Presentation is loading. Please wait.

Presentation is loading. Please wait.

Zero Day Attacks Jason Kephart. Purpose The purpose of this presentation is to describe Zero-Day attacks, stress the danger they pose for computer security.

Published byPaulina Copeland Modified over 8 years ago

Similar presentations

Presentation on theme: "Zero Day Attacks Jason Kephart. Purpose The purpose of this presentation is to describe Zero-Day attacks, stress the danger they pose for computer security."— Presentation transcript:

1 Zero Day Attacks Jason Kephart

2 Purpose The purpose of this presentation is to describe Zero-Day attacks, stress the danger they pose for computer security professionals as well as every day users, and provide insight as to what can be done about them in order to minimize the adverse effects

3 What is an exploit, exactly? An exploit is a malicious piece of software, data, or sequence of commands It “exploits” or takes advantage of a vulnerability to cause an unintended behavior, such as enabling super user account privileges, acquiring sensitive data, or even taking control of a host to use in a distributed attack

4 What is a Zero-Day attack? A Zero-Day attack is an exploit that attacks a previously unknown vulnerability in a computer application. Occurs on “day zero” of awareness Developers have had zero days to address the vulnerability, thus rightly naming these attacks as Zero-Day attacks

5 What does this mean? For businesses and private users alike As is known, information is crucial to the life of a business, and any vulnerability can create widespread problems Since zero-day attacks are the most dangerous and unexpected, special consideration must go to making sure certain preventative measures are taken

6 Dangers of a Zero-Day Attack Constant Threat – New code is developed every day, which translates to new vulnerabilities to exploit for malicious hackers Hard to protect against – It can be very difficult to find clever software vulnerabilities Unexpected in nature

7 Danger (cont.) Zero-Day attacks are the most dangerous type of exploit By definition, developers do not yet know of the vulnerabilities that zero-day attacks exploit – This is primarily why zero-day attacks are so treacherous The vulnerabilities must be fixed, but this takes time

8 Window of Exposure Period of time when vulnerabilities remain dangerous The window of exposure for vulnerabilities is between the time when the vulnerability is discovered (by the criminal underground or ethical hackers) and a patch is released and deployed onto systems. An empirical study shows that the average window of exposure for a zero-day attack is ten months!

9 Window of Exposure

10 Notable Zero-Day Attacks Stuxnet Duqu Flame Downadup Fujacks Ramnit

11 Stuxnet Most extensive zero-day exploit Takes advantage of four different zero day vulnerabilities in software – Very unusual Zero-day attacks are valuable to the criminal underground – Also adding to the peculiarity, it was written in multiple languages, including C and C++ Perfect example of a complicated exploit – Can be transferred via USB or similar

12 This graphic details the widespread problems associated with a zero- day exploit

13 Preventative Measures Secure Coding – Difficult to administer but really the only “sure” way Patching – Must be done for measures against host computers – Consistency is key

14 Secure Coding Also known as defensive programming, it is an important goal to constantly work towards Secure coding is the practice of software engineering and making sure no vulnerabilities or glitches exist in the software Writing code can be very difficult, and making sure no loopholes exist in code can be even more difficult to realize – Secure code doesn’t happen by itself

15 Secure Coding (cont.) To ensure that secure coding practices are followed, software engineering standards need to be in place – developers are actively working towards secure and glitch-free code – Standardized methods must be generalized, therefore because they are followed it does not ‘guarantee’ security of code, only helps

16 Patching! A patch is a piece of software designed to fix problems with, or update a computer program or its supporting data Acquires the latest patch by the vendor so that your computer isn’t vulnerable to malicious hackers that now know of the vulnerability Application developers write patches for vulnerabilities once they are found

17 Patching! (cont.) Automatic Patching – Highly Recommended! As shown in the window of exposure model, once a patch is created by the developer, there is still time for a hacker to reverse engineer a patch to find the vulnerability and attack those who have not yet installed the patch

18 Conclusion Zero-day exploits, although very dangerous, are only a fraction of the attacks placed on hosts and networks. Vigilance and persistence is necessary in a computer security environment – Bad guys are always working towards the next vulnerability – The only way to defend against new attacks

19 References Bilge, Leyla, and Tudor Demitras. "Before We Knew It." (2012): n. pag. Web. Mills, Ellinor. "Details of the First-ever Control System Malware." Cnet. N.p., 21 July 2010. Web. Symantec. "Notable Zero Day Attacks." N.p., n.d. Web. 2013. Go Team, VMWare. "The Importance of Patching Third-party Applications." Vmware.com. N.p., 1 Aug. 2012. Web. 2013.

Download ppt "Zero Day Attacks Jason Kephart. Purpose The purpose of this presentation is to describe Zero-Day attacks, stress the danger they pose for computer security."

Similar presentations

An investigation into the security features of Oracle 10g R2 Enterprise Edition Supervisor: Mr J Ebden.

An investigation into the security features of Oracle 10g R2 Enterprise Edition Supervisor: Mr J Ebden.
By Hiranmayi Pai Neeraj Jain

By Hiranmayi Pai Neeraj Jain
7 Effective Habits when using the Internet Philip O’Kane 1.

7 Effective Habits when using the Internet Philip O’Kane 1.
Honeypot 서울과학기술대학교 Jeilyn Molina 121336101. Honeypot is the software or set of computers that are intended to attract attackers, pretending to be weak.

Honeypot 서울과학기술대학교 Jeilyn Molina Honeypot is the software or set of computers that are intended to attract attackers, pretending to be weak.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)

INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)
Software Security Threats Threats have been an issue since computers began to be used widely by the general public.

Software Security Threats Threats have been an issue since computers began to be used widely by the general public.
Patching MIT SUS Services IS&T Network Infrastructure Services Team.

Patching MIT SUS Services IS&T Network Infrastructure Services Team.
Installing software on personal computer

Installing software on personal computer
Project By Ben Woodard ISC 110 Professor: Dr. Elaine Wenderholm.

Project By Ben Woodard ISC 110 Professor: Dr. Elaine Wenderholm.
Norman Endpoint Protection Advanced security made easy.

Norman Endpoint Protection Advanced security made easy.
IT:Network:Microsoft Applications

IT:Network:Microsoft Applications
 Discovered in June/July 2010  Targeted Siemens software and equipment running Microsoft Windows  First malware for SCADA systems to spy and subvert.

 Discovered in June/July 2010  Targeted Siemens software and equipment running Microsoft Windows  First malware for SCADA systems to spy and subvert.
Desktop Security: Worms and Viruses Brian Arkills, C&C NDC-Sysmgt.

Desktop Security: Worms and Viruses Brian Arkills, C&C NDC-Sysmgt.
Vulnerabilities. flaws in systems that allow them to be exploited provide means for attackers to compromise hosts, servers and networks.

Vulnerabilities. flaws in systems that allow them to be exploited provide means for attackers to compromise hosts, servers and networks.
MSIT 458 – The Chinchillas. Offense Overview Botnet taxonomies need to be updated constantly in order to remain “complete” and are only as good as their.

MSIT 458 – The Chinchillas. Offense Overview Botnet taxonomies need to be updated constantly in order to remain “complete” and are only as good as their.
Speaker : YUN–KUAN,CHANG Date : 2009/10/13 Working the botnet: how dynamic DNS is revitalising the zombie army.

Speaker : YUN–KUAN,CHANG Date : 2009/10/13 Working the botnet: how dynamic DNS is revitalising the zombie army.
Unit 2 - Hardware Computer Security.

Unit 2 - Hardware Computer Security.
National Energy Research Scientific Computing Center (NERSC) Computer Security – The New Threats Stephen Lau NERSC Center Division, LBNL June 24, 2004.

National Energy Research Scientific Computing Center (NERSC) Computer Security – The New Threats Stephen Lau NERSC Center Division, LBNL June 24, 2004.
Firewalls Paper By: Vandana Bhardwaj. What this paper covers? Why you need a firewall? What is firewall? How does a network firewall interact with OSI.

Firewalls Paper By: Vandana Bhardwaj. What this paper covers? Why you need a firewall? What is firewall? How does a network firewall interact with OSI.

Similar presentations

Ads by Google