SlideShare a Scribd company logo

Cyber warfare introduction

Download as PPTX, PDF
jagadeesh katla
jagadeesh katla

This document discusses various aspects of cyber warfare and security. It introduces cyber deterrence and its challenges. It then describes components of a reference model for cyber security including surveillance, penetration testing, honey nets, forensics, attribution, monitoring, reconnaissance, scanning, vulnerability analysis and exploitation. For each component, it provides details on the concept and relevant tools. The document aims to provide an overview of the cyber warfare landscape and approaches.

Software
1 of 26
Cyber Warfare Introduction of cyber warfare Jagadeesh katla katla.jagadeesh@outlook.com @Hyntronix
Cyber Deterrence Cyber Deterrence is “to prevent an enemy from conducting future attacks by changing their minds, by attack their technology, or more palpable such as confiscation, termination, incarceration, death or destruction”. Challenges  To inherit difficulty of assigning attribution on the inherit.  To unpredictability of the effects of cyber attacks.  The potential for damage due to counter-realization
Reference Model Surveillance Penetration Testing Integration Advanced Honey nets Forensics Attribution Monitoring Reconnaissance Scanning Vulnerability Analysis Exploitation Data Fusion Meta Model Adapters Knowledge Services Parallel Scanning Botnet Installation DDoS Botnet Operation
Attacker Organization Attack Server Attack Server Control Server Control Server Control Server Control Server Bot Infected PC Bot Infected PC Bot Infected PC Bot Infected PC Bot Infected PC Victim Mode Foreign Govt. Defender
Surveillance  Computer and Network Surveillance is the monitoring of computer Activity and Data Stored on a hard Drive, or Data being Transferred over computer networks such as the internet.  The monitoring is often carried out covertly and may be completed by governments, corporations, criminal organizations, or individuals.  It may or may not be legal and may or may not require authorization from a court or other independent government agencies.
Honey Nets  Two or more Honeypots on a network form a honey net. Typically, a honey net used for monitoring a larger and/or more diverse network in which one honeypot be sufficient.  Honeypot Is a computer security mechanism set to detect, deflect, counteract attempts at unauthorised use of information security.  Honey nets and honeypots are usually implemented as parts of larger network intrusion detection systems.  A honey farm is a centralized collection of honeypots and analysis tools.
Tools for Honey nets High-Interaction Honeypots Honey wall CDROM Sebek Honey Bow High Interaction Honeypot Analysis Toolkit (HIHAT)  Low-Interaction Honeypots Capture-HPC HoneyC  Honeypot Infrastructure Google hack Honeypot Honey mole Honey stick  Data Analysis Honey snap Capture BAT
Forensics  Forensics is methodology of collect, preserve, and analyse scientific evidence during the course of an investigation.  It is mainly two types: * Physical Forensics *Digital Forensics  Physical forensics includes the fingerprints, DNA, or any item in the Physical world  Digital forensics includes the Network, data storage, small devices, computer, or any other digital devices in the electronic world.  Digital forensics commonly consists of 3 stages: acquisition or imaging of exhibits, analysis, and reporting.
General rules of Digital forensics  Never mishandle and never work with the original evidence.  Never trust the operating system and the original evidence device.  Document everything in the every step of the forensics phase.  Preserve the evidence for next stage usage. Tools of Digital Forensics Digital forensics framework (DFF) SANS SIFT Wireshark The sleuth Kit (+Autopsy) EnCase FTK Imager Volatility Magic Tree COFEE CAINE Xplico DEFT HELIX3
Attribution  Attribution is fundamental, In the computer network intrusions, attribution is commonly seen as one of the most intractable technical problems. As either solvable or not solvable, and as dependent mainly on the available forensic evidence.  Cyber attribution is the attempt to track and lay blame on the perpetrator of a cyber attack or hacking exploit.  The attribution problem is the idea the identifying the source of a cyber attack or cyber crime is often complicated and difficult because there is no physical act to observe and attackers can use digital tools to extensively cover their tracks
Monitoring  The monitoring is the supervising activities in progress to ensure they are on-cource and on-schedule in meeting the objectives and predominance targets.  The computer monitoring use for the Device, network, web, or any other digital device controlling, analysing, and supervise the activities of program. It is useful for computer administrators, auditors, and investigators, and security engineers.  Some of popular monitoring tools are: Nagios Zabbix PRTG SAM WebWatcher OP5 Zenose Core Open Nms Munin
Penetration Testing  It is a type of security testing that is used to test the insecurity of an application.  It is conducted to find the security risk which might be present in the system.  It is normally evaluates a system’s ability to protect its networks, applications, endpoints and users from external or internal threats.  It is also attempts to protect the security controls and ensures the only authorised access.  It has just seven steps:
 Planning and preparation  Reconnaissance  Discovery  Analysing Information and risks  Active Intrusion attempts  Final Analysis  Report Preparation  Penetration testing replicates the actions of an external or/and internal cyber attacker/s that is intended to break the information security and hack the valuable data or disrupt the normal functioning of the organization.
Reconnaissance It is a preparation phase of attacker gather the Information about the target. Commonly have seen steps listed below:  Gather Initial Information  Determine the network range  Identify active machines  Discover open ports and access points  Fingerprint the operating System  Uncover services on ports  Map the network
Foot printing It is a part of reconnaissance process which is used for gathering possible information about a target computer system or network. During this phase, a hacker can collect the following information: Domain name IP Addresses Namespaces Employee information Phone numbers E-mails Job Information
Scanning  Scanning is useful for attack gather Information and vulnerability Information.  Scanning is the act of sending networking traffic to host. The goal is to get Response back that tell details about the network.  Goals of scanning : * live host details * services details * Port Details * Protocols * os and application versions etc..  Scanning can be performed over any network connection.  Targets are network devices and hosts etc…  Goals are gather port, protocols, server, banner etc…
Scanning techniques  TCP Scan  ICMP Scan  UDP Scan  Mitigating Scans  Mitigation Scans Fingerprinting  Port Scanning  Ping Sweep  DNS Enumeration  OS Enumeration  Network Enumeration
Scanning Structure Server Firewall Router Internet Wireless MAIL WEB FTP PROXY DNS Switch HUB
Tools of Reconnaissance and Scanning  Nmap / Zenmap  Scanrand  Paratrace  Wireshark  Recon-ng  Super Scan  Ping / hping  Shodan search engine  Traceroute..etc
Vulnerability Analysis  Also know as Vulnerability assessment , is a process that defines, identifies, and classifies the security holes(vulnerabilities) in a computer, network, or communication infrastructure.  Vulnerability analysis can forecast the effectiveness of proposed countermeasures and evaluate their actual effectiveness after they are put into use.  It has several steps such as define and classifying network or system resource, assigning relative levels of importance to the resource, developing a strategy to deal with the most serious potential problems first , and Defining and implementing ways to minimize the consequence if an attack occurs.
Usefulness of data to attacker Interaction with target chance of detection OSINT, Passive Reconnaissance Infra Structure, Host detection, port scanner OS, Service, application, protocols Vulnerability scanning
Vulnerability Assessment Tools  OpenVas  Nexpose Community  Metasploit framework  Retina CS community  Burp Suite  Nikto  OWASP Zen Attack Proxy (ZAP)  Clair  Moloch
Exploitation  In Computing, an exploit is an attack on a computer system, especially one that takes advantage of a particular vulnerability that the system offers to intruders.  A remote exploit works over a network and exploits the security vulnerability without any prior access to the vulnerable system.  A local exploit requires prior access to the vulnerable system and usually increases the privileges of the person running the exploit past those granted by the system administrator.  Many exploits are designed to provide super user-level access to a computer system.
Some types of Exploits  Arbitary Code Execution  Buffer Overflow  Code Injection  Heap Spraying  Cross-side scripting  HTTP header injection  HTTP request smuggling  DNS Rebinding  Clickjacking  Cross-side request forgery (CSRF)  Ip spoofingEavesdropping  DoS  IP spoofing
Exploitation tools  Social Engineering Tool Kit (SET)  Meta sploit Framework  Exploit-db  Jboss-autopwn  Opensvp  Ptf  Sqlmap  Sql ninja  Sqlsus  Zarp  Cisco-torch  Armitage  Wireshark  Acunetix  Burp suite  BeEF
Thank You **Not completed another two parts of reference model

Recommended

Cyber warfare an architecture for deterrence
Cyber warfare an architecture for deterrenceCyber warfare an architecture for deterrence
Cyber warfare an architecture for deterrence
Bikrant Gautam
 
Cyber Warfare vs. Hacking (in English)
Cyber Warfare vs. Hacking (in English)Cyber Warfare vs. Hacking (in English)
Cyber Warfare vs. Hacking (in English)
Digicomp Academy AG
 
Cyber Warfare - Jamie Reece Moore
Cyber Warfare - Jamie Reece MooreCyber Warfare - Jamie Reece Moore
Cyber Warfare - Jamie Reece Moore
Jamie Moore
 
Cyberwarfare
CyberwarfareCyberwarfare
Cyberwarfare
Space Defense Newsletter
 
Cyber warfare ss
Cyber warfare ssCyber warfare ss
Cyber warfare ss
Maira Asif
 
Insa cyber intelligence 2011
Insa cyber intelligence 2011Insa cyber intelligence 2011
Insa cyber intelligence 2011
Mousselmal Tarik
 
Cyber war or business as usual
Cyber war or business as usualCyber war or business as usual
Cyber war or business as usual
EnclaveSecurity
 
Cyber-what?
Cyber-what?Cyber-what?
Cyber-what?
Enrique J Cordero
 

Recommended

Cyber warfare an architecture for deterrence
Cyber warfare an architecture for deterrenceCyber warfare an architecture for deterrence
Cyber warfare an architecture for deterrence
Bikrant Gautam
 
Cyber Warfare vs. Hacking (in English)
Cyber Warfare vs. Hacking (in English)Cyber Warfare vs. Hacking (in English)
Cyber Warfare vs. Hacking (in English)
Digicomp Academy AG
 
Cyber Warfare - Jamie Reece Moore
Cyber Warfare - Jamie Reece MooreCyber Warfare - Jamie Reece Moore
Cyber Warfare - Jamie Reece Moore
Jamie Moore
 
Cyberwarfare
CyberwarfareCyberwarfare
Cyberwarfare
Space Defense Newsletter
 
Cyber warfare ss
Cyber warfare ssCyber warfare ss
Cyber warfare ss
Maira Asif
 
Insa cyber intelligence 2011
Insa cyber intelligence 2011Insa cyber intelligence 2011
Insa cyber intelligence 2011
Mousselmal Tarik
 
Cyber war or business as usual
Cyber war or business as usualCyber war or business as usual
Cyber war or business as usual
EnclaveSecurity
 
Cyber-what?
Cyber-what?Cyber-what?
Cyber-what?
Enrique J Cordero
 
About cyber war
About cyber warAbout cyber war
About cyber war
eugenvaleriu
 
Cyber espionage - Tinker, taylor, soldier, spy
Cyber espionage - Tinker, taylor, soldier, spyCyber espionage - Tinker, taylor, soldier, spy
Cyber espionage - Tinker, taylor, soldier, spy
b coatesworth
 
The Sweet Spot of Cyber Intelligence
The Sweet Spot of Cyber IntelligenceThe Sweet Spot of Cyber Intelligence
The Sweet Spot of Cyber Intelligence
Tieu Luu
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
frcarlson
 
The Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving Theatre
The Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving TheatreThe Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving Theatre
The Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving Theatre
Radware
 
CYBERWAR: THE NEXT THREAT TO NATIONAL SECURITY
CYBERWAR: THE NEXT THREAT TO NATIONAL SECURITYCYBERWAR: THE NEXT THREAT TO NATIONAL SECURITY
CYBERWAR: THE NEXT THREAT TO NATIONAL SECURITY
Talwant Singh
 
Cyber war a threat to indias homeland security 2015
Cyber war a threat to indias homeland security 2015Cyber war a threat to indias homeland security 2015
Cyber war a threat to indias homeland security 2015
Ajay Serohi
 
Francesca Bosco, Le nuove sfide della cyber security
Francesca Bosco, Le nuove sfide della cyber securityFrancesca Bosco, Le nuove sfide della cyber security
Francesca Bosco, Le nuove sfide della cyber security
Andrea Rossetti
 
Honeypots and honeynets
Honeypots and honeynetsHoneypots and honeynets
Honeypots and honeynets
Rasool Irfan
 
Global Cyber Threat Intelligence
Global Cyber Threat IntelligenceGlobal Cyber Threat Intelligence
Global Cyber Threat Intelligence
NTT Innovation Institute Inc.
 
The Evolving Landscape on Information Security
The Evolving Landscape on Information SecurityThe Evolving Landscape on Information Security
The Evolving Landscape on Information Security
Simoun Ung
 
Hackers
HackersHackers
Hackers
post_it
 
Mark Arena - Cyber Threat Intelligence #uisgcon9
Mark Arena - Cyber Threat Intelligence #uisgcon9Mark Arena - Cyber Threat Intelligence #uisgcon9
Mark Arena - Cyber Threat Intelligence #uisgcon9
UISGCON
 
Network security
Network securityNetwork security
Network security
Jaydeep Patel
 
Cyberterrorism
CyberterrorismCyberterrorism
Cyberterrorism
Gohar Sokhakyan
 
Sans cyber-threat-intelligence-survey-2015
Sans cyber-threat-intelligence-survey-2015Sans cyber-threat-intelligence-survey-2015
Sans cyber-threat-intelligence-survey-2015
Roy Ramkrishna
 
Law Enforcement Cyber Incident Reporting
Law Enforcement Cyber Incident Reporting Law Enforcement Cyber Incident Reporting
Law Enforcement Cyber Incident Reporting
David Sweigert
 
Cyberwar threat to national security
Cyberwar threat to national securityCyberwar threat to national security
Cyberwar threat to national security
Talwant Singh
 
Event: George Washington University -- National Security Threat Convergence: ...
Event: George Washington University -- National Security Threat Convergence: ...Event: George Washington University -- National Security Threat Convergence: ...
Event: George Washington University -- National Security Threat Convergence: ...
Chuck Brooks
 
Hacking and Types of Hacker.
Hacking and Types of Hacker.Hacking and Types of Hacker.
Hacking and Types of Hacker.
Coder Tech
 
NetWitness
NetWitnessNetWitness
NetWitness
TechBiz Forense Digital
 
Penetration testing
Penetration testing Penetration testing
Penetration testing
PTC
 

More Related Content

What's hot

The Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving Theatre
The Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving TheatreThe Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving Theatre
The Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving Theatre
Radware
 
Francesca Bosco, Le nuove sfide della cyber security
Francesca Bosco, Le nuove sfide della cyber securityFrancesca Bosco, Le nuove sfide della cyber security
Francesca Bosco, Le nuove sfide della cyber security
Andrea Rossetti
 
Mark Arena - Cyber Threat Intelligence #uisgcon9
Mark Arena - Cyber Threat Intelligence #uisgcon9Mark Arena - Cyber Threat Intelligence #uisgcon9
Mark Arena - Cyber Threat Intelligence #uisgcon9
UISGCON
 
Cyberwar threat to national security
Cyberwar threat to national securityCyberwar threat to national security
Cyberwar threat to national security
Talwant Singh
 

What's hot (20)

About cyber war
About cyber warAbout cyber war
About cyber war
 
Cyber espionage - Tinker, taylor, soldier, spy
Cyber espionage - Tinker, taylor, soldier, spyCyber espionage - Tinker, taylor, soldier, spy
Cyber espionage - Tinker, taylor, soldier, spy
 
The Sweet Spot of Cyber Intelligence
The Sweet Spot of Cyber IntelligenceThe Sweet Spot of Cyber Intelligence
The Sweet Spot of Cyber Intelligence
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
The Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving Theatre
The Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving TheatreThe Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving Theatre
The Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving Theatre
 
CYBERWAR: THE NEXT THREAT TO NATIONAL SECURITY
CYBERWAR: THE NEXT THREAT TO NATIONAL SECURITYCYBERWAR: THE NEXT THREAT TO NATIONAL SECURITY
CYBERWAR: THE NEXT THREAT TO NATIONAL SECURITY
 
Cyber war a threat to indias homeland security 2015
Cyber war a threat to indias homeland security 2015Cyber war a threat to indias homeland security 2015
Cyber war a threat to indias homeland security 2015
 
Francesca Bosco, Le nuove sfide della cyber security
Francesca Bosco, Le nuove sfide della cyber securityFrancesca Bosco, Le nuove sfide della cyber security
Francesca Bosco, Le nuove sfide della cyber security
 
Honeypots and honeynets
Honeypots and honeynetsHoneypots and honeynets
Honeypots and honeynets
 
Global Cyber Threat Intelligence
Global Cyber Threat IntelligenceGlobal Cyber Threat Intelligence
Global Cyber Threat Intelligence
 
The Evolving Landscape on Information Security
The Evolving Landscape on Information SecurityThe Evolving Landscape on Information Security
The Evolving Landscape on Information Security
 
Hackers
HackersHackers
Hackers
 
Mark Arena - Cyber Threat Intelligence #uisgcon9
Mark Arena - Cyber Threat Intelligence #uisgcon9Mark Arena - Cyber Threat Intelligence #uisgcon9
Mark Arena - Cyber Threat Intelligence #uisgcon9
 
Network security
Network securityNetwork security
Network security
 
Cyberterrorism
CyberterrorismCyberterrorism
Cyberterrorism
 
Sans cyber-threat-intelligence-survey-2015
Sans cyber-threat-intelligence-survey-2015Sans cyber-threat-intelligence-survey-2015
Sans cyber-threat-intelligence-survey-2015
 
Law Enforcement Cyber Incident Reporting
Law Enforcement Cyber Incident Reporting Law Enforcement Cyber Incident Reporting
Law Enforcement Cyber Incident Reporting
 
Cyberwar threat to national security
Cyberwar threat to national securityCyberwar threat to national security
Cyberwar threat to national security
 
Event: George Washington University -- National Security Threat Convergence: ...
Event: George Washington University -- National Security Threat Convergence: ...Event: George Washington University -- National Security Threat Convergence: ...
Event: George Washington University -- National Security Threat Convergence: ...
 
Hacking and Types of Hacker.
Hacking and Types of Hacker.Hacking and Types of Hacker.
Hacking and Types of Hacker.
 

Similar to Cyber warfare introduction

Penetration testing
Penetration testing Penetration testing
Penetration testing
PTC
 
Running Head Security Assessment Repot (SAR) .docx
Running Head Security Assessment Repot (SAR) .docxRunning Head Security Assessment Repot (SAR) .docx
Running Head Security Assessment Repot (SAR) .docx
SUBHI7
 
4777.team c.final
4777.team c.final4777.team c.final
4777.team c.final
AlexisHarvey8
 
Intrusion_Detection_By_loay_elbasyouni
Intrusion_Detection_By_loay_elbasyouniIntrusion_Detection_By_loay_elbasyouni
Intrusion_Detection_By_loay_elbasyouni
Loay Elbasyouni
 
IDS+Honeypots Making Security Simple
IDS+Honeypots Making Security SimpleIDS+Honeypots Making Security Simple
IDS+Honeypots Making Security Simple
Gregory Hanis
 
Survey on classification techniques for intrusion detection
Survey on classification techniques for intrusion detectionSurvey on classification techniques for intrusion detection
Survey on classification techniques for intrusion detection
csandit
 

Similar to Cyber warfare introduction (20)

NetWitness
NetWitnessNetWitness
NetWitness
 
Penetration testing
Penetration testing Penetration testing
Penetration testing
 
Understanding Intrusion Detection & Prevention Systems (1).pptx
Understanding Intrusion Detection & Prevention Systems (1).pptxUnderstanding Intrusion Detection & Prevention Systems (1).pptx
Understanding Intrusion Detection & Prevention Systems (1).pptx
 
Network and web security
Network and web securityNetwork and web security
Network and web security
 
Incident handling is a clearly defined set of procedures to manage and respon...
Incident handling is a clearly defined set of procedures to manage and respon...Incident handling is a clearly defined set of procedures to manage and respon...
Incident handling is a clearly defined set of procedures to manage and respon...
 
Ethical hacking/ Penetration Testing
Ethical hacking/ Penetration TestingEthical hacking/ Penetration Testing
Ethical hacking/ Penetration Testing
 
Running Head Security Assessment Repot (SAR) .docx
Running Head Security Assessment Repot (SAR) .docxRunning Head Security Assessment Repot (SAR) .docx
Running Head Security Assessment Repot (SAR) .docx
 
Final project.ppt
Final project.pptFinal project.ppt
Final project.ppt
 
Introduction To Ethical Hacking
Introduction To Ethical HackingIntroduction To Ethical Hacking
Introduction To Ethical Hacking
 
4777.team c.final
4777.team c.final4777.team c.final
4777.team c.final
 
How to protect your corporate from advanced attacks
How to protect your corporate from advanced attacksHow to protect your corporate from advanced attacks
How to protect your corporate from advanced attacks
 
Intrusion_Detection_By_loay_elbasyouni
Intrusion_Detection_By_loay_elbasyouniIntrusion_Detection_By_loay_elbasyouni
Intrusion_Detection_By_loay_elbasyouni
 
Network Forensics
Network ForensicsNetwork Forensics
Network Forensics
 
Basic Dynamic Analysis of Malware
Basic Dynamic Analysis of MalwareBasic Dynamic Analysis of Malware
Basic Dynamic Analysis of Malware
 
Hacking
HackingHacking
Hacking
 
Hacking
HackingHacking
Hacking
 
Data Mining and Intrusion Detection
Data Mining and Intrusion Detection Data Mining and Intrusion Detection
Data Mining and Intrusion Detection
 
IDS+Honeypots Making Security Simple
IDS+Honeypots Making Security SimpleIDS+Honeypots Making Security Simple
IDS+Honeypots Making Security Simple
 
Survey on classification techniques for intrusion detection
Survey on classification techniques for intrusion detectionSurvey on classification techniques for intrusion detection
Survey on classification techniques for intrusion detection
 
Internship ankita jain
Internship ankita jainInternship ankita jain
Internship ankita jain
 

Recently uploaded

AI & Machine Learning Presentation Template
AI & Machine Learning Presentation TemplateAI & Machine Learning Presentation Template
AI & Machine Learning Presentation Template
Presentation.STUDIO
 
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
Medical / Health Care (+971588192166) Mifepristone and Misoprostol tablets 200mg
 

Recently uploaded (20)

WSO2CON2024 - It's time to go Platformless
WSO2CON2024 - It's time to go PlatformlessWSO2CON2024 - It's time to go Platformless
WSO2CON2024 - It's time to go Platformless
 
WSO2Con2024 - Hello Choreo Presentation - Kanchana
WSO2Con2024 - Hello Choreo Presentation - KanchanaWSO2Con2024 - Hello Choreo Presentation - Kanchana
WSO2Con2024 - Hello Choreo Presentation - Kanchana
 
Announcing Codolex 2.0 from GDK Software
Announcing Codolex 2.0 from GDK SoftwareAnnouncing Codolex 2.0 from GDK Software
Announcing Codolex 2.0 from GDK Software
 
WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...
WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...
WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...
 
WSO2Con2024 - Unleashing the Financial Potential of 13 Million People
WSO2Con2024 - Unleashing the Financial Potential of 13 Million PeopleWSO2Con2024 - Unleashing the Financial Potential of 13 Million People
WSO2Con2024 - Unleashing the Financial Potential of 13 Million People
 
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
 
WSO2Con2024 - Facilitating Broadband Switching Services for UK Telecoms Provi...
WSO2Con2024 - Facilitating Broadband Switching Services for UK Telecoms Provi...WSO2Con2024 - Facilitating Broadband Switching Services for UK Telecoms Provi...
WSO2Con2024 - Facilitating Broadband Switching Services for UK Telecoms Provi...
 
AI & Machine Learning Presentation Template
AI & Machine Learning Presentation TemplateAI & Machine Learning Presentation Template
AI & Machine Learning Presentation Template
 
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open SourceWSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
 
WSO2Con2024 - Enabling Transactional System's Exponential Growth With Simplicity
WSO2Con2024 - Enabling Transactional System's Exponential Growth With SimplicityWSO2Con2024 - Enabling Transactional System's Exponential Growth With Simplicity
WSO2Con2024 - Enabling Transactional System's Exponential Growth With Simplicity
 
WSO2CON 2024 - Architecting AI in the Enterprise: APIs and Applications
WSO2CON 2024 - Architecting AI in the Enterprise: APIs and ApplicationsWSO2CON 2024 - Architecting AI in the Enterprise: APIs and Applications
WSO2CON 2024 - Architecting AI in the Enterprise: APIs and Applications
 
WSO2Con2024 - Organization Management: The Revolution in B2B CIAM
WSO2Con2024 - Organization Management: The Revolution in B2B CIAMWSO2Con2024 - Organization Management: The Revolution in B2B CIAM
WSO2Con2024 - Organization Management: The Revolution in B2B CIAM
 
WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?
 
Artyushina_Guest lecture_YorkU CS May 2024.pptx
Artyushina_Guest lecture_YorkU CS May 2024.pptxArtyushina_Guest lecture_YorkU CS May 2024.pptx
Artyushina_Guest lecture_YorkU CS May 2024.pptx
 
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital TransformationWSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
 
WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...
WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...
WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...
 
WSO2Con2024 - Navigating the Digital Landscape: Transforming Healthcare with ...
WSO2Con2024 - Navigating the Digital Landscape: Transforming Healthcare with ...WSO2Con2024 - Navigating the Digital Landscape: Transforming Healthcare with ...
WSO2Con2024 - Navigating the Digital Landscape: Transforming Healthcare with ...
 
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension AidDirect Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
 
WSO2Con2024 - Software Delivery in Hybrid Environments
WSO2Con2024 - Software Delivery in Hybrid EnvironmentsWSO2Con2024 - Software Delivery in Hybrid Environments
WSO2Con2024 - Software Delivery in Hybrid Environments
 
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
 

Cyber warfare introduction

  • 1. Cyber Warfare Introduction of cyber warfare Jagadeesh katla katla.jagadeesh@outlook.com @Hyntronix
  • 2. Cyber Deterrence Cyber Deterrence is “to prevent an enemy from conducting future attacks by changing their minds, by attack their technology, or more palpable such as confiscation, termination, incarceration, death or destruction”. Challenges  To inherit difficulty of assigning attribution on the inherit.  To unpredictability of the effects of cyber attacks.  The potential for damage due to counter-realization
  • 3. Reference Model Surveillance Penetration Testing Integration Advanced Honey nets Forensics Attribution Monitoring Reconnaissance Scanning Vulnerability Analysis Exploitation Data Fusion Meta Model Adapters Knowledge Services Parallel Scanning Botnet Installation DDoS Botnet Operation
  • 4. Attacker Organization Attack Server Attack Server Control Server Control Server Control Server Control Server Bot Infected PC Bot Infected PC Bot Infected PC Bot Infected PC Bot Infected PC Victim Mode Foreign Govt. Defender
  • 5. Surveillance  Computer and Network Surveillance is the monitoring of computer Activity and Data Stored on a hard Drive, or Data being Transferred over computer networks such as the internet.  The monitoring is often carried out covertly and may be completed by governments, corporations, criminal organizations, or individuals.  It may or may not be legal and may or may not require authorization from a court or other independent government agencies.
  • 6. Honey Nets  Two or more Honeypots on a network form a honey net. Typically, a honey net used for monitoring a larger and/or more diverse network in which one honeypot be sufficient.  Honeypot Is a computer security mechanism set to detect, deflect, counteract attempts at unauthorised use of information security.  Honey nets and honeypots are usually implemented as parts of larger network intrusion detection systems.  A honey farm is a centralized collection of honeypots and analysis tools.
  • 7. Tools for Honey nets High-Interaction Honeypots Honey wall CDROM Sebek Honey Bow High Interaction Honeypot Analysis Toolkit (HIHAT)  Low-Interaction Honeypots Capture-HPC HoneyC  Honeypot Infrastructure Google hack Honeypot Honey mole Honey stick  Data Analysis Honey snap Capture BAT
  • 8. Forensics  Forensics is methodology of collect, preserve, and analyse scientific evidence during the course of an investigation.  It is mainly two types: * Physical Forensics *Digital Forensics  Physical forensics includes the fingerprints, DNA, or any item in the Physical world  Digital forensics includes the Network, data storage, small devices, computer, or any other digital devices in the electronic world.  Digital forensics commonly consists of 3 stages: acquisition or imaging of exhibits, analysis, and reporting.
  • 9. General rules of Digital forensics  Never mishandle and never work with the original evidence.  Never trust the operating system and the original evidence device.  Document everything in the every step of the forensics phase.  Preserve the evidence for next stage usage. Tools of Digital Forensics Digital forensics framework (DFF) SANS SIFT Wireshark The sleuth Kit (+Autopsy) EnCase FTK Imager Volatility Magic Tree COFEE CAINE Xplico DEFT HELIX3
  • 10. Attribution  Attribution is fundamental, In the computer network intrusions, attribution is commonly seen as one of the most intractable technical problems. As either solvable or not solvable, and as dependent mainly on the available forensic evidence.  Cyber attribution is the attempt to track and lay blame on the perpetrator of a cyber attack or hacking exploit.  The attribution problem is the idea the identifying the source of a cyber attack or cyber crime is often complicated and difficult because there is no physical act to observe and attackers can use digital tools to extensively cover their tracks
  • 11. Monitoring  The monitoring is the supervising activities in progress to ensure they are on-cource and on-schedule in meeting the objectives and predominance targets.  The computer monitoring use for the Device, network, web, or any other digital device controlling, analysing, and supervise the activities of program. It is useful for computer administrators, auditors, and investigators, and security engineers.  Some of popular monitoring tools are: Nagios Zabbix PRTG SAM WebWatcher OP5 Zenose Core Open Nms Munin
  • 12. Penetration Testing  It is a type of security testing that is used to test the insecurity of an application.  It is conducted to find the security risk which might be present in the system.  It is normally evaluates a system’s ability to protect its networks, applications, endpoints and users from external or internal threats.  It is also attempts to protect the security controls and ensures the only authorised access.  It has just seven steps:
  • 13.  Planning and preparation  Reconnaissance  Discovery  Analysing Information and risks  Active Intrusion attempts  Final Analysis  Report Preparation  Penetration testing replicates the actions of an external or/and internal cyber attacker/s that is intended to break the information security and hack the valuable data or disrupt the normal functioning of the organization.
  • 14. Reconnaissance It is a preparation phase of attacker gather the Information about the target. Commonly have seen steps listed below:  Gather Initial Information  Determine the network range  Identify active machines  Discover open ports and access points  Fingerprint the operating System  Uncover services on ports  Map the network
  • 15. Foot printing It is a part of reconnaissance process which is used for gathering possible information about a target computer system or network. During this phase, a hacker can collect the following information: Domain name IP Addresses Namespaces Employee information Phone numbers E-mails Job Information
  • 16. Scanning  Scanning is useful for attack gather Information and vulnerability Information.  Scanning is the act of sending networking traffic to host. The goal is to get Response back that tell details about the network.  Goals of scanning : * live host details * services details * Port Details * Protocols * os and application versions etc..  Scanning can be performed over any network connection.  Targets are network devices and hosts etc…  Goals are gather port, protocols, server, banner etc…
  • 17. Scanning techniques  TCP Scan  ICMP Scan  UDP Scan  Mitigating Scans  Mitigation Scans Fingerprinting  Port Scanning  Ping Sweep  DNS Enumeration  OS Enumeration  Network Enumeration
  • 19. Tools of Reconnaissance and Scanning  Nmap / Zenmap  Scanrand  Paratrace  Wireshark  Recon-ng  Super Scan  Ping / hping  Shodan search engine  Traceroute..etc
  • 20. Vulnerability Analysis  Also know as Vulnerability assessment , is a process that defines, identifies, and classifies the security holes(vulnerabilities) in a computer, network, or communication infrastructure.  Vulnerability analysis can forecast the effectiveness of proposed countermeasures and evaluate their actual effectiveness after they are put into use.  It has several steps such as define and classifying network or system resource, assigning relative levels of importance to the resource, developing a strategy to deal with the most serious potential problems first , and Defining and implementing ways to minimize the consequence if an attack occurs.
  • 21. Usefulness of data to attacker Interaction with target chance of detection OSINT, Passive Reconnaissance Infra Structure, Host detection, port scanner OS, Service, application, protocols Vulnerability scanning
  • 22. Vulnerability Assessment Tools  OpenVas  Nexpose Community  Metasploit framework  Retina CS community  Burp Suite  Nikto  OWASP Zen Attack Proxy (ZAP)  Clair  Moloch
  • 23. Exploitation  In Computing, an exploit is an attack on a computer system, especially one that takes advantage of a particular vulnerability that the system offers to intruders.  A remote exploit works over a network and exploits the security vulnerability without any prior access to the vulnerable system.  A local exploit requires prior access to the vulnerable system and usually increases the privileges of the person running the exploit past those granted by the system administrator.  Many exploits are designed to provide super user-level access to a computer system.
  • 24. Some types of Exploits  Arbitary Code Execution  Buffer Overflow  Code Injection  Heap Spraying  Cross-side scripting  HTTP header injection  HTTP request smuggling  DNS Rebinding  Clickjacking  Cross-side request forgery (CSRF)  Ip spoofingEavesdropping  DoS  IP spoofing
  • 25. Exploitation tools  Social Engineering Tool Kit (SET)  Meta sploit Framework  Exploit-db  Jboss-autopwn  Opensvp  Ptf  Sqlmap  Sql ninja  Sqlsus  Zarp  Cisco-torch  Armitage  Wireshark  Acunetix  Burp suite  BeEF
  • 26. Thank You **Not completed another two parts of reference model