1 Introduction to Email Malcode, DoS Attack, Traceback, RFID Security Cliff C. Zou 03/02/06.

Slides:

Advertisements

Similar presentations

Thank you to IT Training at Indiana University Computer Malware.

Advertisements

Code-Red : a case study on the spread and victims of an Internet worm David Moore, Colleen Shannon, Jeffery Brown Jonghyun Kim.

What is Bad ? Spam, Phishing, Scam, Hoax and Malware distributed via

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.

Network Security aka CyberSecurity Monitor and manage security risks at the network level for the entire Johns Hopkins Network.

1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?

Phishing (pronounced “fishing”) is the process of sending messages to lure Internet users into revealing personal information such as credit card.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Introduction to Security Computer Networks Computer Networks Term B10.

Content  Overview of Computer Networks (Wireless and Wired)  IP Address, MAC Address and Workgroups  LAN Setup and Creating Workgroup  Concept on.

Threats To A Computer Network

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.

Security Awareness: Applying Practical Security in Your World

Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services

Nasca Internet Networking and Security viruses.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Spring 2006.

Game-based Analysis of Denial-of- Service Prevention Protocols Ajay Mahimkar Class Project: CS 395T.

CAP6135: Malware and Software Vulnerability Analysis Examples of Term Projects Cliff Zou Spring 2012.

DDoS Attack and Its Defense1 CSE 5473: Network Security Prof. Dong Xuan.

BOTNETS & TARGETED MALWARE Fernando Uribe. INTRODUCTION  Fernando Uribe   IT trainer and Consultant for over 15 years specializing.

Introduction to Honeypot, Botnet, and Security Measurement

MKTG 476 SECURITY Lars Perner, Instructor 1 Internet Security  Servers  Hacking  Publicly available information  Information storage  Intrusion methods.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

Lecture 14. Lecture’s outline Privacy The sender and the receiver expect confidentiality. The transmitted message must make sense only to the intended.

B OTNETS T HREATS A ND B OTNETS DETECTION Mona Aldakheel

Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 8 – Denial of Service.

Lecturer: Ghadah Aldehim

Networks and Security Monday, 10 th Week. Types of Attacks/Security Issues  Viruses  Worms  Macro Virus  Virus  Trojan Horse  Phishing 

Staying Safe Online Keep your Information Secure.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco PublicNew CCNA Jianxin Tang IT 1 V4.0 Ch9. Fundamental Security.

Viruses & Destructive Programs

ITIS 1210 Introduction to Web-Based Information Systems Chapter 45 How Hackers can Cripple the Internet and Attack Your PC How Hackers can Cripple the.

Final Introduction ---- Web Security, DDoS, others

Introduction to ITE Chapter 9 Computer Security. Why Study Security?  This is a huge area for computer technicians.  Security isn’t just anti-virus.

Attacks On systems And Networks To understand how we can protect our system and network we need to know about what kind of attacks a hacker/cracker would.

Web Spoofing Steve Newell Mike Falcon Computer Security CIS 4360.

Denial of Service (DoS) DoS attacks are aggressive attacks on an individual computer or groups of computers with the intent to deny services to intended.

Distributed Denial of Service Attacks Shankar Saxena Veer Vivek Kaushik.

A Dynamic Packet Stamping Methodology for DDoS Defense Project Presentation by Maitreya Natu, Kireeti Valicherla, Namratha Hundigopal CISC 859 University.

1 Honeypot, Botnet, Security Measurement, Spam Cliff C. Zou CDA /01/07.

NETWORK HARDWARE AND SOFTWARE MR ROSS UNIT 3 IT APPLICATIONS.

Understanding Computer Viruses: What They Can Do, Why People Write Them and How to Defend Against Them Computer Hardware and Software Maintenance.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

1 UNIT 13 The World Wide Web Lecturer: Kholood Baselm.

Denial of Service Datakom Ht08 Jesper Christensen, Patrick Johansson, Robert Kajic A short introduction to DoS.

McLean HIGHER COMPUTER NETWORKING Lesson 13 Denial of Service Attacks Description of the denial of service attack: effect: disruption or denial of.

Sid Stamm, Zulfikar Ramzan and Markus Jokobsson Erkang Xu.

Mohammed F & Aya. Peer-to-peer network are usually common in homes and small businesses and are not necessarily expensive. On a peer-to-peer network each.

Polytechnic University Introduction1 CS 393/682: Network Security Professor Keith W. Ross.

science/internet-intro

Joe Budzyn Jeff Goeke-Smith Jeff Utter. Risk Analysis  Match the technologies used with the security need  Spend time and resources covering the most.

Introduction1-1 Chapter 1: roadmap 1.1 What is the Internet? 1.2 Network edge  end systems, access networks, links 1.3 Network core  circuit switching,

“Lines of Defense” against Malware.. Prevention: Keep Malware off your computer. Limit Damage: Stop Malware that gets onto your computer from doing any.

IT Ess I v.4x Chapter 1 Cisco Discovery Semester 1 Chapter 8 JEOPADY Q&A by SMBender, Template by K. Martin.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

Spoofing The False Digital Identity. What is Spoofing?  Spoofing is the action of making something look like something that it is not in order to gain.

Denial of Service A comparison of DoS schemes Kevin LaMantia COSC 316.

1 UNIT 13 The World Wide Web. Introduction 2 Agenda The World Wide Web Search Engines Video Streaming 3.

1 UNIT 13 The World Wide Web. Introduction 2 The World Wide Web: ▫ Commonly referred to as WWW or the Web. ▫ Is a service on the Internet. It consists.

Comparison of Network Attacks COSC 356 Kyler Rhoades.

What they are and how to protect against them

Instructor Materials Chapter 7 Network Security

Internet LINGO.

Protect Your Computer Against Harmful Attacks!

Security in Networking

Internet Worm propagation

Network Security: DNS Spoofing, SQL Injection, ARP Poisoning

Wireless Spoofing Attacks on Mobile Devices

Introduction to Internet Worm

Presentation transcript:

1 Introduction to Malcode, DoS Attack, Traceback, RFID Security Cliff C. Zou 03/02/06

2 Virus Infection Mechanisms Virus code in attachment  Require user to click/execute attachment  No vulnerability needed on target computer Exploit software vulnerability (e.g., outlook)  Infect by simply checking Contain URL directing to malicious web servers  Trick user to download/execute (e.g., patch)  Could be a mini web server set up on sender

3 Why Users Keep Clicking Virus Attachment? protocol (SMTP) has no built-in security  No encryption  Easy to fake the “From: …” field  Appear to come from your friends, admin,… Social engineering tricks  Warning: your computer is infected!  Fun video clip, photos, doc to share from friends

4 Virus Spreading Steps Obtain addresses  Address book, web cache, …  Search “mailto:...” in google, yahoo, etc (MyDoom) Send out virus  Usually, use its own SMTP engine  The host normally connects to an outgoing server for sending  Many viruses avoid certain domain

5 Other -based Malware Spam  Profit-driven  Usually sent from compromised hosts Spyware (trojan) Adware Phishing  Trick user to connect to a fake website  Record user input of account information

6 Distributed Denial of Service (DDoS) Attack Send large amount of traffic to a server so that the server has no resource to serve normal users Attacking format:  Consume target memory/CPU resource  SYN flood (backscatter paper presented before)  Database query…  Congest target Internet connection  Many sources attack traffic overwhelm target link  Very hard to defend

7 Why hard to defined DDoS attack? Internet IP protocol has no built-in security  No authentication of source IP  SYN flood with faked source IP  However, IP is true after connection is setup Servers are supposed to accept unsolicited service requests Lack of collaboration ways among Internet community  How can you ask an ISP in another country to block certain traffic for you?

8 DoS spoofed attack defense: IP traceback Suppose a victim can call ISPs upstream to block certain traffic SYN flood: which traffic to block? IP traceback:  Find out the real attacking host for SYN flood  Based on large amount of attacking packets  Need a little help from routers (packet marking)

9 Worm defense: Worm traceback Find who is the first to be infected  Useful for enterprise network  Find the security breach point afterwards  Based on worm attacking flow

10 RFID Background RFID: radio-frequency identification  Tiny computer chip with an antenna to transmit information to an RFID reader RFID tag in consumer market  Store a unique ID number  “Wireless” bar code Huge market profit in the future  Cheap tags for most consumer products  Different tags for vast applications

11 RFID Background Power issue  Active: battery-powered, long range  E-pass  Passive: no battery, powered by radio signal from RFID reader  Consumer tags (no crypto/authentication, cheap)  ExxonMobil SpeedPass (crypto-enable, expensive) Memory issue  Read-only (cheapest)  Read/Write

12 Current approaches for Privacy Preservation Crypto/authentication:  No resource available on cheap RFID tags  Applicable on high-end RFID (e.g., SpeedPass)  Attackers can use laptop/PDA to decrypt Kill tag (when in consumer’s hands):  Kill all ID, or kill long-range ID  Pro: simple, reliable (understandable to people)  Con: non-reversible, no more service from RFID

13 Current approaches for Privacy Preservation Radio signal shield  Pro: simple/understandable  Con: suitable for a small range of tags  Tags in wallet: credit card, currency Jam radio signal: (e.g., RFID blocker)  Like denial-of-service to ID query from reader  Con: a separate device, hard to configure deny service (intrusive)