We think you have liked this presentation. If you wish to download it, please recommend it to your friends in any social system. Share buttons are a little bit lower. Thank you!
Presentation is loading. Please wait.
Published byTre Rendell
Modified about 1 year ago
Sam Skalicky Biru Cui
Discovery Architecture Evaluation Conclusion
VirusBlokAda Zero-day Microsoft Stuxnet <=.stub + MrxNet.sys Symantec
Organization Installation Propagation Target & Process
Organization Exports Resources Configuration
Installation E 15: environment scan, escalation E 16: copy, hide, autorun (certificate)
Propagation WinCC SQL P2P RPC Printer spooler Removable disk .lnk, ~WTR4141.tmp, ~WTR4132.tmp Autorun.inf
Target Step 7 (E2/E14) PLC Data Blocks (DB) System Data Blocks (SDB) Organization Blocks (OB) Function Blocks (FC)
Process Broker FC: RECV OB1/OB35
Process Profibus ID CP Frequency converter
Process 1.41kHz 1.064kHz 2Hz
Complex code size propagation methods zero-day exploit certificate steal specific target Step/PLC/FC
Very small risk to the majority of users Worm was target so specifically Modifying large spinning motors to fail Shorting out Overheat Disengage from their mounting Consumes disk space (500KB) New type of worm detected
W32.Duqu, a new beginning?
 “Frequently Asked Questions on Virus-L/comp.virus.” Internet: http://www.faqs.org/faqs/computer-virus/faq/, Oct. 9, 1995 [Jan. 7, 2012].http://www.faqs.org/faqs/computer-virus/faq/  “MS10-061: Printer Spooler Vulnerability.” Internet: http://blogs.technet.com/b/srd/archive/2010/09/14/ms1 0-061-printer-spooler-vulnerability.aspx, Sept. 14, 2010 [Jan. 7, 2012]. http://blogs.technet.com/b/srd/archive/2010/09/14/ms1 0-061-printer-spooler-vulnerability.aspx  Nicolas Falliere, Liam O Murchu, and Eric Chien, “W32.Stuxnet” Synmatec, November 2010.  K. Zetter, “How Digital Detectives Deciphered Stuxnet, the Most Menacing Malware in History,” Internet: http://www.wired.com/threatlevel/2011/07/how-digital- detectives-deciphered-stuxnet/all/1, July 11, 2011 http://www.wired.com/threatlevel/2011/07/how-digital- detectives-deciphered-stuxnet/all/1
Function [C]=cholesky(A) [n,m]=size(A); C=zeros(n,n); if (A(1,1)<%eps) then error('racine d un nombre negatif'); end C(1,1)=sqrt(A(1,1)); C(2:n,1)=A(2:n,1)/C(1,1);
History The worm was at first identified by the security company VirusBlokAda in mid-June Journalist Brian Krebs's blog posting on 15 July 2010.
Rules of Exponents In this lesson, you will be able to simplify expressions involving zero and negative exponents.
How Stuxnet changed the landscape for plant engineers Richard Trout, Director for Client Solutions, Trout I.T.
Slope Intercept Form Y = m x + b m is the slope of the line. b is the y-intercept. Given the following equation, identify the slope and y intercept.
©2012 Microsoft Corporation. All rights reserved..
©2012 Microsoft Corporation. All rights reserved. Content based on SharePoint 15 Technical Preview and published July 2012.
Privilege Escalation Two case studies. Privilege Escalation To better understand how privilege escalation can work, we will look at two relatively recent.
Making Inferences Drawing conclusions from two premises: When it rains, the grass gets wet. The grass is wet. Can we assume that it rained? Can we jump.
Sam Griffen Pictures Never Lie. References
School of Engineering & Technology Computer Architecture Pipeline.
DIVISION PROPERTIES OF EXPONENTS Section Topic Focus I can divide monomials using the properties of exponents I can simplify expressions containing.
Rounding and Estimating LESSON 17POWER UP DPAGE 108.
# of people per square kilometer # of assaults SCATTERPLOT OF ASSAULTS BY # OF PEOPLE PER SQUARE KILOMETER.
(2 x 1) x 4 = 2 x (1 x 4) Associative Property of Multiplication 1.
AES Side Channel Attacks Biru Cui Sam Skalicky. Outline AES algorithm Side channel attacks Side channel attack against AES Cache-collision timing attack.
1 Service Architecture Design for Converged Networks Blue Team Pete Broadwell, Weidong Cui, Yitao Duan, Ling Huang, Thinh Nguyen CS294-3 Spring 2002.
Bluetooth – an Enabler for Personal Area Networking 報告人：古建華 學號：
MUAC ≥120mm AS A SIMPLE, SAFE AND EFFECTIVE DISCHARGE CRITERIA FOR SAM IN BIHAR, INDIA MSF SPAIN.
The Writing Process 1.) Outline 2.) Introduction 3.) Body 4.) Conclusion 5.) Proof Read.
I can identify and use the properties of real numbers.
Microsoft Learning Paths Microsoft Azure Architect Training Requirements.
NEXT GENERATION ATTACKS & EXPLOIT MITIGATIONS TECHNIQUES ID No: 1071 Name: Karthik GK ID: College: Sathyabama university.
Managing Software Development With Microsoft ® Project 2000 And Team Folders Sam Brooks
A sophisticated Malware Arpit Singh CPSC 420
OPERATIONAL METADATA FOR FEDERATING STATISTICAL REFERENCE SYSTEMS AT EUROSTAT G. Pongas, F. Vernadat EC Eurostat B2.
How a presumably military grade malware sabotaged the Iranian nuclear program W32.Stuxnet Presenter: Dolev Farhi |
Nested Statements Excel Discovery By Sam Griffiths.
Microsoft Operations Manager Presented by: Alen Plicanic.
The KITE geometry manipulator Slava Pranovich TU/e Dept. Math. and Computer Science.
Class of 2009 The term "measures of central tendency" is a fancy name for mean, median and mode (Schultzkie, 2007). Mean: Average. The sum.
PRINCIPLES OF TECHNOLOGY 1 Final Exam Project!!!!.
Week 2: 9/3 – 9/6. Learning Target: Conversion & measurement practice (Finish) Complete STEM survey Get Engineering Notebooks & Binders set up.
Activity Monitoring Tool MIS 2008/2009 Software Project - Group 1 1/4 Architecture Technical Manager.
Solve by Factoring Zero Product Property. Solve by Factoring Example 1 Example 2.
Dr Simon Skalicky FRANZCO Glaucoma Subspecialist Royal Victorian Eye and Ear Hospital Clinical Senior Lecturer, University of Melbourne Clinical Senior.
EISA (Enterprise Information Security Architecture) - detailed description of security processes and procedures to develop compliance with strategic goals.
Flame: Modern Warfare Matthew Stratton. What is Flame? How it was found What are its capabilities How it is similar to Stuxnet and Duqu Implications.
1. Warm-Up 3/31 C. Rigor: You will learn how to solve polynomial inequalities and rational inequalities. Relevance: You will be able to use polynomial.
Living Things vs. Nonliving Things Students will compare and contrast the difference between living and non living things.
Solving equations with polynomials – part 2. n² -7n -30 = 0 ( )( )n n 1 · 30 2 · 15 3 · 10 5 · n + 3 = 0 n – 10 = n = -3n = 10 =
The Secretive “We protect you from people like us”
IMPLEMENTATION OF OUTLOOK EXPRESS. OUTLOOK Outlook Express is a news and client included with 4.0 through 6.0 versions of Internet Explorer.
The Bully What is a bully? What is a bully?. This is Sam.
6.3 Synthetic Division. Here is a quick way to evaluate the value of a function for a particular value of x. It is called synthetic substitution. Evaluate.
Objective: SWBAT improve the efficiency of mathematical calculations through the use of a spreadsheet program Do Now: What is the primary purpose of a.
Data Intensive Computing Graph algorithms for irregular, unstructured data – John Feo, Pacific Northwest National Laboratory graph500 and data-intensive.
© 2017 SlidePlayer.com Inc. All rights reserved.