Presentation is loading. Please wait.

Presentation is loading. Please wait.

The University of Adelaide, School of Computer Science

Published byBertha Long Modified over 6 years ago

Similar presentations

Presentation on theme: "The University of Adelaide, School of Computer Science"— Presentation transcript:

1 The University of Adelaide, School of Computer Science
Cyber Attacks Protecting National Infrastructure, 1st ed. The University of Adelaide, School of Computer Science 24 November 2018 Chapter 1 Introduction Copyright © 2012, Elsevier Inc. All Rights Reserved Chapter 2 — Instructions: Language of the Computer

2 Copyright © 2012, Elsevier Inc. All rights Reserved
The University of Adelaide, School of Computer Science 24 November 2018 Introduction Chapter 1 – Introduction National infrastructure Refers to the complex, underlying delivery and support systems for all large-scale services considered absolutely essential to a nation Conventional approach to cyber security not enough New approach needed Combining best elements of existing security techniques with challenges that face complex, large-scale national services Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 2 — Instructions: Language of the Computer 2

3 Fig. 1.1 – National infrastructure cyber and physical attacks
Chapter 1 – Introduction Copyright © 2012, Elsevier Inc. All rights Reserved

4 Fig. 1.2 – Differences between small- and large-scale cyber security
Chapter 1 – Introduction Copyright © 2012, Elsevier Inc. All rights Reserved

5 The University of Adelaide, School of Computer Science
24 November 2018 National Cyber Threats, Vulnerabilities, and Attacks Chapter 1 – Introduction Three types of malicious adversaries External adversary Internal adversary Supplier adversary Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 2 — Instructions: Language of the Computer

6 Copyright © 2012, Elsevier Inc. All rights Reserved
Fig. 1.3 – Adversaries and exploitation points in national infrastructure Chapter 1 – Introduction Copyright © 2012, Elsevier Inc. All rights Reserved

7 The University of Adelaide, School of Computer Science
24 November 2018 National Cyber Threats, Vulnerabilities, and Attacks Chapter 1 – Introduction Three exploitation points Remote access System administration and normal usage Supply chain Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 2 — Instructions: Language of the Computer

8 The University of Adelaide, School of Computer Science
24 November 2018 National Cyber Threats, Vulnerabilities, and Attacks Chapter 1 – Introduction Infrastructure threatened by most common security concerns: Confidentiality Integrity Availability Theft Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 2 — Instructions: Language of the Computer

9 Copyright © 2012, Elsevier Inc. All rights Reserved
The University of Adelaide, School of Computer Science 24 November 2018 Botnet Threat Chapter 1 – Introduction What is a botnet attack? The remote collection of compromised end-user machines (usually broadband-connected PCs) is used to attack a target. Sources of attack are scattered and difficult to identify Five entities that comprise botnet attack: botnet operator, botnet controller, collection of bots, botnot software drop, botnet target Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 2 — Instructions: Language of the Computer 9

10 Copyright © 2012, Elsevier Inc. All rights Reserved
The University of Adelaide, School of Computer Science 24 November 2018 Botnet Threat Chapter 1 – Introduction Five entities that comprise botnet attack: Botnet operator Botnet controller Collection of bots Botnot software drop Botnet target Distributed denial of service (DDOS) attack: bots create “cyber traffic jam” Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 2 — Instructions: Language of the Computer 10

11 Fig. 1.4 – Sample DDOS attack from a botnet
Chapter 1 – Introduction Copyright © 2012, Elsevier Inc. All rights Reserved

12 National Cyber Security Methodology Components
The University of Adelaide, School of Computer Science 24 November 2018 National Cyber Security Methodology Components Chapter 1 – Introduction Ten basic design and operation principles: Deception – Discretion Separation – Collection Diversity – Correlation Commonality – Awareness Depth – Response Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 2 — Instructions: Language of the Computer 12

13 Copyright © 2012, Elsevier Inc. All rights Reserved
The University of Adelaide, School of Computer Science 24 November 2018 Deception Chapter 1 – Introduction Deliberately introducing misleading functionality or misinformation for the purpose of tricking an adversary Computer scientists call this functionality a honey pot Deception enables forensic analysis of intruder activity The acknowledged use of deception may be a deterrent to intruders (every vulnerability may actually be a trap) Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 2 — Instructions: Language of the Computer 13

14 Fig. 1.5 – Components of an interface with deception
Chapter 1 – Introduction Copyright © 2012, Elsevier Inc. All rights Reserved

15 Copyright © 2012, Elsevier Inc. All rights Reserved
The University of Adelaide, School of Computer Science 24 November 2018 Separation Chapter 1 – Introduction Separation involves enforced access policy restrictions on users and resources in a computing environment Most companies use enterprise firewalls, which are complemented by the following: Authentication and identity management Logical access controls LAN controls Firewalls Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 2 — Instructions: Language of the Computer 15

16 Fig. 1.6 – Firewall enhancements for national infrastructure
Chapter 1 – Introduction Copyright © 2012, Elsevier Inc. All rights Reserved

17 Copyright © 2012, Elsevier Inc. All rights Reserved
The University of Adelaide, School of Computer Science 24 November 2018 Diversity Chapter 1 – Introduction Diversity is the principle of using technology and systems that are intentionally different in substantive ways. Diversity hard to implement A single software vendor tends to dominate the PC operating system business landscape Diversity conflicts with organizational goals of simplifying supplier and vendor relationships Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 2 — Instructions: Language of the Computer 17

18 Fig. 1.7 – Introducing diversity to national infrastructure
Chapter 1 – Introduction Copyright © 2012, Elsevier Inc. All rights Reserved

19 Copyright © 2012, Elsevier Inc. All rights Reserved
The University of Adelaide, School of Computer Science 24 November 2018 Commonality Chapter 1 – Introduction Consistency involves uniform attention to security best practices across national infrastructure components Greatest challenge involves auditing A national standard is needed Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 2 — Instructions: Language of the Computer 19

20 Copyright © 2012, Elsevier Inc. All rights Reserved
The University of Adelaide, School of Computer Science 24 November 2018 Depth Chapter 1 – Introduction Depth involves using multiple security layers to protect national infrastructure assets Defense layers are maximized by using a combination of functional and procedural controls Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 2 — Instructions: Language of the Computer 20

21 Fig. 1.8 – National infrastructure security through defense in depth
Chapter 1 – Introduction Copyright © 2012, Elsevier Inc. All rights Reserved

22 Copyright © 2012, Elsevier Inc. All rights Reserved
The University of Adelaide, School of Computer Science 24 November 2018 Discretion Chapter 1 – Introduction Discretion involves individuals and groups making good decisions to obscure sensitive information about national infrastructure This is not the same as “security through obscurity” Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 2 — Instructions: Language of the Computer 22

23 Copyright © 2012, Elsevier Inc. All rights Reserved
The University of Adelaide, School of Computer Science 24 November 2018 Collection Chapter 1 – Introduction Collection involves automated gathering of system-related information about national infrastructure to enable security analysis Data is processed by a security information management system. Operational challenges What type of information should be collected? How much information should be collected? Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 2 — Instructions: Language of the Computer 23

24 Copyright © 2012, Elsevier Inc. All rights Reserved
Fig. 1.9 – Collecting national infrastructure-related security information Chapter 1 – Introduction Copyright © 2012, Elsevier Inc. All rights Reserved

25 Copyright © 2012, Elsevier Inc. All rights Reserved
The University of Adelaide, School of Computer Science 24 November 2018 Correlation Chapter 1 – Introduction Correlation involves a specific type of analysis that can be performed on factors related to national infrastructure protection This type of comparison-oriented analysis is indispensable Past initiatives included real-time correlation of data at fusion center Difficult to implement Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 2 — Instructions: Language of the Computer 25

26 Fig. 1.10 – National infrastructure high-level correlation approach
Chapter 1 – Introduction Copyright © 2012, Elsevier Inc. All rights Reserved

27 Copyright © 2012, Elsevier Inc. All rights Reserved
The University of Adelaide, School of Computer Science 24 November 2018 Awareness Chapter 1 – Introduction Awareness involves an organization understanding the differences between observed and normal status in national infrastructure Most agree on the need for awareness, but how can awareness be achieved? Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 2 — Instructions: Language of the Computer 27

28 Fig. 1.11 – Real-time situation awareness process flow
Chapter 1 – Introduction Copyright © 2012, Elsevier Inc. All rights Reserved

29 Copyright © 2012, Elsevier Inc. All rights Reserved
The University of Adelaide, School of Computer Science 24 November 2018 Response Chapter 1 – Introduction Response involves the assurance that processes are in place to react to any security-related indicator Indicators should flow from the awareness layer Current practice in smaller corporate environments of reducing “false positives” by waiting to confirm disaster is not acceptable for national infrastructure Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 2 — Instructions: Language of the Computer 29

30 Fig. 1.12 – National infrastructure security response approach
Chapter 1 – Introduction Copyright © 2012, Elsevier Inc. All rights Reserved

31 Implementing the Principles Nationally
The University of Adelaide, School of Computer Science 24 November 2018 Implementing the Principles Nationally Chapter 1 – Introduction Commissions and groups Information sharing International cooperation Technical and operational costs Copyright © 2012, Elsevier Inc. All rights Reserved Chapter 2 — Instructions: Language of the Computer 31

Download ppt "The University of Adelaide, School of Computer Science"

Similar presentations

Database Security Policies and Procedures and Implementation for the Disaster Management Communication System Presented By: Radostina Georgieva Master.

Database Security Policies and Procedures and Implementation for the Disaster Management Communication System Presented By: Radostina Georgieva Master.
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
Some general principles in computer security Tomasz Bilski Chair of Control, Robotics and Computer Science Poznań University.

Some general principles in computer security Tomasz Bilski Chair of Control, Robotics and Computer Science Poznań University.
Copyright © 2008 Accenture All Rights Reserved. Accenture, its logo, and High Performance Delivered are trademarks of Accenture. Andrew Stone Common Security.

Copyright © 2008 Accenture All Rights Reserved. Accenture, its logo, and High Performance Delivered are trademarks of Accenture. Andrew Stone Common Security.
The State of Security Management By Jim Reavis January 2003.

The State of Security Management By Jim Reavis January 2003.
©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.

©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.
Lecture 11 Reliability and Security in IT infrastructure.

Lecture 11 Reliability and Security in IT infrastructure.
©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.

©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.
Security Architecture Dr. Gabriel. Security Database security: –degree to which data is fully protected from tampering or unauthorized acts –Full understanding.

Security Architecture Dr. Gabriel. Security Database security: –degree to which data is fully protected from tampering or unauthorized acts –Full understanding.
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec

Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
1Cisco Security NOW © 2003, Cisco Systems, Inc. All rights reserved. THIS IS THE POWER OF CISCO SECURITY. now.

1Cisco Security NOW © 2003, Cisco Systems, Inc. All rights reserved. THIS IS THE POWER OF CISCO SECURITY. now.
Chapter 20 20-1 © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
SEC835 Database and Web application security Information Security Architecture.

SEC835 Database and Web application security Information Security Architecture.
“Assuring Reliable and Secure IT Services”. IT Redundancy: Its Value How much reliability to buy? Customer Service impacted as a result of 15 minutes.

“Assuring Reliable and Secure IT Services”. IT Redundancy: Its Value How much reliability to buy? Customer Service impacted as a result of 15 minutes.
Security Architecture

Security Architecture
Data Integrity Lesson 12. Skills Matrix Maintaining Data Integrity Maintaining data integrity is your most important responsibility. –Performing backups.

Data Integrity Lesson 12. Skills Matrix Maintaining Data Integrity Maintaining data integrity is your most important responsibility. –Performing backups.
The Beneficent the MERCIFUL In the NAME of. “ASSURING RELIABLE AND SECURE IT SERVICES”

The Beneficent the MERCIFUL In the NAME of. “ASSURING RELIABLE AND SECURE IT SERVICES”
Chapter 1 Overview The NIST Computer Security Handbook defines the term Computer Security as:

Chapter 1 Overview The NIST Computer Security Handbook defines the term Computer Security as:
ACM 511 Introduction to Computer Networks. Computer Networks.

ACM 511 Introduction to Computer Networks. Computer Networks.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 1 Security Architecture.

Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 1 Security Architecture.

Similar presentations

Ads by Google