Download presentation
Presentation is loading. Please wait.
Published byPhilippa Bailey Modified over 9 years ago
1
1 How to 0wn the Internet in Your Spare Time Authors: Stuart Staniford, Vern Paxson, Nicholas Weaver Publication: Usenix Security Symposium, 2002 Presenter: Melvin Rodriguez for CAP 6133, Spring ’ 08
2
2 How to 0wn the Internet in Your Spare Time Thread Launch DDOS (Distributed Denial of Service) Access Sensitive / Restrictive Information Corrupt information’s Integrity Level Can Cause Significant Damage
3
3 How to 0wn the Internet in Your Spare Time Worms Programs that self replicate exploiting systems flaws Propagate quickly Hard to detect (initially) Constantly Improving Can Spread Fast
4
4 How to 0wn the Internet in Your Spare Time Propagation Techniques Used Hit-list scanning Faster propagation Permutation scanning Distributed coordination of a worm Internet scale hit-lists Targeting Internet enable devices Topology Aware Uses victims information Flash Worm Quick and Concentrated The Name of the Game is : The Faster the Better
5
5 Significant Worms Attacks Code Red I MS IIS vulnerability Spread by launching threads of random IP addresses Random generator used fixed seed IP address Code Red I version 2 Same code as Code Red I Fixed random generator Added a direct DDoS How to 0wn the Internet in Your Spare Time Constantly Evolving: New Improved Versions
6
6 Significant Worms Attacks Code Red II Different code from previous Code Reds Use same vulnerability previously used Installed a root backdoor Infected local machines How to 0wn the Internet in Your Spare Time Use of Different Techniques
7
7 Significant Worms Attacks Nimda Five different techniques -Probe -Copy -Email -Append Web code -Use backdoors How to 0wn the Internet in Your Spare Time Combination of different techniques: Multi-vector Approach
8
8 Significant Worms Attacks Nimda Infection How to 0wn the Internet in Your Spare Time
9
9 Significant Worms Attacks Nimda Very successful propagation rate Unknown signature Firewalls allow email flow Complete functionality is still Unknown How to 0wn the Internet in Your Spare Time More Research is Needed
10
10 How to 0wn the Internet in Your Spare Time Other Advance Worm Characteristics / Features Updates and Controls Direct Worm-to-Worm Communication Programmable Remote Updates Remote Control Modification after Infection
11
11 How to 0wn the Internet in Your Spare Time Other Advance Worm Characteristics / Features Stealth contagion Slow spread Non predetermined pattern Effectiveness depends on various factors On targets specific traffic using common traffic patterns Exploit peer-to-peer (P2P) systems flaws Size of targeted network Remote Usage Slow propagation - Undetected Infection
12
12 How to 0wn the Internet in Your Spare Time High Level Cyber Center of Disease Control Concept Mission Monitor progression Identify threats Foster research Main Roles Identifying outbreaks Rapidly analyzing pathogens Fighting infections Anticipating new vectors Proactively devising detectors for new vectors Resisting future threats
13
13 How to 0wn the Internet in Your Spare Time Summary Worms are a threat affecting all levels of internet security They are constantly evolving and improving Worms combine several techniques to avoid detection and increase infections effectiveness Conclusion More research is needed Need for a centralized organization to bind and establish collaboration efforts at all Industry levels Worms can cause a significant level of damage / disruption of Internet services and lost of revenue
14
14 How to 0wn the Internet in Your Spare Time Contributions Explained the Threat and How Dangerous Presented techniques used for infecting systems Discussed known worms attacks Overview of techniques used Discussed main characteristics and features An high level overview of a centralized Cyber Center of Disease Control mission and roles
15
15 How to 0wn the Internet in Your Spare Time Weaknesses Title is misleading Points towards ‘how to’ approach No enough explanation on statistics No proven hypothesis Material is not easy to follow Better presentation of material Hypothesis without actual data to support Use of possible scenarios without real data CCDC deployment idea not fully developed Open items for further discussion
16
16 How to 0wn the Internet in Your Spare Time How to Improve Updating the title Expand on CDC concept Present how it would operate Organization and cooperation with other Agencies NSA, USCERT, Military, Commercial, etc Additional analysis and description of Worms Rearrange the material sequence Re-group topics Depict International deployment / cooperation
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.