Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cyber Threat Dr. John P. Abraham Professor University of Texas Pan American.

Published byRosalyn Powers Modified over 9 years ago

Similar presentations

Presentation on theme: "Cyber Threat Dr. John P. Abraham Professor University of Texas Pan American."— Presentation transcript:

1 Cyber Threat Dr. John P. Abraham Professor University of Texas Pan American

2 Intelligence threat  Why it is difficult to implement security and counter intelligence Open nature of our society Technology and information is easily obtained People travel with ease  Both friends of the country and foes are looking to gain economic edge Seek technological, financial & commercial information Target political, economic, military and scientific information.

3 Exporting Technology  there is concern that too much high technology is being freely traded around the world, too easily.  Source:2007 - Remarks of Assistant Secretary Christopher Padilla Computer & Communications Industry Association  The United States sees more organized efforts to obtain and illegally export controlled U.S. technology to China than to any other country.

4 Threats to homeland  National infrastructure is vulnerable Physical threat Computer attack  Infrastructure is interdependent Attack against one sector would impact other sectors  Example – attack against electric grid  Coordinated attack against selected critical nodes

5 Is there Security Threat in Outsourcing?  Outsourcing Reduces cost – tremendous savings to corp. Eliminates American jobs  Is development of software outside the country threat to national security? Yes it could. Scripts (malicious code) can be placed inside a program. On the other hand, it could be argued, Microsoft can place malicious code to spy on other countries. It is not good business practice to do so.

6 Can hardware be used to spy?  Yes. Computers contain chips that contain programs.  Malware can be programmed into these chips.  Can we trust computers manufactured outside USA? Capitalism is motivated by profits. While corporations do cooperate with governments, it does not make sense to jeopardize own business.

7 Present major concern  Attacks by foreign hackers (increasingly from China and Russia) Sabotaging networks Opening secret back doors for spying Source:(http://www.businessweek.com/technology/co ntent/nov2006/tc20061102_797312.htm?chan=top+ news_top+news+index_businessweek+exclusives)

8 How Hackers gain access  Directly Leaving computers accessible in your home or office. Theft of computer Shoulder surfing  Indirectly Through Internet connection  Open ports (USB, serial etc are physical ports, but they use logical ports assigned to the IP address)  Example: port 80 for HTTP, e-mail port 25, etc.  http://www.iana.org/assignments/port-numbers http://www.iana.org/assignments/port-numbers

9 Information Security as developed by the National Security Telecommunication and Information Systems Security Committee  Protection of: Information Hardware that store information Hardware that transmit information  From direct and indirect attacks  Without affecting availability to authorized users

10 Deliberate Security Threat  Espionage (national security)  Industrial Espionage Competitive intelligence (could be legal) Shoulder surfing Hacking  Sabotage (ex.denial of service by zombies)  Vandalism  Theft

11 Some techniques  Port scanning – enter through an open port  Password crack (brute force or dictionary)  Software scanning (what software is run)  Write scripts that can be used by software (malware)  Back doors (system passwords not changed)  Get access to a site and go from there to a trusted site  Man in the middle

12 Protection  Take all precautions  Also have backup plans (contingency plan) Off site systems Disaster recovery

13 How can we protect our computers  Recognize that “your” computer is being targeted.  University computers are “doors” to more secure sites. “Open proxy servers are used by spammers to send unwanted emails. Proxy servers can also be abused for bypassing access restrictions and limitations such as in case of users in one country not allowed to access a website in another country can go through a third country’s proxy server. There are websites dedicated to provide and hourly updated list of free anonymous proxy server sites.” Abraham, John. “A Proxy Server for Mirrored Sites.”, ASEE 2007

14 Information Security as developed by the National Security Telecommunication and Information Systems Security Committee  Protection of: Information Hardware that store information Hardware that transmit information  From direct and indirect attacks  Without affecting availability to authorized users

15 Computer Security step1.  Firewalls Prevents a specific type of information from moving between the outside world (untrusted network) and the inside world (trusted). Packet filtering – every packet header is examined for address, packet type and port request. Dynamic packet filtering. Allows only a particular packet with a particular source, destination and port address to enter through the firewall.

16 Computer Security step2.  Application firewall (proxy server).  An intermediary between a client and a server Proxy server intercepts all requests to a server routed through it. Keeps the user from interacting directly with the server.  Ref: Abraham, John. “A Proxy Server for Mirrored Sites.”, ASEE 2007.

17 Computer Security step3  Intrusion detection systems (IDS) Like a burglar alarm. Works by examining network traffic. Performs protocol analysis, content searching/matching, and is commonly used to actively block or passively detect a variety of attacks and probes, such as buffer overflows and port scans. Can detect if attack has occurred and if the attack was successful. This information is emailed to the administrator.

18 Computer Security step4. Network Address Translation  A computer needs a public IP address to attach to a public network.  Private IP addresses are not visible from the outside world.  It makes sense to use only private IP to secure your computer.  When outside communication is needed the private IP is mapped to public IP address using a port number. DHCP – not as good as NAT

19 Computer Security step5.  Encrypt transmissions The word cryptography in Greek means “secret writing.” The term today refers to the science and art of transforming messages to make them secure and immune to attacks.

20 Encryption contd.

21 Encryption Cont.  One secret key is used by both - known as symmetric encryption. (example DES)  Both sender and receiver must know the key.  Challenge is to send the key to the receiver. Must be send over another channel.  Two keys – public and private. Also known as Asymmetric encryption. Public key is stored in a public location, anyone can use it. Use public key to encrypt and private to decrypt. If Alice uses bob’s public key to encrypt, only bob with his private key can decrypt.

22 Encryption Cont. Public Key.

23 Encryption cont. Non-repudiation  When a digital signature is encrypted using a private key – it can be read by anyone with a public key. But the message was sent by only one who has the private key.  Digital certificates are used to authenticate the source of a file.  If alice encrypts with her private key, it could be re-encrypted with bob’s public key so that only bob can open it.

24 Computer Security step6  Install Current Version of Antivirus software. Virus - A small program that attaches to another program and replicates itself onto other programs. This activity itself slows down the computer. The virus may do annoying activities, damaging activities or information theft. Anti-virus programs are always trailing actual virus.

25 Computer Security Step7  Apply all latest operating system patches.  Malware exploits weakness in OS.  OS developers fix these holes as they become aware of it.

26 Computer Security Step8  Assign complex passwords to your computer. Avoid dictionary words.  Use different passwords for different accounts you have.  Assign passwords for your user files and turn on encryption.

27 Computer Security Step9  Assign CMOS password  http://www.newschannel5.tv/2007/11/28/ 983060/Computer-Hard-Drive-Search http://www.newschannel5.tv/2007/11/28/ 983060/Computer-Hard-Drive-Search

28 Computer Security Step10  Have a disaster recovery plan including backups.

29 Controlling Access  Following slides will deal with mechanisms for controlling data and applications. Authentication Authorization  Options for Implementing Authentication and Authorization

30 Authentication  Process of identifying a user who is legitimate.  Login process, access card or other biometric techniques. Evidence that the requesting user is who he/she claims to be.

31 Authorization  The process of deciding which resources the user is permitted to access. Different degrees of access.  In B2B applications consider Identity Employer Role Company type

32 Options for implementing Authentication and Authorization  Network Operating System LDAP OR OTHER LOCAL DATABASE  The Lightweight Directory Access Protocol (LDAP) is a directory service protocol that runs on a layer above the TCP/IP stack. It provides a mechanism used to connect to, search, and modify Internet directories.  Active Directory is a database based system that provides authentication, directory, policy, and other services in a Windows environment.  B2B applications may not be able to use LDAP because of number of users.

33 Other authorization mechanisms  Access Control Lists (ACLs)  Third Party such as Microsoft HailStorm  Application specific –customized database to hold user information.  SQL based authentication

34 Security for Customers  Use SSL and digital certificates  Protect Customers info including credit card Firewall, malware, anti-virus, etc. Patch os and apps. set up strong passwords Encrypt card information, restrict who has access to it, restrict physical access to computer Monitor and track all accesses to cardholder data file.  Screen your employees.

35 More on SSL  Two parties can establish an encrypted communication channel  Designed to protect against man-in-the- middle attacks  During initial stages (Handshake) a public key algorithm is used to share a premaster secret  Each party then uses the premaster secret to generate a master secret  This secret is now used to exchange symmetric key encrypted massages.

36 SSL certificates  Both server and the browser need to be SSL enabled (https)  On the Webserver side a server certificate is obtained from the certification authority first generate a CSR (Certificate Signing Request) for your server Order the certificate (about $200 per year) Validate SSL certificate and install on the server

Download ppt "Cyber Threat Dr. John P. Abraham Professor University of Texas Pan American."

Similar presentations

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
Web Defacement Anh Nguyen May 6 th, 2010. Organization Introduction How Hackers Deface Web Pages Solutions to Web Defacement Conclusions 2.

Web Defacement Anh Nguyen May 6 th, Organization Introduction How Hackers Deface Web Pages Solutions to Web Defacement Conclusions 2.
Security+ Guide to Network Security Fundamentals

Security+ Guide to Network Security Fundamentals
Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.

Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.
Part 5:Security Network Security (Access Control, Encryption, Firewalls)

Part 5:Security Network Security (Access Control, Encryption, Firewalls)
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.

6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.
Chapter 12 Network Security.

Chapter 12 Network Security.
N ETWORK S ECURITY Presented by: Brent Vignola. M ATERIAL OVERVIEW … Basic security components that exist in all networks Authentication Firewall Intrusion.

N ETWORK S ECURITY Presented by: Brent Vignola. M ATERIAL OVERVIEW … Basic security components that exist in all networks Authentication Firewall Intrusion.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Security Awareness: Applying Practical Security in Your World

Security Awareness: Applying Practical Security in Your World
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Business Data Communications, Fourth Edition Chapter 10: Network Security.

Business Data Communications, Fourth Edition Chapter 10: Network Security.
Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.

Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.
SSL By: Anthony Harris & Adam Shkoler. What is SSL? SSL stands for Secure Sockets Layer SSL is a cryptographic protocol which provides secure communications.

SSL By: Anthony Harris & Adam Shkoler. What is SSL? SSL stands for Secure Sockets Layer SSL is a cryptographic protocol which provides secure communications.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Threats and Attacks Principles of Information Security, 2nd Edition

Threats and Attacks Principles of Information Security, 2nd Edition
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Similar presentations

Ads by Google