Download presentation
Presentation is loading. Please wait.
Published byAusten O’Neal’ Modified over 9 years ago
1
Cmpe 471 Computer Crime: Techniques and Countermeasures
2
A Computer Crime Glossary Back door: –access codes or procedures that are secret (undocumented) and hard-coded for accessing information. Some back doors exist in commercially provided software packages and consist of simple passwords for 3rd party software accounts. Alternatively backdoors can be inserted into an existing program to provide unauthorised access later. Such a modified program is a type of Trojan horse.
3
A Computer Crime Glossary Data didling: –the act of modifying data for fun and profit’ such as modifying grades, changing credit ratings, altering security clearance information, fixing salaries, or circumventing bookkeeping and audit regulations.
4
A Computer Crime Glossary Data leakage: –the uncontrolled, unauthorised transmission of classified information from a data centreor computer system to the outside world. Data leakage can be accomplished by physical removal of data storage devices or more subtly.
5
A Computer Crime Glossary Impersonation: –the act of pretending to be authorised to enter a secure location, such as entering a secure site equipped with tool kits that impersonate the manufacturer of computer equipment or entering a site equipped with janitorial supplies.
6
A Computer Crime Glossary Logic bomb: –a program similar to time bomb but the “explosion” occurs because of a particular logic condition, such as not having the author’s name in the payroll file. Logic bombs are a type of Trojan horse.
7
A Computer Crime Glossary Piggybacking: –the action of physically entering secure premises by following an authorised person through a security grid. Piggybacking can also include unauthorised access to information through a terminal already logged on with an authorised ID.
8
A Computer Crime Glossary Sabotage: –this term comes from the French word meaning “wooden shoe” and was used to describe clumsy work. In the late 19th century, it became a tactic used by militant trade unionists. It now means any deliberate damage to operations or equipment.
9
A Computer Crime Glossary Salamis: –the technique of accumulating round-off errors or other small quantities in calculations and saving them for later withdrawal. Salamis is usually applied to money, although it could be part of an inventory theft scheme.
10
A Computer Crime Glossary Scavenging: –the act of using discarded listings, tapes, or other information storage media to determine useful information, including access codes, passwords, or sensitive data. It is also known as dumpster diving.
11
A Computer Crime Glossary Simulation: –the act of using computers to simulate a complex system in order to defraud it, e.g., inventing transactions to produce a prearranged bottom-line in a financial report.
12
A Computer Crime Glossary Superzapping: –the act of using powerful utility software such as query to access secure information. Time bomb: –a program or batch file that waits for a specific time to trigger. These programs are most often used by dishonest employees who learn they are to be fired. Time bombs are a type of Trojan horse.
13
A Computer Crime Glossary Trojan horse: –an innocent-looking program that has nefarious (wrong) functions. It is so-called by reference to Odysseus’ wooden horse, which was filled with soldiers and helped to capture Troy. These programs might alter data, record passwords for later inspection, or even put together another program from pieces stored inside other Trojan horses.
14
A Computer Crime Glossary Virus: –Similar to a worm, a virus resides inside a program where it transforms an ordinary program into an unintended Trojan horse. Viruses infect executable code,.EXE,.COM, etc., and boot sectors on disks and reproduce themselves.
15
A Computer Crime Glossary Wiretapping: –the act of eavesdropping on data or voice transmissions. Using a portable TV and about $50 in parts from an electronics store, a knowledgeable person can see and record everything being transmitted between a host and terminal on an asynchronous communications channel. From intercepting the data, it is simple to modify and/ or insert false transactions.
16
A Computer Crime Glossary Worm: –a program that spreads through a computer system or network by replicating itself like the Internet warm or by transferring a copy of itself elsewhere and destroying the previous version.
17
Preventing Sabotage Proper employee relations careful supervision of employees’ state of mind take note of unusual personal problems beware if the employee radiates negative energy about the systems, peers and the company in general try to solve the problem before it becomes a physical attack take measures to prevent unauthorised access to information assets
18
Preventing physical piggybacking Guard physical gates outsourced external security company proper guard back-up procedures prevent more than one person to enter: man- trap: Kuzey Kampus, GarantiB headquarters
19
Preventing logical piggybacking Unattended terminals or PCs are the portals for logical piggybacking configurable time-out function automatic branching to a security screen user-configurable screen lay-out for re- authentication integration with a security database automatic return to the previous (interrupted) state apply biometrics
20
Controls Against Program Threats Software development –the design –writing –testing Programming Controls Description of the programming task –individual task that requires independent thought –programs are very individualistic –programmers are solitary people who enjoy working alone –programming is an art only understood by programmers
21
Controls Against Program Threats None of these arguments hold true!!! The basic principles of software engineering are –division of labour –reuse of code –use of standard pre-constructed software tools –organised activity Peer reviews: code and design modularity, encapsulation and information hiding
22
Controls Against Program Threats Writing code in small self-contained units: modules –advantages for program development and security –a module can be isolated from the negative effects of other models with which it interacts: encapsulation Information hiding: –other modules know that a module performs a certain task, but not know how it performs that task
23
Controls Against Program Threats Modularity: –Unity: performs one purpose –Smallness: consists of an amount of information of which a person can readily grasp both structure and content –Simplicity: low degree of complexity so that a person can readily understand the purpose and structure of the module –Independence: performs a task isolated from other modules
24
Controls Against Program Threats Modularity: –maintenance: a module can be replaced with a revised one –understandability: small modules are easier to understand –reuse –correctness: an error can be found and corrected easily –testing: a single module with well-defined inputs, output, function can be tested without effecting other modules
25
Controls Against Program Threats From a standpoint of security, programmers and analysts must be able to understand each module as an independent unit and be assured of its limited effect on other modules Proper modularity leads to modules that have minimal interaction with other modules
26
Encapsulation Tight coupling Independent, loosely coupled modules
27
Information hiding Access to all parts of module Method, data hidden
28
Configuration Management A person or system controls and records all changes to a program or documentation change control board –judges the desirability and correctness of all proposed changes to guard against loss of a version of a program to manage the parallel development of several similar versions of one program to provide facilities for controlled sharing of modules that combine to form one system
29
Configuration Management Security advantages: –protects against unintentional threats –guard against malicious ones –protects integrity of programs and documentation
30
Proofs of Program Correctness A security specialist wants to make sure that a given program computes a particular result and computes it correctly. Program correctness proofs are hindered by several factors: –depends on the programmer to translate program’s statements into logical implications- translation is prone to errors
31
Proofs of Program Correctness –Deriving the correctness proof from the initial assertions and the implications of statements is difficult; less appropriate for large programs –the current state of program verification is well- developed than code production; consistent and successful application to large production systems is a challenge.
32
Process Improvement Development stages: –system requirements design –software requirements analysis –preliminary design –detailed design –coding and unit testing –component integration and testing –subsystem integration and testing –system integration and testing
33
Process Improvement Each of these phases has the following requirements: –software development management: planning, organisation, reviews –software engineering: development, decomposition, adherence to standards for coding and language –formal qualification testing –software product evaluation –configuration management
34
Capability Maturity Model Software Engineering Institute (SEI) grants CMM levels from 1 to 5, 5 being the highest standard –Initial –Repeatable –Defined –Managed –Optimising
35
Administrative Controls Standards of program development Enforcing program development standards –security audits –segregation of duties
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.