Foundations of Computer Security

By David Salomon. Published by Springer Verlag late 2005. ISBN 1-84628-193-8. LCCN QA76.9.A25 S2656 2005 (sometimes listed as QA76.9.A25 S27 2006). xxi+369 pages.

A BibTeX style file and an Errata list are available.

Written during the period July 2004 to April 2005, the book consists of 12 chapters, two appendixes (leet speak and a virus timeline), answers to exercises, a glossary, bibliography, and index.

Dedicated to the many anonymous users and experts who serve with zeal and dedication in the unending war of computer security.

From the Preface.

This book is intended as a starting point for those familiar with basic concepts of computers and computations who would like to extend their knowledge into the realm of computer and network security. The book is primarily a textbook for undergraduate classes on computer security. It is mostly nonmathematical and makes no attempt to be complete. The only prerequisite for understanding the material presented here is familiarity with the basic concepts of computers and computations such as (1) the organization of data in bits and bytes, (2) data structures (arrays, trees, and graphs), and (3) network concepts such as IP numbers, input/output ports, and communications protocols.

An interesting (and I believe, also original) feature of this book is its minimal use of the vague term "system." This word is used only (1) in connection with well-defined or commonly-used terms such as "operating system," "file system," and "notational system," (2) when it is part of names of organizations, or (3) when it is included in a quotation. Many texts use this vague term liberally, thereby confusing the reader. Sentences such as "In addition, the blah flood may exhaust system memory, resulting in a system crash. The net result is that the system is unavailable or nonfunctional," are confusing. Instead of "system" the author should specify what is being discussed, whether it is a computer, a piece of software, a router, or something else. While I was at it, I also avoided the use of the cliche "basically," employing "essentially" or "fundamentally" instead. On the other hand, the term "user" is a favorite in this book.

Table of Contents

Book Cover
Preface vii

Introduction 1

1 Physical Security 15
1.1 Side-Channel Attacks 15
1.2 Physical Threats 20
1.3 Laptop Security 26
1.4 Disaster Recovery Planning 28
1.5 Privacy Protection 29

2 Viruses 33
2.1 Operating Systems 34
2.2 Computer Viruses 36
2.3 Virus Writers 40
2.4 Virus Propagation 43
2.5 Virus Classification 46
2.6 Boot Sector Viruses 48
2.7 File Infector Viruses 51
2.8 Companion Viruses 55
2.9 Multipartite Viruses 56
2.10 Macro and Script Viruses 57
2.11 Infected Images 59
2.12 Virus Life Cycle 62
2.13 Viruses and UNIX 65
2.14 Viruses and the Macintosh 65
2.15 Viruses and the Amiga 66
2.16 Virus Replication 66
2.17 Virus Payload 66
2.18 Virus Organization 74
2.19 Virus Naming 75
2.20 Virus Hiding Methods 76
2.21 Polymorphism 80
2.22 Virus Stealth Techniques 83
2.23 Interrupts and Viruses 84
2.24 Trapdoors 88

3 Worms 91
3.1 Code Red I 93
3.2 Worming Techniques 95
3.3 Proposing a CCDC 105
3.4 The Internet Worm 108

4 Trojan Horses 113
4.1 Applications of Trojans 114
4.2 Installing a Trojan 116
4.3 Rigging a Compiler 118

5 Examples of Malware 125
5.1 The Lehigh Virus 125
5.2 The Brain Virus 126
5.3 The Michaelangelo Virus 127
5.4 The SirCAM Virus 128
5.5 The Melissa Virus 129
5.6 Scores Virus 130
5.7 Swiss Amiga Virus 131
5.8 Christmas Card Virus 131
5.9 VBS.KAK Worm 132
5.10 The Cruncher Virus 133
5.11 Opener Virus 134
5.12 MTX Worm/Virus 135

6 Prevention and Defenses 139
6.1 Understanding Vulnerabilities 139
6.2 Defenses Against Malware 144
6.3 Anti-Virus Software 145
6.4 Backups and Such 155
6.5 Hoaxes 160

7 Network Security 163
7.1 Internet Vulnerabilities 163
7.2 Port Scanning 164
7.3 Spoofs 165
7.4 Spam 169
7.5 Denial of Service 181
7.6 Firewall Basics 184

8 Authentication 189
8.1 Local Authentication 190
8.2 Biometric Techniques 190
8.3 Passwords 196

9 Spyware 211
9.1 Introduction and Definition 212
9.2 RIAA and Spyware 215
9.3 Terrorism and Spyware 217
9.4 Political Contributions 218
9.5 Distribution of Spyware 219
9.6 Remote Reporting 222
9.7 Adware 225
9.8 Spyware? 226

10 Identity Theft 231
10.1 Introduction 232
10.2 Shredding 236
10.3 Internet Cookies 238
10.4 Phishing 239
10.5 The Homograph Threat 245

11 Privacy and Trust 247
11.1 Privacy Issues 248
11.2 Online Privacy 251
11.3 Children's Privacy 253
11.4 Trust 258

12 Elements Of Cryptography 263
12.1 Principles of Cryptography 264
12.2 Kerckhoffs' Principle 265
12.3 Polybius' Monoalphabetic Cipher 266
12.4 Polybius' Polyalphabetic Cipher 268
12.5 The One-Time Pad 269
12.6 The Key Distribution Problem 271
12.7 Diffie--Hellman--Merkle Keys 272
12.8 Public-Key Cryptography 273
12.9 RSA Cryptography 274
12.10 SSL: Secure Socket Layer 278

A l33t Speak 285

B Virus Timeline 289

Concluding Remarks 305

Answers to Exercises 311

Glossary 327

Bibliography 343

Index 357

From the back cover

All aspects of computer security--from the firewall for a home PC to the most daunting designs for large distributed systems--are becoming increasingly important worldwide. However, the complexities of securing computing systems can often make the topic too intimidating or onerous for people who are relative novices. Foundations of Computer Security provides a succinct, yet authoritative introduction to the underlying theory, history, vocabulary, and concepts that drive this pivotal area of computer science. With its user-friendly approach and clarity of style, the text conveys--in simple terms--the core principles and developments underlying computer security in its many ramifications in the rapidly evolving computing arena. Following its opening framework laid out in a broad preface and introductory chapter,the book features chapters dedicated to a wide array of security-related subtopics: physical security, viruses and worms, malware and spyware, privacy and trust, and cryptography, to name several. The work is a sort of guidebook for newcomers: It assumes only basic knowledge of computers and refrains from heavy mathematical elements. Topics and Features:

Provides a comprehensive, accessible overview of the elements of computer security, conveyed in an easy-to-understand style

Covers the main security challenges, and introduces cryptography

Reinforces its themes with thorough use of examples, exercises (with answers), historical anecdotes, and case studies

Features a supplemental website for auxiliary instructional material

Supplies numerous resources, including a helpful glossary, a virus timeline, and an extensive bibliography

Instructs readers through a logical and progressive method, yet flavors treatment of the topic with enjoyable quotes, provocative questions, and other educational tools

Presents the "essentials," but offers additional useful background information. This broad, yet practical textbook/reference is an invaluable instructional tool for undergraduates, graduates, or professionals who know at least the basics about computers but need some exposure to the key elements pertaining to computer security. Its concise approach, complemented by its breadth of security issues covered, will make it an ideal resource for those hoping to learn the foundation topics of this critical subject.

A Review

A detailed review of this book, written in early 2008, can be found here.

Auxiliary Material

Spyware: what you don't know can hurt you. A 92-page report of a hearing at the US house of representatives (mentioned in the book's bibiography, page 348, under [House 2004]).

Laptop security. A 5-page article published in the Fall 2004 issue of "The Hacker Quarterly" (author unknown).

[Asonov and Agrawal 2004]. The article on keyboard acoustic emanations mentioned on page 19.

[NIST Handbook 2004], a 290-page Ebook mentioned on page 12 among other important references.

[Staniford et al. 2002], the excellent paper mentioned on page 93 in connection with Internet worms.

[Agrawal and Srikant 2004], the reference mentioned on page 30 in connection with privacy protection.

natas selur, The Confessions of a Hacker (from http://www.theeunderground.com/) is a text file with advice and basic information for would-be hackers.

Securing Mac OS X, a guide to security hardening for Apple Mac OS 10.3 by Paul Day, (pd(at)csse.uwa.edu.au), November 2004. A 40-page document discussing numerous methods of securing Apple Mac OS 10.3 and drawbacks to currently accepted methods of security. It covers both security from a local user's perspective and a network perspective.

Securing Mac OS X. Presentation slides (36 pages) for the document above.

Mac OS X System Hardening. Guidelines for Faculty and Staff, 13 pages issued by the University of Tennessee, Knoxville.

Trivia

Page 290 talks about the origins of the fear of Friday the 13th. Few know that the long, complex, and rare term "Paraskavedekatriaphobia" describes this phobia. This term is a concatenation of the Greek words Paraskevi (Friday), dekatreis (thirteen), and phobia (fear).

Review (SIGACT, vol 39, #2, 2008)

Overall, Foundations of Computer Security is a very nice and well-written introduction to the essential concepts of computer security. The content was written in an easy tone that would make it approachable to a security neophyte. The book is loaded with examples and exercises that are useful in learning the material.

One of the things I found appealing about the book is much of the content is written in bulleted lists. In my opinion, this allows the reader to quickly get an understanding of the core concepts of the material.

This is a book I would not hesitate to give to someone who had very little computer experience and wanted to learn the core concepts of security. The material covered is very broad in scope; however the essentials were well treated and easy to comprehend.

Last Updated 1 October 2009.