Presentation is loading. Please wait.

Presentation is loading. Please wait.

Novel Information Attacks From “Carpet Bombings” to “Smart Bombs”

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Novel Information Attacks From “Carpet Bombings” to “Smart Bombs”"— Presentation transcript:

1 Novel Information Attacks From “Carpet Bombings” to “Smart Bombs”

2 Traditional malware: Developed to create massive computer epidemics At the early stages of epidemics provides plenty of information for attack mitigation Modern anti-virus products: Developed for massive attacks leading to epidemics, rather than targeted attacks Mainly employ binary signatures to detect malware (viruses, network worms etc.). The database of binary signatures is ever increasing due to new attacks and mutating malware Novel malware such as StuxNet worm: Developed to create single attacks against high value target (industrial and government facilities) Does not create epidemics thus do not provide data for attack mitigation: the first instance of attack could also be the last instance The malware is highly specialized for particular environment of the target Motivation

3 High value target

4 Internationally: Majority of attacks happened in Iran [”W32.Stuxnet Dossier” Symantec Corporation, October 2010] On July 7 2010, StuxNet might have shut down an Indian satellite that was operated by vulnerable remote terminal units [Jeffery Carr, “Did The Stuxnet Worm Kill India’s INSAT-4B Satellite?”, Forbes.com, September, 2010] Generally, a targeted attack, such as StuxNet worm represents a threat of a great importance: The mass utilization of remote and automatic control systems at strategic objects as nuclear power plants, gas and oil production and transportation... Such control systems incorporate a large number of interconnected industrial controllers and operator stations… Systems that are particularly vulnerable to targeted attacks such as StuxNet worm What do we know about the StuxNet:

5 INTERNET Process control computer Control electronics (PLC) Actuators Control valves D e p l o y m e n t Propagation Activation, execution Erroneous control decisions Destructive control actions

6 Problem : A new trend in computer attacks is a stealthy targeted attack These attacks are aimed at high value targets within the national infrastructure that is much more dangerous and much more difficult to mitigate than traditional computer epidemics Existing computer security products, by design, fail to prevent targeted, industry oriented attacks. The proposed solution: We propose a new cyber-security technology that detects attacks by identifying and classifying goals of an attacker (malware). Our technology does not rely on large signature data base that minimizes the use of computer resources and associated costs. Our technology addresses both traditional massive attacks and low and slow targeted attacks on industrial and government facilities Our Current Work

7 Attacker What is done What we want to do Observing malicious behaviors Specifying malicious functionalities Developing functionality recognition technology Detecting potential goals of the attack Preventing the attack spread Specifying malicious functionalities Utilizing functionality recognition technology Immunizing high value targets Attacker High value target

Download ppt "Novel Information Attacks From “Carpet Bombings” to “Smart Bombs”"

Similar presentations

By Hiranmayi Pai Neeraj Jain

By Hiranmayi Pai Neeraj Jain
Day 4-1-1 anti-virus 3-3-1.anti-virus 1 detecting a malicious file malware, detection, hiding, removing.

Day anti-virus anti-virus 1 detecting a malicious file malware, detection, hiding, removing.
A Rudra Technologies Pvt Ltd. Product The New Age Protector against Known and Unknown Malicious Software Rudra.

A Rudra Technologies Pvt Ltd. Product The New Age Protector against Known and Unknown Malicious Software Rudra.
Rob Gaston 04/04/2013 CIS 150. Cyber Warfare  U.S. government security expert Richard A. Clarke, Cyber War (May 2010): cyber warfare is actions by.

Rob Gaston 04/04/2013 CIS 150. Cyber Warfare  U.S. government security expert Richard A. Clarke, Cyber War (May 2010): "cyber warfare" is "actions by.
Chapter 14 Computer Security Threats Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design Principles,

Chapter 14 Computer Security Threats Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design Principles,
Network Security of The United States of America By: Jeffery T. Pelletier.

Network Security of The United States of America By: Jeffery T. Pelletier.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Lecture 11 Reliability and Security in IT infrastructure.

Lecture 11 Reliability and Security in IT infrastructure.
Worms By: Aaron Stahler. Difference Between a Worm and A Virus Viruses are computer programs that are designed to spread themselves from one file to another.

Worms By: Aaron Stahler. Difference Between a Worm and A Virus Viruses are computer programs that are designed to spread themselves from one file to another.
DuWayne Aikins Information Security Forum May 21, 2015 Cyber, A Militarized Domain: What is Means to Texas.

DuWayne Aikins Information Security Forum May 21, 2015 Cyber, A Militarized Domain: What is Means to Texas.
Internet Quarantine: Requirements for Containing Self-Propagating Code David Moore et. al. University of California, San Diego.

Internet Quarantine: Requirements for Containing Self-Propagating Code David Moore et. al. University of California, San Diego.
 Discovered in June/July 2010  Targeted Siemens software and equipment running Microsoft Windows  First malware for SCADA systems to spy and subvert.

 Discovered in June/July 2010  Targeted Siemens software and equipment running Microsoft Windows  First malware for SCADA systems to spy and subvert.
Life in a Dangerous World: Developing effective strategies against Virus, Worms and Other Threats Marshall Breeding Vanderbilt University

Life in a Dangerous World: Developing effective strategies against Virus, Worms and Other Threats Marshall Breeding Vanderbilt University
Malware  Viruses  E-mail Virus  Worms  Trojan Horses  Spyware –Keystroke Loggers  Adware.

Malware  Viruses  Virus  Worms  Trojan Horses  Spyware –Keystroke Loggers  Adware.
Virus & Anti-Virus Itthiwat Phiphopsukhawadee M.2/7 No.5 Saranpat Prasertthum M.2/7 No.17 Korakrit Laotrakul M.2/7 No.23 Pesan Kasemkitjanuwat M.2/7 No.25.

Virus & Anti-Virus Itthiwat Phiphopsukhawadee M.2/7 No.5 Saranpat Prasertthum M.2/7 No.17 Korakrit Laotrakul M.2/7 No.23 Pesan Kasemkitjanuwat M.2/7 No.25.
By: Sharad Sharma, Somya Verma, and Taranjit Pabla.

By: Sharad Sharma, Somya Verma, and Taranjit Pabla.
Speaker : Hong-Ren Jiang A Novel Testbed for Detection of Malicious Software Functionality 1.

Speaker : Hong-Ren Jiang A Novel Testbed for Detection of Malicious Software Functionality 1.
Business Computing 550 Lesson 6. 2 Security Threats on Web Sites Issues and vulnerabilities 1.Illegal Access and Use (Hacking the system or users exposing.

Business Computing 550 Lesson 6. 2 Security Threats on Web Sites Issues and vulnerabilities 1.Illegal Access and Use (Hacking the system or users exposing.
Jonathan Baulch  A worm that spreads via USB drives  Exploits a previously unknown vulnerability in Windows  Trojan backdoor that looks for a specific.

Jonathan Baulch  A worm that spreads via USB drives  Exploits a previously unknown vulnerability in Windows  Trojan backdoor that looks for a specific.
 The purpose of this report is to inform people that the spyware and virus threat is growing and what people can do to stop the spread of spyware and.

 The purpose of this report is to inform people that the spyware and virus threat is growing and what people can do to stop the spread of spyware and.

Similar presentations

Ads by Google