1
00:00:02,280 --> 00:00:06,090
This lecture will be devoted to protocols and networking.

2
00:00:06,280 --> 00:00:13,500
We'll analyze the three lowest layers of the S.I. model.

3
00:00:13,530 --> 00:00:15,170
We'll start with a physical layer.

4
00:00:18,480 --> 00:00:24,190
The security risk that the physical layer is most susceptible to comes from the denial of service attack.

5
00:00:24,660 --> 00:00:29,270
The result of this attack is the authorized users cannot use certain systems services

6
00:00:32,010 --> 00:00:36,680
as we know the physical layer is the basis of all higher layers.

7
00:00:36,720 --> 00:00:39,960
It's easy to conduct a successful attack on the physical layer.

8
00:00:42,420 --> 00:00:45,860
Unfortunately few technological solutions can prevent that.

9
00:00:49,570 --> 00:00:52,710
The piece of news that you see in the slide provides a good example.

10
00:00:55,240 --> 00:01:00,100
The story is about a 75 year old Georgian woman who cut off most of our mania from the internet.

11
00:01:02,880 --> 00:01:04,660
Scavenging for scrap metal.

12
00:01:04,770 --> 00:01:07,110
She found a transmission cable.

13
00:01:07,110 --> 00:01:10,780
She thought it was a copper cable but it turned out to be a fiber optic cable.

14
00:01:12,440 --> 00:01:15,820
Obviously she didn't manage to get even $25 for it.

15
00:01:17,290 --> 00:01:22,150
From our perspective the most important bit of this story is the woman managed to defeat the security

16
00:01:22,150 --> 00:01:25,580
measures of all the computers in our mania with a shovel.

17
00:01:28,300 --> 00:01:31,700
DNS attacks are a serious vulnerability of the physical layer.

18
00:01:33,500 --> 00:01:39,290
Wireless networks are especially susceptible to this problem but this will be the topic of another lecture.

19
00:01:48,300 --> 00:01:55,330
The second serious vulnerability of the physical layer comes from unauthorized access to the medium.

20
00:01:55,430 --> 00:01:59,660
The picture you see above shows that you shouldn't blindly follow stereotypes.

21
00:02:01,390 --> 00:02:07,170
One such stereotype is that fiber optic cable connection is always more secure than a copper cable connection.

22
00:02:09,440 --> 00:02:14,570
It's generally accepted that a copper cable signal is easy to intercept because the transmission emits

23
00:02:14,630 --> 00:02:18,810
an electromagnetic field.

24
00:02:18,810 --> 00:02:24,660
Moreover many people think that a fiber optic cable transmits lightwaves which are immune to electromagnetic

25
00:02:24,660 --> 00:02:31,310
interference and thus the signal cannot be intercepted without cutting across the cable.

26
00:02:31,370 --> 00:02:33,520
And this in turn can be easily detected.

27
00:02:35,870 --> 00:02:37,560
This is not entirely true.

28
00:02:39,900 --> 00:02:42,810
The device you see in the slide is widely available on the Internet.

29
00:02:43,670 --> 00:02:48,530
It costs about $1000 if you can access the fiber physically.

30
00:02:48,900 --> 00:02:53,060
You have to bend it in such a way that you see in the picture and attach it to the device.

31
00:02:53,840 --> 00:02:57,140
After that the fiber emits wave light outside.

32
00:02:59,330 --> 00:03:05,900
When the light gets reflected from the wall of the cable the light loss is about 1 percent a sensitive

33
00:03:05,900 --> 00:03:10,320
detector could intercept the signal escaping from the fiber.

34
00:03:10,410 --> 00:03:17,660
Then you just have to convert the signal back to the electric form and connected device to the computer.

35
00:03:17,700 --> 00:03:24,180
That's how you get an optical fiber cable monitoring system.

36
00:03:24,200 --> 00:03:27,590
Of course there are devices that can detect that the fiber is bent.

37
00:03:29,170 --> 00:03:34,810
If there's an automated attack someone has probably already invested money to develop an automated defense

38
00:03:34,810 --> 00:03:36,050
against the attack.

39
00:03:37,510 --> 00:03:46,050
However the devices for the signal interception monitoring costs much more than a thousand dollars.

40
00:03:46,190 --> 00:03:51,380
If someone can get physical access to the medium through which the signal is sent that can intercept

41
00:03:51,410 --> 00:03:55,670
all the data that passes through that medium.

42
00:03:55,840 --> 00:04:00,450
In many cases they can also modify it in real time.

43
00:04:00,550 --> 00:04:05,830
For example the moment it was sent the data at the far end of the fiber is different from that which

44
00:04:05,830 --> 00:04:14,700
was sent for example your subtotal might have changed or a piece of hostile code was added to the binary

45
00:04:14,700 --> 00:04:15,730
file.

46
00:04:15,930 --> 00:04:17,810
You should trust the data source.

47
00:04:18,850 --> 00:04:23,990
However after the data passed through a medium that was accessed by an unauthorized person.

48
00:04:24,280 --> 00:04:30,200
The end result may be different from the one expected such attacks represent a serious risk for modern

49
00:04:30,200 --> 00:04:31,510
computer systems.

50
00:04:32,960 --> 00:04:41,390
No medium ensures protection against data interception.

51
00:04:41,540 --> 00:04:47,600
The physical layer doesn't provide any technology that would allow data encryption nor does it include

52
00:04:47,600 --> 00:04:52,370
any solution that would enable the receiver to authenticate the sender of the data package.

53
00:04:56,160 --> 00:05:02,250
The two main threats the physical layer is susceptible to come from DNS attacks which can be as simple

54
00:05:02,250 --> 00:05:07,820
as unplugging a network cable and interception and modification of the data sent through the medium

55
00:05:09,860 --> 00:05:11,500
without the use of technology.

56
00:05:11,510 --> 00:05:16,140
You have to restrict access to the medium to do so.

57
00:05:16,140 --> 00:05:21,130
Companies employ security firms install digital locks et cetera.

58
00:05:23,110 --> 00:05:30,240
Monitoring the surroundings of the company's premises may also provide effective protection consequences

59
00:05:30,240 --> 00:05:34,360
of a malfunction can be limited by duplicating the most important connections.

60
00:05:37,290 --> 00:05:40,990
But these are the only three available methods of physical layer protection.