Presentation is loading. Please wait.

Presentation is loading. Please wait.

Introduction of Internet security Sui Wang IS300.

Similar presentations


Presentation on theme: "Introduction of Internet security Sui Wang IS300."— Presentation transcript:

1 Introduction of Internet security Sui Wang IS300

2 Background By the time that we connect our computer to the network, especially connects on internet, people may enjoy receiving and sending Email, chats with friends on-line, Through browser to finding good deals over internet, and downloading music, movies and so on the services. By the time that we connect our computer to the network, especially connects on internet, people may enjoy receiving and sending Email, chats with friends on-line, Through browser to finding good deals over internet, and downloading music, movies and so on the services. However, while this time, the computer is also exposing in the computer virus as well as in the Trojan Horse computer program treat. However, while this time, the computer is also exposing in the computer virus as well as in the Trojan Horse computer program treat. Also, when you send or receive Email, you also possibly carry out the virus that hide in the E-mail's attachment. Also, when you send or receive Email, you also possibly carry out the virus that hide in the E-mail's attachment. There are some famous example: There are some famous example: VBS_HAPTIME, W97M_Melissa, VBS_Loveletter, VBS_Fireburn, W97M_Resume,VBS_Newlove VBS_HAPTIME, W97M_Melissa, VBS_Loveletter, VBS_Fireburn, W97M_Resume,VBS_Newlove

3 The importance of internet security The importance of internet security The importance of internet security Information Warfare Information Warfare Attackers try to attack an organization or the website of government unit crustily and make it paralyzed. The damages it creates will be inferior to the traditional war. Attackers try to attack an organization or the website of government unit crustily and make it paralyzed. The damages it creates will be inferior to the traditional war.

4 Recovery RecoveryDetects Attack Time Defense *http://dsns.csie.nctu.edu.tw/course/netsec/2004fall/slides/10-network%20security.pdf

5 Source of online attack Local machine attack Local machine attack Get the administrator user account Get the administrator user account Increase administrator right Increase administrator right Embedding Trojan horse Embedding Trojan horse Remote attack Remote attack Attack the weakness of remote system Attack the weakness of remote system Dos, Buffer Overflow Dos, Buffer Overflow Intercept attack Intercept attack Sniff, Session hijacking. Sniff, Session hijacking.

6 Types of attack methods Hacker Hacker Use the weakness of system to get the administrator right in order to access the actions. Use the weakness of system to get the administrator right in order to access the actions. It is type of anthropogenic source It is type of anthropogenic source When used properly, this term refers to an elite breed of "good guys" who are talented computer programmers. They enjoy solving challenging problems or exploring the capabilities of computers. Like a carpenter wielding an axe to make furniture, the hacker does good things with his skills. True hackers subscribe to a code of ethics and look down upon the illegal and immoral activity of crackers (defined above). When the press uses "hackers" to describe virus authors or computer criminals who commit theft or vandalism, it is not only incorrect but also insulting to true hackers. When used properly, this term refers to an elite breed of "good guys" who are talented computer programmers. They enjoy solving challenging problems or exploring the capabilities of computers. Like a carpenter wielding an axe to make furniture, the hacker does good things with his skills. True hackers subscribe to a code of ethics and look down upon the illegal and immoral activity of crackers (defined above). When the press uses "hackers" to describe virus authors or computer criminals who commit theft or vandalism, it is not only incorrect but also insulting to true hackers.

7 Types of attack methods Worm Worm A worm is a programme that is designed to replicate and spread throughout a computer system. A worm is a programme that is designed to replicate and spread throughout a computer system. It will usually hide within files (for example, Word documents), and distribute those files through any available network connections. It will usually hide within files (for example, Word documents), and distribute those files through any available network connections. Worms are often used to drain computer resources such as memory and network access, simply by replicating on a large scale. In addition worms sometimes delete data and spread rapidly via e-mail. Worms are often used to drain computer resources such as memory and network access, simply by replicating on a large scale. In addition worms sometimes delete data and spread rapidly via e-mail.

8 Types of attack methods Virus Virus Viruses are designed to spread from machine to machine and across networks. To achieve this, a virus will usually copy itself to other programmes on a computer, before executing any intended tasks Viruses are designed to spread from machine to machine and across networks. To achieve this, a virus will usually copy itself to other programmes on a computer, before executing any intended tasks There are two key aspects of a virus: * They are self executing * They are self-replicating.

9 Backdoor and Trojan Horse Backdoor (Trojan Horse) Backdoor (Trojan Horse) It is an attack method by which malicious or harmful code is contained inside apparently harmless files. Once opened, the malicious code can collect unauthorized information that can be exploited for various purposes, or permit computers to be used surreptitiously for other malicious activity. It is an attack method by which malicious or harmful code is contained inside apparently harmless files. Once opened, the malicious code can collect unauthorized information that can be exploited for various purposes, or permit computers to be used surreptitiously for other malicious activity.. Those on the receiving end of a Trojan Horse are usually tricked into opening them because they appear to be receiving legitimate software or files from a legitimate source. Those on the receiving end of a Trojan Horse are usually tricked into opening them because they appear to be receiving legitimate software or files from a legitimate source. When a Trojan is activated on your computer, the results can vary. Some Trojans are designed to be more annoying than malicious (like changing your desktop, adding silly active desktop icons) or they can cause serious damage by deleting files and destroying information on your system. Trojans are also known to create a backdoor on your computer that gives malicious users access to your system, possibly allowing confidential or personal information to be compromised. Unlike viruses and worms, When a Trojan is activated on your computer, the results can vary. Some Trojans are designed to be more annoying than malicious (like changing your desktop, adding silly active desktop icons) or they can cause serious damage by deleting files and destroying information on your system. Trojans are also known to create a backdoor on your computer that gives malicious users access to your system, possibly allowing confidential or personal information to be compromised. Unlike viruses and worms,backdoor Trojans do not reproduce by infecting other files nor do they self-replicate Trojans do not reproduce by infecting other files nor do they self-replicate

10 Defense and Detect of network attack Intrusion Detection System (IDS) Host-based IDS Network-based IDS Detect weakness mechanism Weakness of remote detection Remote scanner Weakness of Local machine detection Check file integrity Packet filter mechanism Fire wall TCP wrapper Record History of system detection

11 Recovery Backup Periodic duplication of all data Improvement Install redeem program Make sure to have correctly setting Tighten security Make sure your software is up today

12 Work cited http://www.irchelp.org/irchelp/security/trojan.html#app http://www.irchelp.org/irchelp/security/trojan.html#app http://www.irchelp.org/irchelp/security/trojan.html#app http://infotrip.ncl.edu.tw/law/security.html#1 http://infotrip.ncl.edu.tw/law/security.html#1 http://infotrip.ncl.edu.tw/law/security.html#1 http://dsns.csie.nctu.edu.tw/course/intro-security/2005/book/Chap10.pdf http://dsns.csie.nctu.edu.tw/course/intro-security/2005/book/Chap10.pdf http://www.computertoday.com.hk/computing.php?gsel=8&cid=92 http://www.computertoday.com.hk/computing.php?gsel=8&cid=92 http://www.computertoday.com.hk/computing.php?gsel=8&cid=92 Network Security: Private Communication in a Public World Second Edition. A division of Pearson Education. Inc. 2002. Kaufman Charlie, Perlman Radia, Speciner Mike. Network Security: Private Communication in a Public World Second Edition. A division of Pearson Education. Inc. 2002. KaufmanCharliePerlmanRadiaSpecinerMike


Download ppt "Introduction of Internet security Sui Wang IS300."

Similar presentations


Ads by Google