We think you have liked this presentation. If you wish to download it, please recommend it to your friends in any social system. Share buttons are a little bit lower. Thank you!
Presentation is loading. Please wait.
Published byGrace Buckley
Modified over 3 years ago
1-1/29 Copyright © 2006 M. E. Kabay. All rights reserved. 08:15-09:00 INFORMATION WARFARE Part 1: Fundamentals Advanced Course in Engineering 2006 Cyber Security Boot Camp Air Force Research Laboratory Information Directorate, Rome, NY M. E. Kabay, PhD, CISSP-ISSMP Assoc. Prof. Information Assurance Program Direction, MSIA & BSIA Division of Business & Management, Norwich University Northfield, Vermont mailto:firstname.lastname@example.org:email@example.com V: 802.479.7937
1-2/29 Copyright © 2006 M. E. Kabay. All rights reserved. 08:15-09:00 Topics 08:00-08:15 Introductions & Overview 08:15-09:00 Fundamental Concepts 09:05-10:25 INFOWAR Theory 10:35-11:55 Case Histories & Scenarios
1-3/29 Copyright © 2006 M. E. Kabay. All rights reserved. 08:15-09:00 Part 1: Fundamental Concepts Fundamental Elements of INFOSEC Sources of Damage to IT Risk Categories Taxonomy for Computer Incidents
1-4/29 Copyright © 2006 M. E. Kabay. All rights reserved. 08:15-09:00 Fundamental Elements of INFOSEC: Protect the 6 atomic elements of information security (not just 3): Confidentiality Possession or control Integrity Authenticity Availability Utility C-I-A
1-5/29 Copyright © 2006 M. E. Kabay. All rights reserved. 08:15-09:00 Confidentiality Restricting access to data Protecting against unauthorized disclosure of existence of data E.g., allowing industrial spy to deduce nature of clientele by looking at directory names Protecting against unauthorized disclosure of details of data E.g., allowing 13-yr old girl to examine HIV+ records in Florida clinic
1-6/29 Copyright © 2006 M. E. Kabay. All rights reserved. 08:15-09:00 Possession Control over information Preventing physical contact with data E.g., case of thief who recorded ATM PINs by radio (but never looked at them) Preventing copying or unauthorized use of intellectual property E.g., violations by software pirates
1-7/29 Copyright © 2006 M. E. Kabay. All rights reserved. 08:15-09:00 Integrity Internal consistency, validity, fitness for use Avoiding physical corruption E.g., database pointers trashed or data garbled Avoiding logical corruption E.g., inconsistencies between order header total sale & sum of costs of details
1-8/29 Copyright © 2006 M. E. Kabay. All rights reserved. 08:15-09:00 Authenticity Correspondence to intended meaning Avoiding nonsense E.g., part number field actually contains cost Avoiding fraud E.g., senders name on e-mail is changed to someone elses
1-9/29 Copyright © 2006 M. E. Kabay. All rights reserved. 08:15-09:00 Availability Timely access to data Avoid delays E.g., prevent system crashes & arrange for recovery plans Avoid inconvenience E.g., prevent mislabelling of files
1-10/29 Copyright © 2006 M. E. Kabay. All rights reserved. 08:15-09:00 Utility Usefulness for specific purposes Avoid conversion to less useful form E.g., replacing dollar amounts by foreign currency equivalent Prevent impenetrable coding E.g., employee encrypts source code and "forgets" decryption key
1-11/29 Copyright © 2006 M. E. Kabay. All rights reserved. 08:15-09:00 Rough Guesses About Sources of Damage to IT See CSH4 (Computer Security Handbook, 4 th ed): Ch 4, Studies and Surveys of Computer Crime. Also http://www2.norwich.edu/mkabay/methodology/crime_stats_methods.htm
1-12/29 Copyright © 2006 M. E. Kabay. All rights reserved. 08:15-09:00 Risk Categories* Physical Attempts to gain control (physical intrusion) Electronic Attempts to gain control (malicious hacking) Execution of Arbitrary Code (viruses, trojans, Active-x, Java,...) Spoofing (lying about who you are -- users, sites, devices) Eavesdropping (sniffing, wiretapping of data, passwords...) ________ * ICSA Risk Framework
1-13/29 Copyright © 2006 M. E. Kabay. All rights reserved. 08:15-09:00 Risk Categories (Contd) Lack of Knowledge / Awareness (admin., users, outside errors) Lack of Trust, Confidence (IT, users, disgruntled… ) Denial of service (down time: electronic DOS, disasters, reliable) Exploitation of User by Site (privacy, swindles….) Exploitation the data subject (privacy, confidentiality, non-user) Lack of Interoperability
1-14/29 Copyright © 2006 M. E. Kabay. All rights reserved. 08:15-09:00 Taxonomy for Computer Security Incidents What is a Common Descriptive Language? What is a Taxonomy? Why a Language/Taxonomy for Computer Crime? The Model as a Whole Actions Targets Events Vulnerability Tool Unauthorized Result Objectives Attackers
1-15/29 Copyright © 2006 M. E. Kabay. All rights reserved. 08:15-09:00 What is a Common Descriptive Language? Set of terms that experts agree on in a field Clear definitions to the extent possible Precise Unambiguous Easy to determine in the field A common language does not necessarily imply a causal or structural model Provides means of communication among experts Supports analysis
1-16/29 Copyright © 2006 M. E. Kabay. All rights reserved. 08:15-09:00 What is a Taxonomy? Structure relating terms in the common language Permits classification of phenomena Expresses (a) model(s) of the underlying phenomena Supports hypothesis-building Supports collection and analysis of statistical information
1-17/29 Copyright © 2006 M. E. Kabay. All rights reserved. 08:15-09:00 Why a Language/Taxonomy for Computer Crime? Field of information assurance growing More people Less common experience Growing variability in meaning of terms Whats wrong with ambiguous terminology? Can cause confusion – talking at cross- purposes Can mislead investigators and others Wastes time in clarification time after time Interferes with data-gathering Makes comparisons and tests difficult or impossible
1-18/29 Copyright © 2006 M. E. Kabay. All rights reserved. 08:15-09:00 The Model as a Whole (See full-page printout at end)
1-19/29 Copyright © 2006 M. E. Kabay. All rights reserved. 08:15-09:00 Actions Probe / scan Flood Authenticate / Bypass / Spoof Read / Copy / Steal Modify / Delete
1-20/29 Copyright © 2006 M. E. Kabay. All rights reserved. 08:15-09:00 Targets Analyze the following real cases and identify the target(s) in the events: A criminal inserts a Trojan Horse into a production system; it logs keystrokes A criminal hacker defaces a Web page An attacker launches millions of spurious packets addressed to a particular e-commerce server The Morris Worm of November 1988 takes down 9,000 computers on the Internet
1-21/29 Copyright © 2006 M. E. Kabay. All rights reserved. 08:15-09:00 Events An event consists of an action taken against a target Analyze the following events in these terms: An 8-year-old kid examines all the ports on a Web server to see if any are unprotected A dishonest employee makes copies on a Zip disk of secret formulas for a new product A saboteur cuts the cables linking a company network to the Internet
1-22/29 Copyright © 2006 M. E. Kabay. All rights reserved. 08:15-09:00 Vulnerability Vulnerability = a weakness Distinguish among vulnerabilities due to Design Implementation Configuration See National Vulnerability Database Thousands of vulnerabilities Classified by platform and version
1-23/29 Copyright © 2006 M. E. Kabay. All rights reserved. 08:15-09:00 National Vulnerability DB http://nvd.nist.gov/
1-24/29 Copyright © 2006 M. E. Kabay. All rights reserved. 08:15-09:00 Tool Means of exploiting a vulnerability Widely available on Internet Exchanged at hacker meetings 2600 L0pht (defunct) Discussed and demonstrated at black-hat and gray-hat conferences DEFCON – Las Vegas HACTIC – Netherlands Many exploits usable by script kiddies and other poorly-trained hackers
1-25/29 Copyright © 2006 M. E. Kabay. All rights reserved. 08:15-09:00 Unauthorized Result Many possible results; e.g., consider results of these attacks: Someone installs a Remote Access Trojan called BO2K on a target system An e-mail-enabled worm (e.g., KLEZ) sends a copy of a confidential document to 592 strangers The Stacheldraht DDoS tool completely interdicts access to an e- commerce site A secret program installed by an employee uses all the excess CPU cycles in a corporate network for prime-number calculations
1-26/29 Copyright © 2006 M. E. Kabay. All rights reserved. 08:15-09:00 Objectives Characteristics of the human beings involved in the attack Different objectives and define different labels Criminal hacking Industrial espionage Industrial sabotage Information warfare
1-27/29 Copyright © 2006 M. E. Kabay. All rights reserved. 08:15-09:00 Attackers Wide range of attributes Subject of chapter 6 in CSH4 Skill Ideology Gain
1-28/29 Copyright © 2006 M. E. Kabay. All rights reserved. 08:15-09:00 The Model as a Whole (again)
1-29/29 Copyright © 2006 M. E. Kabay. All rights reserved. 08:15-09:00 Resume at 09:05:03
1 Copyright © 2014 M. E. Kabay. All rights reserved. Taxonomy of Computer Security Breaches CSH6 Chapter 8 “Using a Common Language for Computer Security.
Copyright © 2003 M. E. Kabay. All rights reserved.
1 Copyright © 2005 M. E. Kabay. All rights reserved. 15:30-16:00 INFORMATION WARFARE Part 4: Assignment Advanced Course in Engineering 2005 Cyber Security.
Application Design (2) Database – IS 240 Lecture #23 – M. E. Kabay, PhD, CISSP Dept of Computer Information Systems Norwich University
Managing Multi-User Databases (3) IS 240 – Database Management Lecture # Prof. M. E. Kabay, PhD, CISSP Norwich University
Chapter ADCS CS262/0898/V1 Chapter 1 An Introduction To Computer Security TOPICS Introduction Threats to Computer Systems –Threats, Vulnerabilities.
Attacks On systems And Networks To understand how we can protect our system and network we need to know about what kind of attacks a hacker/cracker would.
Threats and Attacks Principles of Information Security, 2nd Edition
© Ravi Sandhu Introduction to Information Security Ravi Sandhu.
Working with MS-ACCESS IS 240 – Database Management Lecture #2 – Assoc. Prof. M. E. Kabay, PhD, CISSP Norwich University
Course code: ABI 204 Introduction to E-Commerce Chapter 5: Security Threats to Electronic Commerce AMA University 1.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Mod H-1 Examples of Computer Crimes. Mod H-2 Stuxnet.
Chapter 9 E-Security. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES Security in Cyberspace Conceptualizing Security Designing for Security.
Computer threats, Attacks and Assets upasana pandit T.E comp.
1 Copyright © 2013 M. E. Kabay, D. J. Blythe, J. Tower-Pierce & P. R. Stephenson. All rights reserved. Overview of Cybercrime CJ341 – Cyberlaw & Cybercrime.
Privacy & Security By Martin Perez. Introduction Information system - People : meaning use, the people who use computers. - Procedures : Guidelines.
INTRODUCTION TO COMPUTER & NETWORK SECURITY INSTRUCTOR: DANIA ALOMAR.
Taxonomy of Computer Security Incidents Yashodhan Fadnavis.
IS 376 NOVEMBER 5, DATA BREACH INVESTIGATIONS REPORT By The Verizon RISK Team Research Investigations Solutions Knowledge.
Computer Crime and Information Technology Security
PART THREE E-commerce in Action Norton University E-commerce in Action.
Chapter 1: The Database Environment
Introduction to Security Dr. John P. Abraham Professor UTPA.
1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?
C8- Securing Information Systems
7.1 Copyright © 2011 Pearson Education, Inc. 7 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem Overall size of cybercrime unclear; amount of losses.
Security fundamentals Topic 1 Addressing security threats and vulnerabilities.
Lesson 2 Computer Security Incidents Taxonomy. Need an accepted taxonomy because... Provides a common frame of reference If no taxonomy, then we: Can’t.
CHAPTER 7: PRIVACY, CRIME, AND SECURITY. Privacy in Cyberspace Privacy: an individual’s ability to restrict or eliminate the collection, use and sale.
Chapter 1 Introduction Copyright © Operating Systems, by Dhananjay Dhamdhere Copyright © Introduction Abstract Views of an Operating System.
Security+ Guide to Network Security Fundamentals
CYBER CRIME AND SECURITY TRENDS
Information Security Management Chapter “We Have to Design It for Privacy and Security.” Copyright © 2014 Pearson Education, Inc. Publishing.
McGraw-Hill/Irwin Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. Extended Learning Module H Computer Crime and Digital Forensics.
1 Note content copyright © 2004 Ian Sommerville. NU-specific content copyright © 2004 M. E. Kabay. All rights reserved. Software Testing IS301 – Software.
C OMPUTER THREATS, ATTACKS AND ASSETS DONE BY NISHANT NARVEKAR TE COMP
1 Note content copyright © 2004 Ian Sommerville. NU-specific content copyright © 2004 M. E. Kabay. All rights reserved. Application Architectures IS301.
EN0129 PC AND NETWORK TECHNOLOGY I
Chapter 15: Security (Part 1). The Security Problem Security must consider external environment of the system, and protect the system resources Intruders.
A Common Language for Computer Security Incidents John D. Howard, Thomas A. Longstaff Presented by: Jason Milletary 9 November 2000.
Security Awareness Challenges of Security No single simple solution to protecting computers and securing information Different types of attacks Difficulties.
1 Copyright © 2002 M. E. Kabay. All rights reserved. Information Security on a Budget: Where to Invest First M. E. Kabay, PhD, CISSP Assoc. Prof. Information.
Computer Security By Duncan Hall.
Distance Education Team 1 Adrian Sia Xavier Appé Anoop Georges Salvador Gonzales Augustine Ani Zijian Cao Joe Ondercin SNA Step 3 November 14, 2001.
© 2017 SlidePlayer.com Inc. All rights reserved.