1 Network Security By Alan S H Lam 2003/7/29. 2 Outlines Threat and Attack trends Attackers’ Activities (live demo) Forensic Tools (live demo) IT-Related.

Slides:



Advertisements
Similar presentations
Network Vulnerabilities and Attacks Dr. John Abraham UTPA.
Advertisements

Guide to Computer Forensics and Investigations1 Network Forensics Overview Network forensics –Systematic tracking of incoming and outgoing traffic To ascertain.
Improving Cybersecurity Through Research & Innovation Dr. Steve Purser Head of Technical Competence Department European Network and Information Security.
Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
Data Center Security Overview Dr. Natheer Khasawneh Ziad BashaBsheh.
The development of Internet A cow was lost in Jan 14th If you know where it is, please contact with me. My QQ number is QQ is one of the.
CHAPTER 2 KNOW YOUR VILLAINS. Who writes it: Malware writers vary in age, income level, location, social/peer interaction, education level, likes, dislikes.
1 No Silver Bullet : Inherent Limitations of Computer Security Technologies Jeffrey W. Humphries Texas A&M University.
1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?
Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.
Simulation and Analysis of DDos Attacks Poongothai, M Department of Information Technology,Institute of Road and Transport Technology, Erode Tamilnadu,
IT Security Doug Brown Jeff Bollinger. What is security? P.H.P. People Have Problems Security is the mitigation and remediation of human error in information.
Use of Honey-pots to Detect Exploited Systems Across Large Enterprise Networks Ashish Gupta Network Security May 2004
Copyright © 2002 Pearson Education, Inc. Slide 5-1 PERTEMUAN 8.
UNCLASSIFIED Secure Indirect Routing and An Autonomous Enterprise Intrusion Defense System Applied to Mobile ad hoc Networks J. Leland Langston, Raytheon.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
100% Security “ The only system which is truly secure is one which is switched off and unplugged, locked in a titanium lined safe, buried in a concrete.
DDos Distributed Denial of Service Attacks by Mark Schuchter.
Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.
Internet Relay Chat Chandrea Dungy Derek Garrett #29.
BOTNETS & TARGETED MALWARE Fernando Uribe. INTRODUCTION  Fernando Uribe   IT trainer and Consultant for over 15 years specializing.
Botnets Uses, Prevention, and Examples. Background Robot Network Programs communicating over a network to complete a task Adapted new meaning in the security.
Cybercrime Outlook on African banks Adwo Heintjes Global Head IT Audit & Ops Rabobank.
Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.
R. FRANK NIMS MIDDLE SCHOOL A BRIEF INTRODUCTION TO VIRUSES.
APA of Isfahan University of Technology In the name of God.
Botnets An Introduction Into the World of Botnets Tyler Hudak
NETWORK THREAT REVIEW. Page 2 Agenda In this section Network threats Worms Hackers Security holes Social engineering.
Outline  Infections  1) r57 shell  2) rogue software  What Can We Do?  1) Seccheck  2) Virus total  3) Sandbox  Prevention  1) Personal Software.
13Computer Intrusions Dr. John P. Abraham Professor UTPA.
Attacks on Computer Systems
B OTNETS T HREATS A ND B OTNETS DETECTION Mona Aldakheel
Computer Science and Engineering 1 Csilla Farkas Associate Professor Center for Information Assurance Engineering Dept. of Computer Science and Engineering.
Lecture 10 Intrusion Detection modified from slides of Lawrie Brown.
Internet Security facilities for secure communication.
Network Security Introduction Some of these slides have been modified from slides of Michael I. Shamos COPYRIGHT © 2003 MICHAEL I. SHAMOS.
Computer & Network Security
Introduction to ITE Chapter 9 Computer Security. Why Study Security?  This is a huge area for computer technicians.  Security isn’t just anti-virus.
Denial-of-Service Attacks Justin Steele Definition “A "denial-of-service" attack is characterized by an explicit attempt by attackers to prevent legitimate.
--Harish Reddy Vemula Distributed Denial of Service.
Attack Vectors and Mitigations. Attack Vectors ? Network Security2T. A. Yang
Trojan Virus By Forbes and Mark. What is a Trojan virus Trojans are malicious programs that perform actions that have not been authorised by the user.
EAST HARDIN MIDDLE SCHOOL MR. ERVIN Internet Safety Policy and Acceptable Use Procedures.
Computer Defining denial of service, worm, virus and hoax. Examples of negligence or incompetence that leads to crime. CI R M E By: Megan Price.
Denial of Service (DoS) DoS attacks are aggressive attacks on an individual computer or groups of computers with the intent to deny services to intended.
Distributed Denial of Service Attacks Shankar Saxena Veer Vivek Kaushik.
1 Computer Crime Often defies detection Amount stolen or diverted can be substantial Crime is “clean” and nonviolent Number of IT-related security incidents.
Denial of Service Sharmistha Roy Adversarial challenges in Web Based Services.
1 HoneyNets, Intrusion Detection Systems, and Network Forensics.
4061 Session 26 (4/19). Today Network security Sockets: building a server.
Malicious Software.
Pacific Northwest Digital Government Summit Security – How Much is Enough? June 20, 2006 SA Kenneth A. Schmutz.
Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Network Forensics - III November 3, 2008.
A Case Study on Computer Worms Balaji Badam. Computer worms A self-propagating program on a network Types of Worms  Target Discovery  Carrier  Activation.
DoS/DDoS attack and defense
1 Modeling, Early Detection, and Mitigation of Internet Worm Attacks Cliff C. Zou Assistant professor School of Computer Science University of Central.
Computer Security By Duncan Hall.
Web Application (In)security Note: Unless noted differently, all scanned figures were from the textbook, Stuttard & Pinto, 2011.
An Evening with Berferd Bill Cheswick, USENIX 1990 Presented by Chris Grier.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Page 1 Viruses. Page 2 What Is a Virus A virus is basically a computer program that has been written to perform a specific set of tasks. Unfortunately,
CIW Lesson 8 Part B. Malicious Software application that installs hidden services on systems term for software whose specific intent is to harm computer.
1  Carnegie Mellon University Overview of the CERT/CC and the Survivable Systems Initiative Andrew P. Moore CERT Coordination Center.
Network Security SUBMITTED BY:- HARENDRA KUMAR IT-3 RD YR. 1.
Network Security Lab Jelena Mirkovic Sig NewGrad presentantion.
Common System Exploits Tom Chothia Computer Security, Lecture 17.
Internet Worm propagation
Forensics Week 12.
Intrusion Detection system
Internet Security by Alan S H Lam 2019/4/9.
Presentation transcript:

1 Network Security By Alan S H Lam 2003/7/29

2 Outlines Threat and Attack trends Attackers’ Activities (live demo) Forensic Tools (live demo) IT-Related Laws in HK Q & A You can review this presentation material at

3 Sophistication VS Population Source: CERT

4 Less Knowledge Required to Attack Source: Symantec

5 Vulnerabilities reported Source: CERT

6 Incidents reported Source: CERT As both the number of internet users grows and the intruder tools become more sophisticated as well as easy to use, more people can become “ successful ” intruders.

7 Vulnerability Exploit Cycle (1) Source: CERT

8 Vulnerability Exploit Cycle (2)

9 Vulnerability Exploit Cycle (3) For some vulnerabilities, there may be a resurgence in its exploitation

10 Typical Network Attack Source: CERT

11 Attack Trends (1) 1. Automation; speed of attack tools Scanning for potential victims. Compromising vulnerable systems. Propagate the attack. Coordinated management of attack tools. 2. Increasing sophistication of attack tools Anti-forensics. Dynamic behavior. Modularity of attack tools.

12 Attack Trends (2) 3. Faster discovery of vulnerabilities 4. Increasing permeability of firewalls 5. Increasingly asymmetric threat 6. Increasing threat from infrastructure attacks Distributed denial of service (DDOS) Worms Attacks on the Internet Domain Name System (DNS) Attacks against or using routers

13 The Classic DDoS model

14 DoS Impact to Infrastructure Traffic VS router CPU Loading

15 Attack Trends (3) Potential Impact Denial of service Compromise of sensitive information Misinformation Time and resources diverted from other tasks

16 Our Honeynet Network Infrastructure

17 Attackers ’ Activities (1) Identify/locate the victim by some scanning tools Break-in the victim through system security holes. The following vulnerabilities were used by the hackers to break-in our honeynet. sshd CRC32 Overflow Buffer overflow in openssl WU-FTP RNFR././ attack execve/ptrace race condition

18 Attackers ’ Activities (2) After break-in, the hackers may Install rootkit to setup backdoor, sniffer, or IRC proxy Use victim as a stepping stone to find and attack other victims Fix the victim vulnerability and undo other hackers jobs Send back the victim information through Propagate the attack to other victims. Deface/remove victim web page

19 Forensic Tools scp, dd, tar, nc tcptrace, tcpdump, snort ps, netstat, lsof, fuser, kill -STOP, pcat, ltrace, strace, /dev/kmem /proc directory find, ldd, strings, gbd, od, bvi, icat chkrootkit

20 IT-Related Laws in HK Unauthorized access to computer Access to computer with criminal or dishonest intent Destroying or damaging property Burglary False Accounting Infringement by making available of copies to the public Publishing obscene articles