Chapter 2: Attackers and Their Attacks Security+ Guide to Network Security Fundamentals.

Slides:



Advertisements
Similar presentations
Chapter 1: Fundamentals of Security JV Note: Images may not be relevant to information on slide.
Advertisements

UNIT 6 DIGITAL LITERACY STUDY S3 OBJ 1 VIRUSES & DESTRUCTIVE PROGRAMS.
Lesson 3-Hacker Techniques
OV 2- 1 Copyright © 2005 Element K Content LLC. All rights reserved. Security Threats  Social Engineering  Software-based Threats  Hardware-based Threats.
CHAPTER 2 KNOW YOUR VILLAINS. Who writes it: Malware writers vary in age, income level, location, social/peer interaction, education level, likes, dislikes.
1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?
Unit 18 Data Security 1.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
Mod H-1 Examples of Computer Crimes. Mod H-2 Stuxnet.
Hacker, Cracker?! Are they the same? No!!! Hacker programmers intensely interested in the arcane and recondite workings of any computer operating system.
Prepared by: Nahed Al-Salah
Chapter 2: Attackers and Their Attacks Security+ Guide to Network Security Fundamentals Summer 2006.
Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
Network Security. Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Objectives  Give examples of common network.
Introduction to Security Computer Networks Computer Networks Term B10.
Handling Security Incidents
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Security Awareness: Applying Practical Security in Your World
Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.
Chapter 2 Desktop Security
Attacks and Malicious Code Chapter 3. Learning Objectives Explain denial-of-service (DoS) attacks Explain and discuss ping-of-death attacks Identify major.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Threats and Attacks Principles of Information Security, 2nd Edition
Security Awareness Challenges of Security No single simple solution to protecting computers and securing information Different types of attacks Difficulties.
Attacks and Malicious Code Chapter 3. Learning Objectives Explain denial-of-service (DoS) attacks Explain and discuss ping-of-death attacks Identify major.
1 Chap 10 Malicious Software. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Chapter 15: Security (Part 1). The Security Problem Security must consider external environment of the system, and protect the system resources Intruders.
PART THREE E-commerce in Action Norton University E-commerce in Action.
CWNA Guide to Wireless LANs, Second Edition Chapter Eight Wireless LAN Security and Vulnerabilities.
BUSINESS B1 Information Security.
Security Awareness: Applying Practical Security in Your World Chapter 1: Introduction to Security.
 a crime committed on a computer network, esp. the Internet.
C8- Securing Information Systems
ITIS 1210 Introduction to Web-Based Information Systems Chapter 45 How Hackers can Cripple the Internet and Attack Your PC How Hackers can Cripple the.
Introduction to ITE Chapter 9 Computer Security. Why Study Security?  This is a huge area for computer technicians.  Security isn’t just anti-virus.
Security Awareness Challenges of Securing Information No single simple solution to protecting computers and securing information Different types of attacks.
INTRODUCTION. The security system is used as in various fields, particularly the internet, communications data storage, identification and authentication.
Viruses, Computer Security & Ethical Issues Digital Communication Systems Ms. Powers.
CHAPTER 7: PRIVACY, CRIME, AND SECURITY. Privacy in Cyberspace  Privacy: an individual’s ability to restrict or eliminate the collection, use and sale.
Computer Crimes 8 8 Chapter. The act of using a computer to commit an illegal act Authorized and unauthorized computer access. Examples- o Stealing time.
Attacks On systems And Networks To understand how we can protect our system and network we need to know about what kind of attacks a hacker/cracker would.
Chapter 17 Security. Information Systems Cryptography Key Exchange Protocols Password Combinatorics Other Security Issues 12-2.
Trojan Horses on the Web. Definition: A Trojan horse a piece of software that allows the user think that it does a certain task, while actually does an.
Types of Electronic Infection
Denial of Service (DoS) DoS attacks are aggressive attacks on an individual computer or groups of computers with the intent to deny services to intended.
CWNA Guide to Wireless LANs, Second Edition Chapter Eight Wireless LAN Security and Vulnerabilities.
1 Computer Crime Often defies detection Amount stolen or diverted can be substantial Crime is “clean” and nonviolent Number of IT-related security incidents.
Understanding Computer Viruses: What They Can Do, Why People Write Them and How to Defend Against Them Computer Hardware and Software Maintenance.
Security is often cited as a major barrier to electronic commerce. Prospective buyers are leery of sending credit card information over the web. Prospective.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
What is risk online operation:  massive movement of operation to the internet has attracted hackers who try to interrupt such operation daily.  To unauthorized.
Attack and Malicious Code Andrew Anaruk. Security Threats Denial of Service (DoS) Attacks Spoofing Social Engineering Attacks on Encrypted Data Software.
1 Network and E-commerce Security Nungky Awang Chandra Fasilkom Mercu Buana University.
Topic 5: Basic Security.
Malicious Software.
INFORMATION TECHNOLOGY IN A GLOBAL SOCIETY: SECURITY Taylor Moncrief.
Computer Security By Duncan Hall.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Information Systems Design and Development Security Risks Computing Science.
Information Systems CS-507 Lecture 32. Physical Intrusion The intruder could physically enter an organization to steal information system assets or carry.
PCs ENVIRONMENT and PERIPHERALS Lecture 10. Computer Threats: - Computer threats: - It means anything that has the potential to cause serious harm to.
Department of Computer Science Chapter 5 Introduction to Cryptography Semester 1.
SAMET KARTAL No one wants to share own information with unknown person. Sometimes while sharing something with someone people wants to keep.
Chapter 2: Attackers and Their Attacks
Chapter 40 Internet Security.
IT Security  .
Malware, Phishing and Network Policies
WJEC GCSE Computer Science
Presentation transcript:

Chapter 2: Attackers and Their Attacks Security+ Guide to Network Security Fundamentals

Security+ Guide to Network Security Fundamentals 2 Objectives Develop attacker profiles Describe basic attacks Describe identity attacks Identify denial of service attacks Define malicious code (malware)

Security+ Guide to Network Security Fundamentals 3 Developing Attacker Profiles Six categories: –Hackers –Crackers –Script kiddies –Spies –Employees –Cyberterrorists

Security+ Guide to Network Security Fundamentals 4 Developing Attacker Profiles (continued)

Security+ Guide to Network Security Fundamentals 5 Hackers Person who uses advanced computer skills to attack computers, but not with a malicious intent Use their skills to expose security flaws

Security+ Guide to Network Security Fundamentals 6 Person who violates system security with malicious intent Have advanced knowledge of computers and networks and the skills to exploit them Destroy data, deny legitimate users of service, or otherwise cause serious problems on computers and networks Crackers

Security+ Guide to Network Security Fundamentals 7 Break into computers to create damage Are unskilled users Download automated hacking software from Web sites and use it to break into computers Tend to be young computer users with almost unlimited amounts of leisure time, which they can use to attack systems Script Kiddies

Security+ Guide to Network Security Fundamentals 8 Person hired to break into a computer and steal information Do not randomly search for unsecured computers to attack Hired to attack a specific computer that contains sensitive information Spies

Security+ Guide to Network Security Fundamentals 9 One of the largest information security threats to business Employees break into their company’s computer for these reasons: –To show the company a weakness in their security –To say, “I’m smarter than all of you” –For money Employees

Security+ Guide to Network Security Fundamentals 10 Experts fear terrorists will attack the network and computer infrastructure to cause panic Cyberterrorists’ motivation may be defined as ideology, or attacking for the sake of their principles or beliefs One of the targets highest on the list of cyberterrorists is the Internet itself Cyberterrorists

Security+ Guide to Network Security Fundamentals 11 Three goals of a cyberattack: –Deface electronic information to spread disinformation and propaganda –Deny service to legitimate computer users –Commit unauthorized intrusions into systems and networks that result in critical infrastructure outages and corruption of vital data Cyberterrorists (continued)

Security+ Guide to Network Security Fundamentals 12 Today, the global computing infrastructure is most likely target of attacks Attackers are becoming more sophisticated, moving away from searching for bugs in specific software applications toward probing the underlying software and hardware infrastructure itself Understanding Basic Attacks

Security+ Guide to Network Security Fundamentals 13 Easiest way to attack a computer system requires almost no technical ability and is usually highly successful Social engineering relies on tricking and deceiving someone to access a system Social engineering is not limited to telephone calls or dated credentials Social Engineering

Security+ Guide to Network Security Fundamentals 14 Dumpster diving: digging through trash receptacles to find computer manuals, printouts, or password lists that have been thrown away Phishing: sending people electronic requests for information that appear to come from a valid source Social Engineering (continued)

Security+ Guide to Network Security Fundamentals 15 Develop strong instructions or company policies regarding: –When passwords are given out –Who can enter the premises –What to do when asked questions by another employee that may reveal protected information Educate all employees about the policies and ensure that these policies are followed Social Engineering (continued)

Security+ Guide to Network Security Fundamentals 16 Password Guessing Password: secret combination of letters and numbers that validates or authenticates a user Passwords are used with usernames to log on to a system using a dialog box Attackers attempt to exploit weak passwords by password guessing

Security+ Guide to Network Security Fundamentals 17 Password Guessing (continued)

Security+ Guide to Network Security Fundamentals 18 Characteristics of weak passwords: –Using a short password (XYZ) –Using a common word (blue) –Using personal information (name of a pet) –Using same password for all accounts –Writing the password down and leaving it under the mouse pad or keyboard –Not changing passwords unless forced to do so Password Guessing (continued)

Security+ Guide to Network Security Fundamentals 19 Brute force: attacker attempts to create every possible password combination by changing one character at a time, using each newly generated password to access the system Dictionary attack: takes each word from a dictionary and encodes it (hashing) in the same way the computer encodes a user’s password Password Guessing (continued)

Security+ Guide to Network Security Fundamentals 20 Software exploitation: takes advantage of any weakness in software to bypass security requiring a password –Buffer overflow: occurs when a computer program attempts to stuff more data into a temporary storage area than it can hold Password Guessing (continued)

Security+ Guide to Network Security Fundamentals 21 Policies to minimize password-guessing attacks: –Passwords must have at least eight characters –Passwords must contain a combination of letters, numbers, and special characters –Passwords should expire at least every 30 days –Passwords cannot be reused for 12 months –The same password should not be duplicated and used on two or more systems Password Guessing (continued)

Security+ Guide to Network Security Fundamentals 22 Cryptography: –Science of transforming information so it is secure while being transmitted or stored –Does not attempt to hide existence of data; “scrambles” data so it cannot be viewed by unauthorized users Weak Keys

Security+ Guide to Network Security Fundamentals 23 Encryption: changing the original text to a secret message using cryptography Success of cryptography depends on the process used to encrypt and decrypt messages Process is based on algorithms Weak Keys (continued)

Security+ Guide to Network Security Fundamentals 24 Algorithm is given a key that it uses to encrypt the message Any mathematical key that creates a detectable pattern or structure (weak keys) provides an attacker with valuable information to break the encryption Weak Keys (continued)

Security+ Guide to Network Security Fundamentals 25 Cryptanalysis: process of attempting to break an encrypted message Mathematical attack: analyzes characters in an encrypted text to discover the keys and decrypt the data Mathematical Attacks

Security+ Guide to Network Security Fundamentals 26 Birthday paradox: –When you meet someone for the first time, you have a 1 in 365 chance (0.027%) that he has the same birthday as you –If you meet 60 people, the probability leaps to over 99% that you will share the same birthday with one of these people Birthday attack: attack on a cryptographical system that exploits the mathematics underlying the birthday paradox Birthday Attacks

Security+ Guide to Network Security Fundamentals 27 Category of attacks in which the attacker attempts to assume the identity of a valid user Examining Identity Attacks

Security+ Guide to Network Security Fundamentals 28 Make it seem that two computers are communicating with each other, when actually they are sending and receiving data with a computer between them Can be active or passive: –Passive attack: attacker captures sensitive data being transmitted and sends it to the original recipient without his presence being detected –Active attack: contents of the message are intercepted and altered before being sent on Man-in-the-Middle Attacks

Security+ Guide to Network Security Fundamentals 29 Similar to an active man-in-the-middle attack Whereas an active man-in-the-middle attack changes the contents of a message before sending it on, a replay attack only captures the message and then sends it again later Takes advantage of communications between a network device and a file server Replay

Security+ Guide to Network Security Fundamentals 30 TCP/IP Hijacking With wired networks, TCP/IP hijacking uses spoofing, which is the act of pretending to be the legitimate owner One particular type of spoofing is Address Resolution Protocol (ARP) spoofing In ARP spoofing, each computer using TCP/IP must have a unique IP address

Security+ Guide to Network Security Fundamentals 31 TCP/IP Hijacking (continued) Certain types of local area networks (LANs), such as Ethernet, must also have another address, called the media access control (MAC) address, to move information around the network Computers on a network keep a table that links an IP address with the corresponding address In ARP spoofing, a hacker changes the table so packets are redirected to his computer

Security+ Guide to Network Security Fundamentals 32 Identifying Denial of Service Attacks Denial of service (DoS) attack attempts to make a server or other network device unavailable by flooding it with requests After a short time, the server runs out of resources and can no longer function Known as a SYN attack because it exploits the SYN/ACK “handshake”

Security+ Guide to Network Security Fundamentals 33 Identifying Denial of Service Attacks (continued) Another DoS attack tricks computers into responding to a false request An attacker can send a request to all computers on the network making it appear a server is asking for a response Each computer then responds to the server, overwhelming it, and causing the server to crash or be unavailable to legitimate users

Security+ Guide to Network Security Fundamentals 34 Identifying Denial of Service Attacks (continued)

Security+ Guide to Network Security Fundamentals 35 Identifying Denial of Service Attacks (continued) Distributed denial-of-service (DDoS) attack: –Instead of using one computer, a DDoS may use hundreds or thousands of computers –DDoS works in stages

Security+ Guide to Network Security Fundamentals 36 Understanding Malicious Code (Malware) Consists of computer programs designed to break into computers or to create havoc on computers Most common types: –Viruses –Worms –Logic bombs –Trojan horses –Back doors

Security+ Guide to Network Security Fundamentals 37 Programs that secretly attach to another document or program and execute when that document or program is opened Might contain instructions that cause problems ranging from displaying an annoying message to erasing files from a hard drive or causing a computer to crash repeatedly Viruses

Security+ Guide to Network Security Fundamentals 38 Viruses (continued) Antivirus software defends against viruses is Drawback of antivirus software is that it must be updated to recognize new viruses Updates (definition files or signature files) can be downloaded automatically from the Internet to a user’s computer

Security+ Guide to Network Security Fundamentals 39 Worms Although similar in nature, worms are different from viruses in two regards: –A virus attaches itself to a computer document, such as an message, and is spread by traveling along with the document –A virus needs the user to perform some type of action, such as starting a program or reading an message, to start the infection

Security+ Guide to Network Security Fundamentals 40 Worms (continued) Worms are usually distributed via attachments as separate executable programs In many instances, reading the message starts the worm If the worm does not start automatically, attackers can trick the user to start the program and launch the worm

Security+ Guide to Network Security Fundamentals 41 Logic Bombs Computer program that lies dormant until triggered by a specific event, for example: –A certain date being reached on the system calendar –A person’s rank in an organization dropping below a specified level

Security+ Guide to Network Security Fundamentals 42 Trojan Horses Programs that hide their true intent and then reveals themselves when activated Might disguise themselves as free calendar programs or other interesting software Common strategies: –Giving a malicious program the name of a file associated with a benign program –Combining two or more executable programs into a single filename

Security+ Guide to Network Security Fundamentals 43 Trojan Horses (continued) Defend against Trojan horses with the following products: –Antivirus tools, which are one of the best defenses against combination programs –Special software that alerts you to the existence of a Trojan horse program –Anti-Trojan horse software that disinfects a computer containing a Trojan horse

Security+ Guide to Network Security Fundamentals 44 Back Doors Secret entrances into a computer of which the user is unaware Many viruses and worms install a back door allowing a remote user to access a computer without the legitimate user’s knowledge or permission

Security+ Guide to Network Security Fundamentals 45 Summary Six categories of attackers: hackers, crackers, script kiddies, spies, employees, and cyberterrorists Password guessing is a basic attack that attempts to learn a user’s password by a variety of means Cryptography uses an algorithm and keys to encrypt and decrypt messages

Security+ Guide to Network Security Fundamentals 46 Summary (continued) Identity attacks attempt to assume the identity of a valid user Denial of service (DoS) attacks flood a server or device with requests, making it unable to respond to valid requests Malicious code (malware) consists of computer programs intentionally created to break into computers or to create havoc on computers

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.