Presentation is loading. Please wait.

Presentation is loading. Please wait.

Attack Examples : DOS, Social Engineering

Published byErlin Makmur Modified over 5 years ago

Similar presentations

Presentation on theme: "Attack Examples : DOS, Social Engineering"— Presentation transcript:

1 Attack Examples : DOS, Social Engineering
Host Vulnerability and Exploits, Common Attacks on Hosts 9/21/2018

2 Why Care About Hosts? Most Attacks/Intrusions Have Targeted Hosts Why?
Break-in, penetration Root privilege compromise Steal, delete, modify and fabricate information in server Why? Hosts are more interesting It has (almost) all the sensitive and useful information Medical record Payroll information Classified information Hosts have all the executables It has potentially more vulnerabilities It is easier for the intruders to exploit with many executables 9/21/2018

3 Common Attack on Hosts Gain Unauthorized Access to Host
User level Could impersonate that user, change, delete or forge information Root level Could do everything to the host – worst possible scenario Denial of Service Provided by the Host Denial of use of a host completely Disable the mail server Denial of use of an application Disable the online stock trading Denial of use of data Make the financial record inaccessible to users What Else? 9/21/2018

4 DoS: Web Server Attacks
Many DoS Attacks Are Against Web Servers Attacker sends enormous amount of bogus requests to the web server i.e. Syn-flood attack Attacker sends a request consisting of thousands of ‘/’s. Some servers go belly up at this How to Detect? How To Handle This Kind of DoS? Shutdown the web server? 9/21/2018

5 DoS: Mailbomb Exploits The Open-Door Nature of Email System
Mail server is supposed to receive s Attacker sends thousands of huge junk s Fill up disks, overflow the quotas Deny access to s Cause legitimate s lost Usually done by some automated tools Mailbomb Is Different From Spam There is no particular desire to have the read, responded, or even necessarily received The goal is to jam the server and make is unusable How To Detect This? How To Handle This? 9/21/2018

6 DoS: Resource Hogging Resource Hogs Detection Is Not Difficult
Programs that uses up the resources of the machine Fill up disks Use all the memory Use all the CPU cycle Could be some executable downloaded Code Wars was a game Let opponents write programs that would use up all the resources, until the opponent’s code was unable to run Detection Is Not Difficult Except for memory leak How To Handle This? 9/21/2018

7 Unauthorized Access to Host
Widely Considered A much more serious threat than DoS All the sensitive information Impersonation More difficult to detect than DoS Attack could come from inside Attacker could have the legitimate user name and password Steal/crack password Attacker may gain access through backdoor 9/21/2018

8 Ways To Gain Unauthorized Access to Host
Steal Account Looking over one’s shoulder Social engineering/Phishing Sniffing Spyware, key logger Guessing the password Cracking the password What else? 9/21/2018

9 Ways To Gain Unauthorized Access to Host
Abuse The Guest Account Many systems have default guest account that requires no password Anonymous FTP Trojan Horse Exploit Race Conditions Usually used for gaining root privilege from normal user privilege Exploit Buffer Overflow Could gain root access remotely 9/21/2018

10 Social Engineering/Phishing
Tricking People into Giving Access Example “Hello, this Smith, the Vice President of marketing. I need to update my photo in the corporate directory, and I’ve fogot my password” “Hello, I’m a customer support from Citibank, and we are upgrading the security mechanism of our customer account management. Please login into web site to verify the status of your account” How to detect this automatically? 9/21/2018

11 Account Guessing Attacker Can Simply Guess The Password
Knowing something about the user helps Kids/spouse/mother’s maiden name Birthdays Social security numbers Sometimes just need to try a few obvious things to get in How to Detect This? Count the unsuccessful login attempts! What if the attacker is really lucky such that he/she gets the right password in the first try? 9/21/2018

12 Sniffing Wiretap the network Sniffer the wireless There Are Tools
That automatically look for user IDs and password from the sniffered trace How To Prevent? Use encryption Never send password in plaintext How To Detect? 9/21/2018

13 Trojan Horse A Program Could Be Planted From Local
That appears to do one thing but secretly does another Could Be Planted From Local Running a trojan that simulate the login screen of a computer in a public lab The trojan records the first login, and prompts the victim with error message The trojan exits and let the real login program runs Could Be Planted From Remote The attacker send an with an attachment of a really cool screen saver Once the victim is tricked into using it The screen saver opens a backdoor and allows the attacker access to the computer whenever the screen saver is running 9/21/2018

14 Trojan Horse Appears normal/expected
Program with an expected and hidden effect Appears normal/expected hidden effect violates security policy User tricked into executing Trojan horse Expects (and sees) expected behavior Hidden effect performed with user’s authorization 9/21/2018

15 Cracking The Password In Unix Offline Guessing the Password
Password is not stored in plaintext, but in hashed form (user name, Hash(password)) When a user enters the password, system computes Hash(password); a match on the hash would allow user to login Offline Guessing the Password Steal the password file /etc/passwd Some cgi scripts let you do this through a web server Run crack on the password file Try all possible passwords and compare the hashes of them with Hash(password) in the password file 9/21/2018

16 Cracking The Password Case Study
Farmer and Venema performed the following study in 1993 Tried to obtain password files from 656 hosts Succeeded on 24 hosts Tried to crack the passwords Got 5 root passwords 259 passwords in total Access to 19 (out of 24) hosts 9/21/2018

17 Brute Force Password Cracking
Assume the password consists of 6 characters from 80 possible choices Totally 2.62×1011 possible passwords Assume a 1.7GHz computer can check 17,000,000 password per second It would take 15,420 seconds to check every possible password That’s a just a little over 4 hours! 9/21/2018

18 Brute Force Password Cracking
Assume the password consists of 8 characters from 80 possible choices Totally 1.67×1015 possible passwords Assume a 1.7GHz computer can check 17,000,000 password per second It would take 108 seconds to check every possible password That’s about 3 years Assume the computation power doubles every 18 months (Moore’s Law) It would need another 19 years to be able to crack 8 character password in 4 hours 9/21/2018

19 Defense Against Password Cracking
Use Strong Password Longer Not in dictionary Shadow the password Only the root has access to the actual hashes of passwords Watch for Failed Login Attempts Make Sure There Are No Open Accounts Use Encryption for Access from Remote Is Password Cracking Detectable? 9/21/2018

20 Defense Against Password Cracking
Question: With increased number of accounts and passwords, how are you going to organize and remember them? Interesting approaches: Site-Specific Password [HP Lab TR’03] PwdHash [USENIX Security’05] 9/21/2018

21 Site-Specific Password [HP Lab TR’03
142bdc0272ee12e6a pdf “We generate a site-specific password from a user password and an easy to remember name for the web site. These two strings are concatenated and hashed using the MD5 [2] algorithm. MD5 produces a binary output of16 bytes, which we convert to ASCII by Base64 [1] encoding the MD5 result and truncating to 12 characters. Truncating protects the user password without overly compromising the security of the site password.” 9/21/2018

22 PwdHash [USENIX Security’05]
“…. the browser extension applies a cryptographic hash function to a combination of the plaintext pass-word entered by the user, data associated with the web site, and (optionally) a private salt stored on the client machine, theft of the password received at one site will not yield a password that is useful at another site…..” “PwdHash captures all user input to a password field and sends hash(pwd,dom) to the remote site, where dom is derived from the domain name of the remote site. We refer to dom as the salt.” 9/21/2018

Download ppt "Attack Examples : DOS, Social Engineering"

Similar presentations

Computer Threats I can understand computer threats and how to protect myself from these threats.

Computer Threats I can understand computer threats and how to protect myself from these threats.
COEN 350: Network Security Authentication. Between human and machine Between machine and machine.

COEN 350: Network Security Authentication. Between human and machine Between machine and machine.
CS426Fall 2010/Lecture 81 Computer Security CS 426 Lecture 8 User Authentication.

CS426Fall 2010/Lecture 81 Computer Security CS 426 Lecture 8 User Authentication.
Cryptography and Network Security Chapter 20 Intruders

Cryptography and Network Security Chapter 20 Intruders
Hacker, Cracker?! Are they the same? No!!! Hacker programmers intensely interested in the arcane and recondite workings of any computer operating system.

Hacker, Cracker?! Are they the same? No!!! Hacker programmers intensely interested in the arcane and recondite workings of any computer operating system.
Silberschatz, Galvin and Gagne  2002 19.1 Operating System Concepts The Security Problem A system is secure iff its resources are used and accessed as.

Silberschatz, Galvin and Gagne  Operating System Concepts The Security Problem A system is secure iff its resources are used and accessed as.
19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.

19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.
Software Security Threats Threats have been an issue since computers began to be used widely by the general public.

Software Security Threats Threats have been an issue since computers began to be used widely by the general public.
Information Networking Security and Assurance Lab National Chung Cheng University 1 Top Vulnerabilities in Web Applications (I) Unvalidated Input:  Information.

Information Networking Security and Assurance Lab National Chung Cheng University 1 Top Vulnerabilities in Web Applications (I) Unvalidated Input:  Information.
Silberschatz, Galvin and Gagne  2002 19.1 Operating System Concepts Module 19: Security The Security Problem Authentication Program Threats System Threats.

Silberschatz, Galvin and Gagne  Operating System Concepts Module 19: Security The Security Problem Authentication Program Threats System Threats.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Internet Relay Chat Chandrea Dungy Derek Garrett #29.

Internet Relay Chat Chandrea Dungy Derek Garrett #29.
SHASHANK MASHETTY Email security. Introduction Electronic mail most commonly referred to as email or e- mail. Electronic mail is one of the most commonly.

SHASHANK MASHETTY security. Introduction Electronic mail most commonly referred to as or e- mail. Electronic mail is one of the most commonly.
Trojan Horse Implementation and Prevention By Pallavi Dharmadhikari Sirisha Bollineni VijayaLakshmi Jothiram Vasanthi Madala.

Trojan Horse Implementation and Prevention By Pallavi Dharmadhikari Sirisha Bollineni VijayaLakshmi Jothiram Vasanthi Madala.
Internet Safety CSA 105 1.0 September 21, 2010. Internet Threats Malware (viruses) Spyware Spam Hackers Cyber-criminals.

Internet Safety CSA September 21, Internet Threats Malware (viruses) Spyware Spam Hackers Cyber-criminals.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
CSCI 6962: Server-side Design and Programming Secure Web Programming.

CSCI 6962: Server-side Design and Programming Secure Web Programming.
Lecture 10 Intrusion Detection modified from slides of Lawrie Brown.

Lecture 10 Intrusion Detection modified from slides of Lawrie Brown.
Network Security Introduction Some of these slides have been modified from slides of Michael I. Shamos COPYRIGHT © 2003 MICHAEL I. SHAMOS.

Network Security Introduction Some of these slides have been modified from slides of Michael I. Shamos COPYRIGHT © 2003 MICHAEL I. SHAMOS.
CIS 450 – Network Security Chapter 8 – Password Security.

CIS 450 – Network Security Chapter 8 – Password Security.

Similar presentations

Ads by Google