[ESD] Ahmed Maged - Modern Security Threats

Views:
 
Category: Education
     
 

Presentation Description

No description available.

Comments

Presentation Transcript

Modern Security Threats :

Ahmed Maged December 2010 Modern Security Threats

You will be hacked:

You will be hacked For many years there have been dire sounding warnings that cyber crime/war is coming soon. Many have neglected those predictions; others have approached the topic with academic and even military interest. But what many have failed to realize is that cyber crime/war is already here and the battle is already being waged.

You will be hacked:

You will be hacked Computers and the Internet control a major portion of our lives and we best be prepared to protect ourselves. Wars are won by the geeks and scientists… Welcome to the modern era.

What exactly is the Business/Life Impact:

What exactly is the Business/Life Impact Decrease in productivity Loss of sales revenue Release of unauthorized sensitive data Threat of trade secrets or formulas Compromise of reputation and trust Loss of communications Threat to environmental and safety systems Loss of time

Rationale for Network Security:

Rationale for Network Security The need for security and its growth are driven by many factors: Internet connectivity is 24/7 and is worldwide Increase in cyber crime Impact on business and individuals Proliferation of threats Sophistication of threats

Sophistication of Threats:

Sophistication of Threats

Types of Attacks:

Types of Attacks Structured attack Come from hackers who are more highly motivated and technically competent. These people know system vulnerabilities and can understand and develop exploit code and scripts. They understand, develop, and use sophisticated hacking techniques to penetrate unsuspecting businesses. These groups are often involved with the major fraud and theft cases reported to law enforcement agencies. Unstructured attack Consists of mostly inexperienced individuals using easily available hacking tools such as shell scripts and password crackers. Even unstructured threats that are only executed with the intent of testing and challenging a hacker ’ s skills can still do serious damage to a company.

Types of Attacks:

Types of Attacks External attacks Initiated by individuals or groups working outside of a company. They do not have authorized access to the computer systems or network. They gather information in order to work their way into a network mainly from the Internet or dialup access servers. Internal attacks More common and dangerous. Internal attacks are initiated by someone who has authorized access to the network. According to the FBI, internal access and misuse account for 60 to 80 percent of reported incidents. These attacks often are traced to disgruntled employees.

Types of Attacks:

Types of Attacks Passive Attack Listen to system passwords Release of message content Traffic analysis Data capturing Active Attack Attempt to log into someone else ’ s account Wire taps Denial of services Masquerading Message modifications

Specific Network Attacks:

Specific Network Attacks ARP Attack Brute Force Attack Worms Flooding Sniffers Spoofing Redirected Attacks Tunneling Attack Covert Channels

Software Vulnerabilities:

Software Vulnerabilities Buffer Overflows Stack Overflows Heap Overflows Unvalidated Input Race Conditions Insecure File Operations Protocol Attack Interprocess communication

Denial-of-Service Facts:

Denial-of-Service Facts Commonly used against information stores like web sites Simple and usually quite effective Does not pose a direct threat to sensitive data The attacker tries to prevent a service from being used and making that service unavailable to legitimate users Attackers typically go for high visibility targets such as the web server, or for infrastructure targets like routers and network links Uh-Oh. Another DoS attack!

Types of Denial-of-Service Attacks:

Types of Denial-of-Service Attacks Buffer Overflow Attacks SYN Flood Attack Teardrop Attacks Smurf Attack DNS Attacks Email Attacks Physical Infrastructure Attacks Viruses/Worms

High Profile Bots:

High Profile Bots

Buffer Overflow and Reverse Engineering:

Buffer Overflow and Reverse Engineering The principle of exploiting a buffer overflow is to overwrite parts of memory which aren't supposed to be overwritten by arbitrary input and making the process execute hostile code . Disassembly using a disassembler, meaning the raw machine language of the program is read and understood in its own terms , only with the aid of machine-language mnemonics. This works on any computer program.

What do we do:

What do we do Education Exposure Experience

authorStream Live Help