CSC 382: Computer SecuritySlide #1 CSC 382: Computer Security Threats.

Slides:



Advertisements
Similar presentations
ECE454/599 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2012.
Advertisements

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Technology Education Copyright © 2006 by The McGraw-Hill Companies,
Crime and Security in the Networked Economy Part 4.
© 2014 wheresjenny.com Cyber crime CYBER CRIME. © 2014 wheresjenny.com Cyber crime Vocabulary Defacement : An attack on a website that changes the visual.
Dr. John P. Abraham Professor UTPA 2 – Systems Threats and Risks.
Hackers, Crackers, and Network Intruders: Heroes, villains, or delinquents? Tim McLaren Thursday, September 28, 2000 McMaster University.
Chapter 9 Information Systems Ethics, Computer Crime, and Security
1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?
NCS welcome all participants on behalf of Quick Heal Anti Virus and Fortinet Firewall solution.
Chapter 4 McGraw-Hill/Irwin Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved. Ethics and Information Security.
McGraw-Hill/Irwin Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. Extended Learning Module H Computer Crime and Digital Forensics.
Mod H-1 Examples of Computer Crimes. Mod H-2 Stuxnet.
7.1 Copyright © 2011 Pearson Education, Inc. 7 Chapter Securing Information Systems.
Security, Privacy, and Ethics Online Computer Crimes.
MIS PERSONAL, LEGAL, ETHICAL, AND ORGANIZATIONAL ISSUES OF INFORMATION SYSTEMS CHAPTER 4 Hossein BIDGOLI Phishing that bites Paying for Privacy Pirates.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Chapter 9 Information Systems Ethics, Computer Crime, and Security
Privacy & Security By Martin Perez. Introduction  Information system - People : meaning use, the people who use computers. - Procedures : Guidelines.
Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services
What Are Malicious Attacks? Malicious Attacks are any intentional attempts that can compromise the state of your computer. Including but not limited to:
Threats and ways you can protect your computer. There are a number of security risks that computer users face, some include; Trojans Conficker worms Key.
Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.
Issues Raised by ICT.
Internet safety Viruses A computer virus is a program or piece of code that is loaded onto your computer without your knowledge and runs against your.
Internet Safety CSA September 21, Internet Threats Malware (viruses) Spyware Spam Hackers Cyber-criminals.
Chapter 11 Security and Privacy: Computers and the Internet.
Online Annoyances Spam – electronic junk mail
Cyber crime on the rise. Recent cyber attacks How it happens? Distributed denial of service Whaling Rootkits Keyloggers Trojan horses Botnets Worms Viruses.
Cyber Crime & Security Raghunath M D BSNL Mobile Services,
ISNE101 Dr. Ken Cosh Week 14. This Week  Challenges (still) facing Modern IS  Reliability  Security.
Computer Crime and Information Technology Security
Cyber Crimes.
PART THREE E-commerce in Action Norton University E-commerce in Action.
Malware  Viruses  Virus  Worms  Trojan Horses  Spyware –Keystroke Loggers  Adware.
Staying Safe Online Keep your Information Secure.
Viruses & Destructive Programs
1.Too many users 2.Technical factors 3.Organizational factors 4.Environmental factors 5.Poor management decisions Which of the following is not a source.
CIT 140: Introduction to ITSlide #1 CSC 140: Introduction to IT File Security.
ED 505 Educational Technology By James Moore.  What is the definition of Netiquette and how does it apply to social media sites? ◦ Netiquette is the.
CHAPTER 7: PRIVACY, CRIME, AND SECURITY. Privacy in Cyberspace  Privacy: an individual’s ability to restrict or eliminate the collection, use and sale.
 A computer virus is a program or piece of code that is loaded onto your computer without your knowledge and runs against your wishes. It is deliberately.
Computer Crimes 8 8 Chapter. The act of using a computer to commit an illegal act Authorized and unauthorized computer access. Examples- o Stealing time.
8: Basic Security Networking for Home & Small Business.
CIT 380: Securing Computer SystemsSlide #1 CIT 380 Securing Computer Systems Threats.
1 Computer Crime Often defies detection Amount stolen or diverted can be substantial Crime is “clean” and nonviolent Number of IT-related security incidents.
What is risk online operation:  massive movement of operation to the internet has attracted hackers who try to interrupt such operation daily.  To unauthorized.
Crime committed using a computer and the internet to steal a person’s identity or illegal imports or malicious programs cybercrime is nothing but where.
Chap1: Is there a Security Problem in Computing?.
Module  Introduction Introduction  Techniques and tools used to commit computer crimes Techniques and tools used to commit computer crimes.
Computer Skills and Applications Computer Security.
IT Computer Security JEOPARDY RouterModesWANEncapsulationWANServicesRouterBasicsRouterCommands RouterModesWANEncapsulationWANServicesRouterBasicsRouterCommands.
INFORMATION TECHNOLOGY IN A GLOBAL SOCIETY: SECURITY Taylor Moncrief.
Changes in Computer Security Will You Be Better Off?
Internet Security. 2 Computers on the Internet are almost constantly bombarded with viruses, other malware and other threats.
CIT 380: Securing Computer SystemsSlide #1 CIT 380 Securing Computer Systems Threats.
Security and Ethics Safeguards and Codes of Conduct.
Computer Crime: Identity Theft, Misuse of Personal Information, and How to Protect Yourself (Tawny Walsh, Irina Lohina, Renair Jackson, Jahmele Betterson,
Cybersecurity Test Review Introduction to Digital Technology.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Computers Are Your Future Eleventh Edition Chapter 9: Privacy, Crime, and Security Copyright © 2011 Pearson Education, Inc. Publishing as Prentice Hall1.
The Need for Information Security(2) Lecture 3. Slide 2 Information Extortion  Information extortion is an attacker or formerly trusted insider stealing.
Created by the E-PoliceSlide 122 February, 2012 Dangers of s By Michael Kuc.
Cyber crimes is the most popular news we come across daily In good olden days there were no development in the usage of computers as we have now As.
CSC 382: Computer Security
3.6 Fundamentals of cyber security
Instructor Materials Chapter 7 Network Security
Presentation transcript:

CSC 382: Computer SecuritySlide #1 CSC 382: Computer Security Threats

CSC 382: Computer SecuritySlide #2 What are threats? What threats can you think of to your home? To your money (including bank accounts, checks, credit and debit cards)? To your home computer?

CSC 382: Computer SecuritySlide #3 What are threats? Home: –Burglary –Fire –Vandalism Money (cash/credit): –Theft. –Counterfeiting. –Signature forgery. –Identity theft. Computer: –Viral/worm infection. –Adware/spyware. –Denial of service. –Data destruction. –Physical destruction (overheat, flash “ROM” overwriting) –Use of computer for felonious purposes.

CSC 382: Computer SecuritySlide #4 Digital Threats: More of the Same Theft Vandalism Extortion Con Games Fraud Stalking Voyeurism

CSC 382: Computer SecuritySlide #5 Digital Threats: What’s Different Automation –Salami Attack from Office Space. Action at a Distance –Volodya Levin, from St. Petersburg, Russia, stole over $10million from US Citibank. Arrested in London. –Operators of CA BBS tried and convicted in TN court because TN had d/led pornography f/ CA. Technique Propagation –Criminals share techniques rapidly and globally.

CSC 382: Computer SecuritySlide #6

CSC 382: Computer SecuritySlide #7 Survival Time

CSC 382: Computer SecuritySlide #8 Current Threat Information SANS Internet Storm Center Bugtraq CERT Packet Storm Risks Digest

CSC 382: Computer SecuritySlide #9 Who are the Attackers? Hackers vs Crackers Levels of attackers –Developer Finds new security vulnerabilities Writes tools and exploits –User Understands tools; modifies tools/exploits –Script Kiddie

CSC 382: Computer SecuritySlide #10 Who are the Attackers? Criminals. –1993: Thieves installed bogus ATM at Manchester Mall. Saved account#s + PINs. Organized crime. –2000: Mafia-led organization members arrested for attempt to steal $680million from Bank of Sicily. Malicious insiders. –2001: Mike Ventimiglia deletes files of his employer, GTE. $200,000 damage. Industrial espionage. –2001: Verdicts in Cadence Design Systems vs. Avant against 7 employees incl CEO. 5 sentenced to jail.

CSC 382: Computer SecuritySlide #11 Who are the Attackers? Press. –1998: Cincinnati Enquirer reporter Michael Gallagher breaks into Chiquita Fruits voic to expose illegal activities. Police. –1997: LAPD illegal wiretapping scandal. Terrorists. –1999: DOS attacks and web defacements against NATO country computers during Kosovo bombings. National Intelligence. –2000: Former CIA Directory Woolsey admitted to using ECHELON information to help US companies win foreign contracts.

CSC 382: Computer SecuritySlide #12 What Are Our Defences? Firewalls Virus Scanners Spyware Scanners Patches Backups Prevent Detect Respond Recover

CSC 382: Computer SecuritySlide #13 What Are The Attacks? Phishing Malware Ransomware Spyware Botnets

CSC 382: Computer SecuritySlide #14 Phishing

CSC 382: Computer SecuritySlide #15 Phishing Site

CSC 382: Computer SecuritySlide #16 Malware Trojan Horses Viruses Worms

CSC 382: Computer SecuritySlide #17 Ransomware

CSC 382: Computer SecuritySlide #18 Spyware and Adware Most Trojan Horses, some infect directly. –Browser hijacking –Pop-up advertisements –Keystroke and network logging –Steal confidential data from and files 80% of PCs are infected with spyware (Oct 2004 AOL/NCSA survey.)

CSC 382: Computer SecuritySlide #19 Rootkits Execution Redirection File Hiding Process Hiding Network Hiding User Program Rootkit OS

CSC 382: Computer SecuritySlide #20 Botnets Worm or direct attack usurps control of PC, then installs control software to listen for instructions. Instructions can include: Attempt to infect other PCs Send spam message Launch DOS attack Upgrade attack and control software Virus writers sell botnets to spammers for $0.10/compromised PC

CSC 382: Computer SecuritySlide #21 Future of Attacks VM Rootkits Mobile Malware Gone in 20 Minutes RFID Viruses Virtual Property Theft

CSC 382: Computer SecuritySlide #22 Key Points Computer crimes same as pre-computer crimes. Differences in digital threats –Automation –Action at a distance –Technique propagation Digital threats –Phishing –Malware –Ransomware –Spyware –Botnets

CSC 382: Computer SecuritySlide #23 References 1.Alexander Gostev et. al., “Malware Evolution: January – March 2006,” Virus List, April 12, The Honeynet Project, Know Your Enemy, 2nd edition, Addison-Wesley, John Leyden, "The illicit trade in compromised PCs," The Register, Apr Stuart McClure, Joel Scambray, and George Kurtz, Hacking Exposed, 5th edition, McGraw-Hill, Rachna Dhamija and J. D. Tygar, "The Battle Against Phishing: Dynamic Security Skins," Proceedings of the Symposium on Usable Privacy and Security (SOUPS), July SANS Internet Storm Center, 7.Schneier, Bruce, Beyond Fear, Copernicus Books, Ed Skoudis, Counter Hack Reloaded, Prentice Hall, Stuart Staniford, Vern Paxson, and Nicholas Weaver, "How to 0wn the Internet in Your Spare Time," Proceedings of the 11th USENIX Security Symposium, Richard Stiennon, "Spyware: 2004 Was Only the Beginning," CIO Update, Jan Thompson, Ken, “Reflections on Trusting Trust”, Communication of the ACM, Vol. 27, No. 8, August 1984, pp (

CSC 382: Computer SecuritySlide #24 Extra Slides

CSC 382: Computer SecuritySlide #25 Classes of Threats Disclosure –unauthorized access to data –Examples copyright infringement unauthorized CC use Deception –acceptance of false data –Examples Anti-spam filter techniques “Social engineering”

CSC 382: Computer SecuritySlide #26 Classes of Threats Disruption –interruption of correct system operation –Examples: DDOS attacks Usurpation –unauthorized control of system component –Example: Nicholas Jacobsen Controlled T-mobile’s systems in 2004 Monitored , downloaded web-cam photos Sold customer records (incl SSN, voic pw, etc)

CSC 382: Computer SecuritySlide #27 Types of Threats Snooping –interception of data –Examples: Reading , or intercepting cleartext passwords. ECHELON. Modification –Examples: Changing student grades in War Games. Web site defacing (>1500/month recorded at attrition.org in 2001) Spoofing –impersonation –Examples: Spam s almost always spoof source address. The many Citibank phishing scams.

CSC 382: Computer SecuritySlide #28 Types of Threats Repudiation of Origin –Deny ordering goods. Denial of Receipt –Deny receipt of payment or goods. –Examples eBay Credit card payments. Denial of Service –Examples: 2000: “Mafiaboy” DDOS takes down Amazon, eBay, Yahoo. Filling up disk with spam, unauthorized copies of files.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.