Escolar Documentos
Profissional Documentos
Cultura Documentos
How
threat of Attacks
Internet resources availability to
attack systems
Growth of Networks and Information
Sharing
Enterprise systems in network share
confidential information
Products today care much about
ease of use
Lack of specialized resources for
security
What we do in this
course?
Examine
Characteristics of Computer
Intrusion
Any
Principle of Easiest
Penetration:
Remember
that computer
security is a game with rules only
for the defending team:
The attackers can (and will) use
any means they can.
Perhaps the hardest thing for
people outside the security
community to do is to think like
the attacker.
Figure11Threats,Controls,andVulnerabilities.
Athreatisblockedbycontrolofavulnerability
Classes of Threats
An
Figure12SystemSecurityThreats.
Aspects of computer
security
Confidentiality
Confidentiality
ensures that
computer-related assets are
accessed only by authorized
parties. That is, only those who
should have access to something
will actually get that access.
Confidentiality is sometimes
called secrecy or privacy.
Integrity
Integrity
Availability
Availability
Figure13RelationshipBetweenConfidentiality,
Integrity,andAvailability.
Thethreecharacteristicscanbeindependent,canoverlap
orcanbemutuallyexclusive.
Eg:Strongprotectionofconfidentialitycanrestrict
availability.
More....Confidentiality
Ensuring
More.... Integrity
Integrity
More.... Availability
Availability
More.... Availability
We say a data item, service, or system is available if
Vulnerabilities
Figure14VulnerabilitiesofComputingSystems.
Hardware Vulnerabilities
Computer hardware can be attacked physically.
Computers
Software Vulnerabilities
Computing
Software modification
Other categories of software modification
include
Trojan horse: a program that overtly does
one thing while covertly doing another
virus: a specific type of Trojan horse that can
be used to spread its "infection" from one
computer to another
trapdoor: a program that has a secret entry
point
information leaks in a program: code that
makes information accessible to
unauthorized people or programs
Data Vulnerabilities
Computer Criminals
How do they look like?
Computer crime
Any
Characteristics of computer
criminals
Amateurs
Amateurs have committed most of the
computer crimes reported to date.
Most computer criminals are ordinary
computer professionals or users who, while
doing their jobs, discover they have access
to something valuable
Amateurs may become disgruntled over
some negative work situation (such as a
reprimand or denial of promotion) and vow
to "get even" with management by wreaking
havoc on a computing installation.
Characteristics of computer
criminals
Crackers
System
or Malicious Hackers
Characteristics of computer
criminals
Career Criminals
"In 2006, the attackers want to pay the rent. They don't
want to write a worm that destroys your hardware.
They want to assimilate your computers and use them
to make money" [NAR06a].
Mikko Hyppnen, Chief Research Officer with the Finnish
security company f-Secure, agrees that today's
attacks often come from Russia, Asia, and Brazil and
the motive is now profit, not fame [BRA06].
Characteristics of computer
criminals
Terrorists
Methods of Defense
Harm
Hacking as Defense
Mechanism
Hacking
Methodology of Hacking
Footprinting
Scanning
Gaining
access
Maintaining acess
Covering tracks
Classification of Hackers
Depending on Activity profile
Black Hats- destruction of
computer systems
White Hats- Method of defense
Grey Hats- Works as black and
white and different times
Blue Hats- Work with security
firms to bug test a system prior to
launch.
Controls
Multiple controls
Similarly,
Exampleofhowweuseacombinationofcontrolsto
secureourvaluableresources
Figure16MultipleControls.
Encryption
Encryption
Software Controls
Programs
Program controls
Program controls include the following:
Hardware Controls
Hardware devices have been created to assist in
providing computer security. These devices
include a variety of means, such as
hardware or smart card implementations of
encryption
locks or cables limiting access or deterring
theft
devices to verify users' identities.
firewalls
intrusion detection systems
circuit boards that control access to storage
media
Physical Controls
Some
Effectiveness of Controls
Awareness
of Problem
Likelihood of Use
Overlapping Controls.
Periodic Review
But two controls are not always better than one and,
in some cases, two can even be worse than one.
This brings us to another security principle.
Principle of Weakest Link: Security can be no
stronger than its weakest link. Whether it is the
power supply that powers the firewall or the
operating system under the security application or
the human who plans, implements, and
administers controls, a failure of any control can
lead to a security failure.