2. Points to be covered
Cyber attacks
Vulnerabilities
Defence strategies and Techniques
Authentication methods and Protocols
Defence in depth strategies
3. What is Security?
Protection of assets
Three main Aspects :
◦ Prevention
◦ Detection
◦ Re-action
4.
5. Difference between Traditional
Security and Information Security
Information can be stolen - but you still
have it
Confidential information may be
copied and sold - but the theft might
not be detected
The criminals may be on the other
side of the world
6. Computer Security
Deals with the prevention and
detection of unauthorized actions by
users of a computer system.
Study cyber attacks – with a view of
defending against them.
7. Computer Security in perspective
Information Security
Network Security
System Security
Application Security
Operating system Security
Database Security
Language Security
8. What is Security about (in
technical sense)
(Goals of the hacker/ attacker/
adversary)
Attacks
Vulnerabilities
Defenses
9. Cyber Security
A practice that intends to protect
computers, networks, programs and
data from unintended or unauthorized
access, change or destruction.
Why ???
◦ Everything on web
◦ Major proportions of systems on internet
10.
11. Cyber Attacks
An illegal attempt to expose, alter, disable, destroy,
steal or gain unauthorized access to or make
unauthorized use of an asset.
An attempt to gain something from a computer system.
Attacks : Active or Passive
◦ Active attack: attempts to alter system resources or affect
their operations.
◦ Passive attack: attempts to learn or make use of
information from the system but does not affect system
resources.
12.
13. Some Attack Goals
Theft of sensitive information (example, credit
card information)
Disruption of service (rendering a service
inaccessible or unavailable)
Information Warfare (attacking infrastructure
of an “enemy” country)
Illegal access to or use of resources
(circumventing controls so as to gain
unauthorized access)
18. A few more notable Attacks !!
1988 : Robert Morris, Jr., a 23-yr-old
Cornell graduate student, released a
warm that overran Arpanet,
incapacitating almost 6000 computers,
congesting government and university
system.
He was fined $10,000 and sentenced to
3 years probation.
19. A few more notable Attacks !!
1991 : David L. Smith, 31-yr-old
created the warm “Melissa” which
infected thousands of computers
causing damage of approx. $1.5
billion. This virus sent copies of itself
to the first 50 names of the recipient’s
address book.
He received a 20 months jail term.
20. A few more notable Attacks !!
2001 : “Anna Kournikova” virus.
Promising photos of the tennis star
mailed itself to the every person in the
victim’s address book. Investigators
were apprehensive that the virus was
created with a toolkit enabling the
rookies to create a virus.
21. A few more notable Attacks !!
2008 : The headquarters of the Obama and
McCain presidential campaigns were
hacked.
July 2009: A series of coordinated cyber
attacks against major government, news
media, and financial web sites in South
Korea and the United States.
https://en.wikipedia.org/wiki/List_of_cyberatta
23. “ Once we know our weaknesses, they
cease to do us any harm”
- Georg Christoph
Lichtenberg
24. Vulnerabilities
A vulnerability is a weakness or
lacuna in a policy, procedure, protocol,
hardware or software within an
organization that has the potential to
cause it damage or loss.
25. Vulnerability Types
Human Vulnerabilities
◦ Induced by careless/unthinking human
behaviour
◦ Ex. clicking on a link in an e-mail
message from a questionable source
◦ Related to phishing and cross-site
scripting attacks
26. Vulnerability Types (contd.)
Protocol Vulnerabilities
◦ Attacks on commonly used networking protocols
such as TCP, IP, ARP, ICMP and DNS
◦ Ex. Connection hijacking caused by ARP
spoofing, etc.
◦ Denial of Service Attacks (DoS) which exploit
the 3-way TCP handshake
◦ Pharming attacks exploit vulnerabilities in DNS
27. Vulnerability Types (contd.)
Software Vulnerabilities
◦ Caused by sloppy software
◦ Software may perform as expected under
normal conditions but when provided with a
specific input, it turns malicious
◦ Examples include Buffer Overflow vulnerability,
Cross-site Scripting (XSS) vulnerability and
SQL Injection vulnerability
28. Vulnerability Types (contd.)
Configuration Vulnerabilities
◦ relate to settings on system/application software,
on files, etc.
◦ Read-write-execute (and other) permissions on
files (and other objects) may be too generous.
◦ Privilege level assigned to a process may be
higher than what it should be to carry out a task.
◦ Often lead to “privilege escalation” attacks.
29. Advice to a Security Designer
“ You can’t make something secure if
you don’t know how to break it”
- Marc Weber Tobias
32. Examples of Detection
• Integrity checks on messages, files
– Simple CRC-type checksums not effective for
security applications
– Use of the Message Authentication Code
(MAC)
• Intrusion detection systems based on
– Anomaly detection
– Signature detection