The University of Adelaide, School of Computer Science

Slides:



Advertisements
Similar presentations
Database Security Policies and Procedures and Implementation for the Disaster Management Communication System Presented By: Radostina Georgieva Master.
Advertisements

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
Some general principles in computer security Tomasz Bilski Chair of Control, Robotics and Computer Science Poznań University.
Copyright © 2008 Accenture All Rights Reserved. Accenture, its logo, and High Performance Delivered are trademarks of Accenture. Andrew Stone Common Security.
The State of Security Management By Jim Reavis January 2003.
©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.
Lecture 11 Reliability and Security in IT infrastructure.
©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.
Security Architecture Dr. Gabriel. Security Database security: –degree to which data is fully protected from tampering or unauthorized acts –Full understanding.
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
1Cisco Security NOW © 2003, Cisco Systems, Inc. All rights reserved. THIS IS THE POWER OF CISCO SECURITY. now.
Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
SEC835 Database and Web application security Information Security Architecture.
“Assuring Reliable and Secure IT Services”. IT Redundancy: Its Value How much reliability to buy? Customer Service impacted as a result of 15 minutes.
Security Architecture
Data Integrity Lesson 12. Skills Matrix Maintaining Data Integrity Maintaining data integrity is your most important responsibility. –Performing backups.
The Beneficent the MERCIFUL In the NAME of. “ASSURING RELIABLE AND SECURE IT SERVICES”
Chapter 1 Overview The NIST Computer Security Handbook defines the term Computer Security as:
ACM 511 Introduction to Computer Networks. Computer Networks.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 1 Security Architecture.
Knowing What You Missed Forensic Techniques for Investigating Network Traffic.
SECURITY Professor Mona Mursi. ENVIRONMENT IT infrastructures are made up of many components, abstractly: IT infrastructures are made up of many components,
Lecture slides prepared for “Computer Security: Principles and Practice”, 3/e, by William Stallings and Lawrie Brown, Chapter 1 “Overview”. © 2016 Pearson.
Features Governmental organization Critically important ICT objects Distributed infrastructure Three levels of confidentiality Dozens of subsidiary organizations.
Security and Assurance in IT organization Name: Mai Hoang Nguyen Class: INFO 609 Professor: T. Rohm.
© 2008 AT&T Intellectual Property. All rights reserved. AT&T and the AT&T logo are trademarks of AT&T Intellectual Property. Cyber Security and the National.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 1 Security Architecture.
Introduction and Overview of Information Security and Policy By: Hashem Alaidaros 4/10/2015 Lecture 1 IS 332.
Slide 1 Security Engineering. Slide 2 Objectives l To introduce issues that must be considered in the specification and design of secure software l To.
Chapter 19: Building Systems with Assurance Dr. Wayne Summers Department of Computer Science Columbus State University
Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
Control and Security Frameworks Chapter Three Prepared by: Raval, Fichadia Raval Fichadia John Wiley & Sons, Inc
Overview of Network Security. Network Security2 New Challenges 1.Security does not focus on a “product” only; it is a process and focuses on the whole.
1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.
THE NEED FOR NETWORK SECURITY Hunar & Nawzad & Kovan & Abdulla & Aram.
IS3220 Information Technology Infrastructure Security
Sicherheitsaspekte beim Betrieb von IT-Systemen Christian Leichtfried, BDE Smart Energy IBM Austria December 2011.
The NIST Special Publications for Security Management By: Waylon Coulter.
Lecturer: Eng. Mohamed Adam Isak PH.D Researcher in CS M.Sc. and B.Sc. of Information Technology Engineering, Lecturer in University of Somalia and Mogadishu.
Successfully Implementing The Information System Systems Analysis and Design Kendall and Kendall Fifth Edition.
Database Principles: Fundamentals of Design, Implementation, and Management Chapter 1 The Database Approach.
Dr. Ir. Yeffry Handoko Putra
Proactive Incident Response
CS457 Introduction to Information Security Systems
Issues and Protections
Cybersecurity - What’s Next? June 2017
Network Security Basics: Malware and Attacks
Chapter 1: Introduction
The University of Adelaide, School of Computer Science
Security in the Workplace: Information Assurance
Service Organization Control (SOC)
Security Engineering.
Wenjing Lou Complex Networks and Security Research (CNSR) Lab
Chapter 19: Building Systems with Assurance
Forensics Week 12.
Cyber Security and the National Broadband Strategy
Unit 1.6 Systems security Lesson 2
Chapter 9 E-Commerce Security and Fraud Protection
INFORMATION SYSTEMS SECURITY and CONTROL
12/6/2018 Honeypot ICT Infrastructure Sashan
Friday, December 07, 2018 Honeypot ICT Infrastructure Sashan Kantonsspital Graubunden ICT Department.
How to Mitigate the Consequences What are the Countermeasures?
IS4680 Security Auditing for Compliance
Computer Science and Engineering
The University of Adelaide, School of Computer Science
The University of Adelaide, School of Computer Science
The University of Adelaide, School of Computer Science
The University of Adelaide, School of Computer Science
The University of Adelaide, School of Computer Science
Chapter 21 Successfully Implementing The Information System
Presentation transcript:

The University of Adelaide, School of Computer Science Cyber Attacks Protecting National Infrastructure, 1st ed. The University of Adelaide, School of Computer Science 24 November 2018 Chapter 1 Introduction Copyright © 2012, Elsevier Inc. All Rights Reserved Chapter 2 — Instructions: Language of the Computer

Copyright © 2012, Elsevier Inc. All rights Reserved The University of Adelaide, School of Computer Science 24 November 2018 Introduction Chapter 1 – Introduction National infrastructure Refers to the complex, underlying delivery and support systems for all large-scale services considered absolutely essential to a nation Conventional approach to cyber security not enough New approach needed Combining best elements of existing security techniques with challenges that face complex, large-scale national services Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 2 — Instructions: Language of the Computer 2

Fig. 1.1 – National infrastructure cyber and physical attacks Chapter 1 – Introduction Copyright © 2012, Elsevier Inc. All rights Reserved

Fig. 1.2 – Differences between small- and large-scale cyber security Chapter 1 – Introduction Copyright © 2012, Elsevier Inc. All rights Reserved

The University of Adelaide, School of Computer Science 24 November 2018 National Cyber Threats, Vulnerabilities, and Attacks Chapter 1 – Introduction Three types of malicious adversaries External adversary Internal adversary Supplier adversary Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 2 — Instructions: Language of the Computer

Copyright © 2012, Elsevier Inc. All rights Reserved Fig. 1.3 – Adversaries and exploitation points in national infrastructure Chapter 1 – Introduction Copyright © 2012, Elsevier Inc. All rights Reserved

The University of Adelaide, School of Computer Science 24 November 2018 National Cyber Threats, Vulnerabilities, and Attacks Chapter 1 – Introduction Three exploitation points Remote access System administration and normal usage Supply chain Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 2 — Instructions: Language of the Computer

The University of Adelaide, School of Computer Science 24 November 2018 National Cyber Threats, Vulnerabilities, and Attacks Chapter 1 – Introduction Infrastructure threatened by most common security concerns: Confidentiality Integrity Availability Theft Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 2 — Instructions: Language of the Computer

Copyright © 2012, Elsevier Inc. All rights Reserved The University of Adelaide, School of Computer Science 24 November 2018 Botnet Threat Chapter 1 – Introduction What is a botnet attack? The remote collection of compromised end-user machines (usually broadband-connected PCs) is used to attack a target. Sources of attack are scattered and difficult to identify Five entities that comprise botnet attack: botnet operator, botnet controller, collection of bots, botnot software drop, botnet target Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 2 — Instructions: Language of the Computer 9

Copyright © 2012, Elsevier Inc. All rights Reserved The University of Adelaide, School of Computer Science 24 November 2018 Botnet Threat Chapter 1 – Introduction Five entities that comprise botnet attack: Botnet operator Botnet controller Collection of bots Botnot software drop Botnet target Distributed denial of service (DDOS) attack: bots create “cyber traffic jam” Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 2 — Instructions: Language of the Computer 10

Fig. 1.4 – Sample DDOS attack from a botnet Chapter 1 – Introduction Copyright © 2012, Elsevier Inc. All rights Reserved

National Cyber Security Methodology Components The University of Adelaide, School of Computer Science 24 November 2018 National Cyber Security Methodology Components Chapter 1 – Introduction Ten basic design and operation principles: Deception – Discretion Separation – Collection Diversity – Correlation Commonality – Awareness Depth – Response Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 2 — Instructions: Language of the Computer 12

Copyright © 2012, Elsevier Inc. All rights Reserved The University of Adelaide, School of Computer Science 24 November 2018 Deception Chapter 1 – Introduction Deliberately introducing misleading functionality or misinformation for the purpose of tricking an adversary Computer scientists call this functionality a honey pot Deception enables forensic analysis of intruder activity The acknowledged use of deception may be a deterrent to intruders (every vulnerability may actually be a trap) Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 2 — Instructions: Language of the Computer 13

Fig. 1.5 – Components of an interface with deception Chapter 1 – Introduction Copyright © 2012, Elsevier Inc. All rights Reserved

Copyright © 2012, Elsevier Inc. All rights Reserved The University of Adelaide, School of Computer Science 24 November 2018 Separation Chapter 1 – Introduction Separation involves enforced access policy restrictions on users and resources in a computing environment Most companies use enterprise firewalls, which are complemented by the following: Authentication and identity management Logical access controls LAN controls Firewalls Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 2 — Instructions: Language of the Computer 15

Fig. 1.6 – Firewall enhancements for national infrastructure Chapter 1 – Introduction Copyright © 2012, Elsevier Inc. All rights Reserved

Copyright © 2012, Elsevier Inc. All rights Reserved The University of Adelaide, School of Computer Science 24 November 2018 Diversity Chapter 1 – Introduction Diversity is the principle of using technology and systems that are intentionally different in substantive ways. Diversity hard to implement A single software vendor tends to dominate the PC operating system business landscape Diversity conflicts with organizational goals of simplifying supplier and vendor relationships Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 2 — Instructions: Language of the Computer 17

Fig. 1.7 – Introducing diversity to national infrastructure Chapter 1 – Introduction Copyright © 2012, Elsevier Inc. All rights Reserved

Copyright © 2012, Elsevier Inc. All rights Reserved The University of Adelaide, School of Computer Science 24 November 2018 Commonality Chapter 1 – Introduction Consistency involves uniform attention to security best practices across national infrastructure components Greatest challenge involves auditing A national standard is needed Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 2 — Instructions: Language of the Computer 19

Copyright © 2012, Elsevier Inc. All rights Reserved The University of Adelaide, School of Computer Science 24 November 2018 Depth Chapter 1 – Introduction Depth involves using multiple security layers to protect national infrastructure assets Defense layers are maximized by using a combination of functional and procedural controls Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 2 — Instructions: Language of the Computer 20

Fig. 1.8 – National infrastructure security through defense in depth Chapter 1 – Introduction Copyright © 2012, Elsevier Inc. All rights Reserved

Copyright © 2012, Elsevier Inc. All rights Reserved The University of Adelaide, School of Computer Science 24 November 2018 Discretion Chapter 1 – Introduction Discretion involves individuals and groups making good decisions to obscure sensitive information about national infrastructure This is not the same as “security through obscurity” Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 2 — Instructions: Language of the Computer 22

Copyright © 2012, Elsevier Inc. All rights Reserved The University of Adelaide, School of Computer Science 24 November 2018 Collection Chapter 1 – Introduction Collection involves automated gathering of system-related information about national infrastructure to enable security analysis Data is processed by a security information management system. Operational challenges What type of information should be collected? How much information should be collected? Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 2 — Instructions: Language of the Computer 23

Copyright © 2012, Elsevier Inc. All rights Reserved Fig. 1.9 – Collecting national infrastructure-related security information Chapter 1 – Introduction Copyright © 2012, Elsevier Inc. All rights Reserved

Copyright © 2012, Elsevier Inc. All rights Reserved The University of Adelaide, School of Computer Science 24 November 2018 Correlation Chapter 1 – Introduction Correlation involves a specific type of analysis that can be performed on factors related to national infrastructure protection This type of comparison-oriented analysis is indispensable Past initiatives included real-time correlation of data at fusion center Difficult to implement Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 2 — Instructions: Language of the Computer 25

Fig. 1.10 – National infrastructure high-level correlation approach Chapter 1 – Introduction Copyright © 2012, Elsevier Inc. All rights Reserved

Copyright © 2012, Elsevier Inc. All rights Reserved The University of Adelaide, School of Computer Science 24 November 2018 Awareness Chapter 1 – Introduction Awareness involves an organization understanding the differences between observed and normal status in national infrastructure Most agree on the need for awareness, but how can awareness be achieved? Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 2 — Instructions: Language of the Computer 27

Fig. 1.11 – Real-time situation awareness process flow Chapter 1 – Introduction Copyright © 2012, Elsevier Inc. All rights Reserved

Copyright © 2012, Elsevier Inc. All rights Reserved The University of Adelaide, School of Computer Science 24 November 2018 Response Chapter 1 – Introduction Response involves the assurance that processes are in place to react to any security-related indicator Indicators should flow from the awareness layer Current practice in smaller corporate environments of reducing “false positives” by waiting to confirm disaster is not acceptable for national infrastructure Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 2 — Instructions: Language of the Computer 29

Fig. 1.12 – National infrastructure security response approach Chapter 1 – Introduction Copyright © 2012, Elsevier Inc. All rights Reserved

Implementing the Principles Nationally The University of Adelaide, School of Computer Science 24 November 2018 Implementing the Principles Nationally Chapter 1 – Introduction Commissions and groups Information sharing International cooperation Technical and operational costs Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 2 — Instructions: Language of the Computer 31

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.