Download presentation
Presentation is loading. Please wait.
Published byMaximillian Fitzgerald Modified over 9 years ago
1
Lecture 14
3
Lecture’s outline
5
Privacy The sender and the receiver expect confidentiality. The transmitted message must make sense only to the intended receiver and should be unintelligible to all others. Authentication The receiver is sure of the sender’s identity and that an imposter has not sent the message.
6
Integrity The data must arrive at the receiver exactly as it was sent by the original sender. There must be no changes in transmission, either accidental or malicious. Non-repudiation: A receiver must be able to prove that a received message came from a specified sender. The sender must not be able to deny sending a message that it has, in fact, sent.
8
Malware a The software that is written for malicious purposes Viruses Worms Trojan Horses Spyware Keyloggers
9
Reproduced with permission. Please visit www.SecurityCartoon.com for more materialwww.SecurityCartoon.com
10
Viruses A computer virus attaches itself to a program or file enabling it to spread from one computer to another, leaving infections as it travels.programfile
11
Designing A Virus Locate the first executable instruction in the target program Replace the instruction with an instruction to jump to the memory location next to the last instruction of the target system Insert the virus code for execution at the end Insert an instruction after virus code that simulates the first instruction Then jump to the second instruction of original code
12
Brain Virus (Pakistani Flu) 1986 Credit: http://en.wikipedia.org/wiki/Brain_(computer_virus) The first computer virus
13
Virus vs. Worm
14
Credit: Yashar Ganjali; www.caida.orgwww.caida.org Propagation effect of worms Before slammer worm After slammer worm
15
Key-loggers and Spyware
16
Spoofing Attacks b where the attacker impersonates some one else Email spoofing URL spoofing DNS spoofing IP spoofing MAC spoofing
17
Email Spoofing (phishing) b.1
21
URL Spoofing (phishing) b.2
22
Genuine URL; Site: niit.edu.pk; directory: src; file: login.php https://webmail.niit.edu.pk/src/login.php 1
23
https://webmail.niit.org.pk/src/login.php Victim.ID ************** The second-level domain is.org and not.edu; faked website https://webmail.niit.org.pk/src/login.php 2
24
https://webmail.niit.edu.tk/src/login.php 3 The first-level domain is.tk and not.pk; faked website https://webmail.niit.edu.tk/src/login.php Victim.ID **************
25
https://202.125.111.57/src/login.php The IP address does not correspond to webmail.niit.edu.pk; faked website https://202.128.111.87/src/login.php 4 Victim.ID **************
26
DNS Spoofing b.3 IP Spoofing b.4 MAC Spoofing b.5
27
DNS spoofing WWWWWW Tell me the IP address of www.niit.edu.pk?www.niit.edu.pk WWWWWW DNS Request
28
WWWWWW Reply The IP address of www. niit.edu.pk is 110.125.157.198 www. niit.edu.pk DNS spoofing WWWWWW DNS The IP address of www.niit.edu.pk is 110.125.157.198 www.niit.edu.pk Fake NIIT site
29
Private network 192.168.1.0/24 MAC/ IP spoofing.254 00:aa:bb:cc:dd:ee:ff.1.254 00:aa:bb:cc:dd:ee:ff Malicious node A malicious node can pretend to be another node
30
Network-based attacks c where the attacker pretends to be something he/she/it is not Worms Denial of Service attacks
32
Social Engineering d Targets the weakest component of a security system---the users
33
Non-technical hacking
34
Greeting card phishing
35
Lottery winning phishing
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.