commit a27ed13652e85d6b85ff7052fb78f2df433b865f parent 5ae828e48b080ada03a7afd795f4dcd278a78001 Author: AndrewLockVI <andrewlaack1@gmail.com> Date: Tue, 21 Jan 2025 15:52:55 -0600 Took notes on first half of computer security reading as well as notes on linear algebra Diffstat:
24 files changed, 323 insertions(+), 6 deletions(-)
diff --git a/definitions/ActiveAttacks.md b/definitions/ActiveAttacks.md @@ -0,0 +1,17 @@ +# Active Attacks + +**Source:** Cryptography and Network Security + +**Chapter:** 1.3 + +## Notes + +**Definition:** Active attacks are attacks that are attacks that manipulate data streams. + + +## Four Categories + +1. Masquerade - Pretending to be someone else +2. Replay - Capturing data and replaying it to produce and unauthorized effect +3. Modification - Changing a portion of transmitted messages +4. Denial of Service - Inhibits normal use of a system diff --git a/definitions/Authentication.md b/definitions/Authentication.md @@ -0,0 +1,19 @@ +# Authentication + +**Source:** Cryptography and Network Security + +**Chapter:** 1.4 + +## Notes + +**Definition:** Authentication is a service to ensure communication is authentic. + +The difference between authentication and authorization is authentication ensures you are who you say you are and authorization ensures you are able to do what you are trying to do. + +### Peer Entity Authentication + +Peer entity authentication ensures the person you are talking to is who they say they are. This ensures masquerading and replay attacks don't work. + +### Data Origin Authentication + +Data origin authentication ensures the data originated from the person who it claims to originate from. Think ensuring an email comes from the person it says it does, this is not ongoing communication, the data is at rest. diff --git a/definitions/Availability.md b/definitions/Availability.md @@ -0,0 +1,9 @@ +# Availability + +**Source:** Cryptography and Network Security + +**Chapter:** 1.1 + +## Notes + +**Definition:** Availability ensures systems work promptly and service is not denied to authorized users. diff --git a/definitions/ComputerSecurity.md b/definitions/ComputerSecurity.md @@ -4,8 +4,48 @@ Main index for notes related to CSCI 370, Computer Security ## Links -### 1.6 - Cryptography +1.1 - Cyber, info, network sec -- [ ] Keyless.md -- [ ] SingleKey.md -- [ ] TwoKey.md +- [Cybersecurity](Cybersecurity.md) +- [InformationSecurity](InformationSecurity.md) +- [NetworkSecurity](NetworkSecurity.md) +- Three key objectives + - [Confidentiality](Confidentiality.md) + - [Integrity](Integrity.md) + - [Availability](Availability.md) +- Sometimes tacked onto these are Authenticity (ensuring who sends stuff) and Accountability (allows tracing issues). +- [NonRepudation](NonRepudation.md) + +1.2 - OSI Security Architecture + +- [OSI](OSI.md) + +1.3 - Security Attacks + +- [PassiveAttacks](PassiveAttacks.md) +- [ActiveAttacks](ActiveAttacks.md) + +1.4 - Security Services (ways to support requirements of CIA triad) + +- [Authentication](Authentication.md) +- [Nonrepudation](Nonrepudation.md) +- (Data) [Integrity](Integrity.md) +- [Availability](Availability.md) (service) + +1.5 - Security Mechanisms + +- Cryptographic Algorithms +- (Data) [Integrity](Integrity.md) +- Digital Signatures +- Authentication Exchange +- Traffic Padding +- Routing Control +- Notarization +- Access Control + +1.6 - Cryptography + +- [Cryptography](Cryptography.md) +- [Keyless](Keyless.md) +- [SingleKey](SingleKey.md) +- [TwoKey](TwoKey.md) diff --git a/definitions/Confidentiality.md b/definitions/Confidentiality.md @@ -0,0 +1,11 @@ +# Confidentiality + +**Source:** Cryptography and Network Security + +**Chapter:** 1.1 + +## Notes + +**Definition:** Confidentiality ensures confidential information is not available to unauthorized individuals and that individuals have control over what information about them may be collected, stored, and disclosed to whom. + +As described above; the two main parts to this are **Data Confidentiality** and **Privacy**. diff --git a/definitions/Cryptography.md b/definitions/Cryptography.md @@ -0,0 +1,11 @@ +# Cryptography + +**Source:** Cryptography and Network Security + +**Chapter:** 1.6 + +## Notes + +**Definition:** Cryptography is the transformation of data from one form to another. + +This can be thought of mathematically as a function. diff --git a/definitions/Cybersecurity.md b/definitions/Cybersecurity.md @@ -0,0 +1,11 @@ +# Cybersecurity + +**Source:** Cryptography and Network Security + +**Chapter:** 1.1 + +## Notes + +**Definition:** Protection of information stored, transmitted, and processed on computing devices. + +Protection encompasses confidentiality, integrity, availability, authenticity, and accountability. diff --git a/definitions/DeepLearning.md b/definitions/DeepLearning.md @@ -30,3 +30,10 @@ Chapter 2 - [Norm](Norm.md) - [L1Norm](L1Norm.md) - [L2Norm](L2Norm.md) +- [MaxNorm](MaxNorm.md) +- [FrobeniusNorm](FrobeniusNorm.md) +- Orthonormal +- OrthogonalMatrix +- EigenDecomposition +- EigenValue +- EigenVector diff --git a/definitions/FrobeniusNorm.md b/definitions/FrobeniusNorm.md @@ -0,0 +1,13 @@ +# Frobenius Norm + +**Source:** Deep Learning + +**Chapter:** 2 + +## Notes + +**Definition:** The Frobenius norm is a norm defined on matricies. This norm is defined as follows: + +||A||_F = sqrt(sum(A^2 for all i,j)) + +Basically, we sum each of the squared indices and then take the sqrt at the end. This is an analog of the L2 norm, but defined for matricies instead of vectors. diff --git a/definitions/InformationSecurity.md b/definitions/InformationSecurity.md @@ -0,0 +1,11 @@ +# Information Security + +**Source:** Cryptography and Network Security + +**Chapter:** 1.1 + +## Notes + +**Definition:** Information security is a subset of cybersecurity which is focused on confidentiality, integrity, and availability of information. + +Despite being described as a subset of cybersecurity by the book, they also concede that it includes physical security, which clearly is not. diff --git a/definitions/Integrity.md b/definitions/Integrity.md @@ -0,0 +1,9 @@ +# Integrity + +**Source:** Cryptography and Network Security + +**Chapter:** 1.1 + +## Notes + +**Definition:** Integrity of data means it is only changed in a specified and authorized manor and integrity of systems means systems perform their intended function in an unimpaired manner, free of manipulation. diff --git a/definitions/Invertible.md b/definitions/Invertible.md @@ -4,4 +4,11 @@ Khan ## Notes -**Definition:** For a matrix A to be invertible there must be another matrix B such that A * B = I where I is the identity matrix. +**Definition:** For a matrix A to be invertible there must be another matrix B such that A * B = I and B * A = I where I is the identity matrix. + +If a matrix has an invenrse then it has a unique inverse. + + +**Proposition:** + +A linear map (matrix) is invertible iff it is injective and surjective (spans the ambient space). diff --git a/definitions/Isomorphic.md b/definitions/Isomorphic.md @@ -0,0 +1,27 @@ +# Isomorphic + +**Source:** Linear Algebra Done Right + +**Chapter:** 3 + +## Notes + +--- + +Linear Algebra: + +**Definition:** Two vector spaces are isomorphic if there is an invertible linear map from one vector space to to other. + +Much the same as below; this invertible linear map can be thought of as a remapping of all elements from one space to another. + +An important note about this is that: + +two vector spaces are of the same dimension <-> they are isomorphic. + +--- + +Discrete Math (Graph Theory) + +**Definition:** Two graphs are isomorphic if there is a function from V -> V_1 where V is the set of vertices of one graph and V_1 is the set of vertices in the other graph such that the edges of the graph are the same under the function. + +This is to say; if there is a mapping of vertices between the two graphs that ensures all edges relationships are maintained in both graphs, then the two are isomorphic. diff --git a/definitions/Keyless.md b/definitions/Keyless.md @@ -0,0 +1,13 @@ +# Keyless (Cryptography) + +**Source:** Cryptography and Network Security + +**Chapter:** 1.6 + +## Notes + +**Definition:** Keyless cryptography is the transformation of data without using encryption keys. + +Such cryptography is not often thought of as cryptography, but it is by the formal definition of cryptography. + +A few examples of keyless cryptography are hash functions and pseudo-random number generation. diff --git a/definitions/LinearAlgebra.md b/definitions/LinearAlgebra.md @@ -35,6 +35,13 @@ Chapter 3: - [NullSpace](NullSpace.md) - [Range](Range.md) - [Invertible](Invertible.md) +- [Isomorphic](Isomorphic.md) + +Gilbert Strang Lectures: + +Lecture 2: + +- [GaussianElimination](GaussianElimination.md) Khan Academy: diff --git a/definitions/MaxNorm.md b/definitions/MaxNorm.md @@ -0,0 +1,11 @@ +# Max Norm + +**Source:** Deep Learning + +**Chapter:** 2 + +## Notes + +**Definition:** Max norm is denoated as L^inf and returns the largest coordinate value of a given vector. + +Given how max norm works, it is sometimes simply stated as max(v) where v is a vector. diff --git a/definitions/NetworkSecurity.md b/definitions/NetworkSecurity.md @@ -0,0 +1,9 @@ +# Network Security + +**Source:** Cryptography and Network Security + +**Chapter:** 1.1 + +## Notes + +**Definition:** Protection of networks and their service. diff --git a/definitions/NonRepudation.md b/definitions/NonRepudation.md @@ -0,0 +1,11 @@ +# Non-repudation + +**Source:** Cryptography and Network Security + +**Chapter:** 1.1 + +## Notes + +**Definition:** Non-repudation means that it is irrefutable an action was performed by an individual. + +An example of this is tagging every modification to data such that individuals can not deny it was them who changed it. diff --git a/definitions/Norm.md b/definitions/Norm.md @@ -6,6 +6,6 @@ ## Notes -**Definition:** Norm is a derived value which is defined as follows: +**Definition:** Norm is a function defined as follows: ||v_p|| = sum(|v_i|^p)^1/p where p > 0 diff --git a/definitions/OSI.md b/definitions/OSI.md @@ -0,0 +1,23 @@ +# OSI (Open Systems Interconnection) + +**Source:** Cryptography and Network Security + +**Chapter:** 1.2 + +## Notes + +**Definition:** OSI is an accepted standard for networking and security. + +Shown below are the security focuses of the OSI model. + +### Security Attacks + +Attacks that compromise information of an organization. + +### Security Mechanisms + +Processes to detect, deter, and resolve security attacks. This includes access control, auth exchange, signatures, etc. + +### Security Service + +A service that enhances the security of data processing systems. Some services are data confidentiality, availability services, authentication, access control, etc. diff --git a/definitions/PassiveAttacks.md b/definitions/PassiveAttacks.md @@ -0,0 +1,11 @@ +# Passive Attacks + +**Source:** Cryptography and Network Security + +**Chapter:** 1.3 + +## Notes + +**Definition:** Passive attacks are attacks that monitor transmissions. + +This is synonymous with eavesdropping. diff --git a/definitions/SingleKey.md b/definitions/SingleKey.md @@ -0,0 +1,27 @@ +# Single Key (Cryptography) + +**Source:** Cryptography and Network Security + +**Chapter:** 1.6 + +## Notes + +**Definition:** Single key cryptography is data transformation that uses only a singular key in the transformation process. + +### Types + +Two common symmetric encryption algorithm types are block cipher and stream cipher. + +#### Block Cipher + +Block cipher symmetric encryption involves getting a block of data with a predefined size and then running an algorithm to transform the data. + +#### Stream Cipher + +Stream cipher symmetric encryption often involves XORing the incoming data with a symmetric key. By doing this we don't need to wait for an entire block before encrypting data. + +#### Message Authentication Code (MAC) + +A MAC is data associated with a block or message. A MAC is used to verify the integrity of a message. + +Define f : (D, k) -> MAC where D is the data and k is the symmetric key. diff --git a/definitions/Singular.md b/definitions/Singular.md @@ -9,3 +9,5 @@ **Definition:** For a matrix to be singular it must be a square matrix with a deteminant of zero. Given this definition, we also see this means the matrix must not be invertible. + +A matrix is singular if it is linearly dependent. diff --git a/definitions/TwoKey.md b/definitions/TwoKey.md @@ -0,0 +1,11 @@ +# Two Key (Cryptography) + +**Source:** Cryptography and Network Security + +**Chapter:**1.6 + +## Notes + +**Definition:** Two key cryptography is data transformation where there are two different keys involved in the process. + +This encompasses public-private key cryptography.