of CBC is that it is ill-suited for parallelism. Explain this criticism, and discuss a method of retaining advantages of CBC over ECB while retaining a high degree of parallelizability. (2) You have been retained by Western intelligence agencies to develop a cyber-attack specifically targeting Iranian centrifuge facilities at Natanz (e.g., Stuxnet). Among the challenges you face are the following: (a) Iranian centrifuges are controlled by programmable logic controllers (developed by Siemens) that are attached to a SCADA system not connected to the Internet. (b) Because the details of the Iranian centrifuge facility are not fully known to you, you must perform electronic reconnaissance and develop a method for dynamically updating your attack software. (c) Your attack should have no or very limited impact on computer systems that are not part of your target. (d) Your attack must seem like random errors to Iranian technicians; they should not be able to identify that they are under attack or the source of the attack. Outline an architecture that you could use to perform this sort of attack. (3) (a) Explain how email-based phishing attacks are conducted. What information and infrastructure do attackers need to carry out these attacks? (b) For each stage of such an attack, explain the role (if any) that cryptography can potentially play to ameliorate the threat. Assess the likely efficacy of these uses. (c) Sketch a detector for identifying some facet of phishing attacks. What sort of false positives and false negatives would your scheme exhibit? To what degree would the Base Rate Fallacy be relevant for your detector? In what ways could an attacker aware of how your detector works evade it? (d) Suppose you have been given a mandate from the White House to eliminate the threat of phishing as best as you can. What steps would you take, and why?
(Fall 2012 - Tygar & D.Song): Instructions: Choose three of the following four questions to answer 1. What does .secure. mean in the phrase .secure system.? Give a definition, or list the key security properties that a secure system should satisfy. 2. A major challenge for PKI is certificate revocation. Give at least five distinct reasons why certificate revocation is difficult. 3. Describe a system for time-stamping documents that does not rely on a trusted-third party timestamp service. Such a system does not need to provide exact time stamps, but it must at least preserve the order of documents that are time-stamped; e.g., if document A is time-stamped before document B, then timestamp(A) < timestamp(B). 4. Company X wants to design a new cloud service for sharing documents (along the lines of Google Docs.) To satisfy this, Company X needs to make sure that its system is usable. Describe how Company X could design an experiment to test the usability of the security parts of its system. (Spring 2013 - Paxson and Tygar): A. Consider a blogging site that allows users to post content they author and also make comments on each other's posts. 1. Discuss how a worm could propagate within such a site. What would you expect the progression of the infection to look like, in terms of infections present at a given time? 2. Suppose the goal is to make the blogging site immune to the problem of worms. Explain the steps you could take, and the benefits and costs of each. 3. Suppose the costs of prevention are viewed as too high, or its efficacy to uncertain. Sketch a detector for identifying that such a worm is spreading. 4. For your detection mechanism, qualitatively assess its properties in terms of false negatives and false positives. 5. Suppose you have concrete values for false positive and false negative rate. How does the Base Rate Fallacy come into consideration when interpreting these? 6. Suppose you have two mechanisms for detecting such a worm. The first analyzes the timing of the activity of individual users. The second assesses the prevalence of particular strings of content as seen globally across the site. Discuss the issues that arise when assessing which of these detectors works better. B. Google has a cluster of thousands of machines. They want to log security-relevant events that occur on those machines: e.g., each command that an operator types into a root shell, each time a user resets their Gmail password, and so on. 1. Describe a possible design to accommodate this -- it doesn't need to be fancy -- and describe what security properties it does and doesn't have. 2. Now let's say we want to store all those audit log entries in the cloud, on some server, but we don't want to trust that server in the cloud. What can we do? Suggest a scheme, and describe what security properties it does and doesn't provide. (Fall 2012 - Tygar and D. Song): Instructions: Choose three of the following four questions to answer 1. What does .secure. mean in the phrase .secure system.? Give a definition, or list the key security properties that a secure system should satisfy. 2. A major challenge for PKI is certificate revocation. Give at least five distinct reasons why certificate revocation is difficult. 3. Describe a system for time-stamping documents that does not rely on a trusted-third party timestamp service. Such a system does not need to provide exact time stamps, but it must at least preserve the order of documents that are time-stamped; e.g., if document A is time-stamped before document B, then timestamp(A) < timestamp(B). 4. Company X wants to design a new cloud service for sharing documents (along the lines of Google Docs.) To satisfy this, Company X needs to make sure that its system is usable. Describe how Company X could design an experiment to test the usability of the security parts of its system (Spring 2012 - Wagner and Paxson): A. Consider a blogging site that allows users to post content they author and also make comments on each other's posts. 1. Discuss how a worm could propagate within such a site. What would you expect the progression of the infection to look like, in terms of infections present at a given time? 2. Suppose the goal is to make the blogging site immune to the problem of worms. Explain the steps you could take, and the benefits and costs of each. 3. Suppose the costs of prevention are viewed as too high, or its efficacy to uncertain. Sketch a detector for identifying that such a worm is spreading. 4. For your detection mechanism, qualitatively assess its properties in terms of false negatives and false positives. 5. Suppose you have concrete values for false positive and false negative rate. How does the Base Rate Fallacy come into consideration when interpreting these? 6. Suppose you have two mechanisms for detecting such a worm. The first analyzes the timing of the activity of individual users. The second assesses the prevalence of particular strings of content as seen globally across the site. Discuss the issues that arise when assessing which of these detectors works better. B. Google has a cluster of thousands of machines. They want to log security-relevant events that occur on those machines: e.g., each command that an operator types into a root shell, each time a user resets their Gmail password, and so on. 1. Describe a possible design to accommodate this -- it doesn't need to be fancy -- and describe what security properties it does and doesn't have. 2. Now let's say we want to store all those audit log entries in the cloud, on some server, but we don't want to trust that server in the cloud. What can we do? Suggest a scheme, and describe what security properties it does and doesn't provide.


(Fall 2011 - D. Song and Paxson):


1. Consider the problem of defending a web site from a DDoS attack.

   a) An attacker sends a stream of spoofed SYN packets to port 80 of the
      web server. Discuss two techniques that could be employed to find the
      hosts sending the flood.  How effectively would they work in
      today's Internet?

   b) For the same attack, discuss techniques a site can use by itself
      (i.e., not requiring cooperation by the broader network) to defend
      against the attack.  How well do these approaches work, and what are
      their drawbacks?

   c) Suppose that during the flood an ISP upstream of yours activates a
      monitoring box that inspects packets heading to your site and uses
      anomaly detection to identify and block likely spoofed packets.
      If they do this without your permission, have they violated the
      Wiretap Act?

   d) Now suppose that the attacker launches a DDoS attack using non-spoofed
      packets.  To what degree does that change the opportunities available to
      the attacker?  What about for the defenses you mentioned?

2.  Sketch the problem of buffer overflow attacks.  Discuss the range of
    defenses and their pros and cons.

3.  This question concerns TLS.

   a) Sketch an attack on TLS.

      [ultimately, the examination for this sub-question drove towards
      the problem of stolen certs / compromised CAs.]

   b) How might we detect that a given TLS session is using a stolen
      certificate or stems from a compromised CA?

   c) How effective is such detection, in terms of false positives and
      false negatives?

   d) Sketch, to the degree that you can, how DNSSEC works.  (NOTE: we
      recognize that DNSSEC was not on the syllabus, and sketch it for
      students as needed.)

   e) Suppose that instead of using CA's, clients retrieve public keys
      for use in TLS via DNSSEC queries.  Compare the properties of this
      approach with how TLS works today.

(Fall 2008 - Tygar & Wagner):
1. Bounce message spam typically occurs when a spammer sends many spam
emails with the From: line containing a forged email address -- say,
to make it appear that the spam emails were from me.  Many of those
spam emails will be undeliverable or will be destined to an invalid
email message, and thus a bounce message will be sent back to the
email address listed in the From: line -- i.e., back to me.  Consequently
when a spammer sends one million spam emails with my email address in
the From: line, my inbox may become clogged with thousands of bounce
messages for emails I never sent.  This is a nuisance.

(a) Design a mechanism to protect me against bounce message spam.
I don't want to see nuisance bounce messages, but I always want to
see bounce messages for emails that I do send.

(b) What are the privacy implications?

(c) How can we minimize the storage requirements?

(c) New requirement: I want to read and send email from several
different email clients, such as my laptop and my cellphone.  I want
to configure them once, but I want to minimize the amount of state
that they must save and avoid the need for my clients to exchange
data.  Augment your scheme to provide this property.

2. Name as many ways as you can think of that a user Alice on the
Berkeley email system could prevent me from reading my email for
the next 24 hours.


3. The FastTrack system is an automated system for toll payment.
The authorities send you a battery-powered transponder that you
put in the car; when you drive over the Bay bridge, their equipment
interrogate your transponder wirelessly and then bill you monthly.


(a) Describe the security goals that such a system ought to provide.

(b) How well does the current system meet these goals?

(c) Sketch how you would design the system, if you wanted to
    ensure that all of these goals were met.


June 2011