1  Carnegie Mellon University Overview of the CERT/CC and the Survivable Systems Initiative Andrew P. Moore CERT Coordination Center.

Slides:



Advertisements
Similar presentations
High Performance Research Network. Development Lab. / Supercomputing Center 1 Design of the Detection and Response System against DDoS attacks Yoonjoo.
Advertisements

DETECTING A CYBER-ATTACK SOURCE IN REAL TIME R. Romanyak 1), A. Sachenko 1), S. Voznyak 1), G. Connolly 2), G. Markowsky 2) 1) Ternopil Academy of National.
S3-1 © 2001 Carnegie Mellon University OCTAVE SM Process 3 Identify Staff Knowledge Software Engineering Institute Carnegie Mellon University Pittsburgh,
© 2008 Carnegie Mellon University Preventing Insider Threats: Avoiding the Nightmare Scenario of a Good Employee Gone Bad Dawn Cappelli October 31, 2008.
© 2003 Carnegie Mellon University slide 1 Building CSIRT Capabilities and the State of the Practice Georgia Killcrece CSIRT Development Team CERT ® Training.
S2-1 © 2001 Carnegie Mellon University OCTAVE SM Process 2 Identify Operational Area Management Knowledge Software Engineering Institute Carnegie Mellon.
Networked Systems Survivability CERT ® Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA © 2002 Carnegie.
CERT Centers, Software Engineering Institute Carnegie Mellon University Pittsburgh, PA SEI is sponsored by the U.S. Department of Defense ©
© 2001 by Carnegie Mellon University PPA-1 OCTAVE SM : Participants Briefing Software Engineering Institute Carnegie Mellon University Pittsburgh, PA
© Carnegie Mellon University The CERT Insider Threat Center.
CERT Centers, Software Engineering Institute Carnegie Mellon University Pittsburgh, PA SEI is sponsored by the U.S. Department of Defense ©
DHS, National Cyber Security Division Overview
1  Carnegie Mellon University System Security and U. Rich Pethia Software Engineering Institute Carnegie Mellon University Pittsburgh, PA
CERT ® System and Network Security Practices Presented by Julia H. Allen at the NCISSE 2001: 5th National Colloquium for Information Systems Security Education,
1 Telstra in Confidence Managing Security for our Mobile Technology.
Software Security Threats Threats have been an issue since computers began to be used widely by the general public.
S5-1 © 2001 Carnegie Mellon University OCTAVE SM Process 5 Identify Key Components Software Engineering Institute Carnegie Mellon University Pittsburgh,
Intruder Trends Tom Longstaff CERT Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA Sponsored by.
1 Case Study ESTABLISHING NATIONAL CERT By Saleem Al-Balooshi Etisalat - AE.
STATE OF THE PRACTICE OF INTRUSION DETECTION TECHNOLOGIES Presented by Hap Huynh Based on content by SEI.
1 Incident Analysis. 2 Why Incident Analysis? Bad Guys! Threats growing Vulnerabilities Increasing Internet now part of the social fabric Impact of major.
Software Engineering Institute Carnegie Mellon University Pittsburgh, PA Sponsored by the U.S. Department of Defense © 2000 by Carnegie Mellon.
DDos Distributed Denial of Service Attacks by Mark Schuchter.
Cybercrime Outlook on African banks Adwo Heintjes Global Head IT Audit & Ops Rabobank.
Chapter 15: Security (Part 1). The Security Problem Security must consider external environment of the system, and protect the system resources Intruders.
This material is approved for public release. Distribution is limited by the Software Engineering Institute to attendees. Sponsored by the U.S. Department.
This material is approved for public release. Distribution is limited by the Software Engineering Institute to attendees. Sponsored by the U.S. Department.
© 2007 Carnegie Mellon University Secure Coding Initiative Jason A. Rafail Monday, May 14 th, 2007.
UNIT 4 ASSIGNMENT VIRUSES & DESTRUCTIVE PROGRAMS.
Computer Science and Engineering 1 Csilla Farkas Associate Professor Center for Information Assurance Engineering Dept. of Computer Science and Engineering.
© 2001 by Carnegie Mellon University PSM-1 OCTAVE SM : Senior Management Briefing Software Engineering Institute Carnegie Mellon University Pittsburgh,
PREPAREDNESS AND RESPONSE TO CYBER THREATS REQUIRE A CSIRT By Jaco Robertson, Marthie Lessing and Simon Nare*
© 2001 Carnegie Mellon University S8A-1 OCTAVE SM Process 8 Develop Protection Strategy Workshop A: Protection Strategy Development Software Engineering.
Network Security Introduction Some of these slides have been modified from slides of Michael I. Shamos COPYRIGHT © 2003 MICHAEL I. SHAMOS.
1  Carnegie Mellon University Protecting Information Infrastructures Rich Pethia Software Engineering Institute Carnegie Mellon University Pittsburgh,
Viruses & Destructive Programs
Internet Drivers License CSS411/BIS421 Computing Technology & Public Policy Mark Kochanski Spring 2010.
Introduction to Computer Ethics
Larry Clinton Operations Officer Internet Security Alliance
Interception and Analysis Framework for Win32 Scripts (not for public release) Tim Hollebeek, Ph.D.
Networked Systems Survivability CERT ® Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA © 2002 Carnegie.
August Mr. Mike Finley, CISSP Senior Security Engineer Computer Science Corporation.
CERT AM: Securing NREN in Armenia. Armenian NREN ASNET AM – Connecting more than 40 academic institutes of NAS RA and more than 10 other research, educational.
IS Network and Telecommunications Risks Chapter Six.
1 Computer Crime Often defies detection Amount stolen or diverted can be substantial Crime is “clean” and nonviolent Number of IT-related security incidents.
Advanced attack techniques Advanced attack techniques Increased by passing techniques against the existing detection methods such as IDS and anti- virus.
Conficker Update John Crain. What is Conficker? An Internet worm  Malicious code that is self-replicating and distributed over a network A blended threat.
Networked Systems Survivability CERT ® Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA © 2002 Carnegie.
Networked Systems Survivability CERT ® Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA © 2002 Carnegie.
Networked Systems Survivability CERT ® Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA © 2002 Carnegie.
ICANN Strategic Initiatives for Security, Stability and Resiliency - DNS CERT Posted for Public Comment at 1.
CERT Centers, Software Engineering Institute Carnegie Mellon University Pittsburgh, PA SEI is sponsored by the U.S. Department of Defense ©
High Performance Research Network Dept. / Supercomputing Center 1 DDoS Detection and Response System NetWRAP : Running on KREONET Yoonjoo Kwon
1 CREATING AND MANAGING CERT. 2 Internet Wonderful and Terrible “The wonderful thing about the Internet is that you’re connected to everyone else. The.
1 Network Security By Alan S H Lam 2003/7/29. 2 Outlines Threat and Attack trends Attackers’ Activities (live demo) Forensic Tools (live demo) IT-Related.
Financial Sector Cybersecurity R&D Priorities The Members of the FSSCC R&D Committee November 2014.
Servers in the Wild… …and the threats that lurk about. DePaul University Information Security Team TLT Presentation 08 May 2002.
© SYBEX Inc All Rights Reserved. CompTIA Security+ Study Guide (SY0-201) “Chapter 2: Identifying Potential Risks”
Building Global CSIRT Capabilities Barbara Laswell, Ph. D
Computer Security Incidents
WISE 2017 Collaborating Communities
Major Event Response Time Declining
CERT Secure Coding OWASP Education Nishi Kumar Computer based training
Secure Coding Initiative
Cyber Security coordination in Europe CERT-EU’s perspective
Metrics-Focused Analysis of Network Flow Data
Threat Trends and Protection Strategies Barbara Laswell, Ph. D
Computer Security Incidents
Intrusion Detection system
Computer Emergency Response Team
Presentation transcript:

1  Carnegie Mellon University Overview of the CERT/CC and the Survivable Systems Initiative Andrew P. Moore CERT Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA Sponsored by the U.S. Department of Defense

2  Carnegie Mellon University *FFRDC - Federally Funded Research and Development Center

3  Carnegie Mellon University Talk Overview CERT Coordination Center Survivable Systems Initiative Intrusion-Aware Design and Analysis

4  Carnegie Mellon University CERT Coordination Center

The Beginning of the CERT/CC

6  Carnegie Mellon University CERT/CC Mission Respond to security emergencies on the Internet Serve as a focal point for reporting security vulnerabilities and incidents Raise awareness of security issues Serve as a model to help others establish incident response teams

7  Carnegie Mellon University CERT/CC Principles Provide valued services -proactive as well as reactive Ensure confidentiality and impartiality -we do not identify victims but can pass information anonymously and describe activity without attribution -unbiased source of trusted information Coordinate with other organisations and experts -academic, government, corporate -distributed model for incident response teams (coordination and cooperation, not control) Principles

8  Carnegie Mellon University CERT Coordination Center Teams

9  Carnegie Mellon University CERT Vulnerability Handling & Analysis Receives vulnerability reports - forms, , phone calls Verifies and analyzes reports/artifacts - veracity, scope, magnitude, exploitation Works with vulnerability reporters, vendors, experts - understanding and countermeasures Publicizes information about vulnerabilities and countermeasures - vulnerability notes, advisories

10  Carnegie Mellon University CERT Incident Handling & Response Receives reports related to computer security from Internet sites - break-ins, service denial, probes, attempts Provides 24-hr. emergency incident response Analyses report and provides feedback to reporting sites involved - attack method, scope, magnitude, correlation, response Informs Internet community - incident notes, summaries, advisories - assist formation and development of CSIRTs

11  Carnegie Mellon University Recent CERT/CC Experiences ,285 4,9429,859 21,756 52,658 Incidents Handled 3,285 4,9429,859 21,756 52, ,090 2,437 Vulnerabilities reported ,090 2,437 38,40631,93334,612 56, ,907 msgs processed 38,40631,93334,612 56, ,907 CERT Advisories, Vendor Bulletins, and Vul Notes CERT Summaries and Incident Notes

hijacking sessions sniffers packet spoofing GUI intruder tools automated widespread attacks widespread denial-of- service attacks "stealth"/ advanced scanning techniques propagation of malicious code distributed attack tools distributed denial-of- service tools executable code attacks (against browsers) Attack Sophistication vs. Required Intruder Knowledge widespread attacks on DNS infrastructure increase in wide- scale Trojan horse distribution automated probes/ scans Internet social engineering attacks techniques to analyze code for vuls without source widespread attacks using NNTP to distribute attack windows-based remote controllable Trojans (back orifice) Sophistication of attacks Intruder knowledge needed to execute attacks dates indicate major release of tools or widespread use of a type of attack

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.