Internet Worms, SYN DOS attack

Slides:



Advertisements
Similar presentations
IS 376 NOVEMBER 5, DATA BREACH INVESTIGATIONS REPORT By The Verizon RISK Team Research Investigations Solutions Knowledge.
Advertisements

Dr. Kalpakis CMSC 421, Operating Systems. Fall 2008 URL: Security.
Communications of the ACM (CACM), Vol. 32, No. 6, June 1989
Lecture: Malicious Code CIS 3360 Ratan K. Guha. Malicious Code2 Overview and Reading Assignments Defining malicious logic Types Action by Viruses Reading.
CSE331: Introduction to Networks and Security Lecture 32 Fall 2002.
Computer Viruses and Worms* *Referred to slides by Dragan Lojpur, Zhu Fang at Florida State University.
Hackers, Crackers, and Network Intruders: Heroes, villains, or delinquents? Tim McLaren Thursday, September 28, 2000 McMaster University.
Security (Continued) V.T. Raja, Ph.D., Oregon State University.
Chapter 10: Data Centre and Network Security Proxies and Gateways * Firewalls * Virtual Private Network (VPN) * Security issues * * * * Objectives:
Security  The Security Problem  Authentication  Program Threats  System Threats  Securing Systems  Intrusion (unwanted involvement) Detection  Encryption.
Silberschatz, Galvin and Gagne  Operating System Concepts The Security Problem A system is secure iff its resources are used and accessed as.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.
Software Security Threats Threats have been an issue since computers began to be used widely by the general public.
Security A system is secure if its resources are used and accessed as intended under all circumstances. It is not generally possible to achieve total security.
U NIVERSITY OF M ASSACHUSETTS, A MHERST Department of Computer Science Emery Berger University of Massachusetts, Amherst Operating Systems CMPSCI 377 Lecture.
Network Security. Network security starts from authenticating any user. Once authenticated, firewall enforces access policies such as what services are.
Silberschatz, Galvin and Gagne  Operating System Concepts Module 19: Security The Security Problem Authentication Program Threats System Threats.
CSE331: Introduction to Networks and Security Lecture 33 Fall 2002.
Protection and Security CSCI 444/544 Operating Systems Fall 2008.
Lesson 10 – SECURING YOUR NETWORK Security devices Internal security External security Viruses and other malicious software OVERVIEW.
Internet Relay Chat Security Issues By Kelvin Lau and Ming Li.
Common forms and remedies Neeta Bhadane Raunaq Nilekani Sahasranshu.
Trojan Horse Implementation and Prevention By Pallavi Dharmadhikari Sirisha Bollineni VijayaLakshmi Jothiram Vasanthi Madala.
1Federal Network Systems, LLC CIS Network Security Instructor Professor Mort Anvair Notice: Use and Disclosure of Data. Limited Data Rights. This proposal.
Chapter 15: Security (Part 1). The Security Problem Security must consider external environment of the system, and protect the system resources Intruders.
Operating Systems Protection & Security.
U NIVERSITY OF M ASSACHUSETTS, A MHERST Department of Computer Science Emery Berger University of Massachusetts, Amherst Operating Systems CMPSCI 377 Lecture.
1 Guide to Network Defense and Countermeasures Chapter 2.
13.1 Silberschatz, Galvin and Gagne ©2011 Operating System Concepts Essentials – 8 th Edition Security.
1 Lecture 7 Security Problems and Virus 2 Contents u How things go wrong u Change in environment u Bound and syntax checking u Convenient but dangerous.
Silberschatz and Galvin  Operating System Concepts Module 20: Security The Security Problem Authentication Program Threats System Threats Threat.
Malware  Viruses  Virus  Worms  Trojan Horses  Spyware –Keystroke Loggers  Adware.
14.1 Silberschatz, Galvin and Gagne ©2009 Operating System Concepts with Java – 8 th Edition Chapter 14: Protection.
October 15, 2002Serguei A. Mokhov, 1 Intro to Internet-services from Security Standpoint SOEN321-Information-Systems Security Revision.
FIREWALLS Vivek Srinivasan. Contents Introduction Need for firewalls Different types of firewalls Conclusion.
11 SECURING YOUR NETWORK PERIMETER Chapter 10. Chapter 10: SECURING YOUR NETWORK PERIMETER2 CHAPTER OBJECTIVES  Establish secure topologies.  Secure.
Security at NCAR David Mitchell February 20th, 2007.
1 Firewalls G53ACC Chris Greenhalgh. 2 Contents l Attacks l Principles l Simple filters l Full firewall l Books: Comer ch
CHAPTER 3 Classes of Attack. INTRODUCTION Network attacks come from both inside and outside firewall. Kinds of attacks: 1. Denial-of-service 2. Information.
Denial of Service Datakom Ht08 Jesper Christensen, Patrick Johansson, Robert Kajic A short introduction to DoS.
Information Security in Distributed Systems Distributed Systems1.
Silberschatz, Galvin and Gagne ©2009 Operating System Concepts – 8 th Edition, Security.
4061 Session 26 (4/19). Today Network security Sockets: building a server.
TCP Security Vulnerabilities Phil Cayton CSE
Security and Assurance in IT organization Name: Mai Hoang Nguyen Class: INFO 609 Professor: T. Rohm.
A Failure to Learn from the Past Presented by Chad Frommeyer CSC 493/593 Professors Charles E. Frank/James Walden.
The Internet Worm Incident Eugene H. Spafford  Attack Format –Worm vs. Virus  Attack Specifications –Worm operation –Infection and propagaion  Topics.
NETWORK SECURITY Definitions and Preventions Toby Wilson.
DOS Attacks Lyle YapDiangco COEN 150 5/21/04. Background DOS attacks have been around for decades Usually intentional and malicious Can cost a target.
Information Systems CS-507 Lecture 32. Physical Intrusion The intruder could physically enter an organization to steal information system assets or carry.
Unit 2 Personal Cyber Security and Social Engineering Part 2.
Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.
Network Security SUBMITTED BY:- HARENDRA KUMAR IT-3 RD YR. 1.
Chapter 26: Network Security Dr. Wayne Summers Department of Computer Science Columbus State University
Network security Vlasov Illia
Network Security Marshall Leitem 11/30/04
Viruses and Other Malicious Content
Firewall – Survey Purpose of a Firewall Characteristic of a firewall
NET 311 Information Security
Network Security: DoS Attacks, Smurf Attack, & Worms
12: Security The Security Problem Authentication Program Threats
Chapter 26: Network Security
Security.
Intrusion Detection system
Operating System Concepts
Chapter # 3 COMPUTER AND INTERNET CRIME
Operating System Concepts
Crisis and Aftermath Morris worm.
Chapter 14: Protection.
Presentation transcript:

Internet Worms, SYN DOS attack Eugene H. Spafford; "The Internet Worm Program: An Analysis"; ACM COMPUTER COMMUNICATION REVIEW; ACM Press, New York,NY; 19(1), pp. 17-57, Jan 1989 Christoph L. Schuba, Ivan V. Krsul, Markus G. Kuhn, Eugene H. Spafford, Aurobindo Sundaram, Diego Zamboni, "Analysis of a Denial of Service Attack on TCP". Proceedings of the IEEE, 1997 RFC 2525 - Known TCP Implementation Problems http://www.faqs.org/rfcs/rfc2525.html 28-Nov-18 4/598N: Computer Networks

November 2, 1988: Robert T. Morris Jr. Internet worm Graduate student at Cornell University. Son of the chief scientist at the National Computer Security Center -- part of the National Security Agency Convicted in 1990: $10,000 fine, 3 yr. Suspended jail sentence, 400 hours of community service Today he’s a professor at MIT 28-Nov-18 4/598N: Computer Networks

System Threats (from Silberschatz) Worms – use spawn mechanism; standalone program Internet worm Exploited UNIX networking features (remote access) and bugs in finger and sendmail programs Grappling hook program uploaded main worm program Viruses – fragment of code embedded in a legitimate program Downloading viral programs from public bulletin boards or exchanging floppy disks containing an infection Safe computing Denial of Service Overload the targeted computer preventing it from doing any useful work 28-Nov-18 4/598N: Computer Networks

The Morris Internet Worm 28-Nov-18 4/598N: Computer Networks

A firewall is placed between trusted and untrusted hosts The firewall limits network access between these two security domains Prevent internal clients from accessing “forbidden” external nodes (e.g. adult sites) Prevent external nodes from sending malicious objects into protected network SYN flood attacks etc. 28-Nov-18 4/598N: Computer Networks

Network Security Through Domain Separation Via Firewall Demilitarized Zone (DMZ) 28-Nov-18 4/598N: Computer Networks

Detect attempts to intrude into computer systems. Detection methods: Intrusion Detection Detect attempts to intrude into computer systems. Detection methods: Auditing and logging. Tripwire (UNIX software that checks if certain files and directories have been altered – I.e. password files) System call monitoring 28-Nov-18 4/598N: Computer Networks

SYN flooding 28-Nov-18 4/598N: Computer Networks

Network Attacks: Distributed DoS (courtesy Georgios Koutepas) "zombies" Pirated machines Domain A Domain B 2. Commanding the attack 1. Taking Control Target domain Attacker X Admin Problem 1: Active "zombies" Admin Problem 2: The network allows outgoing packets with wrong source addresses 28-Nov-18 4/598N: Computer Networks

X Multi-tier attack Attack Master Admin Problem: No detection of malicious activities Target domain "zombies" Attack Agents X Attacker Attack Master 28-Nov-18 4/598N: Computer Networks

Discussion Protocols and components should be designed and evaluated not only on their performance gains, but also on their robustness against implementation flaws 28-Nov-18 4/598N: Computer Networks

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.