Zero Day Attacks Jason Kephart. Purpose The purpose of this presentation is to describe Zero-Day attacks, stress the danger they pose for computer security.

Slides:



Advertisements
Similar presentations
An investigation into the security features of Oracle 10g R2 Enterprise Edition Supervisor: Mr J Ebden.
Advertisements

By Hiranmayi Pai Neeraj Jain
7 Effective Habits when using the Internet Philip O’Kane 1.
Honeypot 서울과학기술대학교 Jeilyn Molina Honeypot is the software or set of computers that are intended to attract attackers, pretending to be weak.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)
Software Security Threats Threats have been an issue since computers began to be used widely by the general public.
Patching MIT SUS Services IS&T Network Infrastructure Services Team.
Installing software on personal computer
Project By Ben Woodard ISC 110 Professor: Dr. Elaine Wenderholm.
Norman Endpoint Protection Advanced security made easy.
IT:Network:Microsoft Applications
 Discovered in June/July 2010  Targeted Siemens software and equipment running Microsoft Windows  First malware for SCADA systems to spy and subvert.
Desktop Security: Worms and Viruses Brian Arkills, C&C NDC-Sysmgt.
Vulnerabilities. flaws in systems that allow them to be exploited provide means for attackers to compromise hosts, servers and networks.
MSIT 458 – The Chinchillas. Offense Overview Botnet taxonomies need to be updated constantly in order to remain “complete” and are only as good as their.
Speaker : YUN–KUAN,CHANG Date : 2009/10/13 Working the botnet: how dynamic DNS is revitalising the zombie army.
Unit 2 - Hardware Computer Security.
National Energy Research Scientific Computing Center (NERSC) Computer Security – The New Threats Stephen Lau NERSC Center Division, LBNL June 24, 2004.
Firewalls Paper By: Vandana Bhardwaj. What this paper covers? Why you need a firewall? What is firewall? How does a network firewall interact with OSI.
Study Results Advanced Persistent Threat Awareness.
Staying Safe Online Keep your Information Secure.
Agenda Review route summarization Cisco acquire Sourcefire Review Final Exam.
IT security By Tilly Gerlack.
Jonathan Baulch  A worm that spreads via USB drives  Exploits a previously unknown vulnerability in Windows  Trojan backdoor that looks for a specific.
I.T Security Advice for Dummies By Kirsty Pollard Kirsty Pollard Campsmount Academy.
A Scientific Approach to Software Security Dennis Fisher May 15, 2012 The Kaspersky Lab Security News Service.
Introduction to Computer Ethics
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
Computer Security and Penetration Testing
1.2 Security. Computer security is a branch of technology known as information security, it is applied to computers and networks. It is used to protect.
A virus is software that spreads from program to program, or from disk to disk, and uses each infected program or disk to make copies of itself. Basically.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Rebecca Pritchard.
Security - Why Bother? Your projects in this class are not likely to be used for some critical infrastructure or real-world sensitive data. Why should.
Determina DARPA PI meeting Page 2Confidential © Determina, Inc. Agenda LiveShield –Product and Technology –Current Status Applications to Application.
Recent Internet Viruses & Worms By Doppalapudi Raghu.
By: Gloria Watkins.  Use antivirus software and keep it up-to-date. You should check for new definition updates daily. Most antivirus software can.
Computer Viruses and Worms By: Monika Gupta Monika Gupta.
Understanding Computer Viruses: What They Can Do, Why People Write Them and How to Defend Against Them Computer Hardware and Software Maintenance.
By Hyrum Wines  2. Anti-spyware: A spyware is a program which collects private information and sends it to its programmer. Spywares are considered.
Microsoft Security Response Center Presented by Fan Chiang, Chun-Wei( 范姜竣韋 ) 2015/11/14 1 NTUIM.
Topic 5: Basic Security.
November 19, 2008 CSC 682 Use of Virtualization to Thwart Malware Written by: Ryan Lehan Presented by: Ryan Lehan Directed By: Ryan Lehan Produced By:
Security Vulnerabilities in A Virtual Environment
n Just as a human virus is passed from person from person, a computer virus is passed from computer to computer. n A virus can be attached to any file.
CHAPTER 2 Laws of Security. Introduction Laws of security enable user make the judgment about the security of a system. Some of the “laws” are not really.
Virus Assignment JESS D. How viruses affect people and businesses  What is a virus? A computer virus is a code or a program that is loaded onto your.
Cybersecurity Test Review Introduction to Digital Technology.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
A Quick and Easy Crash Course Internet Safety for Everyone.
Vulnerabilities in Operating Systems Michael Gaydeski COSC December 2008.
COMPUTER SECURITY Ashesi University College Benson Wachira Julateh Mulbah.
Exploitation Development and Implementation PRESENTER: BRADLEY GREEN.
Securing a Host Computer BY STEPHEN GOSNER. Definition of a Host  Host  In networking, a host is any device that has an IP address.  Hosts include.
Lecturer: Eng. Mohamed Adam Isak PH.D Researcher in CS M.Sc. and B.Sc. of Information Technology Engineering, Lecturer in University of Somalia and Mogadishu.
Firmware threat Dhaval Chauhan MIS 534.
CMSC 345 Defensive Programming Practices from Software Engineering 6th Edition by Ian Sommerville.
Common Methods Used to Commit Computer Crimes
Secure Software Confidentiality Integrity Data Security Authentication
Compliance with hardening standards
Rootkit A rootkit is a set of tools which take the ability to access a computer or computer network at administrator level. Generally, hackers install.
Security in Networking
Myths About Web Application Security That You Need To Ignore.
Home Internet Vulnerabilities
CRITICAL INFRASTRUCTURE CYBERSECURITY
Faculty of Science IT Department By Raz Dara MA.
CSC-682 Advanced Computer Security
Computer Security By: Muhammed Anwar.
Ethical Hacking ‘Ethical hacking’ is the branch of computer science that involves cybersecurity and preventing cyberattacks. Ethical hackers are not malicious.
Test 3 review FTP & Cybersecurity
Presentation transcript:

Zero Day Attacks Jason Kephart

Purpose The purpose of this presentation is to describe Zero-Day attacks, stress the danger they pose for computer security professionals as well as every day users, and provide insight as to what can be done about them in order to minimize the adverse effects

What is an exploit, exactly? An exploit is a malicious piece of software, data, or sequence of commands It “exploits” or takes advantage of a vulnerability to cause an unintended behavior, such as enabling super user account privileges, acquiring sensitive data, or even taking control of a host to use in a distributed attack

What is a Zero-Day attack? A Zero-Day attack is an exploit that attacks a previously unknown vulnerability in a computer application. Occurs on “day zero” of awareness Developers have had zero days to address the vulnerability, thus rightly naming these attacks as Zero-Day attacks

What does this mean? For businesses and private users alike As is known, information is crucial to the life of a business, and any vulnerability can create widespread problems Since zero-day attacks are the most dangerous and unexpected, special consideration must go to making sure certain preventative measures are taken

Dangers of a Zero-Day Attack Constant Threat – New code is developed every day, which translates to new vulnerabilities to exploit for malicious hackers Hard to protect against – It can be very difficult to find clever software vulnerabilities Unexpected in nature

Danger (cont.) Zero-Day attacks are the most dangerous type of exploit By definition, developers do not yet know of the vulnerabilities that zero-day attacks exploit – This is primarily why zero-day attacks are so treacherous The vulnerabilities must be fixed, but this takes time

Window of Exposure Period of time when vulnerabilities remain dangerous The window of exposure for vulnerabilities is between the time when the vulnerability is discovered (by the criminal underground or ethical hackers) and a patch is released and deployed onto systems. An empirical study shows that the average window of exposure for a zero-day attack is ten months!

Window of Exposure

Notable Zero-Day Attacks Stuxnet Duqu Flame Downadup Fujacks Ramnit

Stuxnet Most extensive zero-day exploit Takes advantage of four different zero day vulnerabilities in software – Very unusual Zero-day attacks are valuable to the criminal underground – Also adding to the peculiarity, it was written in multiple languages, including C and C++ Perfect example of a complicated exploit – Can be transferred via USB or similar

This graphic details the widespread problems associated with a zero- day exploit

Preventative Measures Secure Coding – Difficult to administer but really the only “sure” way Patching – Must be done for measures against host computers – Consistency is key

Secure Coding Also known as defensive programming, it is an important goal to constantly work towards Secure coding is the practice of software engineering and making sure no vulnerabilities or glitches exist in the software Writing code can be very difficult, and making sure no loopholes exist in code can be even more difficult to realize – Secure code doesn’t happen by itself

Secure Coding (cont.) To ensure that secure coding practices are followed, software engineering standards need to be in place – developers are actively working towards secure and glitch-free code – Standardized methods must be generalized, therefore because they are followed it does not ‘guarantee’ security of code, only helps

Patching! A patch is a piece of software designed to fix problems with, or update a computer program or its supporting data Acquires the latest patch by the vendor so that your computer isn’t vulnerable to malicious hackers that now know of the vulnerability Application developers write patches for vulnerabilities once they are found

Patching! (cont.) Automatic Patching – Highly Recommended! As shown in the window of exposure model, once a patch is created by the developer, there is still time for a hacker to reverse engineer a patch to find the vulnerability and attack those who have not yet installed the patch

Conclusion Zero-day exploits, although very dangerous, are only a fraction of the attacks placed on hosts and networks. Vigilance and persistence is necessary in a computer security environment – Bad guys are always working towards the next vulnerability – The only way to defend against new attacks

References Bilge, Leyla, and Tudor Demitras. "Before We Knew It." (2012): n. pag. Web. Mills, Ellinor. "Details of the First-ever Control System Malware." Cnet. N.p., 21 July Web. Symantec. "Notable Zero Day Attacks." N.p., n.d. Web Go Team, VMWare. "The Importance of Patching Third-party Applications." Vmware.com. N.p., 1 Aug Web

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.