Novel Information Attacks From “Carpet Bombings” to “Smart Bombs”

Slides:

Advertisements

Similar presentations

By Hiranmayi Pai Neeraj Jain

Advertisements

Day anti-virus anti-virus 1 detecting a malicious file malware, detection, hiding, removing.

A Rudra Technologies Pvt Ltd. Product The New Age Protector against Known and Unknown Malicious Software Rudra.

Rob Gaston 04/04/2013 CIS 150. Cyber Warfare  U.S. government security expert Richard A. Clarke, Cyber War (May 2010): "cyber warfare" is "actions by.

Chapter 14 Computer Security Threats Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design Principles,

Network Security of The United States of America By: Jeffery T. Pelletier.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

Lecture 11 Reliability and Security in IT infrastructure.

Worms By: Aaron Stahler. Difference Between a Worm and A Virus Viruses are computer programs that are designed to spread themselves from one file to another.

DuWayne Aikins Information Security Forum May 21, 2015 Cyber, A Militarized Domain: What is Means to Texas.

Internet Quarantine: Requirements for Containing Self-Propagating Code David Moore et. al. University of California, San Diego.

 Discovered in June/July 2010  Targeted Siemens software and equipment running Microsoft Windows  First malware for SCADA systems to spy and subvert.

Life in a Dangerous World: Developing effective strategies against Virus, Worms and Other Threats Marshall Breeding Vanderbilt University

Malware  Viruses  Virus  Worms  Trojan Horses  Spyware –Keystroke Loggers  Adware.

Virus & Anti-Virus Itthiwat Phiphopsukhawadee M.2/7 No.5 Saranpat Prasertthum M.2/7 No.17 Korakrit Laotrakul M.2/7 No.23 Pesan Kasemkitjanuwat M.2/7 No.25.

By: Sharad Sharma, Somya Verma, and Taranjit Pabla.

Speaker ： Hong-Ren Jiang A Novel Testbed for Detection of Malicious Software Functionality 1.

Business Computing 550 Lesson 6. 2 Security Threats on Web Sites Issues and vulnerabilities 1.Illegal Access and Use (Hacking the system or users exposing.

Jonathan Baulch  A worm that spreads via USB drives  Exploits a previously unknown vulnerability in Windows  Trojan backdoor that looks for a specific.

 The purpose of this report is to inform people that the spyware and virus threat is growing and what people can do to stop the spread of spyware and.

WHAT IS VIRUS? NAE GRAND CHALLENGE SECURE CYBERSPACE.

What is a virus??????? A virus is an of some sort sent to you that will usually shut down or corrupt your computer. It will then send the virus.

Active Worms CSE 4471: Information Security 1. Active Worm vs. Virus Active Worm –A program that propagates itself over a network, reproducing itself.

Lecture 14 Overview. Program Flaws Taxonomy of flaws: – how (genesis) – when (time) – where (location) the flaw was introduced into the system 2 CS 450/650.

 Two types of malware propagating through social networks, Cross Site Scripting (XSS) and Koobface worm.  How these two types of malware are propagated.

CHAPTER 14 Viruses, Trojan Horses and Worms. INTRODUCTION Viruses, Trojan Horses and worm are malicious programs that can cause damage to information.

10/11/2015 Computer virus By Al-janabi Rana J 1. 10/11/2015 A computer virus is a computer program that can copy itself and infect a computer without.

Malicious Attacks By Katya, Grace, Lachlan, Sairus and Eric!

A computer virus is a computer program that can replicate itself and spread from one computer to another. The term "virus" is also commonly, but erroneously.

MALWARE : STUXNET CPSC 420 : COMPUTER SECURITY PRINCIPLES Somya Verma Sharad Sharma Somya Verma Sharad Sharma.

1 Figure 4-16: Malicious Software (Malware) Malware: Malicious software Essentially an automated attack robot capable of doing much damage Usually target-of-opportunity.

System utility pieces of software. Antivirus Antivirus (or anti-virus) software is used to safeguard a computer from malware, including viruses, computer.

Lessons from Stuxnet Matthew McNeill. Quick Overview Discovered in July 2011 Sophisticated worm - many zero-day exploits, Siemens programmable logic controller.

ANTIVIRUS SOFTWARE.  Antivirus software is the most widespread mechanism for defending individual hosts against threats associated with malicious software,

GSHRM Conference Cyber Security Education Shri Cockroft, CISO Piedmont Healthcare, Inc. September 21, 2015.

VirusesViruses HackingHacking Back upsBack ups Stuxnet Stuxnet.

Chapter 01: Introduction to Network Security. Network  A Network is the inter-connection of communications media, connectivity equipment, and electronic.

Virus and anti virus. Intro too anti virus Microsoft Anti-Virus (MSAV) was an antivirus program introduced by Microsoft for its MS-DOS operating system.

1 Class 15 System Security. Outline Security Threats (External: malware, spoofing/phishing, sniffing, & data theft: Internal: unauthorized data access,

Homeland Security. Hey, It’s Me! I’m Tek – your i-SAFE guide. I’m a part of i-SAFE America. i-SAFE is concerned with teaching you how to be safe online.

Worm Defense Alexander Chang CS239 – Network Security 05/01/2006.

Mobile Agent Security Presented By Sayuri Yonekawa October 17, 2000.

North American Energy Infrastructure Policy Philip Gonda Steven Mays Robert Floyd Josh Kapp.

n Just as a human virus is passed from person from person, a computer virus is passed from computer to computer. n A virus can be attached to any file.

Computer Security Threats CLICKTECHSOLUTION.COM. Computer Security Confidentiality –Data confidentiality –Privacy Integrity –Data integrity –System integrity.

A New Security Blueprint Shantanu Ghosh Vice President, Enterprise Security & India Product Operations.

NATIONAL CYBER SECURITY GOVERNANCE & EMERGING CYBER SECURITY THREATS

Safe’n’Sec IT security solutions for enterprises of any size.

NETWORK SECURITY Definitions and Preventions Toby Wilson.

Page 1 Viruses. Page 2 What Is a Virus A virus is basically a computer program that has been written to perform a specific set of tasks. Unfortunately,

NEXT GENERATION ATTACKS & EXPLOIT MITIGATIONS TECHNIQUES ID No: 1071 Name: Karthik GK ID: College: Sathyabama university.

Enterprise’ Ever-Evolving Challenge & Constraints Dealing with BYOD Challenges Enable Compliance to Regulations Stay Current with New Consumption Models.

Detected by, M.Nitin kumar ( ) Sagar kumar sahu ( )

BY: AUSTIN NEIGH. WHAT IS CYBER WARFARE? Hacking that is politically motivated to conduct sabotage or espionage Form of information warfare Typically.

Antivirus Software Technology By Mitchell Zell. Intro  Computers are vulnerable to attack  Most common type of attack is Malware  Short for malicious.

Koustav Sadhukhan, Rao Arvind Mallari and Tarun Yadav DRDO, Ministry of Defense, INDIA Cyber Attack Thread: A Control-flow Based Approach to Deconstruct.

Cosc 4765 Antivirus Approaches. In a Perfect world The best solution to viruses and worms to prevent infected the system –Generally considered impossible.

Internet Quarantine: Requirements for Containing Self-Propagating Code

CYBER SECURITY...

TASHKENT UNIVERSITY OF INFORMATION TECHNOLOGIES NAMED AFTER MUHAMMAD AL-KHWARIZMI THE SMART HOME IS A BASIC OF SMART CITIES: SECURITY AND METHODS OF.

Cybersecurity Case Study STUXNET worm

How Seculert Discovered the Shamoon Malware

Today’s Risk. Today’s Solutions. Cyber security and

Propagation, behavior, and countermeasures

Object Oriented Programming and Software Engineering CIS016-2

How to Mitigate the Consequences What are the Countermeasures?

Industry Overview The global AI in cyber security market is predicted to grow at 35.0% CAGR during the forecast period with the market size reaching USD.

Introduction to Internet Worm

Presentation transcript:

Novel Information Attacks From “Carpet Bombings” to “Smart Bombs”

Traditional malware: Developed to create massive computer epidemics At the early stages of epidemics provides plenty of information for attack mitigation Modern anti-virus products: Developed for massive attacks leading to epidemics, rather than targeted attacks Mainly employ binary signatures to detect malware (viruses, network worms etc.). The database of binary signatures is ever increasing due to new attacks and mutating malware Novel malware such as StuxNet worm: Developed to create single attacks against high value target (industrial and government facilities) Does not create epidemics thus do not provide data for attack mitigation: the first instance of attack could also be the last instance The malware is highly specialized for particular environment of the target Motivation

High value target

Internationally: Majority of attacks happened in Iran [”W32.Stuxnet Dossier” Symantec Corporation, October 2010] On July , StuxNet might have shut down an Indian satellite that was operated by vulnerable remote terminal units [Jeffery Carr, “Did The Stuxnet Worm Kill India’s INSAT-4B Satellite?”, Forbes.com, September, 2010] Generally, a targeted attack, such as StuxNet worm represents a threat of a great importance: The mass utilization of remote and automatic control systems at strategic objects as nuclear power plants, gas and oil production and transportation... Such control systems incorporate a large number of interconnected industrial controllers and operator stations… Systems that are particularly vulnerable to targeted attacks such as StuxNet worm What do we know about the StuxNet:

INTERNET Process control computer Control electronics (PLC) Actuators Control valves D e p l o y m e n t Propagation Activation, execution Erroneous control decisions Destructive control actions

Problem : A new trend in computer attacks is a stealthy targeted attack These attacks are aimed at high value targets within the national infrastructure that is much more dangerous and much more difficult to mitigate than traditional computer epidemics Existing computer security products, by design, fail to prevent targeted, industry oriented attacks. The proposed solution: We propose a new cyber-security technology that detects attacks by identifying and classifying goals of an attacker (malware). Our technology does not rely on large signature data base that minimizes the use of computer resources and associated costs. Our technology addresses both traditional massive attacks and low and slow targeted attacks on industrial and government facilities Our Current Work

Attacker What is done What we want to do Observing malicious behaviors Specifying malicious functionalities Developing functionality recognition technology Detecting potential goals of the attack Preventing the attack spread Specifying malicious functionalities Utilizing functionality recognition technology Immunizing high value targets Attacker High value target