Evangelos Markatos, FORTH CyberSecurity Research in Crete Evangelos Markatos Institute of Computer Science.

Slides:



Advertisements
Similar presentations
Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.
Advertisements

Tips and tools to keep you and your information safe on-line. We will go over a lot of information today, so it is important to pay attention and follow.
How to protect yourself, your computer, and others on the internet
Thank you to IT Training at Indiana University Computer Malware.
Tips and tools to keep you and your information safe on-line. We will go over a lot of information today, so it is important to pay attention and follow.
Protect your PC virus, worm, Trojan horse, phishing, spam, botnet and zombies, spoofing, social engineering, identity theft, spyware, rootkits Click.
SECURITY CHECK Protecting Your System and Yourself Source:
1 MIS 2000 Class 22 System Security Update: Winter 2015.
Hackers, Crackers, and Network Intruders: Heroes, villains, or delinquents? Tim McLaren Thursday, September 28, 2000 McMaster University.
Internet Safety Basics Never share names, schools, ages, phone numbers, or addresses. Never open an from a stranger – it may contain viruses that.
Introduction to Security Computer Networks Computer Networks Term B10.
Threats To A Computer Network
Phishing – Read Behind The Lines Veljko Pejović
Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services
Malicious Attacks. Introduction Commonly referred to as: malicious software/ “malware”, computer viruses Designed to enter computers without the owner’s.
Internet Relay Chat Chandrea Dungy Derek Garrett #29.
COMPUTER CRIME AND TYPES OF CRIME Prepared by: NURUL FATIHAH BT ANAS.
Internet Safety By Megan Wilkinson. Viruses If your computer haves a viruses on it, it will show one of them or a different one. All commuters have different.
Internet safety Viruses A computer virus is a program or piece of code that is loaded onto your computer without your knowledge and runs against your.
Contents  Viruses Viruses  Computer Worms Computer Worms  Trojans Trojans  Spyware Spyware  Adware Adware  Spam Spam  Hoaxes and Scams Hoaxes and.
Internet Safety CSA September 21, Internet Threats Malware (viruses) Spyware Spam Hackers Cyber-criminals.
Commercial eSecurity Training and Awareness. Common Online Threats Most electronic fraud falls into one of three categories:  PHISHING – Fraudulent s.
Introduction to Honeypot, Botnet, and Security Measurement
CS101 Lecture 14 Security. Network = Security Risks The majority of the bad things that can be done deliberately to you or your computer happen when you.
Internet Safety By Stephanie Jarrard. What is the Internet?  “Internet” is a shortened name for “Interconnected networks”  The internet is a global.
Cyber Crimes.
THREATS TO MOBILE NETWORK SECURITY
Unit 2 - Hardware Computer Security.
Detrick Robinson & Amris Treadwell.  Computer viruses- are pieces of programs that are purposely made up to infect your computer.  Examples: › Internet.
Malware  Viruses  Virus  Worms  Trojan Horses  Spyware –Keystroke Loggers  Adware.
Safe Computing. Computer Maintenance  Back up, Back up, Back up  External Hard Drive  CDs or DVDs  Disk Defragmenter  Reallocates files so they use.
Lions? And Tigers? And Bears? Oh my!. In The Wizard of Oz, Dorothy, Tinman and Scarecrow were frightened of what may be out there as they traveled the.
IT security By Tilly Gerlack.
Evangelos Markatos, FORTH NoAH: A Network of Affined Honeypots : Current State and Collaboration Opportunities.
Evangelos Markatos, FORTH Network Monitoring for Performance and Security The LOBSTER project Evangelos.
ITIS 1210 Introduction to Web-Based Information Systems Chapter 45 How Hackers can Cripple the Internet and Attack Your PC How Hackers can Cripple the.
Privacy & Security Online Ivy, Kris & Neil Privacy Threat - Ivy Is Big Brother Watching You? - Kris Identity Theft - Kris Medical Privacy - Neil Children’s.
IT internet security. The Internet The Internet - a physical collection of many networks worldwide which is referred to in two ways: The internet (lowercase.
Trojan Horses on the Web. Definition: A Trojan horse a piece of software that allows the user think that it does a certain task, while actually does an.
Presented by Spiros Antonatos Distributed Computing Systems Lab Institute of Computer Science FORTH.
The UCSD Network Telescope A Real-time Monitoring System for Tracking Internet Attacks Stefan Savage David Moore, Geoff Voelker, and Colleen Shannon Department.
The Internet. 2 So what is the internet? The internet is global network that connects most of the world’s personal computers. The World Wide Web is a.
1 Honeypot, Botnet, Security Measurement, Spam Cliff C. Zou CDA /01/07.
Understanding Computer Viruses: What They Can Do, Why People Write Them and How to Defend Against Them Computer Hardware and Software Maintenance.
What is risk online operation:  massive movement of operation to the internet has attracted hackers who try to interrupt such operation daily.  To unauthorized.
Copyright ©2005 CNET Networks, Inc. All rights reserved. Practice safety Learn how to protect yourself against common attacks.
Topic 5: Basic Security.
What is Spam? d min.
CyberPatriot: Introduction to Cyber Security 9/10/10 Joshua White Director of CyOON R&D Everis Inc (315)
LOBSTER: Large Scale Monitoring of Broadband Internet Infrastructure Evangelos Markatos The LOBSTER Consortium Institute.
Computer Skills and Applications Computer Security.
Internet safety By Suman Nazir
Introduction1-1 Chapter 1: roadmap 1.1 What is the Internet? 1.2 Network edge  end systems, access networks, links 1.3 Network core  circuit switching,
Any criminal action perpetrated primarily through the use of a computer.
1 Integrated Site Security Project Denise Heagerty CERN 22 May 2007.
Information Systems Design and Development Security Risks Computing Science.
By: Matthew Newsome.  The Internet was created so the US Department of Defense can share information between each other, which took place in the 1960’s.
Adware and Browser Hijacker – Symptoms and Preventions /killmalware /u/2/b/ /alexwaston14/viru s-removal/ /channel/UC90JNmv0 nAvomcLim5bUmnA.
PCs ENVIRONMENT and PERIPHERALS Lecture 10. Computer Threats: - Computer threats: - It means anything that has the potential to cause serious harm to.
Zeus Virus By: Chris Foley. Overview  What is Zeus  What Zeus Did  The FBI investigation  The virus for phones  Removal and detection  Conclusion.
Computer Security Keeping you and your computer safe in the digital world.
Created by the E-PoliceSlide 122 February, 2012 Dangers of s By Michael Kuc.
Seguretat en xarxes informàtiques Autor: Lluís Pérez Vidal Curs Xarxes Linux.ICE-UPC Honeypots Honeypots “A un panal de rica miel...”
Technical Implementation: Security Risks
Security Risks Todays Lesson Security Risks Security Precautions
Learn how to protect yourself against common attacks
IT Security  .
Protect Your Computer Against Harmful Attacks!
HOW DO I KEEP MY COMPUTER SAFE?
How to keep the bad guys out and your data safe
Presentation transcript:

Evangelos Markatos, FORTH CyberSecurity Research in Crete Evangelos Markatos Institute of Computer Science (ICS) Foundation for Research and Technology – Hellas (FORTH) Crete, Greece CyberSecurity

Evangelos Markatos, FORTH Roadmap The problem: –The trust that we used to place on our network is slowly eroding away We are being attacked –Viruses, Worms, Trojans, keyboard loggers continue to plague our computers What do people say about this? –Europe – ENISA –USA – PITAC What can be done? The DCS approach –Understand mechanisms and causes of cyberattacks –Automate Detection of, fingerprinting of, and reaction to cyberattacks Summary and Conclusions

Evangelos Markatos, FORTH The erosion of trust on the Internet We used to trust computers we interacted with on the Internet –Not any more… Address bar spoofing: –Do you know that the web server is the real one?

Evangelos Markatos, FORTH The erosion of trust on the Internet We used to trust our network –Not any more… Our network is the largest source of all attacks We used to trust our own computer –Not any more… (keyboard loggers can easily get all our personal information)

Evangelos Markatos, FORTH The erosion of trust on the Internet We used to trust our own eyes with respect to the content we were viewing on the Internet –Not any more… –Phishing: sophisticated social engineering Attackers send users On behalf of a legitimate sender (e.g. a bank) Inviting them to sign-up for a service When users click they are requested to give their password Which ends up in the attacker’s database

Evangelos Markatos, FORTH A simple phishing attack

Evangelos Markatos, FORTH A sophisticated phishing attack: Setting the stage Attackers send inviting Bank of America customers to change their address on-line

Evangelos Markatos, FORTH A phishing attack: hiding the tracks Bank of America web site opens in the background Pop-up window (from requests user name and passwordwww.bofalert.com Legitimate Web site Pop-up Window

Evangelos Markatos, FORTH The boiling cauldron of Security Security on the Internet is getting increasingly important –Worms, Viruses, and trojians, continue to disrupt our everyday activities –Spyware and backdoors continue to steal our credit card numbers, our passwords, and snoop into our private lives –Keyboard loggers can empty our bank accounts if they choose to do so

Evangelos Markatos, FORTH It used to be a problem of PCs Not any more… PocketPC virus: –Duts Mobile phone virus: –Cabir –Infects the Symbian operating system

Evangelos Markatos, FORTH Mobile phone viruses: The Mosquitos virus Mosquitos Virus: –Attaches itself to an illegal copy of “Mosquitos” game –Once installed it starts sending potentially expensive SMS messages to premium numbers –“free to download” but “expensive to play”

Evangelos Markatos, FORTH The CommWarrior Worm Once installed –Searches or nearby phones –Sends itself to the owner's address list through MMS –Using random names Difficult to filter out

Evangelos Markatos, FORTH How much does it cost? Financial Cost: worms cost billions of euros to lost productivity –CodeRED Worm: $2.6 billion –Slammer: $1.2 billion –LoveLetter virus: $8.8 billion Could cyberattacks lead to loss of life? –What if a medical equipment gets infected by a worm? Wrong diagnosis? Wrong treatment? –What if a car gets infected by a worm? Could this lead to fatal car crash? How about Critical Infrastructures? What if a Nuclear power plant gets infected? –Would this lead to failure of safety systems? –Is this possible?

Evangelos Markatos, FORTH How much does it cost? Worms have penetrated Nuclear Power plants. “The Slammer worm penetrated a private computer network at Ohio's Davis-Besse nuclear power plant in January and disabled a safety monitoring system for nearly five hours” Security Focus News Luckily no harm was made –The reactor was not operating at that time –There was a fall-back analog monitoring system Will we be so lucky next time?

Evangelos Markatos, FORTH What do people say about this? ENISA ENISA: European Network and Information Security Agency PSG: Permanent Stakeholders Group Vision Document

Evangelos Markatos, FORTH ENISA Vision “The longer-term impact of … worm compromised hosts is likely to be greater in total than at present” “… Organized Crime and terrorists … introduce a level of sophistication and funding of (cyber)attacks that is far beyond what we have commonly seen in the previous 20 years of cyber security” ENISA PSG i.e. things are bad and are going to get worse!

Evangelos Markatos, FORTH What does the community say about this? What should we do? Feb President’s Information Technology Advisory Committee (in U.S.) Cyber-Security Sub-committee –David Patterson, UC Berkeley –Tom Leighton, MIT, –and several others

Evangelos Markatos, FORTH Cyber-security Report Provide expert advice –In IT security

Evangelos Markatos, FORTH Research Priorities Identified They identified 10 Research Priorities We should do Research in: –Global Scale Monitoring (for cyber-attacks) –Real-time Data collection storage and analysis (for cyberattacks) –Automated (cyberattack) discovery from monitoring data –Develop forensic-friendly architectures To summarize: Monitor for cyber-attacks and detect them early

Evangelos Markatos, FORTH Cybersecurity Research in Crete At DCS we do just that Monitor, detect, and fingerprint –Cyberattacks

Evangelos Markatos, FORTH Project Coordination LOBSTER: Large Scale Monitoring of Broadband Internet Infrastructure –SSA, Research Networking Testbed, funded by IST, 9 partners NoAH: Network of Affined Honeypots –SSA (Design Study), Research Infrastructure –Funded by DG Research, 8 partners

Evangelos Markatos, FORTH Publicity

Evangelos Markatos, FORTH What is a honeypot? An “undercover” computer –which has no ordinary users –which provides no regular service Or a few selected services if needed –Just waits to be attacked… Its value lies on being compromised –Or in being exploited, scanned, etc. Honeypots are an “easy” target –But heavily monitored ones If attacked, they log as much information as possible

Evangelos Markatos, FORTH When was a honeypot first used? Widely publicized: The cuckoo’s egg –By Cliff Stoll Cliff Stoll noticed a 75-cent accounting error in the computer he managed –This led Cliff to discover an intruder named “Hunter” –Instead of shutting “Hunter” out, Cliff started to study him –He connected the modem lines to a printer –He created dummy “top-secret” directories to “lure” “Hunter” into coming back –He was paged every time “Hunter” was in –He traced “Hunter” to a network of hackers Paid in cash and drugs and Reporting directly to KGB

Evangelos Markatos, FORTH How do we receive attacks? Three types of sensors: –Traditional honeypots who wait to be attacked –Collaborating organizations who install low- interaction honeypots and forward “interesting” attacks to NoAH core A “screensaver” who forwards all unwanted traffic to NoAH Unwanted traffic received at –unused IP addresses –unused TCP/UDP ports

Evangelos Markatos, FORTH In Closing… In a week from today (May 17 th) is the –World Telecommunication Day 2006 (WTD) Commemorates the founding of ITU –WTD 200 is Dedicated to “Promoting Global Cybersecurity”

Evangelos Markatos, FORTH In Closing… Let us take this opportunity –Of the World Telecommunication Day –Dedicated to promoting Global Cybersecurity –And promote cybersecurity and Internet Safety By promoting awareness By empowering small organizations By empowering people to contribute and make a difference Thank you all...

Evangelos Markatos, FORTH CyberSecurity Research in Crete Evangelos Markatos Institute of Computer Science (ICS) Foundation for Research and Technology – Hellas (FORTH) Crete, Greece CyberSecurity