Presentation is loading. Please wait.

Presentation is loading. Please wait.

INTRODUCTION Patrick Norman. World Trends Smart World – Smart Grids (Power, etc.) – Mobile – Integration between physical and digital world.

Published byColin Knight Modified over 9 years ago

Similar presentations

Presentation on theme: "INTRODUCTION Patrick Norman. World Trends Smart World – Smart Grids (Power, etc.) – Mobile – Integration between physical and digital world."— Presentation transcript:

1 INTRODUCTION Patrick Norman

2 World Trends Smart World – Smart Grids (Power, etc.) – Mobile – Integration between physical and digital world

3 World Trends Smart World – Smart Grids (Power, etc.) – Mobile – Integration between physical and digital world

4 By 2015, a G20 nation’s critical infrastructure will be disrupted and damaged by online sabotage. (Gartner.com)

5 IT Threats DDoS attacks Fraud (Add more after meeting with professor RUHI)

6 Cyber Gangs ①Russian Business Network ②Rock Phish Gang ③NSA ④Grey Pigeon Authors ⑤Stormworm Gang ⑥Awola Crew ⑦DRG Group ⑧South American Groups ⑨Oga

7 BlackHat vs. WhiteHat Hackers BlackHats Work to exploit computer systems (I intend to only give maybe 1 or two examples of each hacker and tell a brief summary of what they did) Examples Jonathan James Adrian Lamo Kevin Mitnick Kevin Poulsen Robert Tappan Morris WhiteHats “"Ethical Hackers," hired by companies to test the integrity of their systems” Examples Stephen Wozniak Tim Berners-Lee Linus Torvalds Richard Stallman Tsutomu Shimomura

8 Forensics Investigators Main responsibilities (Job activities) Attempting to uncover the trace of an attacker to identify him Uncovering IT System security threats Testifying in court against convicts

9 Importance of Computer Forensics Systems How can Computer Forensics Systems improve security Better identification of system threats to improve protective measures Catching cyber criminals will have a better effect than regular criminals because they have bots automatically generating threats (FIX THIS)

10 Simulation

11 Background of Simulation 2 Important Components: Statistical Modelling – Create models to predict random events Software – Arena – Custom code

12 Statistical Modelling When should this be used? To predict random events When there are one or many unknowns Key success components Large data sets Well-defined problem Structured problem

13 Simulation Why do we simulate? – An improved tool – Avoid taking risks When do we simulate? – Before and after an event – Certain types of problems work best Can we rely on it? – 70-90%

14 Simulation Inputs Use random number generators Set of rules and functions that are problem dependent Outputs How do we interpret results? “There is no perfect answer” The problem could change Further developing the model will only make it more accurate

15 Simulation and SDLC The 2 Most Important Steps: Design Phase Look for vulnerabilities Exhaustive test sets Identify design flaws Operations Phase Collect data Identify flaws in existing systems Improve future projects

16 = 0% = 60% = 0% = 40% SDLC

17 Software Monte Carlo Off-the-shelf Advantages Network Modelling Off-the-shelf Advantages Custom Code Advantages

18 Computer Forensics

19 Mobile Forensics Outsell PCs Harder to investigate Newly acquired need to investigate Data paths Numerous Manufacturers NIST

20 Tools & Techniques SIMbrush MOBILedit! TULP 2G

21 Network Forensics “Network forensics is the science that deals with capture, recording, and analysis of network traffic for detecting intrusions and investigating them.”

22 Tools & Techniques

23 Key Techniques IDS – Intrusion Detection System Packet Capture – Capturing data packets crossing a network Proprietary – Unique techniques developed by individual vendors Pattern Matching – Ex: Hashing

24 Database Forensics Internet Boom Legal Duty Database forensics as a tool

25 Tools & Techniques SQL Server Management Studio Express SQL CMD Windows Forensic Tool Chest NetCat WinHex

26 Challenges Encryption Use as Evidence Evolving Technology

27 Application

28 Step 1: Observation

29 Observation Actual Observation – On the shop floor Historic – Statistics – Distribution Diagrams – System Architecture

30 Observation Develop the Equation BASIS FOR ENTIRE MODEL

31 Step Two Develop the Model

32 Models Network Models – Processes – Data flow – Queues

33 Models Monte Carlo – Deterministic – Largely Random

34 Model Objective – Gain Knowledge – Matching real and simulated – Now Let’s break it

35 Step 3 Analyze and Fix

36 Analysis Multiple Iterations Compare Expected and Actual Results Compare Actual and Historic Results

37 Benefits to UNIWO Security of IT systems – Pre and post simulation will allow us to identify threats earlier Stability – Probability of having an unexpected system shutdown is decreased significantly Simulation added to computer forensics will improve chances for catching cybercriminals by identifying their patterns

Download ppt "INTRODUCTION Patrick Norman. World Trends Smart World – Smart Grids (Power, etc.) – Mobile – Integration between physical and digital world."

Similar presentations

Authenticating Users. Objectives Explain why authentication is a critical aspect of network security Explain why firewalls authenticate and how they identify.

Authenticating Users. Objectives Explain why authentication is a critical aspect of network security Explain why firewalls authenticate and how they identify.
Information System Audit : © South-Asian Management Technologies Foundation Chapter 4: Information System Audit Requirements.

Information System Audit : © South-Asian Management Technologies Foundation Chapter 4: Information System Audit Requirements.
Guide to Computer Forensics and Investigations1 Network Forensics Overview Network forensics –Systematic tracking of incoming and outgoing traffic To ascertain.

Guide to Computer Forensics and Investigations1 Network Forensics Overview Network forensics –Systematic tracking of incoming and outgoing traffic To ascertain.
Application of Bayesian Network in Computer Networks Raza H. Abedi.

Application of Bayesian Network in Computer Networks Raza H. Abedi.
Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
The development of Internet A cow was lost in Jan 14th 2003. If you know where it is, please contact with me. My QQ number is 87881405. QQ is one of the.

The development of Internet A cow was lost in Jan 14th If you know where it is, please contact with me. My QQ number is QQ is one of the.
McGraw-Hill/Irwin Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. Extended Learning Module H Computer Crime and Digital Forensics.

McGraw-Hill/Irwin Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. Extended Learning Module H Computer Crime and Digital Forensics.
Mod H-1 Examples of Computer Crimes. Mod H-2 Stuxnet.

Mod H-1 Examples of Computer Crimes. Mod H-2 Stuxnet.
1 MD5 Cracking One way hash. Used in online passwords and file verification.

1 MD5 Cracking One way hash. Used in online passwords and file verification.
INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)

INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)
Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.

Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
Simulation and Analysis of DDos Attacks Poongothai, M Department of Information Technology,Institute of Road and Transport Technology, Erode Tamilnadu,

Simulation and Analysis of DDos Attacks Poongothai, M Department of Information Technology,Institute of Road and Transport Technology, Erode Tamilnadu,
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 9 Performing Vulnerability Assessments.

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 9 Performing Vulnerability Assessments.
Lesson 13-Intrusion Detection. Overview Define the types of Intrusion Detection Systems (IDS). Set up an IDS. Manage an IDS. Understand intrusion prevention.

Lesson 13-Intrusion Detection. Overview Define the types of Intrusion Detection Systems (IDS). Set up an IDS. Manage an IDS. Understand intrusion prevention.
Mining Behavior Models Wenke Lee College of Computing Georgia Institute of Technology.

Mining Behavior Models Wenke Lee College of Computing Georgia Institute of Technology.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 10 Authenticating Users By Whitman, Mattord, & Austin© 2008 Course Technology.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 10 Authenticating Users By Whitman, Mattord, & Austin© 2008 Course Technology.
Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.

Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.

Similar presentations

Ads by Google