Presentation is loading. Please wait.

Presentation is loading. Please wait.

Fostering worldwide interoperabilityGeneva, 13-16 July 2009 How to counter web-based attacks on the Internet in Korea Heung Youl YOUM Chairman of Korea.

Published byEmery Webb Modified over 8 years ago

Similar presentations

Presentation on theme: "Fostering worldwide interoperabilityGeneva, 13-16 July 2009 How to counter web-based attacks on the Internet in Korea Heung Youl YOUM Chairman of Korea."— Presentation transcript:

1 Fostering worldwide interoperabilityGeneva, 13-16 July 2009 How to counter web-based attacks on the Internet in Korea Heung Youl YOUM Chairman of Korea ITU-T SG17 Committee, TTA Global Standards Collaboration (GSC) 14 DOCUMENT #:GSC14-GTSC-026 FOR:Presentation SOURCE:TTA AGENDA ITEM:GTSC 4.2 CONTACT(S):hyyoum@sch.ac.kr

2 Fostering worldwide interoperability 2 Geneva, 13-16 July 2009 It is very surprise if you realize that just visiting your favorite web site can either lead to malware to be silently installed on your computer without your knowledge or clicking anything, or being annoyed by misleading applications, such as fake antivirus software. What is web-based attacks? A type of attacks in which the attackers try to compromise the legitimate websites resulting in malicious code to be injected which in turn can be used to infect a user’s computer visiting those web sites. What is web-based attacks?

3 Fostering worldwide interoperability 3 Geneva, 13-16 July 2009 Web-based attacks According to Google survey released in May 2007, one in 10 web sites contained malicious codes which were capable of launching so-called “ drive-by download ” type web-based attacks. In the web-based attacks: The administrators are not aware that they are hacked, have resulted injecting the malicious codes and used to disseminate malicious codes; Users also are not aware that their computers get infected by malicious codes from the sites they have visited; Installing anti-virus S/W can prevent some incidents, but, they are not providing ultimate solutions.

4 Fostering worldwide interoperability 4 Geneva, 13-16 July 2009 Top Web Threats for 2008 In the Symantic threats Report-2008: Drive-by downloads from mainstream Web site are increasing; Attacks are heavily obfuscated and dynamically changing making traditional antivirus solutions ineffective ; Attacks are targeting browser plug-ins; SQL injection attacks are being used to infect mainstream Web sites; Mal advertisements are redirecting users to malicious Web sites; Explosive growth in unique and targeted malware samples;

5 Fostering worldwide interoperability 5 Geneva, 13-16 July 2009 Typical scenarios for web-based attack in Korea 1,000 legitimate web sites … Malicious code injected web site Users 1. Compromise the legitimate web sites. 2. Visit their favorite web sites. 3. Redirect users to the malicious web site. 4.Attempts to attack the PCs using 620,000 IPs. 5. 92,000 PCs with MS06-014 Vul. infected by malicious code. 6. Personal information such as ID/Password is transferred to attacker. attacker

6 Fostering worldwide interoperability 6 Geneva, 13-16 July 2009 Korea use case: MC-finder scheme(1/2) MC-finder scheme Developed by KISA (Korea Information Security Agency) and put in place since 2006. A scheme to search for the malicious code- injected web sites, malicious web site, and the web sites which redirect users to the malicious injected code, the transit web site. More than 140,000 sites in Korea are being monitored by MC-finder scheme, as of June 30, 2009. During 2008, in Korea, 1,324 web sites founded as malicious code injected web sites, 7,654 web sites turned up as the transit web sites redirecting users to the malicious injected web sites.

7 Fostering worldwide interoperability 7 Geneva, 13-16 July 2009 Korea use case: MC-finder scheme(2/2) Web sites to be monitored: Major web sites for enterprise/orgs, etc. sites, Top 20,000 sites according to number of visiting users; Sites which have already experienced the web pages’ defacement. Inspect web documents to check whether an malicious code is injected. List up the infected URLs. It has provided the following services; Inform the administrators by SMS, e-mail, or phone to take necessary actions; Maintain and track the history of the MC- infected sites;

8 Fostering worldwide interoperability 8 Geneva, 13-16 July 2009 Nearly impossible to search for all global web sites therefore, it needs to develop a global collaboration framework. However, Lack of framework for sharing security information; Lack of globally interoperable framework or technologies; No standardization activity on how to counter this web-based attacks. Therefore, it needs to; Identify various web-based attack scenarios, the requirements and generic framework; Identify the relevant information exchange format; Challenges

9 Fostering worldwide interoperability 9 Geneva, 13-16 July 2009 Korea continue to upgrade the MC-finder scheme to reflect the fast changing attack environments. Need for a globally interoperable framework and technologies which can combat the web-based attacks effectively; ITU-T and global SDOs are required to develop standards or guideline for a globally interoperable scheme against the web-based attacks on the Internet. TTA plans to contribute to launching the standardization activities on the countering scheme against the web-based attacks in the near future. Next Steps/Actions

10 Fostering worldwide interoperability 10 Geneva, 13-16 July 2009 Generally needs to reaffirm the existing Resolution GSC11/13. However, update is required as follows; In recognizing clause, item i); that new cyber attacks such as phishing, pharming, “web-based attacks” and Botnets are emerging and spreading rapidly; In Resolves clause, item 4); work with the ITU and others to develop standards or guidelines to protect against Botnet attacks “and web-based attacks” and facilitate tracing the source of an attack; Proposed Resolution

Download ppt "Fostering worldwide interoperabilityGeneva, 13-16 July 2009 How to counter web-based attacks on the Internet in Korea Heung Youl YOUM Chairman of Korea."

Similar presentations

Its a new digital world with new digital dangers….

Its a new digital world with new digital dangers….
Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.
TrustPort Net Gateway Web traffic protection. WWW.TRUSTPORT.COM Keep It Secure Contents Latest security threats spam and malware Advantages of entry point.

TrustPort Net Gateway Web traffic protection. Keep It Secure Contents Latest security threats spam and malware Advantages of entry point.
The Threat Landscape Jan 2013. 2013 Threat Report 2.

The Threat Landscape Jan Threat Report 2.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Technology Education Copyright © 2006 by The McGraw-Hill Companies,

Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Technology Education Copyright © 2006 by The McGraw-Hill Companies,
Breaking Trust On The Internet

Breaking Trust On The Internet
The development of Internet A cow was lost in Jan 14th 2003. If you know where it is, please contact with me. My QQ number is 87881405. QQ is one of the.

The development of Internet A cow was lost in Jan 14th If you know where it is, please contact with me. My QQ number is QQ is one of the.
AVG- Protecting those who are vulnerable.  Free Anti-Virus Software ◦ J.R. Smith President of AVG oversees a lineup of antivirus products used by 110.

AVG- Protecting those who are vulnerable.  Free Anti-Virus Software ◦ J.R. Smith President of AVG oversees a lineup of antivirus products used by 110.
Cyber X-Force-SMS alert system for E-mail threats.

Cyber X-Force-SMS alert system for threats.
Threats To A Computer Network

Threats To A Computer Network
Internet Fraud By: Noelle Woodman.

Internet Fraud By: Noelle Woodman.
MOBILE MALWARE TOPIC #5 – INFORMATION ASSURANCE AND SECURITY Michael Fine 1.

MOBILE MALWARE TOPIC #5 – INFORMATION ASSURANCE AND SECURITY Michael Fine 1.
Quiz Review.

Quiz Review.
Trend Micro Deployment Kelvin Hwang IT Services University of Windsor.

Trend Micro Deployment Kelvin Hwang IT Services University of Windsor.
Incident Response Updated 03/20/2015

Incident Response Updated 03/20/2015
Norman SecureSurf Protect your users when surfing the Internet.

Norman SecureSurf Protect your users when surfing the Internet.
Cyber Security Issues in South Korea and CSIRTs Cooperation September 17, 2014 Eunju Pak

Cyber Security Issues in South Korea and CSIRTs Cooperation September 17, 2014 Eunju Pak
First Community Bank www.fcbnm.com Prevx Safe Online Rollout & Best Practice Presentation.

First Community Bank Prevx Safe Online Rollout & Best Practice Presentation.
Presentation by Kathleen Stoeckle All Your iFRAMEs Point to Us 17th USENIX Security Symposium (Security'08), San Jose, CA, 2008 Google Technical Report.

Presentation by Kathleen Stoeckle All Your iFRAMEs Point to Us 17th USENIX Security Symposium (Security'08), San Jose, CA, 2008 Google Technical Report.
11 The Ghost In The Browser Analysis of Web-based Malware Reporter: 林佳宜 Advisor: Chun-Ying Huang 2010/3/29.

11 The Ghost In The Browser Analysis of Web-based Malware Reporter: 林佳宜 Advisor: Chun-Ying Huang /3/29.

Similar presentations

Ads by Google