INTRODUCTION Patrick Norman. World Trends Smart World – Smart Grids (Power, etc.) – Mobile – Integration between physical and digital world.

Slides:

Advertisements

Similar presentations

Authenticating Users. Objectives Explain why authentication is a critical aspect of network security Explain why firewalls authenticate and how they identify.

Advertisements

Information System Audit : © South-Asian Management Technologies Foundation Chapter 4: Information System Audit Requirements.

Guide to Computer Forensics and Investigations1 Network Forensics Overview Network forensics –Systematic tracking of incoming and outgoing traffic To ascertain.

Application of Bayesian Network in Computer Networks Raza H. Abedi.

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.

The development of Internet A cow was lost in Jan 14th If you know where it is, please contact with me. My QQ number is QQ is one of the.

McGraw-Hill/Irwin Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. Extended Learning Module H Computer Crime and Digital Forensics.

Mod H-1 Examples of Computer Crimes. Mod H-2 Stuxnet.

1 MD5 Cracking One way hash. Used in online passwords and file verification.

INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)

Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.

Simulation and Analysis of DDos Attacks Poongothai, M Department of Information Technology,Institute of Road and Transport Technology, Erode Tamilnadu,

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 9 Performing Vulnerability Assessments.

Lesson 13-Intrusion Detection. Overview Define the types of Intrusion Detection Systems (IDS). Set up an IDS. Manage an IDS. Understand intrusion prevention.

Mining Behavior Models Wenke Lee College of Computing Georgia Institute of Technology.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 10 Authenticating Users By Whitman, Mattord, & Austin© 2008 Course Technology.

Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.

Lecture 11 Intrusion Detection (cont)

Discovering Computers 2010

Norman SecureSurf Protect your users when surfing the Internet.

Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.

Internet Safety CSA September 21, Internet Threats Malware (viruses) Spyware Spam Hackers Cyber-criminals.

Information Systems CS-507 Lecture 40. Availability of tools and techniques on the Internet or as commercially available software that an intruder can.

IT-security in the Ubiquitous Computing World Chris Kuo, CISSP, CISA Acer eDC (e-Enabling Data Center) Acer Inc. 2007/3/27.

Chirag N. Modi and Prof. Dhiren R. Patel NIT Surat, India Ph. D Colloquium, CSI-2011 Signature Apriori based Network.

Securing Information Systems

SEC835 Database and Web application security Information Security Architecture.

Intrusion Detection for Grid and Cloud Computing Author Kleber Vieira, Alexandre Schulter, Carlos Becker Westphall, and Carla Merkle Westphall Federal.

Intrusion Detection Presentation : 1 OF n by Manish Mehta 01/24/03.

Brad Baker CS526 May 7 th, /7/ Project goals 2. Test Environment 3. The Problem 4. Some Solutions 5. ModSecurity Overview 6. ModSecurity.

 Prototype for Course on Web Security ETEC 550.  Huge topic covering both system/network architecture and programming techniques.  Identified lack.

Tutorial Chapter 5. 2 Question 1: What are some information technology tools that can affect privacy? How are these tools used to commit computer crimes?

Defining Digital Forensic Examination & Analysis Tools Brian Carrier.

Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin Business Plug-In B6 Information Security.

8.1 © 2007 by Prentice Hall Minggu ke 6 Chapter 8 Securing Information Systems Chapter 8 Securing Information Systems.

Models of Models: Digital Forensics and Domain-Specific Languages Daniel A. Ray and Phillip G. Bradford The University of Alabama Tuscaloosa, AL

HACKER Someone who attempts to break into computer system. Typically, this kind of hacker would be a proficient programmer or engineer with sufficient.

INTERACTIVE ANALYSIS OF COMPUTER CRIMES PRESENTED FOR CS-689 ON 10/12/2000 BY NAGAKALYANA ESKALA.

1 Chpt. 12: INFORMATION SYSTEM QUALITY, SECURITY, AND CONTROL.

SNORT Biopsy: A Forensic Analysis on Intrusion Detection System By Asif Syed Chowdhury.

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 9 Performing Vulnerability Assessments.

.  Define risk and risk management  Describe the components of risk management  List and describe vulnerability scanning tools  Define penetration.

1 HoneyNets. 2 Introduction Definition of a Honeynet Concept of Data Capture and Data Control Generation I vs. Generation II Honeynets Description of.

Intrusion Detection System (IDS) Basics LTJG Lemuel S. Lawrence Presentation for IS Sept 2004.

1 A Network Security Monitor Paper By: Heberlein et. al. Presentation By: Eric Hawkins.

Security and Assurance in IT organization Name: Mai Hoang Nguyen Class: INFO 609 Professor: T. Rohm.

Intrusion Detection Systems Paper written detailing importance of audit data in detecting misuse + user behavior 1984-SRI int’l develop method of.

The Digital Crime Scene: A Software Perspective Written By: David Aucsmith Presented By: Maria Baron.

ICT & Crime Introduction. Homework read THREE stories from ict.com/news/news_stories/news_crime.htm & produce a 3-fold leaflet describing/discussing.

Computer Security By Duncan Hall.

I NTRUSION P REVENTION S YSTEM (IPS). O UTLINE Introduction Objectives IPS’s Detection methods Classifications IPS vs. IDS IPS vs. Firewall.

Matt Broman Kodiac Gamble Devin Nichol SECTION 4.2 INFORMATION SECURITY.

1 Law, Ethical Impacts, and Internet Security. 2 Legal Issues vs. Ethical Issues Ethics — the branch of philosophy that deals with what is considered.

Approaches to Intrusion Detection statistical anomaly detection – threshold – profile based rule-based detection – anomaly – penetration identification.

Using Honeypots to Improve Network Security Dr. Saleh Ibrahim Almotairi Research and Development Centre National Information Centre - Ministry of Interior.

Department of Computer Science Introduction to Information Security Chapter 7 Activity Security Assessment Semester 1.

UNIT II COMPUTER AND INTERNET CRIME. OBJECTIVES 1.Identify key trade-offs and ethical issues associated with safeguarding of data and information systems.

Intrusion Detection Systems Dj Gerena. What is an Intrusion Detection System Hardware and/or software Attempts to detect Intrusions Heuristics /Statistics.

Computer Hacking By: Ethan Wolfe. What is Computer Hacking? Computer Hacking- The practice of modifying computer hardware and software to accomplish a.

HIPS. Host-Based Intrusion Prevention Systems  One of the major benefits to HIPS technology is the ability to identify and stop known and unknown attacks,

Models of Models: Digital Forensics and Domain-Specific Languages

Securing Information Systems

Securing Information Systems

Rules of Thumb to Mathematical Rule- A Cyber Security Journey

Securing Information Systems

Home Internet Vulnerabilities

Digital Forensics Chris Rozic.

Presentation transcript:

INTRODUCTION Patrick Norman

World Trends Smart World – Smart Grids (Power, etc.) – Mobile – Integration between physical and digital world

World Trends Smart World – Smart Grids (Power, etc.) – Mobile – Integration between physical and digital world

By 2015, a G20 nation’s critical infrastructure will be disrupted and damaged by online sabotage. (Gartner.com)

IT Threats DDoS attacks Fraud (Add more after meeting with professor RUHI)

Cyber Gangs ①Russian Business Network ②Rock Phish Gang ③NSA ④Grey Pigeon Authors ⑤Stormworm Gang ⑥Awola Crew ⑦DRG Group ⑧South American Groups ⑨Oga

BlackHat vs. WhiteHat Hackers BlackHats Work to exploit computer systems (I intend to only give maybe 1 or two examples of each hacker and tell a brief summary of what they did) Examples Jonathan James Adrian Lamo Kevin Mitnick Kevin Poulsen Robert Tappan Morris WhiteHats “"Ethical Hackers," hired by companies to test the integrity of their systems” Examples Stephen Wozniak Tim Berners-Lee Linus Torvalds Richard Stallman Tsutomu Shimomura

Forensics Investigators Main responsibilities (Job activities) Attempting to uncover the trace of an attacker to identify him Uncovering IT System security threats Testifying in court against convicts

Importance of Computer Forensics Systems How can Computer Forensics Systems improve security Better identification of system threats to improve protective measures Catching cyber criminals will have a better effect than regular criminals because they have bots automatically generating threats (FIX THIS)

Simulation

Background of Simulation 2 Important Components: Statistical Modelling – Create models to predict random events Software – Arena – Custom code

Statistical Modelling When should this be used? To predict random events When there are one or many unknowns Key success components Large data sets Well-defined problem Structured problem

Simulation Why do we simulate? – An improved tool – Avoid taking risks When do we simulate? – Before and after an event – Certain types of problems work best Can we rely on it? – 70-90%

Simulation Inputs Use random number generators Set of rules and functions that are problem dependent Outputs How do we interpret results? “There is no perfect answer” The problem could change Further developing the model will only make it more accurate

Simulation and SDLC The 2 Most Important Steps: Design Phase Look for vulnerabilities Exhaustive test sets Identify design flaws Operations Phase Collect data Identify flaws in existing systems Improve future projects

= 0% = 60% = 0% = 40% SDLC

Software Monte Carlo Off-the-shelf Advantages Network Modelling Off-the-shelf Advantages Custom Code Advantages

Computer Forensics

Mobile Forensics Outsell PCs Harder to investigate Newly acquired need to investigate Data paths Numerous Manufacturers NIST

Tools & Techniques SIMbrush MOBILedit! TULP 2G

Network Forensics “Network forensics is the science that deals with capture, recording, and analysis of network traffic for detecting intrusions and investigating them.”

Tools & Techniques

Key Techniques IDS – Intrusion Detection System Packet Capture – Capturing data packets crossing a network Proprietary – Unique techniques developed by individual vendors Pattern Matching – Ex: Hashing

Database Forensics Internet Boom Legal Duty Database forensics as a tool

Tools & Techniques SQL Server Management Studio Express SQL CMD Windows Forensic Tool Chest NetCat WinHex

Challenges Encryption Use as Evidence Evolving Technology

Application

Step 1: Observation

Observation Actual Observation – On the shop floor Historic – Statistics – Distribution Diagrams – System Architecture

Observation Develop the Equation BASIS FOR ENTIRE MODEL

Step Two Develop the Model

Models Network Models – Processes – Data flow – Queues

Models Monte Carlo – Deterministic – Largely Random

Model Objective – Gain Knowledge – Matching real and simulated – Now Let’s break it

Step 3 Analyze and Fix

Analysis Multiple Iterations Compare Expected and Actual Results Compare Actual and Historic Results

Benefits to UNIWO Security of IT systems – Pre and post simulation will allow us to identify threats earlier Stability – Probability of having an unexpected system shutdown is decreased significantly Simulation added to computer forensics will improve chances for catching cybercriminals by identifying their patterns