SlideShare a Scribd company logo

a documentation of final year SRS for AI drons.ppt

â€ĸDownload as PPT, PDFâ€ĸ
â€ĸ
N
NebiyuTeferaShite

introduction to computer security

Engineering
1 of 60
Computer Security and privacy Chapter two : Computer Security threats
Outlines īŽ Security threats īŽ Types of threats īŽ Natural threat īŽ Man-made threat īŽ Network Security Threats īŽ Privacy and Internet īŽ New emerging technologies 2
Threat īŽ In computer security a threat is a possible danger that might exploit a vulnerability to breach security and therefore cause possible harm. īŽ A threat can be either "intentional" (i.e. hacking: an individual cracker or a criminal organization) or "accidental" (e.g. the possibility of a computer malfunctioning, or the possibility of a natural disaster such as an earthquake, a fire, or a tornado ,hurricane) or otherwise a circumstance, capability, action, or event. 3
Threat classification īŽ Threats can be classified according to their type and origin īŽ Physical damage: fire, water, pollution īŽ Natural events: climatic, seismic, volcanic īŽ Loss of essential services: electrical power, air conditioning, telecommunication īŽ Compromise of information: eavesdropping(spying), theft of media, retrieval of discarded materials īŽ Technical failures: equipment, software, capacity saturation, īŽ Compromise of functions: error in use, abuse of rights, denial of actions 4
Threat communities īŽ Subsets of the overall threat agent population that share key characteristics. The notion of threat communities is a powerful tool for understanding who and what we’re up against as we try to manage risk īŽ If the organization were to come under attack, what components of the organization would be likely targets? For example, how likely is it that terrorists would target the company information or systems? 5
īŽ The following threat communities are examples of the human malicious threat landscape many organizations face: īŽ Insiders(Internal) īŽ Employees īŽ Contractors (and vendors) īŽ Partners Threat communitiesâ€Ļ 6
Threat communitiesâ€Ļ īŽ Outsiders(External) īŽ Cyber-criminals (professional hackers and crackers) īŽ Spies īŽ Non-professional hackers īŽ Activists īŽ Nation-state intelligence services (e.g., counterparts to the CIA, etc.) īŽ Malware (virus/worm/etc.) authors 7
2.3 Malicious Code(Malware) īŽ Malicious code (also known as a rogue program or malware) is a software written to intentionally cause unanticipated or undesirable effects. īŽ Malicious code can do anything that as a “normal” program can do īŽ Malicious Code can damage:- īŽ Data īŽ Other program īŽ Malicious code was “defined” by Cohen in 1984 but virus behavior has been known since at least 1970. 8
Hackers īŽ A hacker is an individual who uses computer, networking or other skills to overcome a technical problem. īŽ The term hacker may refer to anyone with technical skills, but it often refers to a person who uses his or her abilities to gain unauthorized access to systems or networks in order to commit crimes. 9
Types of hackers The types of hackers are īŽ white hat hacker īŽ Motives: A desire to help businesses, along with a passion for finding holes in security networks. īŽ grey hat hacker īŽ Grey Hat hackers have all the skills of a Black and a White Hat hacker. The difference is, they don’t care about stealing from people, nor do they particularly want to help people. īŽ Nothing in life is black and white, and neither is hacking. īŽ Motives: Personal enjoyment. īŽ black hat hacker. īŽ Motives: Financial gain. 10
īŽ Blue Hat īŽ Vengeful and aggressive in every way- but only if you create them. īŽ Motives: Revenge. īŽ Red Hat īŽ The caped crusaders of the cyber world. īŽ To put a stop to people they know to be Black Hat hackers īŽ Motives: Vigilante justice. īŽ Green Hat īŽ Baby hackers taking their first steps in the cyber world. īŽ Motives: Learning to be full blown hackers(learn how to hack) īŽ Script Kiddie īŽ This is something of an ‘odd one out’, since it’s neither a hat or a colour! But a Script Kiddie can still cause problems, no matter how innocent the name sounds. īŽ Motives: Causing chaos and disruption. 11 Types of hackers
Common forms of malware Virus, Trojan horse and worm are the most common types of malware. 12
Virus īŽ A hidden, self-replicating section of computer software, usually malicious logic, that propagates by infecting another program or system memory īŽ Viruses can be divided in to two groups īŽ Transient virus is active only when its host program is active īŽ Resident virus establishes itself in the computer’s memory and can remain active without its host. Common forms of malwareâ€Ļ 13
Worm īŽ A computer program that can run independently, can propagate a complete working version of itself on to other hosts in a network, and may consume computer resources destructively. Trojan horse īŽ A computer program that appears to have a useful function but also has a hidden and malicious purpose that evades security mechanism, sometimes by exploiting the legitimating authorizations of the user who invokes the program Example: you downloaded a game app for your smart phone, when you launch the app, you will able to play the game but the app is secretly made copies of your contacts list and transfer information to the remote server. Common forms of malwareâ€Ļ 14
Other types of malware Zombie īŽ A malicious software that enables a computer to be controlled by a remote master machine Logic bomb īŽ Malicious program logic that activates when specified conditions are met. Time bomb īŽ A type of logic bomb that activates at a specific date/time 15
Rabbit īŽ A virus or worm that replicates itself without limit to exhaust system resources Trapdoor/backdoor īŽ A hidden computer flaw to an intruder, a hidden malicious software installed by intruder. (Java)Script attack īŽ Malicious software written in a scripting language that is downloaded when a user loads a webpage. Other types of malwareâ€Ļ 16
Hiding a virus īŽ Viruses can be hidden in many places i.e. in: īŽ boot sector īŽ memory īŽ application programs īŽ library files(e.g .dll files) īŽ other widely shared files and programs 17
2.5 Network security attacks īŽ Network advantages īŽ Resource sharing īŽ Distribution of workload īŽ Increased reliability īŽ easy expandability and scalability 18
Network vulnerability īŽ Several characteristics make networks vulnerable to attack, including: īŽ Anonymity īŽ Many point of attack īŽ Resource and workload sharing īŽ Network architecture is complex īŽ Networks have unknown boundary Example: wireless node 19
Types of network security attacks Network Treat can affect both hardware & software īŽ Hardware threats involve four types of threats īŽ Physical īŽ Electrical īŽ Environmental īŽ Maintenance 20
Software treats Adversary īŽ An adversary (a person/hacker/cracker who is interested in attacking your network) can use any kind of attack to threat the network infrastructures. īŽ A network may face several other attacks from adversary while achieving above goals. In following section, it includes some most common attacks 21
Software treats īŽ Reconnaissance Attack īŽ Passive attack īŽ Active Attack īŽ Distributed Attack īŽ Insider Attack īŽ Phishing Attack īŽ Hijack attack īŽ Spoof attack īŽ Password attack īŽ Packet capturing attack īŽ Denial of Service Attacks 22
Computer Software Security threats Reconnaissance Attack (Investigation) īŽ In this kind of attack, an adversary collects as much information about your network as he needed for other attacks. īŽ This information includes IP address range, server location, running OS, software version, types of devices etc. īŽ Packet capturing software, Ping command, trace root command, who is lookup are some example tools which can be used to collect this information. Adversary will use this information in mapping your infrastructure for next possible attack. 23
Passive attack īŽ In this attack an adversary deploys a sniffer tool and waits for sensitive information to be captured. This information can be used for other types of attacks. īŽ It includes packet sniffer tools, traffic analysis software, filtering clear text passwords from unencrypted traffic and seeking authentication information from unprotected communication. Once an adversary found any sensitive or authentication information, he will use that without the knowledge of the user. Computer Software Security threatsâ€Ļ 24
Active Attack īŽ In this attack an adversary does not wait for any sensitive or authentication information. He actively tries to break or bypass the secured systems. īŽ It includes viruses, worms, Trojan horses, stealing login information, inserting malicious code and penetrating network backbone. Active attacks are the most dangerous in natures. It results in disclosing sensitive information, modification of data or complete data lost. Computer Software Security threat â€Ļ 25
Distributed Attack īŽ In this attack an adversary hides malicious code in trusted software. Later this software is distributed to many other users through the internet without their knowledge. Once end user installs infected software, it starts sending sensitive information to the adversary silently. Pirated software is heavily used for this purpose. Computer Software Security threatâ€Ļ 26
Insider Attack īŽ According to a survey more than 70% attacks are insider. Insider attacks are divided in two categories; intentionally and accidentally. īŽ In intentionally attack, an attacker intentionally damage network infrastructure or data. Usually intentionally attacks are done by disgruntled or frustrated employees for money or revenge. īŽ In accidentally attack, damages are done by the carelessness or lack of knowledge. Computer Software Security threatsâ€Ļ 27
Hijacking īŽ This attack usually takes place between running sessions. Hacker joins a running session and silent disconnects other party. Then he starts communicating with active parties by using the identity of disconnected party. īŽ Active party thinks that he is talking with original party and may send sensitive information to the adversary. Computer Software Security threatsâ€Ļ 28
Phishing īŽ Phishing attack is gaining popularity from last couple of years. In this attack an adversary creates fake email address or website which looks like a reputed mail address or popular site. Later attacker sends email using their name. These emails contain convincing message, some time with a link that leads to a fake site. This fake site looks exactly same as original site. Without knowing the truth user tries to log on with their account information, hacker records this authentication information and uses it on real site. Computer Software Security threat 29
Spoofing īŽ In this kind of attack an adversary changes the sources address of packet so receiver assumes that packet comes from someone else. This technique is typically used to bypass the firewall rules. Computer Software Security threat 30
Buffer overflow attack īŽ This attack is part of DoS technique. In this attack an adversary sends more data to an application than its buffer size. It results in failure of service. This attack is usually used to halt a service or server. Computer Software Security threat 31
Exploit attack īŽ Exploit attack is used after Reconnaissance attack. Once an attacker learned from reconnaissance attack that which OS or software is running on target system, he starts exploiting vulnerability in that particular software or OS. Computer Software Security threat 32
Packet capturing attack īŽ This attack is part of passive attack. In this attack an attacker uses a packet capturing software which captures all packets from wire. Later he extracts information from these packets. This information can be used to deploy several kinds of other attacks. Computer Software Security threat 33
Ping sweep attack īŽ In this attack an attacker pings all possible IP addresses on a subnet to find out which hosts are up. Once he finds an up system, he tries to scan the listening ports. īŽ From listing ports he can learn about the type of services running on that system. Once he figures out the services, he can try to exploit the vulnerabilities associated with those services. Computer Software Security threat 34
DNS Query attack īŽ DNS queries are used to discover information about public server on the internet. All OS includes the tool for DNS queries such as lookup in Windows, Dig and Host in Linux. īŽ These tools query a DNS server for information about specified domain. DNS server respond with internal information such as Server IP address, Email Server, technical contacts etc. An adversary can use this information in phishing or ping attack. Computer Software Security threat 35
MiTM attacks īŽ In this attack an adversary captures data from middle of transmission and changes it, then send it again to the destination. Receiving person thinks that this message came from original source. īŽ For example in a share trading company Jack is sending a message to Rick telling him to hold the shares. An adversary intercepts this message in way that it looks like Jack is telling for sell. When Rick receives this message, he will think that Jack is telling for the sell and he will sell the shares. This is known as Man in the middle attack. Computer Software Security threat 36
Botnets īŽ Botnets are armies of remote-controlled devices used for the purpose of sending spam (including Phishing scams), propagating malware and launching DDoS attacks. īŽ Botnets are the master-mover of most cyber security threats in terms of the scope of damage they cause in CSP networks across the globe Computer Software Security threat 37
2.6 What is Denial of Service(DOS)? īƒ˜ Denial of service(DOS) is an attack on availability of network resources īƒ˜ Dos attacks can be initiated in many ways, including īŽ Transmission failure īŽ Traffic redirection īŽ DNS attack īŽ Connection flooding 38
Connection flooding īŽ Connection flooding attack seeks to negatively affect the availability of a network resource by exhausting or overwhelming the capacity of a communication channel 39
Types of connection flooding attacks īŽ There are five main connection flooding attacks. īŽ Echo chargen attack īŽ Ping of death attack īŽ Smuf attack īŽ SYN flood attack īŽ Teardrop attack 40
Echo chargen attack 41
Ping of death attack 42
Smuf attack 43
SYN flood attack 44
īŽ In SYN flooding attack implementation of three-way handshake of the TCP/IP protocol is exploited īŽ In three-way handshake (1) first the client sends a SYN packet to the server, (2) server then responds with a SYN-ACK. (3) then the client responds to this SYN-ACK and handshake is completed and data transfer starts. In SYN flood attack the attacker does not respond to the 45 SYN flood attack
Syn flood 46
Teardrop attack 47
Distributed Denial of Service(DDOS) attack īŽ In a distributed denial of service,an attacker uses any convenient method to distribute a Trojan horse to as many target machines as possible. īŽ After choosing a victim, a signal is transmitted from the attacker to each zombie machine to initiate the attack īŽ The Trojan horse on each machine then launches a denial of service on the target 48
Distributed Denial of Service(DDOS) attack 49
Intrusion Detection System īŽ It is better to prevent an attack than to detect it after it has already succeeded. īŽ Intrusion detection System is a device that monitors system activities with a view toward detecting malicious and suspicious events. īŽ Intrusion detection system attempt to detect: īŽ Outsiders breaking into a system īŽ Insiders attempting to perform unappropriate actions 50
Intrusion detection system methodologies Common terms associated with the use of intrusion detection systems: Anomaly īŽ Refers to abnormal or unusual behavior that is occurring in the network Misuse īŽ Refers to an activity that violets the network or system security policy Intrusion īŽ Refers to a situation the system or network is being misused either by insiders or outsiders Audit īŽ Refers to action of the user or system is evaluated or ananized Profiling īŽ Refers to the process of observing legitimate users or the system in ordrer to establish a model of normanl behavior 51
Classifying intrusion detection system 52
Goals of Intrusion Detection System Intrusion detection systems have two primary goals 1. Detect all attacks correctly īŽ Avoid false positives (false alarm) īŽ Avoid false negatives 2. Monitor systems effectively with minimal overhead and performance degradation 53
2.9 Method-Opportunity-Motive Attackers need MOM Method īŽ Skill, knowledge, tools, etc. with which to attempt an attack Opportunity īŽ Time and access to attempt an attack Motive īŽ A reason to attempt an attack 54
īŽWho are your attackers? Everyone!! 55
2.9 Method of defense Six approaches to defense computing system 1. Prevent attack īŽ Block attack/close vulnerability 2. Deter attack īŽ Make attack harder(we can’t make it impossible) 3. Deflect attack īŽ Make another target more attractive than this target 4. Mitigate attack īŽ Make the impact of attack less serve 5 Detect attack īŽ During or after 6. Recover from attack 56
Privacy and the Internet īƒ˜ For many people , the Internet represents the greatest threat to the personal privacy. īƒ˜ Internet-based threats to privacy abound, and include:- īŽ Social networks īŽ Online payments īŽ Website registrations īŽ Preference tracking īŽ Targeted advertising īŽ Contests , prizes and special offers īŽ Cookies īŽ Spyware and adware 57
Privacy and email īŽ Email messages are highly exposed as the travel across the Internet. Hence represent serous threat to personal privacy. īŽ By default email messages are not encrypted.as such email privacy can be compromised at any point while an email message is in transit. īŽ Email anonymity īŽ Although the name and email address of the sender of an email message can be readily forged, the IP and MAC address of the source are contained in the packet stream. Thus limiting email anonymity 58
īŽ To send an email message anonymously, a user may choose to sent a message by way of a remailer īŽ Threats to email privacy include:- īŽ Interception of email messages īŽ Monitoring of email messages 59 Privacy and emailâ€Ļ..
Privacy and emerging technologies īŽ The rapid development and adoption of new information and communication technologies implies a need to evaluate and consider those technologies from security perspective. īŽ Emerging technologies with serious privacy implications include: īŽ Radio frequency Identification (RFID) Tags īŽ Small inexpensive devices which of uniquely identifiable from distance īŽ Voice over IP (VoIP) īŽ Electronic voting īŽ Location-based services īŽ Smart phones have gps capabilities 60

Recommended

list of Deception as well as detection techniques for maleware
list of Deception as well as detection techniques for malewarelist of Deception as well as detection techniques for maleware
list of Deception as well as detection techniques for malewareAJAY VISHKARMA
 
Security & threats Presentation => (Presenter: Komal Mehfooz)
Security & threats Presentation => (Presenter: Komal Mehfooz) Security & threats Presentation => (Presenter: Komal Mehfooz)
Security & threats Presentation => (Presenter: Komal Mehfooz) Komal Mehfooz
 
L N Yadav Cyber SECURITY.ppt
L N Yadav Cyber SECURITY.pptL N Yadav Cyber SECURITY.ppt
L N Yadav Cyber SECURITY.pptlowlesh1
 
L N Yadav Cyber SECURITY2.ppt
L N Yadav Cyber SECURITY2.pptL N Yadav Cyber SECURITY2.ppt
L N Yadav Cyber SECURITY2.pptlowlesh1
 
Dhams hacking
Dhams hackingDhams hacking
Dhams hackingdharmesh ram
 
hacking basics
hacking basicshacking basics
hacking basicsdharmesh ram
 
CyberSecurity presentation for basic knowledge about this topic
CyberSecurity presentation for basic knowledge about this topicCyberSecurity presentation for basic knowledge about this topic
CyberSecurity presentation for basic knowledge about this topicpiyushkamble6
 
Types of Malware (CEH v11)
Types of Malware (CEH v11)Types of Malware (CEH v11)
Types of Malware (CEH v11)EC-Council
 

Recommended

list of Deception as well as detection techniques for maleware
list of Deception as well as detection techniques for malewarelist of Deception as well as detection techniques for maleware
list of Deception as well as detection techniques for malewareAJAY VISHKARMA
 
Security & threats Presentation => (Presenter: Komal Mehfooz)
Security & threats Presentation => (Presenter: Komal Mehfooz) Security & threats Presentation => (Presenter: Komal Mehfooz)
Security & threats Presentation => (Presenter: Komal Mehfooz) Komal Mehfooz
 
L N Yadav Cyber SECURITY.ppt
L N Yadav Cyber SECURITY.pptL N Yadav Cyber SECURITY.ppt
L N Yadav Cyber SECURITY.pptlowlesh1
 
L N Yadav Cyber SECURITY2.ppt
L N Yadav Cyber SECURITY2.pptL N Yadav Cyber SECURITY2.ppt
L N Yadav Cyber SECURITY2.pptlowlesh1
 
Dhams hacking
Dhams hackingDhams hacking
Dhams hackingdharmesh ram
 
hacking basics
hacking basicshacking basics
hacking basicsdharmesh ram
 
CyberSecurity presentation for basic knowledge about this topic
CyberSecurity presentation for basic knowledge about this topicCyberSecurity presentation for basic knowledge about this topic
CyberSecurity presentation for basic knowledge about this topicpiyushkamble6
 
Types of Malware (CEH v11)
Types of Malware (CEH v11)Types of Malware (CEH v11)
Types of Malware (CEH v11)EC-Council
 
Guest Lecture-Computer and Cyber Security.pptx
Guest Lecture-Computer and Cyber Security.pptxGuest Lecture-Computer and Cyber Security.pptx
Guest Lecture-Computer and Cyber Security.pptxGudipudiDayanandam
 
RRB JE Stage 2 Computer and Applications Questions Part 5
RRB JE Stage 2 Computer and Applications Questions Part 5RRB JE Stage 2 Computer and Applications Questions Part 5
RRB JE Stage 2 Computer and Applications Questions Part 5CAS
 
Dickmaster
DickmasterDickmaster
DickmasterDickMaster1
 
Computer crimes
Computer crimesComputer crimes
Computer crimesMuniba Bukhari
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hackingaashish2cool4u
 
Tutorial 09 - Security on the Internet and the Web
Tutorial 09 - Security on the Internet and the WebTutorial 09 - Security on the Internet and the Web
Tutorial 09 - Security on the Internet and the Webdpd
 
Detecting and mitigating cyber threats and attacks1
Detecting and mitigating cyber threats and attacks1Detecting and mitigating cyber threats and attacks1
Detecting and mitigating cyber threats and attacks1NihanthReddyBalaiahg
 
Security Threats to machine Learning( ARTIFICIAL INTELLIGENCE)
Security Threats to machine Learning( ARTIFICIAL INTELLIGENCE)Security Threats to machine Learning( ARTIFICIAL INTELLIGENCE)
Security Threats to machine Learning( ARTIFICIAL INTELLIGENCE)Debabrata Singh
 
Computer securety
Computer securetyComputer securety
Computer securetyrushil ahmed
 
Malware: To The Realm of Malicious Code (Training)
Malware: To The Realm of Malicious Code (Training)Malware: To The Realm of Malicious Code (Training)
Malware: To The Realm of Malicious Code (Training)Satria Ady Pradana
 
Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber SecurityPriyanshu Ratnakar
 
MALWARE
MALWAREMALWARE
MALWAREAnupam Das
 
Malware
MalwareMalware
MalwareAnoushka Srivastava
 
Malware
MalwareMalware
Malwarezelkan19
 
Malware
MalwareMalware
Malwarezelkan19
 
(Training) Malware - To the Realm of Malicious Code
(Training) Malware - To the Realm of Malicious Code(Training) Malware - To the Realm of Malicious Code
(Training) Malware - To the Realm of Malicious CodeSatria Ady Pradana
 
Computer security
Computer securityComputer security
Computer securitysruthiKrishnaG
 
Computer Viruses and Classification lecture slides ppt
Computer Viruses and Classification lecture slides pptComputer Viruses and Classification lecture slides ppt
Computer Viruses and Classification lecture slides pptOsama Yousaf
 
Computer security threats & prevention
Computer security threats & preventionComputer security threats & prevention
Computer security threats & preventionPriSim
 
The process of computer security
The process of computer securityThe process of computer security
The process of computer securityWritingHubUK
 
young call girls in Rajiv Chowk🔝 9953056974 🔝 Delhi escort Service
young call girls in Rajiv Chowk🔝 9953056974 🔝 Delhi escort Serviceyoung call girls in Rajiv Chowk🔝 9953056974 🔝 Delhi escort Service
young call girls in Rajiv Chowk🔝 9953056974 🔝 Delhi escort Service9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
What are the advantages and disadvantages of membrane structures.pptx
What are the advantages and disadvantages of membrane structures.pptxWhat are the advantages and disadvantages of membrane structures.pptx
What are the advantages and disadvantages of membrane structures.pptxwendy cai
 

More Related Content

Similar to a documentation of final year SRS for AI drons.ppt

Guest Lecture-Computer and Cyber Security.pptx
Guest Lecture-Computer and Cyber Security.pptxGuest Lecture-Computer and Cyber Security.pptx
Guest Lecture-Computer and Cyber Security.pptxGudipudiDayanandam
 
RRB JE Stage 2 Computer and Applications Questions Part 5
RRB JE Stage 2 Computer and Applications Questions Part 5RRB JE Stage 2 Computer and Applications Questions Part 5
RRB JE Stage 2 Computer and Applications Questions Part 5CAS
 
Dickmaster
DickmasterDickmaster
DickmasterDickMaster1
 
Tutorial 09 - Security on the Internet and the Web
Tutorial 09 - Security on the Internet and the WebTutorial 09 - Security on the Internet and the Web
Tutorial 09 - Security on the Internet and the Webdpd
 
Detecting and mitigating cyber threats and attacks1
Detecting and mitigating cyber threats and attacks1Detecting and mitigating cyber threats and attacks1
Detecting and mitigating cyber threats and attacks1NihanthReddyBalaiahg
 
Security Threats to machine Learning( ARTIFICIAL INTELLIGENCE)
Security Threats to machine Learning( ARTIFICIAL INTELLIGENCE)Security Threats to machine Learning( ARTIFICIAL INTELLIGENCE)
Security Threats to machine Learning( ARTIFICIAL INTELLIGENCE)Debabrata Singh
 
Computer securety
Computer securetyComputer securety
Computer securetyrushil ahmed
 
Malware: To The Realm of Malicious Code (Training)
Malware: To The Realm of Malicious Code (Training)Malware: To The Realm of Malicious Code (Training)
Malware: To The Realm of Malicious Code (Training)Satria Ady Pradana
 
Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber SecurityPriyanshu Ratnakar
 
Malware
MalwareMalware
Malwarezelkan19
 
Malware
MalwareMalware
Malwarezelkan19
 
(Training) Malware - To the Realm of Malicious Code
(Training) Malware - To the Realm of Malicious Code(Training) Malware - To the Realm of Malicious Code
(Training) Malware - To the Realm of Malicious CodeSatria Ady Pradana
 
Computer security
Computer securityComputer security
Computer securitysruthiKrishnaG
 
Computer Viruses and Classification lecture slides ppt
Computer Viruses and Classification lecture slides pptComputer Viruses and Classification lecture slides ppt
Computer Viruses and Classification lecture slides pptOsama Yousaf
 
Computer security threats & prevention
Computer security threats & preventionComputer security threats & prevention
Computer security threats & preventionPriSim
 
The process of computer security
The process of computer securityThe process of computer security
The process of computer securityWritingHubUK
 

Similar to a documentation of final year SRS for AI drons.ppt (20)

Guest Lecture-Computer and Cyber Security.pptx
Guest Lecture-Computer and Cyber Security.pptxGuest Lecture-Computer and Cyber Security.pptx
Guest Lecture-Computer and Cyber Security.pptx
 
RRB JE Stage 2 Computer and Applications Questions Part 5
RRB JE Stage 2 Computer and Applications Questions Part 5RRB JE Stage 2 Computer and Applications Questions Part 5
RRB JE Stage 2 Computer and Applications Questions Part 5
 
Dickmaster
DickmasterDickmaster
Dickmaster
 
Computer crimes
Computer crimesComputer crimes
Computer crimes
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Tutorial 09 - Security on the Internet and the Web
Tutorial 09 - Security on the Internet and the WebTutorial 09 - Security on the Internet and the Web
Tutorial 09 - Security on the Internet and the Web
 
Detecting and mitigating cyber threats and attacks1
Detecting and mitigating cyber threats and attacks1Detecting and mitigating cyber threats and attacks1
Detecting and mitigating cyber threats and attacks1
 
Security Threats to machine Learning( ARTIFICIAL INTELLIGENCE)
Security Threats to machine Learning( ARTIFICIAL INTELLIGENCE)Security Threats to machine Learning( ARTIFICIAL INTELLIGENCE)
Security Threats to machine Learning( ARTIFICIAL INTELLIGENCE)
 
Computer securety
Computer securetyComputer securety
Computer securety
 
Malware: To The Realm of Malicious Code (Training)
Malware: To The Realm of Malicious Code (Training)Malware: To The Realm of Malicious Code (Training)
Malware: To The Realm of Malicious Code (Training)
 
Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber Security
 
MALWARE
MALWAREMALWARE
MALWARE
 
Malware
MalwareMalware
Malware
 
Malware
MalwareMalware
Malware
 
Malware
MalwareMalware
Malware
 
(Training) Malware - To the Realm of Malicious Code
(Training) Malware - To the Realm of Malicious Code(Training) Malware - To the Realm of Malicious Code
(Training) Malware - To the Realm of Malicious Code
 
Computer security
Computer securityComputer security
Computer security
 
Computer Viruses and Classification lecture slides ppt
Computer Viruses and Classification lecture slides pptComputer Viruses and Classification lecture slides ppt
Computer Viruses and Classification lecture slides ppt
 
Computer security threats & prevention
Computer security threats & preventionComputer security threats & prevention
Computer security threats & prevention
 
The process of computer security
The process of computer securityThe process of computer security
The process of computer security
 

Recently uploaded

What are the advantages and disadvantages of membrane structures.pptx
What are the advantages and disadvantages of membrane structures.pptxWhat are the advantages and disadvantages of membrane structures.pptx
What are the advantages and disadvantages of membrane structures.pptxwendy cai
 
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCollege Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCall Girls in Nagpur High Profile
 
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130Suhani Kapoor
 
🔝9953056974🔝!!-YOUNG call girls in Rajendra Nagar Escort rvice Shot 2000 nigh...
🔝9953056974🔝!!-YOUNG call girls in Rajendra Nagar Escort rvice Shot 2000 nigh...🔝9953056974🔝!!-YOUNG call girls in Rajendra Nagar Escort rvice Shot 2000 nigh...
🔝9953056974🔝!!-YOUNG call girls in Rajendra Nagar Escort rvice Shot 2000 nigh...9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
Software and Systems Engineering Standards: Verification and Validation of Sy...
Software and Systems Engineering Standards: Verification and Validation of Sy...Software and Systems Engineering Standards: Verification and Validation of Sy...
Software and Systems Engineering Standards: Verification and Validation of Sy...VICTOR MAESTRE RAMIREZ
 
Biology for Computer Engineers Course Handout.pptx
Biology for Computer Engineers Course Handout.pptxBiology for Computer Engineers Course Handout.pptx
Biology for Computer Engineers Course Handout.pptxDeepakSakkari2
 
Architect Hassan Khalil Portfolio for 2024
Architect Hassan Khalil Portfolio for 2024Architect Hassan Khalil Portfolio for 2024
Architect Hassan Khalil Portfolio for 2024hassan khalil
 
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur High Profile
 
microprocessor 8085 and its interfacing
microprocessor 8085 and its interfacingmicroprocessor 8085 and its interfacing
microprocessor 8085 and its interfacingjaychoudhary37
 
Internship report on mechanical engineering
Internship report on mechanical engineeringInternship report on mechanical engineering
Internship report on mechanical engineeringmalavadedarshan25
 
Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝
Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝
Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝soniya singh
 
Microscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptxMicroscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptxpurnimasatapathy1234
 
ZXCTN 5804 / ZTE PTN / ZTE POTN / ZTE 5804 PTN / ZTE POTN 5804 ( 100/200 GE Z...
ZXCTN 5804 / ZTE PTN / ZTE POTN / ZTE 5804 PTN / ZTE POTN 5804 ( 100/200 GE Z...ZXCTN 5804 / ZTE PTN / ZTE POTN / ZTE 5804 PTN / ZTE POTN 5804 ( 100/200 GE Z...
ZXCTN 5804 / ZTE PTN / ZTE POTN / ZTE 5804 PTN / ZTE POTN 5804 ( 100/200 GE Z...ZTE
 
Call Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile serviceCall Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile servicerehmti665
 
Sachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
Sachpazis Costas: Geotechnical Engineering: A student's Perspective IntroductionSachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
Sachpazis Costas: Geotechnical Engineering: A student's Perspective IntroductionDr.Costas Sachpazis
 
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdf
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdfCCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdf
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdfAsst.prof M.Gokilavani
 
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...ranjana rawat
 
Artificial-Intelligence-in-Electronics (K).pptx
Artificial-Intelligence-in-Electronics (K).pptxArtificial-Intelligence-in-Electronics (K).pptx
Artificial-Intelligence-in-Electronics (K).pptxbritheesh05
 

Recently uploaded (20)

young call girls in Rajiv Chowk🔝 9953056974 🔝 Delhi escort Service
young call girls in Rajiv Chowk🔝 9953056974 🔝 Delhi escort Serviceyoung call girls in Rajiv Chowk🔝 9953056974 🔝 Delhi escort Service
young call girls in Rajiv Chowk🔝 9953056974 🔝 Delhi escort Service
 
What are the advantages and disadvantages of membrane structures.pptx
What are the advantages and disadvantages of membrane structures.pptxWhat are the advantages and disadvantages of membrane structures.pptx
What are the advantages and disadvantages of membrane structures.pptx
 
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCollege Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
 
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
 
🔝9953056974🔝!!-YOUNG call girls in Rajendra Nagar Escort rvice Shot 2000 nigh...
🔝9953056974🔝!!-YOUNG call girls in Rajendra Nagar Escort rvice Shot 2000 nigh...🔝9953056974🔝!!-YOUNG call girls in Rajendra Nagar Escort rvice Shot 2000 nigh...
🔝9953056974🔝!!-YOUNG call girls in Rajendra Nagar Escort rvice Shot 2000 nigh...
 
Software and Systems Engineering Standards: Verification and Validation of Sy...
Software and Systems Engineering Standards: Verification and Validation of Sy...Software and Systems Engineering Standards: Verification and Validation of Sy...
Software and Systems Engineering Standards: Verification and Validation of Sy...
 
Biology for Computer Engineers Course Handout.pptx
Biology for Computer Engineers Course Handout.pptxBiology for Computer Engineers Course Handout.pptx
Biology for Computer Engineers Course Handout.pptx
 
Architect Hassan Khalil Portfolio for 2024
Architect Hassan Khalil Portfolio for 2024Architect Hassan Khalil Portfolio for 2024
Architect Hassan Khalil Portfolio for 2024
 
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
 
microprocessor 8085 and its interfacing
microprocessor 8085 and its interfacingmicroprocessor 8085 and its interfacing
microprocessor 8085 and its interfacing
 
Internship report on mechanical engineering
Internship report on mechanical engineeringInternship report on mechanical engineering
Internship report on mechanical engineering
 
Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝
Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝
Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝
 
Microscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptxMicroscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptx
 
ZXCTN 5804 / ZTE PTN / ZTE POTN / ZTE 5804 PTN / ZTE POTN 5804 ( 100/200 GE Z...
ZXCTN 5804 / ZTE PTN / ZTE POTN / ZTE 5804 PTN / ZTE POTN 5804 ( 100/200 GE Z...ZXCTN 5804 / ZTE PTN / ZTE POTN / ZTE 5804 PTN / ZTE POTN 5804 ( 100/200 GE Z...
ZXCTN 5804 / ZTE PTN / ZTE POTN / ZTE 5804 PTN / ZTE POTN 5804 ( 100/200 GE Z...
 
Call Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile serviceCall Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile service
 
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
 
Sachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
Sachpazis Costas: Geotechnical Engineering: A student's Perspective IntroductionSachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
Sachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
 
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdf
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdfCCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdf
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdf
 
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
 
Artificial-Intelligence-in-Electronics (K).pptx
Artificial-Intelligence-in-Electronics (K).pptxArtificial-Intelligence-in-Electronics (K).pptx
Artificial-Intelligence-in-Electronics (K).pptx
 

a documentation of final year SRS for AI drons.ppt

  • 1. Computer Security and privacy Chapter two : Computer Security threats
  • 2. Outlines īŽ Security threats īŽ Types of threats īŽ Natural threat īŽ Man-made threat īŽ Network Security Threats īŽ Privacy and Internet īŽ New emerging technologies 2
  • 3. Threat īŽ In computer security a threat is a possible danger that might exploit a vulnerability to breach security and therefore cause possible harm. īŽ A threat can be either "intentional" (i.e. hacking: an individual cracker or a criminal organization) or "accidental" (e.g. the possibility of a computer malfunctioning, or the possibility of a natural disaster such as an earthquake, a fire, or a tornado ,hurricane) or otherwise a circumstance, capability, action, or event. 3
  • 4. Threat classification īŽ Threats can be classified according to their type and origin īŽ Physical damage: fire, water, pollution īŽ Natural events: climatic, seismic, volcanic īŽ Loss of essential services: electrical power, air conditioning, telecommunication īŽ Compromise of information: eavesdropping(spying), theft of media, retrieval of discarded materials īŽ Technical failures: equipment, software, capacity saturation, īŽ Compromise of functions: error in use, abuse of rights, denial of actions 4
  • 5. Threat communities īŽ Subsets of the overall threat agent population that share key characteristics. The notion of threat communities is a powerful tool for understanding who and what we’re up against as we try to manage risk īŽ If the organization were to come under attack, what components of the organization would be likely targets? For example, how likely is it that terrorists would target the company information or systems? 5
  • 6. īŽ The following threat communities are examples of the human malicious threat landscape many organizations face: īŽ Insiders(Internal) īŽ Employees īŽ Contractors (and vendors) īŽ Partners Threat communitiesâ€Ļ 6
  • 7. Threat communitiesâ€Ļ īŽ Outsiders(External) īŽ Cyber-criminals (professional hackers and crackers) īŽ Spies īŽ Non-professional hackers īŽ Activists īŽ Nation-state intelligence services (e.g., counterparts to the CIA, etc.) īŽ Malware (virus/worm/etc.) authors 7
  • 8. 2.3 Malicious Code(Malware) īŽ Malicious code (also known as a rogue program or malware) is a software written to intentionally cause unanticipated or undesirable effects. īŽ Malicious code can do anything that as a “normal” program can do īŽ Malicious Code can damage:- īŽ Data īŽ Other program īŽ Malicious code was “defined” by Cohen in 1984 but virus behavior has been known since at least 1970. 8
  • 9. Hackers īŽ A hacker is an individual who uses computer, networking or other skills to overcome a technical problem. īŽ The term hacker may refer to anyone with technical skills, but it often refers to a person who uses his or her abilities to gain unauthorized access to systems or networks in order to commit crimes. 9
  • 10. Types of hackers The types of hackers are īŽ white hat hacker īŽ Motives: A desire to help businesses, along with a passion for finding holes in security networks. īŽ grey hat hacker īŽ Grey Hat hackers have all the skills of a Black and a White Hat hacker. The difference is, they don’t care about stealing from people, nor do they particularly want to help people. īŽ Nothing in life is black and white, and neither is hacking. īŽ Motives: Personal enjoyment. īŽ black hat hacker. īŽ Motives: Financial gain. 10
  • 11. īŽ Blue Hat īŽ Vengeful and aggressive in every way- but only if you create them. īŽ Motives: Revenge. īŽ Red Hat īŽ The caped crusaders of the cyber world. īŽ To put a stop to people they know to be Black Hat hackers īŽ Motives: Vigilante justice. īŽ Green Hat īŽ Baby hackers taking their first steps in the cyber world. īŽ Motives: Learning to be full blown hackers(learn how to hack) īŽ Script Kiddie īŽ This is something of an ‘odd one out’, since it’s neither a hat or a colour! But a Script Kiddie can still cause problems, no matter how innocent the name sounds. īŽ Motives: Causing chaos and disruption. 11 Types of hackers
  • 12. Common forms of malware Virus, Trojan horse and worm are the most common types of malware. 12
  • 13. Virus īŽ A hidden, self-replicating section of computer software, usually malicious logic, that propagates by infecting another program or system memory īŽ Viruses can be divided in to two groups īŽ Transient virus is active only when its host program is active īŽ Resident virus establishes itself in the computer’s memory and can remain active without its host. Common forms of malwareâ€Ļ 13
  • 14. Worm īŽ A computer program that can run independently, can propagate a complete working version of itself on to other hosts in a network, and may consume computer resources destructively. Trojan horse īŽ A computer program that appears to have a useful function but also has a hidden and malicious purpose that evades security mechanism, sometimes by exploiting the legitimating authorizations of the user who invokes the program Example: you downloaded a game app for your smart phone, when you launch the app, you will able to play the game but the app is secretly made copies of your contacts list and transfer information to the remote server. Common forms of malwareâ€Ļ 14
  • 15. Other types of malware Zombie īŽ A malicious software that enables a computer to be controlled by a remote master machine Logic bomb īŽ Malicious program logic that activates when specified conditions are met. Time bomb īŽ A type of logic bomb that activates at a specific date/time 15
  • 16. Rabbit īŽ A virus or worm that replicates itself without limit to exhaust system resources Trapdoor/backdoor īŽ A hidden computer flaw to an intruder, a hidden malicious software installed by intruder. (Java)Script attack īŽ Malicious software written in a scripting language that is downloaded when a user loads a webpage. Other types of malwareâ€Ļ 16
  • 17. Hiding a virus īŽ Viruses can be hidden in many places i.e. in: īŽ boot sector īŽ memory īŽ application programs īŽ library files(e.g .dll files) īŽ other widely shared files and programs 17
  • 18. 2.5 Network security attacks īŽ Network advantages īŽ Resource sharing īŽ Distribution of workload īŽ Increased reliability īŽ easy expandability and scalability 18
  • 19. Network vulnerability īŽ Several characteristics make networks vulnerable to attack, including: īŽ Anonymity īŽ Many point of attack īŽ Resource and workload sharing īŽ Network architecture is complex īŽ Networks have unknown boundary Example: wireless node 19
  • 20. Types of network security attacks Network Treat can affect both hardware & software īŽ Hardware threats involve four types of threats īŽ Physical īŽ Electrical īŽ Environmental īŽ Maintenance 20
  • 21. Software treats Adversary īŽ An adversary (a person/hacker/cracker who is interested in attacking your network) can use any kind of attack to threat the network infrastructures. īŽ A network may face several other attacks from adversary while achieving above goals. In following section, it includes some most common attacks 21
  • 22. Software treats īŽ Reconnaissance Attack īŽ Passive attack īŽ Active Attack īŽ Distributed Attack īŽ Insider Attack īŽ Phishing Attack īŽ Hijack attack īŽ Spoof attack īŽ Password attack īŽ Packet capturing attack īŽ Denial of Service Attacks 22
  • 23. Computer Software Security threats Reconnaissance Attack (Investigation) īŽ In this kind of attack, an adversary collects as much information about your network as he needed for other attacks. īŽ This information includes IP address range, server location, running OS, software version, types of devices etc. īŽ Packet capturing software, Ping command, trace root command, who is lookup are some example tools which can be used to collect this information. Adversary will use this information in mapping your infrastructure for next possible attack. 23
  • 24. Passive attack īŽ In this attack an adversary deploys a sniffer tool and waits for sensitive information to be captured. This information can be used for other types of attacks. īŽ It includes packet sniffer tools, traffic analysis software, filtering clear text passwords from unencrypted traffic and seeking authentication information from unprotected communication. Once an adversary found any sensitive or authentication information, he will use that without the knowledge of the user. Computer Software Security threatsâ€Ļ 24
  • 25. Active Attack īŽ In this attack an adversary does not wait for any sensitive or authentication information. He actively tries to break or bypass the secured systems. īŽ It includes viruses, worms, Trojan horses, stealing login information, inserting malicious code and penetrating network backbone. Active attacks are the most dangerous in natures. It results in disclosing sensitive information, modification of data or complete data lost. Computer Software Security threat â€Ļ 25
  • 26. Distributed Attack īŽ In this attack an adversary hides malicious code in trusted software. Later this software is distributed to many other users through the internet without their knowledge. Once end user installs infected software, it starts sending sensitive information to the adversary silently. Pirated software is heavily used for this purpose. Computer Software Security threatâ€Ļ 26
  • 27. Insider Attack īŽ According to a survey more than 70% attacks are insider. Insider attacks are divided in two categories; intentionally and accidentally. īŽ In intentionally attack, an attacker intentionally damage network infrastructure or data. Usually intentionally attacks are done by disgruntled or frustrated employees for money or revenge. īŽ In accidentally attack, damages are done by the carelessness or lack of knowledge. Computer Software Security threatsâ€Ļ 27
  • 28. Hijacking īŽ This attack usually takes place between running sessions. Hacker joins a running session and silent disconnects other party. Then he starts communicating with active parties by using the identity of disconnected party. īŽ Active party thinks that he is talking with original party and may send sensitive information to the adversary. Computer Software Security threatsâ€Ļ 28
  • 29. Phishing īŽ Phishing attack is gaining popularity from last couple of years. In this attack an adversary creates fake email address or website which looks like a reputed mail address or popular site. Later attacker sends email using their name. These emails contain convincing message, some time with a link that leads to a fake site. This fake site looks exactly same as original site. Without knowing the truth user tries to log on with their account information, hacker records this authentication information and uses it on real site. Computer Software Security threat 29
  • 30. Spoofing īŽ In this kind of attack an adversary changes the sources address of packet so receiver assumes that packet comes from someone else. This technique is typically used to bypass the firewall rules. Computer Software Security threat 30
  • 31. Buffer overflow attack īŽ This attack is part of DoS technique. In this attack an adversary sends more data to an application than its buffer size. It results in failure of service. This attack is usually used to halt a service or server. Computer Software Security threat 31
  • 32. Exploit attack īŽ Exploit attack is used after Reconnaissance attack. Once an attacker learned from reconnaissance attack that which OS or software is running on target system, he starts exploiting vulnerability in that particular software or OS. Computer Software Security threat 32
  • 33. Packet capturing attack īŽ This attack is part of passive attack. In this attack an attacker uses a packet capturing software which captures all packets from wire. Later he extracts information from these packets. This information can be used to deploy several kinds of other attacks. Computer Software Security threat 33
  • 34. Ping sweep attack īŽ In this attack an attacker pings all possible IP addresses on a subnet to find out which hosts are up. Once he finds an up system, he tries to scan the listening ports. īŽ From listing ports he can learn about the type of services running on that system. Once he figures out the services, he can try to exploit the vulnerabilities associated with those services. Computer Software Security threat 34
  • 35. DNS Query attack īŽ DNS queries are used to discover information about public server on the internet. All OS includes the tool for DNS queries such as lookup in Windows, Dig and Host in Linux. īŽ These tools query a DNS server for information about specified domain. DNS server respond with internal information such as Server IP address, Email Server, technical contacts etc. An adversary can use this information in phishing or ping attack. Computer Software Security threat 35
  • 36. MiTM attacks īŽ In this attack an adversary captures data from middle of transmission and changes it, then send it again to the destination. Receiving person thinks that this message came from original source. īŽ For example in a share trading company Jack is sending a message to Rick telling him to hold the shares. An adversary intercepts this message in way that it looks like Jack is telling for sell. When Rick receives this message, he will think that Jack is telling for the sell and he will sell the shares. This is known as Man in the middle attack. Computer Software Security threat 36
  • 37. Botnets īŽ Botnets are armies of remote-controlled devices used for the purpose of sending spam (including Phishing scams), propagating malware and launching DDoS attacks. īŽ Botnets are the master-mover of most cyber security threats in terms of the scope of damage they cause in CSP networks across the globe Computer Software Security threat 37
  • 38. 2.6 What is Denial of Service(DOS)? īƒ˜ Denial of service(DOS) is an attack on availability of network resources īƒ˜ Dos attacks can be initiated in many ways, including īŽ Transmission failure īŽ Traffic redirection īŽ DNS attack īŽ Connection flooding 38
  • 39. Connection flooding īŽ Connection flooding attack seeks to negatively affect the availability of a network resource by exhausting or overwhelming the capacity of a communication channel 39
  • 40. Types of connection flooding attacks īŽ There are five main connection flooding attacks. īŽ Echo chargen attack īŽ Ping of death attack īŽ Smuf attack īŽ SYN flood attack īŽ Teardrop attack 40
  • 42. Ping of death attack 42
  • 45. īŽ In SYN flooding attack implementation of three-way handshake of the TCP/IP protocol is exploited īŽ In three-way handshake (1) first the client sends a SYN packet to the server, (2) server then responds with a SYN-ACK. (3) then the client responds to this SYN-ACK and handshake is completed and data transfer starts. In SYN flood attack the attacker does not respond to the 45 SYN flood attack
  • 48. Distributed Denial of Service(DDOS) attack īŽ In a distributed denial of service,an attacker uses any convenient method to distribute a Trojan horse to as many target machines as possible. īŽ After choosing a victim, a signal is transmitted from the attacker to each zombie machine to initiate the attack īŽ The Trojan horse on each machine then launches a denial of service on the target 48
  • 49. Distributed Denial of Service(DDOS) attack 49
  • 50. Intrusion Detection System īŽ It is better to prevent an attack than to detect it after it has already succeeded. īŽ Intrusion detection System is a device that monitors system activities with a view toward detecting malicious and suspicious events. īŽ Intrusion detection system attempt to detect: īŽ Outsiders breaking into a system īŽ Insiders attempting to perform unappropriate actions 50
  • 51. Intrusion detection system methodologies Common terms associated with the use of intrusion detection systems: Anomaly īŽ Refers to abnormal or unusual behavior that is occurring in the network Misuse īŽ Refers to an activity that violets the network or system security policy Intrusion īŽ Refers to a situation the system or network is being misused either by insiders or outsiders Audit īŽ Refers to action of the user or system is evaluated or ananized Profiling īŽ Refers to the process of observing legitimate users or the system in ordrer to establish a model of normanl behavior 51
  • 53. Goals of Intrusion Detection System Intrusion detection systems have two primary goals 1. Detect all attacks correctly īŽ Avoid false positives (false alarm) īŽ Avoid false negatives 2. Monitor systems effectively with minimal overhead and performance degradation 53
  • 54. 2.9 Method-Opportunity-Motive Attackers need MOM Method īŽ Skill, knowledge, tools, etc. with which to attempt an attack Opportunity īŽ Time and access to attempt an attack Motive īŽ A reason to attempt an attack 54
  • 55. īŽWho are your attackers? Everyone!! 55
  • 56. 2.9 Method of defense Six approaches to defense computing system 1. Prevent attack īŽ Block attack/close vulnerability 2. Deter attack īŽ Make attack harder(we can’t make it impossible) 3. Deflect attack īŽ Make another target more attractive than this target 4. Mitigate attack īŽ Make the impact of attack less serve 5 Detect attack īŽ During or after 6. Recover from attack 56
  • 57. Privacy and the Internet īƒ˜ For many people , the Internet represents the greatest threat to the personal privacy. īƒ˜ Internet-based threats to privacy abound, and include:- īŽ Social networks īŽ Online payments īŽ Website registrations īŽ Preference tracking īŽ Targeted advertising īŽ Contests , prizes and special offers īŽ Cookies īŽ Spyware and adware 57
  • 58. Privacy and email īŽ Email messages are highly exposed as the travel across the Internet. Hence represent serous threat to personal privacy. īŽ By default email messages are not encrypted.as such email privacy can be compromised at any point while an email message is in transit. īŽ Email anonymity īŽ Although the name and email address of the sender of an email message can be readily forged, the IP and MAC address of the source are contained in the packet stream. Thus limiting email anonymity 58
  • 59. īŽ To send an email message anonymously, a user may choose to sent a message by way of a remailer īŽ Threats to email privacy include:- īŽ Interception of email messages īŽ Monitoring of email messages 59 Privacy and emailâ€Ļ..
  • 60. Privacy and emerging technologies īŽ The rapid development and adoption of new information and communication technologies implies a need to evaluate and consider those technologies from security perspective. īŽ Emerging technologies with serious privacy implications include: īŽ Radio frequency Identification (RFID) Tags īŽ Small inexpensive devices which of uniquely identifiable from distance īŽ Voice over IP (VoIP) īŽ Electronic voting īŽ Location-based services īŽ Smart phones have gps capabilities 60