Page 1 8 Oct 2004 IT Security Awareness Dangers in the Networked World Lai Zit Seng NUS School of Computing.

Slides:

Advertisements

Similar presentations

(Distributed) Denial of Service Nick Feamster CS 4251 Spring 2008.

Advertisements

Code-Red : a case study on the spread and victims of an Internet worm David Moore, Colleen Shannon, Jeffery Brown Jonghyun Kim.

By Hiranmayi Pai Neeraj Jain

7 Effective Habits when using the Internet Philip O’Kane 1.

1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.

Hackers, Crackers, and Network Intruders: Heroes, villains, or delinquents? Tim McLaren Thursday, September 28, 2000 McMaster University.

7.1 Copyright © 2011 Pearson Education, Inc. 7 Chapter Securing Information Systems.

1 Telstra in Confidence Managing Security for our Mobile Technology.

Threats To A Computer Network

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

Network and Server Attacks and Penetration Chapter 12.

University of WashingtonComputing & Communications Recent Computer Security Incidents Terry Gray Director, Networks & Distributed Computing 03 October.

IT Security Doug Brown Jeff Bollinger. What is security? P.H.P. People Have Problems Security is the mitigation and remediation of human error in information.

ITIS 3200: Introduction to Information Security and Privacy Dr. Weichao Wang.

Welcome to EECS 354 Network Penetration and Security.

The MS Blaster worm Presented by: Zhi-Wen Ouyang.

100% Security “ The only system which is truly secure is one which is switched off and unplugged, locked in a titanium lined safe, buried in a concrete.

Automated Web Patrol with Strider HoneyMonkeys Present by Zhichun Li.

Morris Bennett Altman Director of Network Services Internet Security Officer Queens College, CUNY Are You Exposed? Network Security.

The Difficult Road To Cybersecurity Steve Katz, CISSP Security Risk Solutions Steve Katz, CISSP Security.

1Cisco Security NOW © 2003, Cisco Systems, Inc. All rights reserved. THIS IS THE POWER OF CISCO SECURITY. now.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

Computer Science and Engineering 1 Csilla Farkas Associate Professor Center for Information Assurance Engineering Dept. of Computer Science and Engineering.

Talking points Attacks are more frequent, more aggressive, require more time to repair and prevent Machines get compromised in 2003 for the same reasons.

PATCH MANAGEMENT: Issues and Practical Solutions Presented by: ISSA Vancouver Chapter March 4, 2004.

Honeypot and Intrusion Detection System

Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.

Active Worms CSE 4471: Information Security 1. Active Worm vs. Virus Active Worm –A program that propagates itself over a network, reproducing itself.

Software Security Testing Vinay Srinivasan cell:

1 How to 0wn the Internet in Your Spare Time Authors: Stuart Staniford, Vern Paxson, Nicholas Weaver Publication: Usenix Security Symposium, 2002 Presenter:

Intrusion Detection Prepared by: Mohammed Hussein Supervised by: Dr. Lo’ai Tawalbeh NYIT- winter 2007.

CIS 442- Chapter 3 Worms. Biological and computer worms Definition, main characteristics Differences from Viruses Bandwidth consumption and speed of propagation.

Security at NCAR David Mitchell February 20th, 2007.

1 Topic 2: Lesson 3 Intro to Firewalls Summary. 2 Basic questions What is a firewall? What is a firewall? What can a firewall do? What can a firewall.

Note1 (Admi1) Overview of administering security.

Topic 5: Basic Security.

Worm Defense Alexander Chang CS239 – Network Security 05/01/2006.

Quality of Information System (IS) reflecting local correctness and reliability of the operating system; the logical completeness of the hardware and software.

Lecture 19 Page 1 CS 236 Online Securing Your System CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.

- 1 - Information Security Agenda A Brief History of Internet security What is Security What I worry about.

Ingredients of Security

& Selected Topics: Digital Forensics

Computer Security Status Update FOCUS Meeting, 28 March 2002 Denise Heagerty, CERN Computer Security Officer.

Module 12: Responding to Security Incidents. Overview Introduction to Auditing and Incident Response Designing an Audit Policy Designing an Incident Response.

Security Discussion IST Retreat June IT Security Statement definition In the context of computer science, security is the prevention of, or protection.

1 Modeling, Early Detection, and Mitigation of Internet Worm Attacks Cliff C. Zou Assistant professor School of Computer Science University of Central.

Slammer Worm By : Varsha Gupta.P 08QR1A1216.

Computer Security Status C5 Meeting, 2 Nov 2001 Denise Heagerty, CERN Computer Security Officer.

“Lines of Defense” against Malware.. Prevention: Keep Malware off your computer. Limit Damage: Stop Malware that gets onto your computer from doing any.

1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.

MIS323 – Business Telecommunications Chapter 10 Security.

Page 1 Viruses. Page 2 What Is a Virus A virus is basically a computer program that has been written to perform a specific set of tasks. Unfortunately,

Introduction to Computer Systems. Stacks and Buflab Recitation 3 Monday September 21th, 2009.

1 Botnets Group 28: Sean Caulfield and Fredrick Young ECE 4112 Internetwork Security Prof. Henry Owen.

@Yuan Xue Worm Attack Yuan Xue Fall 2012.

Network Security SUBMITTED BY:- HARENDRA KUMAR IT-3 RD YR. 1.

Servers in the Wild… …and the threats that lurk about. DePaul University Information Security Team TLT Presentation 08 May 2002.

Securing Information Systems

Secure Software Confidentiality Integrity Data Security Authentication

CSE 4471: Information Security

Putting It All Together

Putting It All Together

Threats to computers Andrew Cormack UKERNA.

Information Security Session October 24, 2005

Internet Worm propagation

امنیت اطلاعات و ضرورت آن

Intrusion Detection system

CSE551: Introduction to Information Security

Introduction to Internet Worm

Presentation transcript:

Page 1 8 Oct 2004 IT Security Awareness Dangers in the Networked World Lai Zit Seng NUS School of Computing

Page 2 8 Oct 2004 Topics History: Recent Worms What is Security Why Worry What’s Happening in SOC

Page 3 8 Oct 2004 History – Code Red Struck on 12th Jul 2001 –Public announcement on 17th Jul 2001 –CERT announcement on 19th Jul 2001, and again on 26th Jul 2001 Exploited buffer overflow in IIS –CERT published advisory on 19th Jun 2001 –Patch available from MS since 18th Jun 2001 Estimated $2B in damages (Aug 2001) –Source: Computer Economics (quoted by NewsFactor.com)

Page 4 8 Oct 2004 History – Slammer Worm Struck on 25 th Jan 2003 Infected 75K hosts Our own NUSNET “melted down” for hours –Elsewhere: Disrupted ATMs, 911 systems Exploited MS-SQL and MSDE vulnerabilities –Patch available from MS since 10 th Jul 2002 –CERT advisory 29 th Jul 2002 Estimated US$1B in damages –Source: Mi2g

Page 5 8 Oct 2004 History – W32/Blaster Struck on 11 th Aug 2003 Exploits RPC vulnerabilities –CERT advisory on 17 th Jul 2003 –Patch available from MS since 16 th Jul 2003 Unprecedented damages –Mi2g estimates $32.8B in economic damages (together with other malware of Aug 2003)

Page 6 8 Oct 2004 History – Other Incidents Apache/mod_ssl worm –CERT advisory 14 th Sep 2002 –Vulnerability published by CERT since 30 th Jul 2002 Nimda worm –CERT announced 18 th Sep 2001 –Exploits vulnerability for which patch available from MS since 29 th Mar 2001

Page 7 8 Oct 2004 Security Triad Confidentiality: Ensuring that data contained in an information system is accessible only to those authorized. Integrity: Ensuring that data contained in or functions carried out by an information system is correct. Availability: Ensuring that an information system is accessible to those authorized to use it.

Page 8 8 Oct 2004 Why Worry Advances in technology: Convenience, cost, availability Pervasiveness of networked computing Network convergence: Single network for Voice, Video and Data Human Issues: –Social Engineering

Page 9 8 Oct 2004 Why Worry – cont’d Infrastructure/Operations –ATMs, Power Grid etc exposed to Internet Various risk exposures: Confidentiality, Integrity, Availability Zero-Day exposures Phishing attacks Risks are outstripping safeguards

Page 10 8 Oct 2004 Changes in Intrusion Profile 1988 Exploiting passwords Exploiting known vulnerabilities Today Exploiting protocol flaws Examining source code for security flaws Abusing public servers Installing sniffers Source address spoofing DoS, DDoS Widespread automated scanning

Page 11 8 Oct 2004

Page 12 8 Oct 2004 Incidents Reported to CERT/CC From: CERT/CC Website

Page 13 8 Oct 2004 How many incidents? From: 2004 CSI/FBI Computer Crime and Security Survey

Page 14 8 Oct 2004 How many incidents from Outside? From: 2004 CSI/FBI Computer Crime and Security Survey

Page 15 8 Oct 2004 How many incidents from Inside? From: 2004 CSI/FBI Computer Crime and Security Survey

Page 16 8 Oct 2004 SOC IDS Activity Statistics for 1 st Oct 2004: IDS log entries runs of portscanning activities incidences of Windows/SMB traffic anomaly 209 accesses to our honeypot

Page 17 8 Oct 2004 SOC Network VA Statistics As on 8 th Oct 2004: 37 machines denied network access (due to enforcement) 185 critical vulnerabilities unfixed

Page 18 8 Oct 2004 Security Lab Objective: –Enable learning and experimentation relating to IT Security –Setting up experiments and playground for anyone interested in IT Security –Activities relating to SIG^2 NUS Chapter Servers, desktop computers and network equipment Look out for upcoming news

Page 19 8 Oct 2004 Questions and Answers Lai Zit Seng