Download presentation
Presentation is loading. Please wait.
1
Challenges We Face On the Internet
Steve Schuster Cornell University
2
Questions to be Addressed
What is the intent behind security-related incidents and how is this goal achieved? Who is conducting these threats? What are some of the more significant challenges us? Why do we not see more convictions?
3
What is the Intent? Service disruption Marketing
Distribution of copyright material Personal or organizational agendas Harassment Identity theft
4
Intent -- Service Disruption
Definition Cause harm or disruption to computers, networks or the Internet Methods Viruses Worms Denial of service attacks
5
Intent -- Service Disruption
Viruses Typically spread through Requires human action
6
Intent -- Service Disruption
ISP in New Haven, CT
7
Intent -- Service Disruption
Worms Spread from computer to computer No human action required Denial of service attacks 100’s to 1000’s of computers attacking a single service or site
8
Intent -- Service Disruption
Number of Malicious Programs Detected per Year * Source:
9
Intent -- Marketing Definition Methods
For the purpose of selling or marketing products Methods Spyware Adware SPAM
10
Intent -- Marketing Spyware
Small applications that are installed on a computer for the purpose of tracking internet usage Speed of computer Speed of network Websites visited Searches made Items purchased Type of credit card used Even experienced Internet users are almost 100 percent likely of getting spyware within 30 days* * McAfee Siteadvisor
11
Intent -- Marketing Adware
Programs that automatically play, display or download advertising material Pop-ups are the best example
12
Intent -- Marketing SPAM Unsolicited or bulk e-mail messages
During December 2005 63 Million mail messages 26.8 Million rejected as SPAM 2.2 Million rejected as viruses
13
Intent -- Marketing
14
Intent -- Copyright Distribution
Definition Computer compromises that appear to be for the sole purpose of distributing copyright material Some facts About 85% of all computer compromises are for this purpose Automated scripts have been developed to compromise and test computing environment for usefulness Most still use FTP for file transfer
15
Intent -- Copyright Distribution
16
Intent -- Pushing an Agenda
Definition Actions taken to communicate some agenda Methods SPAM Web defacement
17
Intent -- Pushing an Agenda
18
Intent -- Harassment Definition Some facts Probably needs none
Typically performed using mail Some are naïve enough to use local mail Most use hotmail, yahoo, msn, etc.
19
Intent -- Identity Theft
Definition Actions taken for the purpose of gaining personally identifiable information Type of data Social security number Bank account numbers Credit card numbers Drivers license numbers Methods Phishing Hacking for databases
20
Intent -- Identity Theft
22
Intent -- Identity Theft
23
Intent -- Identity Theft
24
Who Does This Stuff? Inquisitive teens On-line businesses
Internet “businessmen” Organized crime
25
Our Biggest Challenges
Changing/emerging law Growing social expectations and requirements Our general “openness” can make everyone an easier target Open networks Home users Roaming resources Changing the way data are handled and transmitted Answering institutional questions Complexity due to decentralized IT support complicates the identification of critical or sensitive resources/data Preparing for a legal defense needs to begin now
26
Some Prosecution Challenges
Computer crime is very hard to comprehend Computer analysis is resource intensive and is not always definitive Hiding on the Internet is extremely easy Typically the computer doing the attacking or SPAMing is not at the location of the perpetrator It’s hacked Internet hopping is a major problem The attack does not always come from where it appears to come
27
?
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.