From 3f00425a090aa3aaf142973d2cc54265f4df61ca Mon Sep 17 00:00:00 2001
From: 2weiEmu <saalbach.robert@outlook.de>
Date: Thu, 24 Apr 2025 22:26:04 +0200
Subject: [PATCH] moved some images

---
 .obsidian/app.json                            |   2 +-
 .obsidian/workspace.json                      |  28 +-
 .../Cheatsheet (extensive, draft).md          | 666 ++++++++++++++++-
 .../Cheatsheet (shortened, draft) (for me).md | 674 ++++++++++++++++++
 .../Pasted image 20250416221155.png           | Bin
 .../Pasted image 20250416221211.png           | Bin
 6 files changed, 1354 insertions(+), 16 deletions(-)
 create mode 100644 University/Computer Security/Cheatsheet (shortened, draft) (for me).md
 rename Pasted image 20250416221155.png => University/Computer Security/Pasted image 20250416221155.png (100%)
 rename Pasted image 20250416221211.png => University/Computer Security/Pasted image 20250416221211.png (100%)

diff --git a/.obsidian/app.json b/.obsidian/app.json
index 1735354..672dd48 100644
--- a/.obsidian/app.json
+++ b/.obsidian/app.json
@@ -7,7 +7,7 @@
     "pageSize": "A4",
     "landscape": false,
     "margin": "2",
-    "downscalePercent": 100
+    "downscalePercent": 50
   },
   "promptDelete": false
 }
\ No newline at end of file
diff --git a/.obsidian/workspace.json b/.obsidian/workspace.json
index a23dd30..3e1f2ef 100644
--- a/.obsidian/workspace.json
+++ b/.obsidian/workspace.json
@@ -4,16 +4,16 @@
     "type": "split",
     "children": [
       {
-        "id": "2136efadb65426c0",
+        "id": "5e6069bc7520fcd6",
         "type": "tabs",
         "children": [
           {
-            "id": "b32655feb9b7d9db",
+            "id": "29d0775217ba3dcc",
             "type": "leaf",
             "state": {
               "type": "markdown",
               "state": {
-                "file": "University/Computer Security/Cheatsheet (extensive, draft).md",
+                "file": "Thoughts on Politics and Researching, and finding out things that you think are right.md",
                 "mode": "source",
                 "source": false,
                 "backlinks": true,
@@ -28,7 +28,7 @@
                 }
               },
               "icon": "lucide-file",
-              "title": "Cheatsheet (extensive, draft)"
+              "title": "Thoughts on Politics and Researching, and finding out things that you think are right"
             }
           }
         ]
@@ -173,22 +173,23 @@
       "pdf-plus:PDF++: Toggle auto-paste": false
     }
   },
-  "active": "b32655feb9b7d9db",
+  "active": "29d0775217ba3dcc",
   "lastOpenFiles": [
-    "Pasted image 20250416221211.png",
-    "Pasted image 20250416221155.png",
-    "People/Ruxi.md",
+    "Watchlist.md",
+    "Thoughts on Politics and Researching, and finding out things that you think are right.md",
+    "Some cool music perhaps?.md",
+    "University/Computer Security/Pasted image 20250416221155.png",
+    "Pasted image 20250207160807.png",
+    "University/Computer Security/Pasted image 20250416221211.png",
+    "Pasted image 20250103161642.png",
     "University/Computer Security/Cheatsheet (extensive, draft).md",
+    "University/Computer Security/Cheatsheet (shortened, draft) (for me).md",
+    "People/Ruxi.md",
     "University/Human Computer Interaction/Untitled.md",
     "University/Computer Security",
     "University/Human Computer Interaction",
-    "Pasted image 20250207160807.png",
-    "Pasted image 20250103161642.png",
     "get over it, everyone's tipsy. Dance..md",
     "Food with the boys - money note.md",
-    "Watchlist.md",
-    "Thoughts on Politics and Researching, and finding out things that you think are right.md",
-    "Some cool music perhaps?.md",
     "Quotes.md",
     "Poet List.md",
     "Untitled 1.md",
@@ -212,7 +213,6 @@
     "Bundesverfassungsgericht/Urteil_des_Ersten_Senats_vom_5_November_2019.pdf",
     "Bundesverfassungsgericht/References on Bundesverfassungsgericht.md",
     "University/Algorithm Design/Resources.md",
-    "University/Algorithm Design/Greedy.md",
     "People",
     "University/HCI",
     "University/Algorithm Design",
diff --git a/University/Computer Security/Cheatsheet (extensive, draft).md b/University/Computer Security/Cheatsheet (extensive, draft).md
index 61310ca..432b85a 100644
--- a/University/Computer Security/Cheatsheet (extensive, draft).md	
+++ b/University/Computer Security/Cheatsheet (extensive, draft).md	
@@ -5,7 +5,6 @@
 
 Layered Defence:
 	Implement a multi-layered security approach to address different levels of threats.
-
 ### Threat vs. Harm
 > Threat = A potential danger that could cause harm
 > Risk = The likelihood that the threat will actually exploit a vulnerability and cause damage
@@ -162,3 +161,668 @@ Mitigating Botnets:
 - Taking down C2 Infra., though they make this hard
 - Blocklisting devices that are infected
 
+Firewalls:
+- prevents access from outside networks
+- segments networks
+- reduces attack surface
+
+there are _hardware_ and _software_ firewalls
+Hardware tends to be faster, safer and more expensive
+
+Types of firewalls:
+- Packet filtering
+- Stateful inspection
+- Application-level
+- Circuit-level
+	- relays application layer data between user and app
+	- does not parse contents, determines which connections are allowed
+
+DMZ - De-militarized Zone (separating different levels of network security, public facing servers, then firewall, then internal services.)
+
+VPN, allow to create a "tunnel"
+
+## Intrusion Detection
+IDS:
+- Host-Based
+	- Monitor logs
+- Network-Based
+	- Monitors network data and deep packet inspect
+
+IDS Types:
+- Heuristic
+- Signature
+- Anomaly (Determine what "normal data" is)
+	- Can be detected with statistics
+	- or knowledge
+	- or machine-learning
+
+Alert fatigure: the boy who cried wolf, you need to check the number of false positive and sensitivity of the system.
+
+SPAN ports on Switch: to monitor things
+
+Honeypot:
+	A decoy system that is designed to lure potential attackers away from critical systems.
+
+Goals of a honeypot:
+- Divert attackers
+- Collect info about attackers
+- alert administrators of strange behaviour
+
+Needed role of secure protocols:
+- Interoperability, need to make sure that people can communicate
+- Baseline security - standards establish a min. level of security
+- Regulatory compliance
+
+SSL and TLS (secure in HTTTPS)
+
+Client Hello ->
+ServerHello, Certificate, ServerHellDone <-
+ClientKeyExchange, ChangeCipherSpec, Finished ->
+ChangeChiperSpec, Finished <-
+
+Certificate issuer should be a trusted party, you need to trust the person who gives these out
+
+Heartbleed: OpenSSL vulnerability
+
+DNS poisoning: inserting a fake response
+
+DNSSEC does not encrypt DNS but protects integrity
+Creates a chain of trust to root server
+
+all protocols are unencrypted by default, i.e. POP, IMAP, SMTP
+PGP and S/MIME is for encrypting email itself
+
+SPF (Sender-Policy Framework)
+- allows domain owners to specify which servers  are authorized to send mail using the domain (using a TXT record)
+
+DomainKeys Identified Mail (DKIM)
+- is designed to sign the email on a domain-level and distribute the key via DNS
+
+
+# Cryptography
+Cryptography ensures the _confidentiality_ and _integrity_ of the message
+
+Kerckhoff's principle
+> The security provided by an encryption system should not depend on the secrecy of the system, but only on the secrecy of the key.
+
+Cracking it should not be viable without the keys.
+
+Symmetric Encryption:
+- Encryption and decryption keys are the same
+- Decryption is the reverse of encryption
+
+Key sharing, would need quadratic number of keys for every pair, has to be unique.
+
+Alphabet Shift Cipher: Shifting, generalized caesar cipher
+
+Substitution Cipher: use a map to change letters in the original text
+- can't try all combos, but frequency analysis works
+
+## One-Time Pad
+KEy: Sequence of random bits same length as plaintext
+XOR Key and plaintext
+Decrypt is simply XOR Key and Cipher
+
+Advantages:
+- Fully secure if key only used once
+
+Disadvatange:
+- Key as large as plaintext
+- cannot be reused
+
+Patterns can be found if you reuse the key
+If the randomness is imperfect then, well shit
+
+Modern Symmetric Encryption:
+DES (Data Encryption Standard) Key: 56 bits
+
+AES (Advanced Encryption Standard)
+Key: 128, 192 or 256 bits. (Exhaustive search not yet possible)
+
+Cryptographic Hash Functions:
+- Short Output
+- One-way
+- Collision Resistance
+- Public Function (no secret key)
+- Can only be brute-forced
+
+example application: file integrity
+or password auth
+
+most practical hash functions have no mathematical proof, but they tend to perform like this by mixing bits
+
+MD5 128 bits (insecure)
+SHA-1 160 bits (deprecated)
+SHA-2 224, 256, 384, 512 bits 
+SHA-3 Keccak (224, 256, 284, 512 bits)
+(not widely used)
+
+Birthday attack:
+- about 2^(b/2) tries (b = number of bits of hash function) to find a collision
+
+## Entropy
+Experiment E, some output $e_i$
+$$I(E=e_i)=log_2 \left( \frac{1}{p(e_i)}\right)$$
+Higher probability -> Less Information
+(Measured in bits)
+
+Flip a fair coin and land on heads:
+1 bit
+
+Roll a 6-sided die and land on 3:
+Log(6) = 2.58 bits
+
+Roll a 20-sided die and land on 9 or 19:
+log(20/2) = 3.32 bits
+
+Average value of information we obtain by learning the result of Experiment E with outcomes $e_0, e_1, ..., e_{n-1}$
+$$H(E)=\sum_{i=0}^{n-1} p(e_i)log_2\left(\frac{1}{p(e_i)}\right)$$
+Computer need a source of entropy to generate random numbers:
+- Computer
+	- Processor thermal noise
+	- Disk Activity
+	- Network activity
+- User
+	- Keyboard keys and timing
+	- Mouse movement and timing
+- Other
+	- Nuclear Decay
+	- Cosmic Noise
+
+
+### Block Cipher 
+A symmetric encryption scheme for messages (blocks) of a given fixed length
+Length of block indepedent from key-length
+AES is  block cipher that operates on 128 bit blocks
+
+ECB (Electronic Code Book) Mode:
+When plaintext is longer than block size b
+Partition plaintext P into seq of m blocks n / b < m
+
+ECB Mode
+- Assume n is a multiple of b
+- C[i] = E_k(P[i])
+(encrypt every block)
+
+can be done in parallel
+documents and images not suitable for ECB (better for random strings)
+
+Cipher Block Chaining (CBC) Mode
+Previous ciphertext block combined with current plaintext block
+$C[i]=E_k(C[i-1]\oplus P[i])$
+V is the initialisation vector for the first one
+
+works well with any input plaintext
+can't parallelize
+bad when data lost
+
+Counter Mode:
+- Counter t
+$C[i] = E_k(t+i)\oplus P[i]$
+works in parallel
+does not reveal patterns
+
+Pad is a sequence of identical bytes, each indicating the length (in bytes) of the padding
+
+Stream Cipher
+
+Onetime pad advatnage:
+- each bit of the ciphertext is random
+- fully secure if key used only once
+
+Disadvantages:
+- key as large as plaintext
+- key cannot be reused
+
+Key stream:
+- pseudorandom bit sequence generated from a key K
+- (generated on demand, one bit / block at a time)
+
+Stream Cipher
+XOR the plaintext with the key stream
+
+Advantages:
+- Fixed length secrey key
+- plaintext can have any length
+- incremental encryption and decryption
+- works for packets sent over an unreliable channel
+
+but:
+- stream cannot be reused
+
+KEy stream generations:
+- Use a block E_k with block size b
+- Secret key is a pair (k<t) where K is a key an t is a counter with b bits
+Keystream is concat of cipher texts
+
+Advantages:
+- simple, fast
+
+Disadvatnage:
+- long streams are not random
+
+Can use initialisation vector, two part key
+(U, V), v is transmitted with cipher text
+
+Repition and Replacement sattacks
+
+Public Key Crypto
+
+same public key goes to many people
+
+slower though
+
+RSA - factoring is hard
+2048 bit or longer keys
+slower than AES
+typically used to encrypt AES keys
+
+Adversary models
+- Ciphertext only:
+	- Sees all ciphertext, nothing else
+- Known plaintext:
+	- knows prt of / format of plaintext messages
+	- and ciphertext
+
+Stronger:
+Chosen plaintext:
+- Adverisary is able to encrypt plaintexts of their choosing and seeing the ciphertext
+Chosen chipertext:
+- Adversary chooses chipertexts an some info is revealed about the decryption
+
+IND-CPA:
+has access to encryption oracle, and polynomialls many pairs, can they gain info on another ciphertext that isn't in the pairs?
+
+IND-CCA:
+access to encrypt and decryption oracle (polynomially bounded), can they learn something about another message not in their pairs?
+
+Digital signature goals:
+- authenticity
+- Unforability
+- Nonrepudiation
+- Integrity
+
+can be done with public keys, e.g. "decrypting" the plaintext M, and thereby gets a signature, can then be checked with encryption
+
+Signing hashes
+either normal, or crypto hashes (crypto preferred, fixed length)
+
+Sig = D_sk(h(M))
+h(M) == E_pk(S)
+
+Security depends on collision resistance and algorithm
+
+You should always _sign_ then _encrypt_
+the public key needs to be of the correct party
+, signer should not be able to deny assosciation with the public key
+
+Digital Signatures in Practice:
+DSA( no longer used)
+RSA DSA
+ECDSA
+
+MAC (message auth codes):
+similar to digital signatures but symmetric
+- does not provide non-repudiation
+	- anyone who can verify the message can also sign it
+- provides guarantee that message comes from certain sender and has not been changed
+
+Unforgeable, integral
+
+CBC-MAC block cipher in cbc mode to encrypt and last cipher block as  MAC
+to do this the Initialisation Vector is set to 0.
+preprend each message with its length
+
+HMAC:
+hash function and shared secret
+H(M||K)
+
+in practice: length extensions attacks for some hash functions
+
+Encrypt then MAC (EtM) should be used
+(E(Messsage), MAC(E(Message)))
+integrity guarantee on cipher and plaintext
+generally recommended order of operations
+
+Mac Then Encrypt (generally not secure)
+same for Mac and Encrypt
+
+Diffie Hellman key exchange:
+x = rand()
+X = f(x)
+
+y = rand()
+Y = f(y)
+
+only Y and X are sent
+
+K = g(x,Y) (for alex)
+K = g(y,X) (for harm)
+
+vulnerable to man in the middle
+
+more concrete
+x = rand()
+X = $g^x \mod p$
+
+y = rand()
+Y = $g^y \mod p$
+
+K = $Y^X\mod p$
+K = $X^Y\mod p$
+as
+K = $g^{xy}\mod p$
+
+Merkle trees:
+useful for proof of membership
+combining of hashes from bottom to top, only one path needed to verify
+
+only root has to be stored locally
+
+how to tell if corrupted?
+all valid certificates are publicly available
+Invalid certs can be detected and revoked.
+
+# lots of password storing stuff going on here, already familiar
+
+Size of password space: multiplication right
+
+short passwords are shit, but adding just a few more characters make it so much better
+
+brute force:
+try all combos
+parallelizable
+
+Dictionary Attacks:
+hash and password maps that are precomputed for fast look up
+
+intelligent guessing methods:
+try first N
+dictionaryies, words, names place, dates
+combinations of above
+replace, interspace, digits inside
+
+Secret Sharing
+a t out of n secret sharing scheme
+
+- Shares returns s_1, s_2, ... s_n
+- Recover (s_k, ... , s_k+t-1) returns s
+
+for any subset S_t of Shares of size t
+Recover (S_t) = s
+if less than t, nothing can be learnt about s
+*formula on slides*
+
+applications
+- messaging
+- secure computing on the cloud
+- private keys
+	- when not supposed to be on server
+- secret sharing
+	- help in recovery with other people
+
+crypto applications for this
+key protects assets
+
+also used in DNS
+DNSSEC usies auth to protecting against attacks, master key needs to be able to be recovered. 5 needed, 7 hold.
+
+
+Anon networks
+VPN
+Onion routing, through multiple nodes, peeling one at a time
+
+layered encryption
+header: next node
+payloaD: message for next node, encrypted for relays
+decrypt and foward to next node
+
+privacy goal: support anon communication
+recipient does not know sneder
+admin cannot link sender to recipient
+eavesdropper cannot link them
+
+censoring techniques
+DNS blacklist
+IP blacklist
+keyword blacklist in urls or stuff
+
+TOR:
+advantages:
+- tunnel allows it to work with any protocol
+- three nodes of proxy at least, make it hard to find source
+
+problems:
+- slow
+- exit node?
+- semi fixed infra
+- is suspicious
+
+blocking tor?
+- block directories
+- block all relays
+- make people unable to find it
+
+Trusted-Computing Base (TCB)
+- Kernel and Hardware
+- Must be correct and untampered
+
+threats to that: bugs / vulnerabilities
+backdoors
+rootkits
+
+OS enforcing of access control
+Login Process
+- perform id and auth
+
+reference monitors
+- checks every access to sensitive resources
+- authrorises said access
+
+auditing:
+- registers access control decisions
+
+subjects are software entities
+
+id & auth:
+- something you have (card, token)
+- you know (password, pin)
+- you are (fingerprint, voice etc.)
+- where you are (location, proximity etc.)
+
+by default everything inherits your user ID, which was assigned after login
+user id can be changed
+some exceptions to that
+
+reference monitor can cancel actions that are not allowed
+its a guard
+
+Discretionary Access Control (DAC)
+- owner of an object decides access control policy
+- based on identity, most common for files
+- cannot enforce global
+- easy to implement
+
+access control matrix (ACM)
+, often ends up being sparse af
+which subject on which object maatrix
+
+access control lists (ACLs)
+separate list of actions each subject can perform
+stored with object
+
+U/G/O thing in unix systems is an ACL
+
+capability lists
+list of permitted actions stored with subject
+give permission to perform specific (sometimes priviliged) actions
+
+Mandatory Access Control (MAC)
+- OS Sets the access control policy
+- ensures that org. security policies cannot be overridden by users
+- assign security labels to all objects and subjects (at creation time)
+
+Bell-LaPadula (confidentialty)
+- Top Secret
+- Secret
+- Confidential
+- Unclassified
+
+prevent information from leaking
+write up, read down
+
+cannot share info with less priviliged subjects
+cannot enforce integrity
+hard to handle changes in sec. level
+
+Biba model (untrusted -> high integrity)
+read up, write down
+protect system processes against malicious user processes
+
+high integrity can't get anything from low integrity
+cannot enforce confidentiality
+cannot handle changes in integrity levels
+
+reference monitors check:
+- process & thread objects
+	- creating processes, stopping them, sending signals, scheduling policies, debugging etc.
+- file / directory objects
+	- creating / deleting/ reading/ writing objects
+- IPC and device objects (sockets, pipes, message queues etc.)
+- user / group info / credentials
+
+setuid / setgid binaries => launch with uid/gid of their owners e.g. login process must be able to see user / password info
+
+servers / browsers -> interact with untrusted stuff, less priviliged
+
+superuser process, bypasses all checks
+priviliged processes are part of the trusted computing base
+
+# database security
+
+SQL injection:
+- bypass protectings by executing unauthorised queries by injecting SQL code into database
+
+blind sql injection
+- when code not available
+- may be learned through returned error messages
+- prohibit display of error messages
+	- doesn't make it disappear, but a lot harder
+
+input sanitisation
+- escaping potentially malicious characters, stuff like quotes, newlines, returns or null characters
+
+sanitising can be tricky, for example because of different text encodings
+
+second-order SQL injection
+sanitised input / unsanistised input being reused and causing issues
+
+
+prepared statements
+- SQL statements with ? placeholders
+- provide values that replace placeholders
+
+best practice for new applications, modifying existing ones
+generally safe from injections
+, separation of code and data
+values replacing placeholders always treated as data
+
+potential vulnerabilities when
+prepared statement is itself built from user input
+or calls queries from library
+
+reject inputs that yield atypical queries and toutput, determine norms
+
+## memory error
+bugs in the way we handle memory in memory unsafe languages
+memory error is when a program access memory that it should not : violating memory safety
+
+we focus on buffer under and overflows
+writing out of boundary of a buffer, spatial violation
+cause:
+insufficient input checks / wrong assumptions about input
+unchecked buffer size
+integer overflows / underflows
+
+underflows:
+other direction otherwise the same
+
+off-by-one errors also cause issues here
+
+write: corrupt memory
+read: leak memory
+
+these are vulnerabilities of input can trigger them
+
+can be used for code injection
+code injection is possible because there is a memory area that is both writable and executable
+, we can eliminate that using the MMU and paging
+and page permissions
+non excutable stack also helps - widely adopted today
+
+code re-use is still a thing
+
+this works a lot of the time because so far we assumed a fixed layout
+ASLR - adress space layout randomisation
+now they have to guess locations, making it a lot harder
+base addresses are randomly selected from within predetermined ranges, libraries are loaded in the gaps
+
+fuzzing
+find bugs in programs by feeding it large amounts of automatically generated inputs
+program is run on each input, and each run is monitored
+
+common fuzzing strats:
+- mutation based, randomy mutate test cases
+- generated based, generate based on the grmamar of the input format
+- cover-guided: measure code coverage of test cases to guide fuzzing
+
+used for security and relaibility
+
+Malware types:
+- virses
+- worms
+- rootkits
+- keyloggers
+- trojan horses
+- ransomware
+- dialers
+- droppers
+- spyware
+- adware
+- backdoors
+
+infection vector vs. payload
+
+infection vector:
+vulnerability the malware exploits to infect a host
+the method the malware uses to propagatae
+
+payload:
+the actions the malware takes after infecting
+
+infection vectors:
+- compromised legit sites
+- IOT devices
+- email, phishing and spamming
+- installed by user
+- malware anti malware
+- scareware
+- drive-by download, no interaction required
+
+virus vs worm
+virus: attaches itself to exec files and transfer from one system to other
+
+worm:
+malicious standalone program that replicates itself and can spread to different machines, usually via a network
+
+worms can use hit-list, pregenerated list of potential targets
+
+rootkits:
+modifies the OS to hide its existence
+
+ransomware:
+encrypts your data, ransom in excahnge for key
+
+backdoor:
+bypass normal security measures
+
diff --git a/University/Computer Security/Cheatsheet (shortened, draft) (for me).md b/University/Computer Security/Cheatsheet (shortened, draft) (for me).md
new file mode 100644
index 0000000..780bc22
--- /dev/null
+++ b/University/Computer Security/Cheatsheet (shortened, draft) (for me).md	
@@ -0,0 +1,674 @@
+**Firewalls**:
+- Packet Level
+- Application Level
+- Stateful inspection
+- Circuit-level
+	- relays application layer data between user and app
+	- does not parse contents, determines which connections are allowed
+
+There are _hardware_ and _software_ firewalls
+Hardware tends to be faster, safer and more expensive
+
+**Threat Model**:
+	A strategic framework that identifier potential attacks and adversaries
+
+## Types of Threat Actors
+| Threat Actor     | Motivation           |
+| ---------------- | -------------------- |
+| Cybercriminal    | Profit               |
+| Nation State     | Geopolitical         |
+| Terrorist Groups | Ideological Violence |
+| Thrill-Seeker    | Satisfaction         |
+| Insider Threats  | Discontent           |
+| Hackers          | Variable             |
+
+**Coordinated Vulnerability Disclosure (CVD)**:
+	CVD is an ethical practice where security researchers or individuals who discover a vulnerability responsibly report it 
+
+**Cyber Kill Chain**:
+	1. Recon
+	2. Weaponisation
+	3. Delivery
+	4. Exploitation
+	5. Installation
+	6. Command and Control (C2)
+	7. Actions on Objectives
+
+Detecting Criminals can be based on multiple things:
+1. Hash Values
+2. IP Addresses
+3. Domain Names
+4. Network / Host Artifacts
+5. Tools
+6. Tactics, Techniques and Procedures
+
+Defense in Depth: cybersec. strategy that involves deploying multiple layers of security (layered security)
+
+Usable Security: If your security is not very usable this can pose its own security risks.
+
+CIA Triad:
+	The CIA Triad contains the three security essential goals in Cyber Security
+		1. Confidentiality
+		2. Integrity
+		3. Availability
+
+Confidentiality can be achieved with:
+- Encryption
+- Access Control Systems
+- Policies an Governance
+
+Integrity with:
+- Data validation
+- Change Management and Version Control
+
+Availability:
+- Redundancy and failover
+- Load balancing
+- Monitoring and alerting
+
+# Physical Layer
+**Access Control**:
+	Only the people that should have authorised access, should be able to go there.
+
+Physical Security includes things like: wiretaps etc. but also EMI and pests.
+
+**Data Diodes**:
+	Things that allow data to only flow one way.
+
+**Guided Medium**:
+	A communication channel where the signals are guided along a physical path. e.g. calbes
+
+**Unguided Medium**:
+	Refers to a communication channels where the signals propagate freely through the air or space. E.g. Radio.
+	Controlled via direction and range
+
+**Spoofing**:
+	In the case of IP Spoofing, making a server's response to go someone else, not you.
+**Denial of Service**: 
+	An Attack that floods a victim's network with traffic, making it unavailable
+- Volumetric Attack (loads of stuff)
+- Protocol Attacks (break the protocol in some way)
+- Application Layer Attacks (target specific apps)
+
+**Volumetric**:
+	Amplification Attack: Use an intermediary that returns a large response, done with DNS and UDP
+
+**Protocol**:
+	TCP SYN Flood is a common protocol attack
+	Occupy memory space by never sending the 'ACKS' to finish. Fix: Don't use memory to keep state.
+
+**Application layer attack**: 
+	HTTP Flood - Cannot be spoofed. Requests a lot of large files.
+
+How to mitigate DDoS attacks:
+- Redundant network infrastructure (no single point of failure)
+- Traffic filtering
+- Content Delivery Networks (distribute and cache content)
+- Web Application Firewalls (try to identify malicious traffics)
+
+**Intrusion Detection System (IDS)**:
+- Host-Based
+- Network-Based
+
+- Heuristic
+- Signature
+- Anomaly (Determine what "normal data" is)
+	- Can be detected with statistics
+	- or knowledge
+	- or machine-learning
+
+**SPAN ports**: 
+	On switch to monitor things
+
+**Goals of a honeypot**:
+- Divert attackers
+- Collect info about attackers
+- Alert administrators of strange behaviour
+
+**TLS / SSL**:
+	Client Hello ->
+	ServerHello, Certificate, ServerHellDone <-
+	ClientKeyExchange, ChangeCipherSpec, Finished ->
+	ChangeChiperSpec, Finished <-
+
+**DNS Poisoning**: 
+	inserting a fake response
+
+**DNSSEC** does not encrypt DNS but protects integrity
+Creates a chain of trust to root server
+
+**SPF (Sender-Policy Framework)**:
+	Allows domain owners to specify which servers are authorized to send mail using the domain (using a TXT record)
+
+**DomainKeys Identified Mail (DKIM)**:
+	is designed to sign the email on a domain-level and distribute the key via DNS
+
+# Cryptography
+Cryptography ensures the _confidentiality_ and _integrity_ of the message
+Kerckhoff's principle
+> The security provided by an encryption system should not depend on the secrecy of the system, but only on the secrecy of the key.
+
+For Symmetric: Key sharing, would need quadratic number of keys for every pair, has to be unique.
+
+**One-Time Pad**:
+	Key: Sequence of random bits same length as plaintext
+	XOR Key and plaintext
+	Decryption is simply XOR Key and Cipher
+Advantages:
+- each bit of the ciphertext is random
+- Fully secure if key only used once
+Disadvatange:
+- Key as large as plaintext
+- Cannot be reused
+
+If the randomness is imperfect then, well shit
+
+Modern Symmetric Encryption:
+DES (Data Encryption Standard) Key: 56 bits
+
+**AES (Advanced Encryption Standard)**
+	Key: 128, 192 or 256 bits. (Exhaustive search not yet possible)
+
+Cryptographic Hash Functions:
+- Short Output
+- One-way
+- Collision Resistance
+- Public Function (no secret key)
+- Can only be brute-forced
+
+SHA-2 224, 256, 384, 512 bits 
+SHA-3 Keccak (224, 256, 284, 512 bits)
+(not widely used)
+
+Birthday attack:
+- about 2^(b/2) tries (b = number of bits of hash function) to find a collision
+
+**Entropy**:
+Experiment E, some output $e_i$
+$$I(E=e_i)=log_2 \left( \frac{1}{p(e_i)}\right)$$
+Higher probability -> Less Information
+(Measured in bits)
+Roll a 20-sided die and land on 9 or 19:
+	Log(20/2) = 3.32 bits
+
+Average value of information we obtain by learning the result of Experiment E with outcomes $e_0, e_1, ..., e_{n-1}$
+$$H(E)=\sum_{i=0}^{n-1} p(e_i)log_2\left(\frac{1}{p(e_i)}\right)$$
+**Block Cipher**:
+	A symmetric encryption scheme for messages (blocks) of a given fixed length
+	Length of block indepedent from key-length
+	AES is block cipher that operates on 128 bit blocks
+
+**ECB (Electronic Code Book) Mode**:
+	When plaintext is longer than block size b
+	Partition plaintext P into seq of m blocks n / b < m
+
+ECB Mode
+- Assume n is a multiple of b
+- $C[i] = E_k(P[i])$
+(encrypt every block)
+**! WARNING !**: documents and images not suitable for ECB (better for random strings)
+
+**Cipher Block Chaining (CBC) Mode**:
+	Previous ciphertext block combined with current plaintext block
+	$C[i]=E_k(C[i-1]\oplus P[i])$
+	V is the initialisation vector for the first one
+
+Works well with any input plaintext
+Can't parallelize
+Bad when data lost
+
+**Counter Mode (CM)**:
+- Counter t
+	$C[i] = E_k(t+i)\oplus P[i]$
+	works in parallel
+	does not reveal patterns
+
+Pad is a sequence of identical bytes, each indicating the length (in bytes) of the padding
+
+**Stream Cipher**:
+Key stream:
+- Pseudorandom bit sequence generated from a key K
+- (generated on demand, one bit / block at a time)
+- XOR the plaintext with the key stream
+
+Advantages:
+- Fixed length secret key
+- Plaintext can have any length
+- Incremental encryption and decryption
+- Works for packets sent over an unreliable channel
+
+But:
+- stream cannot be reused
+
+Key stream generations:
+- Use a block $E_k$ with block size b
+- Secret key is a pair (k<t) where K is a key an t is a counter with b bits
+Keystream is concat of cipher texts
+
+Advantages:
+- simple, fast
+
+Disadvantage:
+- long streams are not random
+
+Can use initialisation vector, two part key
+(U, V), v is transmitted with cipher text
+
+Repetition and Replacement attacks
+
+**Public Key Crypto**:
+	same public key goes to many people
+	slower though
+
+**RSA**: 
+	Factoring is hard principle
+	Typically used to encrypt AES keys
+
+**Adversary models**:
+- Ciphertext only:
+	- Sees all ciphertext, nothing else
+- Known plaintext:
+	- knows prt of / format of plaintext messages
+	- and ciphertext
+
+Stronger:
+Chosen plaintext:
+- Adverisary is able to encrypt plaintexts of their choosing and seeing the ciphertext
+Chosen chipertext:
+- Adversary chooses chipertexts an some info is revealed about the decryption
+
+IND-CPA:
+has access to encryption oracle, and polynomialls many pairs, can they gain info on another ciphertext that isn't in the pairs?
+
+IND-CCA:
+access to encrypt and decryption oracle (polynomially bounded), can they learn something about another message not in their pairs?
+
+Digital signature goals:
+- authenticity
+- Unforability
+- Nonrepudiation
+- Integrity
+
+can be done with public keys, e.g. "decrypting" the plaintext M, and thereby gets a signature, can then be checked with encryption
+
+Signing hashes
+either normal, or crypto hashes (crypto preferred, fixed length)
+
+Sig = D_sk(h(M))
+h(M) == E_pk(S)
+
+Security depends on collision resistance and algorithm
+
+You should always _sign_ then _encrypt_
+the public key needs to be of the correct party
+, signer should not be able to deny assosciation with the public key
+
+Digital Signatures in Practice:
+DSA( no longer used)
+RSA DSA
+ECDSA
+
+MAC (message auth codes):
+similar to digital signatures but symmetric
+- does not provide non-repudiation
+	- anyone who can verify the message can also sign it
+- provides guarantee that message comes from certain sender and has not been changed
+
+Unforgeable, integral
+
+CBC-MAC block cipher in cbc mode to encrypt and last cipher block as  MAC
+to do this the Initialisation Vector is set to 0.
+preprend each message with its length
+
+HMAC:
+hash function and shared secret
+H(M||K)
+
+in practice: length extensions attacks for some hash functions
+
+Encrypt then MAC (EtM) should be used
+(E(Messsage), MAC(E(Message)))
+integrity guarantee on cipher and plaintext
+generally recommended order of operations
+
+Mac Then Encrypt (generally not secure)
+same for Mac and Encrypt
+
+Diffie Hellman key exchange:
+x = rand()
+X = f(x)
+
+y = rand()
+Y = f(y)
+
+only Y and X are sent
+
+K = g(x,Y) (for alex)
+K = g(y,X) (for harm)
+
+vulnerable to man in the middle
+
+more concrete
+x = rand()
+X = $g^x \mod p$
+
+y = rand()
+Y = $g^y \mod p$
+
+K = $Y^X\mod p$
+K = $X^Y\mod p$
+as
+K = $g^{xy}\mod p$
+
+Merkle trees:
+useful for proof of membership
+combining of hashes from bottom to top, only one path needed to verify
+
+only root has to be stored locally
+
+how to tell if corrupted?
+all valid certificates are publicly available
+Invalid certs can be detected and revoked.
+
+# lots of password storing stuff going on here, already familiar
+
+Size of password space: multiplication right
+
+short passwords are shit, but adding just a few more characters make it so much better
+
+brute force:
+try all combos
+parallelizable
+
+Dictionary Attacks:
+hash and password maps that are precomputed for fast look up
+
+intelligent guessing methods:
+try first N
+dictionaryies, words, names place, dates
+combinations of above
+replace, interspace, digits inside
+
+Secret Sharing
+a t out of n secret sharing scheme
+
+- Shares returns s_1, s_2, ... s_n
+- Recover (s_k, ... , s_k+t-1) returns s
+
+for any subset S_t of Shares of size t
+Recover (S_t) = s
+if less than t, nothing can be learnt about s
+*formula on slides*
+
+applications
+- messaging
+- secure computing on the cloud
+- private keys
+	- when not supposed to be on server
+- secret sharing
+	- help in recovery with other people
+
+crypto applications for this
+key protects assets
+
+also used in DNS
+DNSSEC usies auth to protecting against attacks, master key needs to be able to be recovered. 5 needed, 7 hold.
+
+
+Anon networks
+VPN
+Onion routing, through multiple nodes, peeling one at a time
+
+layered encryption
+header: next node
+payloaD: message for next node, encrypted for relays
+decrypt and foward to next node
+
+privacy goal: support anon communication
+recipient does not know sneder
+admin cannot link sender to recipient
+eavesdropper cannot link them
+
+censoring techniques
+DNS blacklist
+IP blacklist
+keyword blacklist in urls or stuff
+
+TOR:
+advantages:
+- tunnel allows it to work with any protocol
+- three nodes of proxy at least, make it hard to find source
+
+problems:
+- slow
+- exit node?
+- semi fixed infra
+- is suspicious
+
+blocking tor?
+- block directories
+- block all relays
+- make people unable to find it
+
+Trusted-Computing Base (TCB)
+- Kernel and Hardware
+- Must be correct and untampered
+
+threats to that: bugs / vulnerabilities
+backdoors
+rootkits
+
+OS enforcing of access control
+Login Process
+- perform id and auth
+
+reference monitors
+- checks every access to sensitive resources
+- authrorises said access
+
+auditing:
+- registers access control decisions
+
+subjects are software entities
+
+id & auth:
+- something you have (card, token)
+- you know (password, pin)
+- you are (fingerprint, voice etc.)
+- where you are (location, proximity etc.)
+
+by default everything inherits your user ID, which was assigned after login
+user id can be changed
+some exceptions to that
+
+reference monitor can cancel actions that are not allowed
+its a guard
+
+Discretionary Access Control (DAC)
+- owner of an object decides access control policy
+- based on identity, most common for files
+- cannot enforce global
+- easy to implement
+
+access control matrix (ACM)
+, often ends up being sparse af
+which subject on which object maatrix
+
+access control lists (ACLs)
+separate list of actions each subject can perform
+stored with object
+
+U/G/O thing in unix systems is an ACL
+
+capability lists
+list of permitted actions stored with subject
+give permission to perform specific (sometimes priviliged) actions
+
+Mandatory Access Control (MAC)
+- OS Sets the access control policy
+- ensures that org. security policies cannot be overridden by users
+- assign security labels to all objects and subjects (at creation time)
+
+Bell-LaPadula (confidentialty)
+- Top Secret
+- Secret
+- Confidential
+- Unclassified
+
+prevent information from leaking
+write up, read down
+
+cannot share info with less priviliged subjects
+cannot enforce integrity
+hard to handle changes in sec. level
+
+Biba model (untrusted -> high integrity)
+read up, write down
+protect system processes against malicious user processes
+
+high integrity can't get anything from low integrity
+cannot enforce confidentiality
+cannot handle changes in integrity levels
+
+reference monitors check:
+- process & thread objects
+	- creating processes, stopping them, sending signals, scheduling policies, debugging etc.
+- file / directory objects
+	- creating / deleting/ reading/ writing objects
+- IPC and device objects (sockets, pipes, message queues etc.)
+- user / group info / credentials
+
+setuid / setgid binaries => launch with uid/gid of their owners e.g. login process must be able to see user / password info
+
+servers / browsers -> interact with untrusted stuff, less priviliged
+
+superuser process, bypasses all checks
+priviliged processes are part of the trusted computing base
+
+# database security
+
+SQL injection:
+- bypass protectings by executing unauthorised queries by injecting SQL code into database
+
+blind sql injection
+- when code not available
+- may be learned through returned error messages
+- prohibit display of error messages
+	- doesn't make it disappear, but a lot harder
+
+input sanitisation
+- escaping potentially malicious characters, stuff like quotes, newlines, returns or null characters
+
+sanitising can be tricky, for example because of different text encodings
+
+second-order SQL injection
+sanitised input / unsanistised input being reused and causing issues
+
+
+prepared statements
+- SQL statements with ? placeholders
+- provide values that replace placeholders
+
+best practice for new applications, modifying existing ones
+generally safe from injections
+, separation of code and data
+values replacing placeholders always treated as data
+
+potential vulnerabilities when
+prepared statement is itself built from user input
+or calls queries from library
+
+reject inputs that yield atypical queries and toutput, determine norms
+
+## memory error
+bugs in the way we handle memory in memory unsafe languages
+memory error is when a program access memory that it should not : violating memory safety
+
+we focus on buffer under and overflows
+writing out of boundary of a buffer, spatial violation
+cause:
+insufficient input checks / wrong assumptions about input
+unchecked buffer size
+integer overflows / underflows
+
+underflows:
+other direction otherwise the same
+
+off-by-one errors also cause issues here
+
+write: corrupt memory
+read: leak memory
+
+these are vulnerabilities of input can trigger them
+
+can be used for code injection
+code injection is possible because there is a memory area that is both writable and executable
+, we can eliminate that using the MMU and paging
+and page permissions
+non excutable stack also helps - widely adopted today
+
+code re-use is still a thing
+
+this works a lot of the time because so far we assumed a fixed layout
+ASLR - adress space layout randomisation
+now they have to guess locations, making it a lot harder
+base addresses are randomly selected from within predetermined ranges, libraries are loaded in the gaps
+
+fuzzing
+find bugs in programs by feeding it large amounts of automatically generated inputs
+program is run on each input, and each run is monitored
+
+common fuzzing strats:
+- mutation based, randomy mutate test cases
+- generated based, generate based on the grmamar of the input format
+- cover-guided: measure code coverage of test cases to guide fuzzing
+
+used for security and relaibility
+
+Malware types:
+- virses
+- worms
+- rootkits
+- keyloggers
+- trojan horses
+- ransomware
+- dialers
+- droppers
+- spyware
+- adware
+- backdoors
+
+infection vector vs. payload
+
+infection vector:
+vulnerability the malware exploits to infect a host
+the method the malware uses to propagatae
+
+payload:
+the actions the malware takes after infecting
+
+infection vectors:
+- compromised legit sites
+- IOT devices
+- email, phishing and spamming
+- installed by user
+- malware anti malware
+- scareware
+- drive-by download, no interaction required
+
+virus vs worm
+virus: attaches itself to exec files and transfer from one system to other
+
+worm:
+malicious standalone program that replicates itself and can spread to different machines, usually via a network
+
+worms can use hit-list, pregenerated list of potential targets
+
+rootkits:
+modifies the OS to hide its existence
+
+ransomware:
+encrypts your data, ransom in excahnge for key
+
+backdoor:
+bypass normal security measures
diff --git a/Pasted image 20250416221155.png b/University/Computer Security/Pasted image 20250416221155.png
similarity index 100%
rename from Pasted image 20250416221155.png
rename to University/Computer Security/Pasted image 20250416221155.png
diff --git a/Pasted image 20250416221211.png b/University/Computer Security/Pasted image 20250416221211.png
similarity index 100%
rename from Pasted image 20250416221211.png
rename to University/Computer Security/Pasted image 20250416221211.png
-- 
2.54.0