Presentation is loading. Please wait.

Presentation is loading. Please wait.

The Digital Crime Scene: A Software Perspective Written By: David Aucsmith Presented By: Maria Baron.

Published byJunior Hodges Modified over 9 years ago

Similar presentations

Presentation on theme: "The Digital Crime Scene: A Software Perspective Written By: David Aucsmith Presented By: Maria Baron."— Presentation transcript:

1 The Digital Crime Scene: A Software Perspective Written By: David Aucsmith Presented By: Maria Baron

2 Introduction Nature of the internet is particularly suited for crime Nature of the internet is particularly suited for crime Anonymity And Mobility Anonymity And Mobility Security is imposed by software on the internet Security is imposed by software on the internet Who will win the war between entrepreneurial cyber criminals and software developers? Who will win the war between entrepreneurial cyber criminals and software developers?

3 Attacks And Attackers Asynchronous attacks Asynchronous attacks “Hackers” “Hackers” Significant but localized damage Significant but localized damage Trojan Horses Trojan Horses Attackers build back doors into programs Attackers build back doors into programs Mass Distribution Attacks Mass Distribution Attacks “Bots” or “Zombies” “Bots” or “Zombies” Making Money on the internet Making Money on the internet Utilize a wide network of compromised computers Utilize a wide network of compromised computers

4 Vulnerabilities Three things must be true for attack to be successful: Three things must be true for attack to be successful: Software has an inherent vulnerability Software has an inherent vulnerability Software was not configured properly Software was not configured properly Users were fooled into taking some action Users were fooled into taking some action Reasons for vulnerabilities: Reasons for vulnerabilities: Security not a design goal Security not a design goal Emerging threats not considered when software was developed Emerging threats not considered when software was developed Legacy software systems still in place Legacy software systems still in place

5 Vulnerabilities (cont.) Poor Coding Practice Poor Coding Practice Security as a requirement Security as a requirement Designing for today’s threats Designing for today’s threats Living with Legacy Living with Legacy Complexity and tools Complexity and tools

6 Secure By Design Creating secure software must start with a formal design process that verifies the security properties of the software at each stage of construction Creating secure software must start with a formal design process that verifies the security properties of the software at each stage of construction Designers and developers must be trained to create secure software Designers and developers must be trained to create secure software

7 Secure By Design (cont.) Threat – Based Design Process Threat – Based Design Process Analysis of potential threats at each stage of the design is required Analysis of potential threats at each stage of the design is required Examples: Examples: OCTAVE OCTAVE Threat Trees Threat Trees

8 Secure By Design (cont.) Microsoft Threat Based Security Process Microsoft Threat Based Security Process Brainstorm known threats Brainstorm known threats Rank Threats by decreasing risk Rank Threats by decreasing risk Choose techniques to mitigate threats Choose techniques to mitigate threats Choose the appropriate technologies from the identified techniques Choose the appropriate technologies from the identified techniques Use STRIDE to focus on how the input of each module may be manipulated to compromise the security model Use STRIDE to focus on how the input of each module may be manipulated to compromise the security model Spoofing identity Spoofing identity Tampering with data Tampering with data Repudiation Repudiation Information disclosure Information disclosure Denial of service Denial of service

9 Secure By Design (cont.) All User input must be validated, but is this really possible? All User input must be validated, but is this really possible? Tools Tools Code analysis tools Code analysis tools Process source code and look for some insecure construct Process source code and look for some insecure construct Can only find known “bad things” Can only find known “bad things” Compiler protection Compiler protection Helps to thwart buffer overflow exploits Helps to thwart buffer overflow exploits

10 Secure By Default Users and system administrators must knowingly make decisions to change the system in a way that might reduce security Users and system administrators must knowingly make decisions to change the system in a way that might reduce security Reduce Attack Surface Area Reduce Attack Surface Area Reduces possible avenues of attack Reduces possible avenues of attack Turning Services Off Turning Services Off Least Privilege Least Privilege

11 Secure In Deployment Training and configuration Training and configuration Updating Code Updating Code Defense-In-Depth Defense-In-Depth Multiple, different security technologies are used simultaneously – each protecting a different interface Multiple, different security technologies are used simultaneously – each protecting a different interface Intrusion detection system Intrusion detection system Anti-Virus protection Anti-Virus protection Behavior blocking protection Behavior blocking protection Vulnerability assessment Vulnerability assessment Configuration managers Configuration managers

12 Secure In Deployment (cont.) Network Segmentation Network Segmentation Cascade failure or domino effect Cascade failure or domino effect How systems are connected How systems are connected Segment the connectivity of systems and establish flow controls at the intersection of segments Segment the connectivity of systems and establish flow controls at the intersection of segments

13 Looking Ahead Deterrence Deterrence Cyber criminals are rarely identified Cyber criminals are rarely identified Provide incentives to police to pursue cyber criminals Provide incentives to police to pursue cyber criminals Mutual legal assistance Mutual legal assistance Police forces must have the technical expertise required Police forces must have the technical expertise required Sentencing needs to reflect the severity of the crime Sentencing needs to reflect the severity of the crime

14 Looking Ahead (cont.) Legal Requirements Legal Requirements Certification Certification Certification of the security of software Certification of the security of software How do you certify against constantly evolving threats and new environments? How do you certify against constantly evolving threats and new environments? Liability Liability There is no definitive measure of the security of a system There is no definitive measure of the security of a system Disclosure Disclosure Favors attackers over defenders Favors attackers over defenders

15 Looking Ahead (cont.) Long Term Technical Solutions Long Term Technical Solutions Strong Identity Strong Identity Smart cards and PINs (for example) to remove anonymity from financial transactions Smart cards and PINs (for example) to remove anonymity from financial transactions Hardware Mediated Security Hardware Mediated Security Include security features in hardware to protect those features from being changed over the internet Include security features in hardware to protect those features from being changed over the internet

16 Questions Or Comments?

Download ppt "The Digital Crime Scene: A Software Perspective Written By: David Aucsmith Presented By: Maria Baron."

Similar presentations

ETHICAL HACKING A LICENCE TO HACK

ETHICAL HACKING A LICENCE TO HACK
Lesson Title: Threat Modeling Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas 1 This.

Lesson Title: Threat Modeling Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas 1 This.
Bridging the gap between software developers and auditors.

Bridging the gap between software developers and auditors.
Tamper Resistant Software An Implementation By David Aucsmith, IAL “This paper describes a technology for the construction of tamper resistant software.”

Tamper Resistant Software An Implementation By David Aucsmith, IAL “This paper describes a technology for the construction of tamper resistant software.”
Is There a Security Problem in Computing? Network Security / G. Steffen1.

Is There a Security Problem in Computing? Network Security / G. Steffen1.
1 No Silver Bullet : Inherent Limitations of Computer Security Technologies Jeffrey W. Humphries Texas A&M University.

1 No Silver Bullet : Inherent Limitations of Computer Security Technologies Jeffrey W. Humphries Texas A&M University.
11 ASSESSING THE NEED FOR SECURITY Chapter 1. Chapter 1: Assessing the Need for Security2 ASSESSING THE NEED FOR SECURITY  Security design concepts 

11 ASSESSING THE NEED FOR SECURITY Chapter 1. Chapter 1: Assessing the Need for Security2 ASSESSING THE NEED FOR SECURITY  Security design concepts 
Security strategy. What is security strategy? How an organisation plans to protect and respond to security attacks on their information technology assets.

Security strategy. What is security strategy? How an organisation plans to protect and respond to security attacks on their information technology assets.
An Operational Perspective on BGP Security Geoff Huston GROW WG IETF 63 August 2005.

An Operational Perspective on BGP Security Geoff Huston GROW WG IETF 63 August 2005.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Introducing Computer and Network Security

Introducing Computer and Network Security
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Security in By: Abdulelah Algosaibi Supervised by: Prof. Michael Rothstein Summer II 2010: CS 6/79995 Operating System Security.

Security in By: Abdulelah Algosaibi Supervised by: Prof. Michael Rothstein Summer II 2010: CS 6/79995 Operating System Security.
Computer Security Fundamentals by Chuck Easttom Chapter 5 Malware.

Computer Security Fundamentals by Chuck Easttom Chapter 5 Malware.
Assessing the Threat How much money is lost due to cyber crimes? –Estimates range from $100 million to $100s billions –Why the discrepancy? Companies don’t.

Assessing the Threat How much money is lost due to cyber crimes? –Estimates range from $100 million to $100s billions –Why the discrepancy? Companies don’t.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.
Smart Card Deployment David Gautrey IT Manager – Microsoft New Zealaand Microsoft Corporation.

Smart Card Deployment David Gautrey IT Manager – Microsoft New Zealaand Microsoft Corporation.
Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.

Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec

Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
Norman SecureSurf Protect your users when surfing the Internet.

Norman SecureSurf Protect your users when surfing the Internet.

Similar presentations

Ads by Google