Presented by Mohammed F. Mokbel Security and Privacy on the Internet {0360564} Instructor: Dr. Aggarwal Fall 2007 10/4/2007.

Slides:

Advertisements

Similar presentations

Testing Relational Database

Advertisements

Database System Concepts and Architecture

Configuration Management

Mobile Code Security Aviel D. Rubin, Daniel E. Geer, Jr. MOBILE CODE SECURITY, IEEE Internet Computing, 1998 Minkyu Lee

Ubiquitous Computing Definitions Ubiquitous computing is the method of enhancing computer use by making many computers available throughout the physical.

CSCD 433/533 Advanced Computer Networks Lecture 1 Course Overview Fall 2011.

MS DB Proposal Scott Canaan B. Thomas Golisano College of Computing & Information Sciences.

“The Meat of BE1010” OS & Applications OS Communication with Applications and the User Applications System Software File Size Binary Application Software.

From Discrete Mathematics to AI applications: A progression path for an undergraduate program in math Abdul Huq Middle East College of Information Technology,

Fundamentals of Information Systems, Second Edition

1 Validation and Verification of Simulation Models.

Introduction to Software Engineering CS-300 Fall 2005 Supreeth Venkataraman.

Software Issues Derived from Dr. Fawcett’s Slides Phil Pratt-Szeliga Fall 2009.

Software Engineering Tools and Methods Presented by: Mohammad Enamur Rashid( ) Mohammad Rashim Uddin( ) Masud Ur Rahman( )

Installing software on personal computer

Virtual Machine Security Summer 2013 Presented by: Rostislav Pogrebinsky.

Science Inquiry Minds-on Hands-on.

Leveraging State Information for Automated Attack Discovery In Transport Protocol Implementations Samuel Jero, Hyojeong Lee, and Cristina Nita-Rotaru Purdue.

Introduction to Computer Technology

By: Dr. Mohammed Alojail College of Computer Sciences & Information Technology 1.

IT – DBMS Concepts Relational Database Theory.

Computer Security An overview of terms and key concepts.

Vulnerability-Specific Execution Filtering (VSEF) for Exploit Prevention on Commodity Software Authors: James Newsome, James Newsome, David Brumley, David.

Chapter 4: What is an operating system?. What is an operating system? A program or collection of programs that coordinate computer usage among users and.

Management Information Systems

1 Secure Cooperative MIMO Communications Under Active Compromised Nodes Liang Hong, McKenzie McNeal III, Wei Chen College of Engineering, Technology, and.

Information Systems Security Computer System Life Cycle Security.

Chapter 1 Introduction to Simulation

© 2012 IBM Corporation Rational Insight | Back to Basis Series Chao Zhang Unit Testing.

Self stabilizing Linux Kernel Mechanism Doron Mishali, Alex Plits Supervisors: Prof. Shlomi Dolev Dr. Reuven Yagel.

CHAPTER 4 Marketing Information and Research: Analyzing the Business Environment Off-line and Online M A R K E T I N G.

Introduction and Overview Questions answered in this lecture: What is an operating system? How have operating systems evolved? Why study operating systems?

Purpose of study A high-quality computing education equips pupils to use computational thinking and creativity to understand and change the world. Computing.

INFORMATION SYSTEMS Overview

Implicit An Agent-Based Recommendation System for Web Search Presented by Shaun McQuaker Presentation based on paper Implicit:

Virus Detection Mechanisms Final Year Project by Chaitanya kumar CH K.S. Karthik.

Processes and OS basics. RHS – SOC 2 OS Basics An Operating System (OS) is essentially an abstraction of a computer As a user or programmer, I do not.

D1.HGE.CL7.01 D1.HGA.CL6.08 Slide 1. Introduction Design, prepare and present reports  Classroom schedule  Trainer contact details  Assessments  Resources:

Dr Jamal Roudaki Faculty of Commerce Lincoln University New Zealand.

Copyright © cs-tutorial.com. Overview Introduction Architecture Implementation Evaluation.

Fundamentals of Information Systems, Second Edition 1 Systems Development.

Chap. 5 Building Valid, Credible, and Appropriately Detailed Simulation Models.

Agents that Reduce Work and Information Overload and Beyond Intelligent Interfaces Presented by Maulik Oza Department of Information and Computer Science.

Distributed System Services Fall 2008 Siva Josyula

A. Frank - P. Weisberg Operating Systems Structure of Operating Systems.

Computer Simulation of Networks ECE/CSC 777: Telecommunications Network Design Fall, 2013, Rudra Dutta.

Rational Unified Process Fundamentals Module 4: Core Workflows II - Concepts Rational Unified Process Fundamentals Module 4: Core Workflows II - Concepts.

College of Computer Science, SCU Computer English Lecture 1 Computer Science Yang Ning 1/46.

Chapter 1 Basic Concepts of Operating Systems Introduction Software A program is a sequence of instructions that enables the computer to carry.

C OMPUTER THREATS, ATTACKS AND ASSETS DONE BY NISHANT NARVEKAR TE COMP

Introduction to Performance Testing Performance testing is the process of determining the speed or effectiveness of a computer, network, software program.

Risk-Aware Mitigation for MANET Routing Attacks Submitted by Sk. Khajavali.

Mohssen Mohammed Sakib Pathan Building Customer Trust in Cloud Computing with an ICT-Enabled Global Regulatory Body Mohssen Mohammed Sakib Pathan.

CSCD 433/533 Advanced Computer Networks Lecture 1 Course Overview Spring 2016.

1 Chapter 2: Operating-System Structures Services Interface provided to users & programmers –System calls (programmer access) –User level access to system.

Chapter 27 Network Management Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

Software Engineering Salihu Ibrahim Dasuki (PhD) CSC102 INTRODUCTION TO COMPUTER SCIENCE.

Seminar On Ethical Hacking Submitted To: Submitted By:

Introduction Edited by Enas Naffar using the following textbooks: - A concise introduction to Software Engineering - Software Engineering for students-

Chapter 18 Maintaining Information Systems

Data & Network Security

CompSci 725 Presentation by Siu Cho Jun, William.

Copyright © 2011 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Chapter 2 Database System Concepts and Architecture.

Introduction Edited by Enas Naffar using the following textbooks: - A concise introduction to Software Engineering - Software Engineering for students-

Computer Simulation of Networks

Information Systems in Organizations 2

Topic 5: Communication and the Internet

Building Valid, Credible, and Appropriately Detailed Simulation Models

Chapter 10 Thinking in Objects Part 1

Presentation transcript:

Presented by Mohammed F. Mokbel Security and Privacy on the Internet { } Instructor: Dr. Aggarwal Fall /4/2007

Security-Privacy Abstraction  Presenting Security-Privacy at abstract level as a mean of Global Generalization rather than a specific example from real life (?)  Using universal (Abstract)) SP system to approach a satisfactory confidence level  Knowledge Division in terms of discrete SP evolution.

Presentation Layout  Introduction  Human Factor In SP  Normal Vs. Competent end user First Impression Knowledge acquisition A proposal for a new System PMBS  People equality at decoding info. stream Time + Relativity = %[Confidence * (StaticC/DynamicC)] Implementation breaches – Procedures, Techniques and the system itself  People & Technology := Mutual Interaction (Inseparable Entities)  Nothing what it seems  People & people: Clear path  POC: In the womb: revamping console code injection  Some Advcies  Future Work  Conclusions

Introduction. Human Factor in SP  In today world of computer security and internet widespread usage an enormous amount of information is carried out using either a wire or a wireless devices  The normal user and the competent end user are those who has a different perspectives about internet and computer in general, they do really appreciate the elegance of how things performed at the bits level but mostly precaution and analytical thinking is more imaginable and accurate for the competent end user, because everything is computed with a reliable acquired knowledge about the subject under investigation.

Probabilistic Mathematical Behavioral System PMBS  In which the magnitude of the information required to meet ones’ expectations is proportional to the user fundamental knowledge in terms of time elapsed since the user start using the system and this to be determined stochastically.

People equality at decoding info. stream  Are people equal at information demystification or is it just a matter of time?  As most of the theories suggest that exercising the knowledge you have would achieve a satisfactory level of collective thinking.  Time Factor. Everything is relativistic  The reason why most people ought to be confidence with the information they have is probably due to the short experience they have with huge amount of resources (again time is the major factor). They may consider things perfect or less but the problem lies in the implementation process where most of the security breaches do not manipulate the system itself but rather reversing or annihilating the techniques and the procedures used to help embed the core system and in this case a plethora of holes and worms are taking its place for a very devious and nefarious attack.

Proof of Concept  In the womb: Revamping console code injection…  modifying the internal structure of the executable file using code injection technique.  Further works has to be done to link it to a more elusive malicious scenario by inserting a special area for network communication using Winsock API’s

Continue .A monitoring matrix of scattered random modifications should be traced to control these set of alterations so that a meta-transformer tool could be designed to handle it in automated manner as a final revised edition.  The main purpose of this section is to demonstrate the validity of this approach following a case study scenario in which an absolute phase modulation is applied.

Some Advices  I advice you to start using some of the best special versions of Linux OS  Such as, Hackin9, Damn Vulnerable Linux, Black Track 2, Protech,…  These editions are designed for a special purposes so that you can exercise your theory in real time scenarios. But take care as these things are dangerous if you let it happen outside a controlled environment.  Preferably is to use a virtual machine software such as, VMWare, Virtual PC,…

Future Work  Further work has to be done in the area of code injection technique especially employing a stealthy connection and tricky behavior to the culprit binary file. In addition to that a more detailed case studies could be provided to make things easier to understand and less obstructive.

Conclusions  This paper establishes a new dimension of computer security vision by providing the security aspect in terms of philosophy and conceptual analysis. It does not gives an absolute approach for security problems as almost everything is relativistic based on the case under assessment.

? Now bombard me with your Questions?