 Good afternoon everybody. I hope you have finished your lab and you are back to your classrooms to listen to this lecture. Incidentally, before I begin the proceedings I would like to tell you that yesterday the director of IIT Bombay, the vice chancellor of Amruta University and our chief guest S. Ramadurai were very appreciative, not only of the workshop holding per se, but of the great enthusiasm that is being shown by all the participants. So I wanted to thank you all personally. Today we are assembled here to listen to one more exciting talk on security, which is generally considered an independent, standalone body of important knowledge, which is often thought as an advanced elective. We want to look at how we could integrate it in the university curriculum. I am very happy to see my colleague. So let me invite Professor Bernard Menazis. Let me introduce him very briefly. Professor Bernard Menazis is a professor of Department of Computer Science and among several things he specializes in the network security, although he has a very large spectrum of knowledge under his command. To tell you his background briefly, like many of us, he is also an alumnus of IIT Bombay. He went to the US to University of Maryland, Texas Austin, and after PhD he worked there for some time. He came back to India and he did a very remarkable thing. In a small college in Mumbai, he took up the challenge of setting up the Department of Computer Science, worked there for three years, brought that department to fairly good status, and then I could sort of invite him to join us here. He joined the then school of IIT with us, and which is now Department of Computer Science. He has recently written a book, I think it is just 2010 publication, Network Security and Cryptography. An excellent book, I have just perused it, but I will be reading it at great length. Why I am showing you this book is that the contents in this book were written not when he was working in the US, but on the basis of the work that he carried out here in India after joining IIT Bombay. We are very proud of this and several other works that he has been doing, and I think we are all fortunate that he agreed to spare half an hour to tell you in nutshell something important about this aspect of integrating security with the university curriculum. So, Banna, thanks once again and all yours. Thank you, Professor Fatuk for that very generous introduction. I think I did talk a little bit to the participants who came here around I think it was October or so for the one week program. I assume I am talking to them and many, many more around the country. So, I will just introduce what I would like to say in today's short lecture of about half an hour. The topic is integrating security into the university curriculum challenges and successes. So, when I joined Crescent which was actually founded by Professor Fatuk in 1999, one of the things that I really found most remarkable was the breadth of courses that we had in this new department. I think I could not find anything like that anywhere else in the world. Things like network security, e-commerce, mobile computing, data mining, many of these terms were the terms I was hearing for the first time in my life. And the e-commerce course had a strong security component in it. So, that is where this journey of writing this book and my interest in security actually started roughly 10 years ago. And at that time I hardly knew what the word cryptography even meant. But gradually because we got very good students, I supervised some of their seminars and theses and so on and so forth. This thing started to blossom and there was a time about a couple of years ago, say five years ago, we had started teaching a course per say on network security in around 2003. There was a half semester course and many of the students were extremely interested and requested us to make it a one semester course. They said there was too much material for just one semester and then from a one semester course it became a two semester course. And it has been growing ever since. There was a point where some people in a ministry asked us whether we could have an MTech in just security. So, the field is actually so important and so vast and ever growing that it's really a big challenge to write a book and to conduct courses in this area. So, what I basically want to talk about is the theme, how do we integrate security into the curriculum? It seems now as I look at syllabi in different universities in the country, I notice that security is already started to integrate itself probably as one course, probably as two courses. That is probably a compulsory courses in some universities and or an elective at the final year in some other universities. So, let me just briefly talk a little bit about security. There is so much on this in the news, one hears about all these kinds of attacks, mass fishing attacks, identity theft, distributed denial of service and just denial of service, distributed version of it. Malware, different forms of malware such as worms and viruses, spyware, botanists, Trojans, etc., etc. And of course, information warfare. Those of you who have been hearing the news may have a chance to read an article about the new Stuxnet worm, which is supposed to disable certain nuclear reactors in the world. So this area is becoming more and more sophisticated in the last couple of years and last couple of months in particular. So from attacks, we may ask ourselves what is it that causes some of these attacks? So when you introduce security, there are four different themes. The first is what are the goals of an attacker or a hacker? Then what are the attacks themselves? So I have just briefly mentioned some of these attacks, but an entire course on security would talk in depth about each of these attacks. And more importantly about the vulnerabilities or the reasons why these attacks occur in the first place. And then obviously how do you defend against these various attacks? So why do we have to study vulnerabilities? Once we know our weaknesses, they cease to do us any harm. Somebody said this several centuries ago and this is very very true today. So we need to know what are the weaknesses in our system, in our procedures and so on and so forth. So the key word over here is the word vulnerability. A vulnerability is a weakness or a lacuna in a policy. So it need not be hardware or software, it could be in a policy, it could be in a procedure, it could be in a networking protocol, etc. Within an organization that has the potential to cause loss or harm. And what are these vulnerabilities due to a variety of reasons? They range from sloppy software, things like the buffer overflow vulnerability. Many of you might have heard of SQL injection, cross-site scripting and so on and so forth in many of the web applications. So vulnerabilities may be due to one of the most important sloppy software protocol flaws in various standard protocols like TCP, IP, ARP, ICMP, etc. They could be due to system or application configuration. You can configure the registry wrongly, for example, you configure user's rights and group rights incorrectly, etc. And most important the kinds of attacks that cause phishing problems are human gullibility. So human weaknesses that is they just click on arbitrary email messages that they get on attachments to arbitrary email messages and so on and so forth. And that leads to serious problems. So these are the kinds of vulnerabilities one encounters. Once again, a course on security should do justice to this by talking about all these vulnerabilities which are basically the causes for these attacks. And then of course, once we've talked about the attacks, the causes of these attacks, the last and perhaps most important problem is to talk about defenses. And defenses range from things like prevention. There are so many different techniques that you can employ to prevent these attacks and those range from access control, authentication, encryption and so on. So a large part of the course will actually talk about many of these, namely encryption, authentication, etc. From prevention to detection, there are different detection techniques. There are different detection ideas over here in IDSS. For example, you can have host-based IDSS. You can have network-based IDSS. You can have signature-based IDSS. You can have anomaly-based IDSS. This is one area of security that overlaps with machine learning and data mining, for example. And then another mitigation strategy is traceback and forensics and also recovery. So when the attack has actually happened, how do you recover from it? How do you trace back the perpetrators of the attack and so on? So over the years in developing this course, as this course evolved, there were different ways in which these courses can be constructed. So I thought I would just tell you a little bit about the course structures. There are two possible ways, at least two possible ways. One is a cryptography-only course. Cryptography has become so important. It has become so interesting to many of our students that it is possible that we have a cryptography-only course. And then another course that deals with the other aspects of security such as cryptographic protocols, software vulnerabilities, malware, firewalls, etc. So that could be a second course. Alternatively, we could have two courses, a basic course and a follow-up course that exists in some universities, for example. So this is what we have experimented with and it has been fairly successful in IIT Bombay. And that is a first-level course, possibly compulsory, a course on network security and cryptography. So here the question is what exactly is network security? Does cryptography come under network security? What is the difference between network security and computer security or system security or language security and so on and so forth? So actually all of these could come under computer security. But the network security component which incidentally also includes cryptography is so very vast that it is sort of relevant to just use a term network security. It is also the more common or the more popular term. Just call it network security and let it under this roof, let everything else come under it. So a first-level course on network security and cryptography, followed by a more advanced course which could be a final year BTEC course or BE course which could also be a first-level graduate course on security. So a two-level, a two-series course program on security, a basic one and an advanced one. So let me just tell you some of the content of the first one and some of the content of the second one. Suggested material for a first-level course. The basic definitions, concepts and principles, things like authentication, non-repudiation and so on would come under the basic concepts. Then again the easier parts of cryptography, the early ciphers, secret key cryptography like the data encryption standards, the most well-known public key cryptography standard namely RSA, the cryptographic hash which is an important pillar of e-security, the discrete logarithm and various applications of it such as the Diffie-Hellman key exchange, L-Gamal signatures, L-Gamal encryption and so on and of course the public key infrastructure. That could be followed by cryptographic protocols or the so-called security protocols and we have some of the most well-known ones that you use when you typically go online and try to do e-commerce or you try to buy things on the net or you try to reserve airline tickets or railway tickets and so on, the SSL protocol. So before you actually hit the SSL protocol, it is a good idea to start with some fundamental design issues of security protocols, then go on to standard and very important man-in-the-middle attacks and replay attacks, the needom showed up protocol and the Kerberos protocol that is used in several Windows products for example and then finally the SSL protocol also called TLS. To continue the first course, then comes software vulnerabilities, the most celebrated of which are the buffer overflow vulnerability, cross-site scripting and SQL injection and then various mitigation strategies for these software vulnerabilities. Then as I mentioned before besides vulnerabilities in security protocols, even in regular protocols that have nothing to do with security, there are vulnerabilities. So it would be very important to investigate some of these in TCP, IP, etc. Followed by access control which you have at two levels at the operating system and inside the network. In the operating system, both in Linux as well as in Windows, you have different types of access control and the main types are something called MAC which stands for mandatory access control, DAC which stands for discretionary access control and RBAC which is role-based access control. So all of these are implemented in modern-day operating systems. And then finally malware, so an important treatment of various case studies of malware of different worms such as maybe Code Red and Slammer of email viruses which are so common like Melissa for example or So Big, various botnets like the Storm botnet, the Configure botnet that was very much talked about in the press about two years ago. So all of these things could come under the first level course. And the book that Professor Fartuck introduced which is the book that I just written actually talks about all of these topics and then. The first course could be followed by an optional elective second course, even the first could be an optional course but the second one would be a little bit more advanced. So in cryptography now one can go from RSA to for example ECC, Elliptic Curve Cryptography. One could go from desk data encryption standard to advanced encryption standard. You can look at different kinds of attacks on the secret key cryptographic schemes like differential and linear cryptanalysis and then something that has just been just come up in the recent past a few years ago something called identity-based cryptography which does away with digital certificates for example. From that we could go on to more advanced protocols like the IPsec protocol which is used in many VPNs that is virtual private networks and then of course this whole area of wireless security that is so important which spans wireless LANs for example which lands cell phone security that is 2G and 3G security and Bluetooth which you use also in many cell phones. So that is another important area wireless security which could be covered in the second course. Then once again more advanced topic in software vulnerabilities things like the format string attack which is a little bit more difficult to comprehend a second generation cross-site scripting attacks. This is one of the most important vulnerabilities in web application software today. So what are these cross-site scripting vulnerabilities and the more advanced versions of them also heap overflow attacks besides regular stack overflow attacks. One could also look at a variety of applications for example security and cloud computing electronic passports RFIDs electronic payment systems web services security and so on and so forth. So many of these are dealt with in the last few chapters of this book and finally you can choose your advanced topics for example security enhanced Linux. This is quite a fancy access control methodology over here in SE Linux which is a different paradigm compared to what you have in windows for example. You can look at more advanced and difficult topics like polymorphic malware detection there are many research papers in some of the leading universities in the world on this. So all of that could be integrated in a second level advanced course. Professor Fatak has just introduced this book to you so this is what the cover of the book looks like. There are about 25 chapters in all of these topics namely cryptography security protocols malware software vulnerabilities and so on and so forth. And these are some of the comments people have. So as I said before this course in IIT began in the year 2003 or so and it was a half semester course and I used to recommend one or two different textbooks as we went along. But over the years it seemed like we were covering less and less of the textbook and more and more of papers in various journals and various conferences and all across the internet. So I decided when I used to prescribe any book the students would complain and say that whatever I thought was not in the book so why are they purchasing the book? So it was like a waste of time and a waste of money. So that forced me to start thinking of writing notes and this book emerged from the notes that I created. So the first thing is I tried to make it as comprehensive as possible. So it's a comprehensive text and that's what pretty much everyone tells me. I also try to include as many figures, tables, examples and case studies as I could. So a summary of all of this is at the back of the book, the back cover of the book. Many people, actually the publishers, they would like to see multiple choice questions and also me providing answers at the end of each chapter. So I did oblige them and at the end of each chapter I have about 7 to 8 objective type questions multiple choice questions with answers. So the student having read it can just check whether he's understood things and so on and if he's not understood he can go to the relevant parts and read it again. Then I thought I should include some very nice juicy questions at the end of each chapter. So besides the objective questions there are thought provoking exercises. Some of them are straightforward but some of them require quite a bit of thinking. So there are also programming assignments at the end of each chapter. So nice experiments, programming assignments, thought provoking exercises and so on and copious references and a detailed bibliography right at the end. And I'd like to conclude now before I throw the floor open to any questions to a very nice saying about security. So we are all accustomed to doing various things in engineering but security engineering is very different from the other kinds of engineering that you have been associated with. Let's look at this interesting quote here. Security engineering especially in this third wave requires you to think differently. Why? You need to figure out not how something works but how something can be made not to work. You need to imagine an intelligent and malicious adversary inside your system. Remember Satan's computer constantly trying to new ways to subvert it. So you need to have that kind of a mind, a very strange kind of mind when you're a security expert. You have to consider all ways your system can fail. You have to look at it this side and that side. You have to consider all ways your system can fail. Most of them having nothing to do whatsoever with the design itself. You have to look at everything backwards, upside down and sideways. You have to think like an alien. So this is a quote by a very famous security analyst by the name of Bruce Schneier. So with that I conclude my presentation and if you have any questions I'll be happy to answer them. So the question is on heap overflow. So the problem statement is buffer overflow actually. That's the attack, buffer overflow. There are two types of buffer overflow. One is called the stack overflow and the other is called heap overflow. What is the difference between the two? All your local variables in the program. So think of a program that you're writing. You have two types of variables. You have the so-called local programs, local variables or automatic variables. Those are placed on the stack and then you have the dynamically assigned variables, dynamically allocated variables. Those are placed on the heap. Now it turns out that the earliest buffer overflow attacks were those that were stack based. And there are different types of stack overflow attacks. There is the simple one where you actually put the shell code. The malcode that is part of the worm is actually called shell code. So you put the shell code on the stack. But the buffer overflow problem is the most marvelous example of which illustrates the race between the attacker and the defender. So the attacker tried to do this and then the defender defended against malcode on the stack. The attacker went one step further. He didn't have to put malcode on the stack. He used one of the C library functions. So there's an advanced C library as everybody knows which includes printf and so on. And he used one of those functions which is known as system. And by doing this he obviated the need for having malcode on the stack. So what the defender did was that he made the stack non-executable. The attacker went one step ahead and used the C library. It's a celebrated attack known as the return into libc attack and so on and so forth. So there were other defenses and then the attacker went one step ahead and so on. At some point in time the attacker started to look at heap overflow where dynamic variables are stored. And I have an entire section in the book on heap overflow. So you can see it's basically buffer overflow. You can overflow the heap and you can write into a block. That's allocated maybe to some other program. You can read and write from a block that's allocated to some other program. So if a password of somebody for example was stored on the other block you could be reading from that block and you could read that person's password for example. So this is an example of a heap overflow attack. And of course there have been defenses and it's entirely possible that in some of the operating systems the defenses work but they could be still insecure in some other operating systems. So that's another big challenge in software vulnerabilities. It could be possible that in some window systems the attack will work but in later versions of windows it may not work. On some Linux releases like Ubuntu version 7.0 something it might work. In version 9.1 it may not work and so on and so forth. So this is a wonderful thing for your students to actually try out. Our students here have tried it out. They have tried all these attacks, buffer overflow attacks at least 5 or 6 varieties of them on various operating systems. And they have actually showed and demonstrated that some of these attacks will work on some operating systems, some versions of operating systems yet not on others. So the question is about identity based cryptography. What is all this about? So it turns out that in the mid 1980s or so a guy called Shamir the same Shamir as an RSA Rivest Shamir Adelman the same Shamir came up with an idea called identity based encryption. Now what that means is basically it's the you know what's the idea of a public key and the corresponding private key. Now the question is why do you require somebody else's public key for a variety of reasons. For example if the other party wants to send you a session key he will encrypt it with your public key. So he would like to know what is your public key. So how do you communicate your public key to somebody else or how does somebody send you his public key. The celebrated way of doing that is through a digital certificate because a digital certificate is the binding between a person's identity or a person's credentials on the one hand and the person's public key. And this is sacred because it is signed it's digitally signed by a so called CA or certification authority. Now the whole business of creating these certificates disseminating them revoking them and so on and so forth is actually a costly affair for that you have something called the PKI a public key infrastructure. So using Shammi's idea that was later on developed in the 1990s and in the and about 10 years ago there were all sorts of new schemes that came up to make this a practical idea to make identity based encryption a practical idea. Whereby so here is the key idea your public key can be computed by anybody which is a function of some unique credential of yours. So what is this unique credential that almost all of us have it's the email address. Almost everybody's email address belongs to him and nobody else. If I have an email address like Bernard at it.itb.ac.in I can almost certainly guarantee you that no other individual has the same email address. Likewise the same thing with you ask anybody around whether somebody has the same email address as you have and almost certainly they will say this is the unique email address that only you have. So if that's unique to you then how about if we use the following idea as a function of that email address I can compute a public key. What does that mean all that it means is to get your public key I just need to know your email address. Of course I know your email address because I'm sending you email all the time and as a function of that email address there's a definite function which can be computed there are APIs to compute that function using that function. I can from your email address deduce your public key. So now I don't need to create certificates disseminate these certificates and have an entire infrastructure dedicated to this. So this is the idea of identity based cryptography. There has been a lot of work in the recent past lot of great ideas and very intense mathematics behind identity based cryptography. The so-called while pairing and tate pairings and so on and so forth. So if you're interested in more of the stuff there is one section in a book on identity based cryptography. But this is definitely a material for an advanced course and you can get I can furnish you with many references for the subject. So how are text based encryption techniques and image based compression is it compression or encryption? Encryption techniques different. So the techniques that we study namely secret key cryptography and public key cryptography assume that the underlying structure the underlying data is all binary. All that you need to use des or AES or RSA or ECC is basically a bunch of bits. So doesn't really matter whether those bits come out of images or whether those bits come out of text. It's the same thing and they are all very secure schemes. Now if you're trying to encrypt text using some very elementary schemes such as the Caesar cipher and so on then of course those schemes are useless. You can very easily launch various attacks on those schemes. However if you're using RSA or you're using ECC or des or AES then so long as you've got binary data all of these schemes should be very secure. So whether you use text whether the underlying data is text or whether it's images or video or whatever it should be pretty much the same thing. As far as video is concerned as far as wireless is concerned there are certain encryption schemes that are particularly amenable to those and those are for example stream ciphers. So whenever you're talking about wireless LANs for example the kind of cipher that you use would be a stream cipher like for example RC4. However there have been many attacks on RC4 some of which are explained in the text and some of which you can find on the internet like the well-known FMS attack. So there are these two classes of ciphers these days which are block ciphers and stream ciphers and typically you would want to use block ciphers for running text. And if you've got images and videos you could use stream ciphers such as RC4. So the question is what is differential cryptanalysis what is linear cryptanalysis what is cryptanalysis in general. So around I believe it was 1987 or so there were various schemes various what are called cryptanalytic schemes that came up in the context of DES. So DES was a scheme that was designed way back in the 60s and was continued to run quite well until the beginning of these cryptanalytic attacks. That are actually very sophisticated in nature. And around the mid 90s or early 90s to mid 90s there was a team in Japan for example that pioneered this technique called linear cryptanalysis. And there were some other scientists from Israel and so on that pioneered the technique of differential cryptanalysis. So let me tell you about one of them which is simpler to understand and that is linear cryptanalysis. Ask yourself what is the most important component of a secret key cipher. There are various components in a secret key cipher and by far the most important is something called the S box which is a substitution box. So what the substitution box does is it defines a mapping between a block of plain text and a block of cipher text. These are not the only things that are used in a regular secret key cipher but this is one of the different components. Now the most important thing about an S box is that it should be non-linear. If it is linear there are various ways to show that you can attack this S box. So what we do in linear cryptanalysis is we investigate the linearity or the non-linearity of different S boxes and we try to come up with an expression relating bits of plain text, bits of cipher text and bits of the encryption key. So that is this idea of linear cryptanalysis. And differential cryptanalysis is another technique which is slightly different which looks at a block of plain text, another block of plain text, the differences between these two blocks of plain text and the corresponding cipher text and the differences between the corresponding cipher text and then tries to deduce what is the original encryption key. So these are rather advanced techniques which are best left to an advanced course. And I think I have an entire section, I think I have done it in as much detail as you probably need to an entire section on the subject of linear cryptanalysis. There are some very interesting programming assignments that can be created for your class on linear cryptanalysis or for that matter on differential cryptanalysis. How to defend against DOS attacks? So this is a very interesting question. So I am very happy to see all these very very interesting thought provoking questions out here. How do you defend against a DOS attack? So this is something I just read somewhere a few days ago that you now have these kids that little kids and others are actually getting and they can launch DOS attacks. So what is a DOS attack? A DOS attack is a denial of service attack and it is caused by sending packets to a particular so packets from various places geographically dispersed places to a particular server. So that poor server gets so many packets it cannot service all of them and most of these packets are not real packets from clients but from attackers. So the poor server is busy servicing all these fake packets all these attack packets and cannot do its own work. It is being interrupted all the time. Now how do you defend against these attacks? So this is a very very rich area and once again there are many many different techniques. You can have detection techniques combined with some kind of handling. You can have prevention techniques. So one technique for example is to use something like a machine learning algorithm. Something called change point sequential detection which is in the text that I have written. You can use one of those techniques to detect the onset of a DOS attack. And then there are some very standard techniques that are integrated in many modern day operating systems. Those techniques are things like sin cookies and sin cache. So as you might be aware the TCP protocol when you get an incoming request the establishment of a TCP connection is through something called a three-way handshake. So when you receive a connection request when the server receives a request from the client what it does is typically reserve some amount of buffer space. Different operating systems might reserve different amounts of buffer space like for example 300 bytes. So now when you've got many of these attack packets what happens is that a lot of buffer space keeps getting reserved for all these attack packets and it might be the case that it runs out of memory bandwidth or communication bandwidth or CPU processing. It can't process the regular authentic requests and it wastes time in processing all these fake phony requests. So the technique is to use something called sin cache which doesn't reserve the entire 300 bytes but only about 30 bytes for just the basic information on the connection request. So what is the IP address of the person trying to make a connection? What is the port number, the source port number, the destination port number, the source IP address, the destination IP address, the sequence numbers, acknowledgement numbers. All of you are familiar with the TCP protocol and how sequence numbers, acknowledgement numbers work. So only keep that minimal information in your sin cache. And then only when you are convinced after the three-way handshake there is a genuine request only then do you reserve the entire 300 bytes. So that is one technique. There are many, many more techniques compared to just the sin cache and the sin cookies. There are solutions at different levels. For example you have something called DRF distributed route filtering. You have something called egress filtering and so on and so forth. So there are solutions at the host level. There are solutions at the network level. There are solutions within the core of the internet, et cetera, et cetera. So what are the typical types of malware including spyware? So when you think of malware there is an increasing number of these different species now. You think of worms and viruses. These are two examples of malware that can replicate. And then you have got things that don't replicate. The best example is a Trojan. So the main purpose in life of a virus or a worm is to replicate. While a Trojan doesn't necessarily, in fact it does not. What is the difference then between a worm and a virus? A virus spreads from one file to another. So it's like a parasite. It attaches itself to a file and then having attached itself to one file on a computer system it spreads from one file to another file within the same computer system. By contrast a worm spreads from one computer to another computer. So a worm absolutely needs the presence of a network. Whether it's the internet, whether it's propagation vector is email, whether it could spread through Bluetooth, MMS, there's a whole bunch of different types of mobile viruses and mobile malware, et cetera, et cetera. So this is the main difference between worms and viruses on the one hand and Trojans and then between worms and viruses. And then spyware are things that actually can be sent communicated through Trojans that are things like key loggers for example, things that botnets could do. Log in all your keystrokes including your password and then communicate them to some remote site on the internet where the attacker has hosted his own website. So these are all extremely dangerous and getting more and more sophisticated by the day. One important question over here, what are the attacks on a web server and what are the typical vulnerabilities on a web server? So it turned out that the most common types of vulnerabilities that we used to talk about were more vulnerabilities in networking protocols. Then gradually over the last three, four years, it has been mostly application vulnerabilities that have caught the public interest. So I would like to refer you to a particular site. Just go on to the net and do a Google search for OWASP. OWASP stands for Open Web Application Security Project. So this particular organization actually lists the top ten vulnerabilities every year and you can see how these things are changing. So the thing I talked about before namely buffer overflow was a big hit and in fact it's a very, very common vulnerability but it was a big hit say 10 years ago, 5 years ago and so on. But now the latest kinds of vulnerabilities are more the ones that target web applications and the most important of these in fact I believe the number one is injection that is command injection, SQL injection. That's the number one type of vulnerability and amongst the top five are cross-site scripting. So cross-site scripting have become very, very advanced. First generation, second generation, we are right now the third generation cross-site scripting kinds of attacks. So this is something that you must talk about in your class because it's just too important. Cross-site scripting, SQL injection and buffer overflow. So what were the attacks on web servers? Basically these kinds of attacks. There are different kinds of cross-site scripting vulnerabilities. There is persistent, there is non-persistent, there are DOM based and so on and so forth. Again SQL injection that is something that we understand, something that's easy to patch by using parameterized queries and what not. Are there any practical implementation techniques for social engineering? So the next question is what is the most common type of social engineering attack? So the answer probably would be phishing attacks. So there have been many solutions. This is one area of research which combines psychology and computer science and mathematics and so on, many, many different disciplines. There have been many emerging defenses for phishing attacks, some of which try to look at all possible websites that you have referenced and see which is a new website. They try to look at what the website has on it. They try to caution you with red flags and yellow flags and so on that this particular website might be a dangerous website. So there are all sorts of techniques that you will see in the literature. If you want to have a little list of some of these papers that have come up in the last two years, I'll be happy to send them to you. One such technique is called anti-fish, for example. One question here is what is the latest research into malware detection techniques? So once again when we talk about malware, I will just briefly split this question into two parts. One is worm detection and the other is virus detection. So one of the common worms that manifested itself in the early 2000s or 2001-2003 are respectively the code red worm and a worm called the slammer worm. Spread very, very fast and infected about the slammer worm in particular which spread through UDP rather than TCP, infected almost half the vulnerable computers in just half an hour. So it spread so fast before the system administrators could do anything about it. So the question that was in the mind of security experts is how do we somehow retard the spread of these different worms? So there were many good papers in the year say 2004-2005-2006 in the area of worm detection. So guess how this thing could work? So basically in the case of these internet, these are called internet scanning worms, worms like code red and slammer. So what you find is a peculiar, particular characteristic of these worms is that they had, if you don't talk about the polymorphic worms, the regular monomorphic worms is that most of their instances have the same payload. So if I can have some kind of an ideas in my organization, in my campus which looks at the payload of various packets that are coming in and tries to find if there are common substrings, not the entire packet was identical but there were large substrings that were identical. If I can identify common substrings in those different packets that are coming, then maybe that's a trick. Maybe I've been able to figure out that this is the onset of a worm epidemic because these worms spread as I said very fast. They spread around the world and you had many, many instances of these worms that were arriving onto your campus for example. So if I can look at all the different packets that are arriving and identify a common substring, then maybe I've been able to detect a new worm that is coming. So this was the basic idea, how exactly that was done, the pattern matching ideas and so on are described in great detail in the papers in one of these chapters. The other thing was virus detection. So besides worm detection under malware detection, the other thing is virus detection. Now can you use the same technique for virus detection? And mind you, we are talking about now polymorphic worms where the payload looks very different because the worms themselves are encrypted, different instances the worms are encrypted. So different people came up with different ideas. But one of the most powerful ideas that came up with a few years ago was don't look at superficial things like just the payload of a packet but just take a packet, look at its executable and try and see what is the behavior of the executable. So if you are trying to identify different so-called mutants of the same virus and this is what modern-day antivirus products do, they don't has yet do them. But I would see the next generation of antivirus products doing this. You take actually a suspicious piece of software which you suspect is a virus and then you look at its behavior very carefully. So the signature, the virus signature is not the regular bit pattern in a worm payload but now it is the behavior. Let's look at the system calls made by this piece of software, the operating system calls. Let's look at the sequence of system calls. Let's look at dependencies between these system calls. So there is a lot of very recent research in this area in the last two years or so on virus detection and these more sophisticated virus detection techniques. I'm not sure whether these have ended up being commercial products as yet but I would suspect that they would be in commercial products in a couple of years. I'm very happy to see that these questions are extremely relevant and they really inspire people to think. Maybe I should include them in my exam next time. So the question over here is on wireless. In 802.11 standards, have many security techniques been used and what about future implementation? So this is an interesting question. We all use wireless LANs and you must have heard of terrorists and so on using these wireless LANs to get people's passwords and all sorts of things. Even in our own institute, the students come and tell me, sir, I can get your password from the wireless LAN. I can get anybody's password and that's very, very frightening. So let's look at the brief history of this. The first kinds of wireless LANs which used 802.11 had no security at all. So you could easily make much of the messages, most of the messages were actually being transmitted in the clear. Then they went to a standard called WEP, wireless equivalent privacy or something like that, a wide equivalent privacy. And in my book, I have dedicated an entire section to WEP, not because of why it is good, but why it's something that you should look at its drawbacks. I've tried to illustrate and identify its drawbacks and to give you an example of a protocol that should not be used, of ideas that should not be used. So with WEP, you have many, many, many problems. For example, you can fabricate messages using WEP. You can fabricate messages, you can eavesdrop on messages even though they are encrypted and so on and so forth, a whole bunch of problems with WEP. So the wireless community got together and decided to get rid of all these problems and the solution came up in the form of 802.11i. So there are two commercial names for these standards. One is TKIP and one is CCMP. TKIP stands for Temporary Key Integrity Protocol which gets rid of the problems of RC4. Once again, I have an entire section on both TKIP as well as CCMP. So CCMP is the one that uses still RC4. As I told you before, RC4 has some serious problems, but CCMP has got rid of, let me see, is it CCMP, it's TKIP rather. It's TKIP that has got rid of the problems with RC4 by some clever tricks. While the other protocol namely CCMP decided to start afresh. So they decided to use AES. AES as I mentioned before is the secret key cryptography standard, the latest version, the latest which stands for AES, Advanced Encryption Standard. So this is something that came up about 10 years ago and it's about to replace DES, the earlier standard for secret key cryptography. So CCMP uses AES for two things, for encryption as well as for integrity protection in different modes. So it uses the counter mode for encryption and it uses the so-called CBC mode or cipher block chaining mode for computing MAC. They call it a mic which stands for Message Integrity Code. What is intrusion detection? How do you integrate intelligence and intrusion detection? So intrusion detection is a sort of an idea which you use to figure out beforehand when an intrusion is about to take place. You want to be warned when a denial of service attack is happening or is about to happen and how do you do that? So there are very fancy intrusion detection systems these days that are available commercially available IDS's and most of them use things like machine learning and such techniques. So one of the techniques is sequential change point detection. You can use, there are many statistical techniques that are used for example in forecasting and sequential change point detection looks at a time series and tries to identify when the complexion of that thing is changing, when there is some radical departure from the norm. So you have to identify a baseline, you have to learn. It's a learning technique just like an AI or machine learning you have to learn what constitutes normal behavior and what constitutes a departure from normal behavior something anomalous or abnormal. So that's what an IDS does and it borrows very heavily from machine learning and those techniques including data mining. Is HTTPS always safe? Are attacks possible on HTTPS? Most of us know that HTTPS stands for the S over there stands for secure HTTP. This is a protocol that is used, it's basically SSL a protocol used when you are doing e-commerce or when you are booking airline tickets and so on and so forth. The question is, is it always safe? Well there have been attacks on HTTPS things like the man in the middle attack that are caused due to improper digital certificates. So be very careful about this, the digital certificate and how you actually configure your browser to accept digital certificates. The name of the server, the credentials of the server on the other side is extremely important for this purpose. Also another thing is that SSL is not a panacea for web security. It's not that if I have deployed SSL everything is safe. I just mentioned before that the whole bunch of problems that exploit vulnerabilities in web software like scripting vulnerabilities, SQL injection vulnerabilities every day my students keep finding vulnerabilities in some website or the other. Even very good university websites around the world. So one has to take care of not just deploying SSL but also equally important about making sure the web application software is secure enough. It's audited, there are good coding practices used in designing that software etc. So the next question is about StooksNet and Zeus. How do these botnets work? So I haven't actually looked at the entire working of StooksNet. That's an extremely interesting project for students to do. This worm was released just very recently about two, three months ago. So I haven't looked at the entire working of it. There are many, many papers. It's a very complicated worm by the way and there have been many papers that I've seen on it. Many of these papers are extremely intense and detailed. I can tell you a little bit about worms like the storm worm and the configure worm. So basically these worms are standard botnets and they leverage the power of a P2P network. So they actually are able to pretend to be simple P2P messages out there. And the interesting thing about a bot as compared to a worm is that it's got multiple stages of infection. So first you infect a particular workstation with a bot and then that bot has to communicate to the outside world to various servers to get new code, to get fresh code. So the challenge is how does that bot know whom to connect to? How does that bot know when to connect? For example, if I'm a bot controller, the so-called bot master, I might have 10,000 or even a million computers under my control. Each of them infested by a bot that I've created. I'm controlling each of those computers. I can tell those computers that on the 1st of January 2011 launch an attack on this particular website. I can tell them to generate spam and send them to certain addresses and so on and so forth. Every time I might give them different commands. So this bot is actually working. It's mostly, unlike the Code Red worm, which was very, very active, these bots might be passive for most of their life. And then suddenly I instruct them on the 1st of March, perform this attack. They'll be lying low. You don't even know that they are on your machine. But on the 1st of March, low and behold, all of these in a coordinated fashion around the world decide to attack this particular website in a standard DOS attack or maybe a spamming attack and so on and so forth. So this is the way they work. The main idea in a bot is it gets secondary infections, which are all fresh. I can create an infection and put it on a website in the month of February and instruct all the bots under my control to go and fetch that infection. So it's very difficult for law enforcement authorities and there are all sorts of obfuscation techniques for these bots. It's very difficult for law enforcement authorities to go and to be able to disable these things to figure them out completely because there could be many bots in your campus, in your organization. There could be many PCs that are bot infested and you don't know and you probably never will for a long time to come. So bot detection is a big deal. Hello, sir. Sir, how to find a difference between the cell sign certificate and the CA sign certificate? Between a self-signed and or CA sign certificate. The CA's typically are very well-known entities. For example, take India. First and foremost, internationally, you might have heard of very sign and even RSA, security and so on. These are different organizations that issue that create certificates on behalf of users like the Indian Railways, for example. And then within India, you have got the Outfit Reserve Bank of India's Research Centre in Hyderabad, for example. They create certificates. TCS creates certificates and so on and so forth. So typically, when you use these certificates, you always use them in conjunction with the public key of the CA. So those public keys are known to your browser or should be known to your browser so that they can verify certificates that are signed by those CA's on behalf of other users. So those are the real certificates. And then for a variety of purposes, if you're using OpenSSL to say you've got a class project for your students, you're using OpenSSL, you can generate your own certificates. Of course, nobody is going to accept them in general. You can create your own certificates for purposes of running the experiment, for purposes of verifying the certificate and so on. And those would be self-signed certificates, signed by yourself because a certificate has to be signed by a CA. So you can play the role of a CA just for purposes of your experiment and create those kinds of certificates. Those are self-signed certificates. Because OpenSSL, if you're running an experiment, as my students did here last semester, if you're running an experiment with OpenSSL, you need to have certificates. But you can have toy certificates. Those toy certificates need not be signed by a well-known CA, like very signed or the IDBRT and so on. They can just be signed by yourself for purposes of the experiment. Those would be self-signed certificates. Thank you very much for those very interesting and possibly I should say illuminating questions. I actually love to answer questions. I love to hear questions and think about them. And I think these have been very, very thought-provoking questions. I very much appreciate those questions. I hope I've answered them to people's satisfaction. Whether I have or not, you're free to email me. I know this is a very important set of participants out there. You're all college teachers and you're teaching the future of our country. And I'm sure you're doing an excellent job. This is a very, very interesting field, as you know. There is so much that needs to be done in this field. We need to go on to, you know, this probably an entire MTech program that we set on just security. So it's not one course, as I said. I used to have half a course in IIT Bombay. Then it became one course. Now it's two courses. And some students are saying, let's have a third and fourth course and even an entire MTech in security. So it's a very growing field. It's a field to keep up with so much that is happening. But I'm sure you will be able to do it. Don't forget, the students are young. They are full of energy, full of potential and talent. You can use your students to do all sorts of wonderful experiments, read all sorts of new papers and new ideas. And we can bring this field of security, we can take this field of security higher and higher in this country. So with that, I end and I wish you all the best of luck.