Presentation is loading. Please wait.

Presentation is loading. Please wait.

Group 1: Jake Desmond Kaidi Chen Andrew Grant

Published byLee Johns Modified over 5 years ago

Similar presentations

Presentation on theme: "Group 1: Jake Desmond Kaidi Chen Andrew Grant"— Presentation transcript:

1 Group 1: Jake Desmond Kaidi Chen Andrew Grant
Network Security Group 1: Jake Desmond Kaidi Chen Andrew Grant

2 ARP Poisoning

3 What is ARP ? ARP( Address Resolution Protocol): is a protocol used by the Internet Protocol, to map IP network addresses to the hardware addresses used by a data link protocol. How does ARP work?

4 ARP Poisoning ARP Poisoning:. LAN specific cyber attack
This attack is a MAC layer attack that can only be carried out when an attacker is connected to the same local network as the target machines

5 ARP Poisoning (Continued)
Routers serve as borders for both collision and broadcast domains Tips to prevent ARP poisoning : Use Static ARP Use ARP-Spoofing Proof Switches Use Virtual Private Networks Also known as ARP Spoofing

6 DSN Spoofing

7 What is DNS? DNS (Domain Name Server):is a protocol within the set of standards for how computers exchange data on the Internet and on many private networks, known as the TCP/IP protocol suite. " into an Internet Protocol (IP) address like

8 DNS Spoofing DNS Spoofing
A type of attack that exploits vulnerabilities in the domain name system (DNS) to divert Internet traffic away from legitimate servers and towards fake ones. One of the reasons DNS poisoning is so dangerous is because it can spread from DNS server to DNS server

9 Types of DNS Spoofing Spoofing the DNS responses : Every DNS request have an associated 16 bit query ID, if the attacker could guess the way DNS generate its query ID he (the attacker) can send fake responses with a lie about the ip address of the queried host. DNS cache poisoning : sending a dns server incorrect mapping information with high TTL value to save the faulty record in the DNS cache for a longer period of time , so that next time the server is queried it will reply with the incorrect information. Breaking into the platform: the attacker could break into the platform running DNS using attacks like Buffer overflows or any other attacks to gain root access the attacker will have full control over the network.

10 SQL Injection

11 What is SQL Injection? SQL injection is a code injection technique. It uses SQL statements instead of normal user inputs for some malicious executions on web application.  The commonly approach is by Web request and forms submission.

12 A simple example... ID User Password Info. 1 Jake 123 Abc 2 Kaidi Def 3 Andrew Ghi uName = getRequestString(“user"); uPass = getRequestString(“pas"); sql = “SELECT * FROM Users WHERE User =““ + uName + “” AND Passwor =“ + uPass database.execute(sql) SELECT * FROM Users WHERE User =“Jake” AND Password = 123 SELECT * FROM Users WHERE User =“Kaidi” AND Password = 123; DROP TABLE Users

13 Types of SQL injection In-band SQL injection
The most common and easy-to-exploit attacks. In this, an attacker is able to use the same communication channel to both launch the attack and gather results. 1. Error-based SQLi It relies on error messages thrown by the database server to obtain information about the structure of the database. 2. Union-based SQLi It uses the UNION SQL operator to combine the results of two or more SELECT statements into a single result which is then returned as part of the HTTP response.

14 Types of SQL injection Inferential SQL injection (Blind SQL injection)
No data will be transferred via the web application. An attacker needs to reconstruct the database structure by sending payloads, observing the response and the resulting behavior. 1. Boolean-based (content-based) Blind SQLi It relies on sending an SQL query to the database which forces the application to return a different result depending on whether the query returns a TRUE or FALSE. 2. Time-based Blind SQLi It relies on sending an SQL query to the database which forces the database to wait for a specified amount of time (in seconds) before responding. The response time will indicate to the attacker whether the result of the query is TRUE or FALSE.

15 Types of SQL injection Out-of-band SQLi
This is not very common, mostly because it depends on some abilities of the database server which are used for Web application. For example, Microsoft SQL Server “xp_dirtree” command, which can be used to make DNS requests to a server by an attacker.

16 How to prevent SQL injection?
Encode values in forms submission and web request. Hide Check the type and format of inputs on Server side. Filter special symbol. Validate bind variables as parameters in functions instead of operating SQL strings. PreparedStatement Avoid from code

17 How to prevent SQL injection?
Limit functions in user accessing. privileges Encrypt sensitive data Encrypt Do not store sensitive data if don’t need it Store Avoid from design

18 Cross-Site Request Forgery

19 What I will cover about Cross-Site Request Forgery
What is CSRF? Requirements for a successful CSRF Attack How to Program Your Own CSRF Attack Limitations of CSRF Attacks Security Protocols for Defence against CSRF

20 What is Cross-Site Request Forgery?
A type of network attack that targets end user accounts of web applications Must be authenticated at some level Example: Online bank account Relies on a vulnerability in the targeted web application Attacker can perform security-sensitive actions as if they were the user Security-Sensitive Actions: Edit Document Logout Change User Name Transfer Funds

21 Requirements for a Successful CSRF Attack
Part 1: Creation of malicious website Creation of malicious website Must be publicly accessible Code capable of submitting requests is added User of targeted web application visits malicious site User must be logged in to the web application The code contained on the malicious website will automatically submit a request for the user

22 Requirements for a Successful CSRF Attack
Part 2: Social Engineering In general, this refers to the use of psychological manipulation of a victim by an assailant. Good example is the bail money phone scam In the case of Cross-Site Request Forgery: Assailant must deceive a user who is logged in to the target website to access their malicious web application Done through hyperlinks shared in or internet forums

23 Visual Representation of CSRF

24 Programming Your Very Own CSRF Attack
Code for a website that contains a link to a CSRF attack:

25 *This is a fully functional CSRF attack
*But there are a few problems with it: Not very deceitful Placement of the link Obscure website

26 Limitations of CSRF (Excluding Security Protocols)
Incapable of data theft Can only carry out state-changing requests like transferring funds Cannot retrieve a user’s username and password Functionality of attack is limited by targeted user’s security clearance Cannot generate requests that the target website’s security has not granted the target user Ramifications of attack can vary greatly depending on who the user is (Example of admin vs restricted bank users)

27 Security Protocols for Defence against CSRF
CSRF attacks are easy to defend against if web designer’s are conscious of them “Origin” and “Referer” headers within the HTTP protocol packet can be used to neutralize CSRF attacks These two headers are Forbidden Headers Can compare dst of server’s message to origin

28 If CSRV is so easy to defend against, why is it relevant?
CSRV is one of the lesser-known internet attacks Many web programmers are not aware of them Even less end users are aware of them If web programmer is not aware, they will not defend Why is his face covered?

29 References Fleck, Bob, and Jordan Dimov. "Wireless access points and arp poisoning." Online document (2001).

Download ppt "Group 1: Jake Desmond Kaidi Chen Andrew Grant"

Similar presentations

ARP Cache Poisoning How the outdated Address Resolution Protocol can be easily abused to carry out a Man In The Middle attack across an entire network.

ARP Cache Poisoning How the outdated Address Resolution Protocol can be easily abused to carry out a Man In The Middle attack across an entire network.
WebGoat & WebScarab “What is computer security for $1000 Alex?”

WebGoat & WebScarab “What is computer security for $1000 Alex?”
Hacking Presented By :KUMAR ANAND SINGH 04-243,ETC/2008.

Hacking Presented By :KUMAR ANAND SINGH ,ETC/2008.
NAVY Research Group Department of Computer Science Faculty of Electrical Engineering and Computer Science VŠB-TUO 17. listopadu 15 708 33 Ostrava-Poruba.

NAVY Research Group Department of Computer Science Faculty of Electrical Engineering and Computer Science VŠB-TUO 17. listopadu Ostrava-Poruba.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.
CSCI 4550/8556 Computer Networks Comer, Chapter 19: Binding Protocol Addresses (ARP)

CSCI 4550/8556 Computer Networks Comer, Chapter 19: Binding Protocol Addresses (ARP)
Domain Name System Security Extensions (DNSSEC) Hackers 2.

Domain Name System Security Extensions (DNSSEC) Hackers 2.
COEN 252: Computer Forensics Router Investigation.

COEN 252: Computer Forensics Router Investigation.
1 Chapter 6 Network Security Threats. 2 Objectives In this chapter, you will: Learn how to defend against packet sniffers Understand the TCP, UDP, and.

1 Chapter 6 Network Security Threats. 2 Objectives In this chapter, you will: Learn how to defend against packet sniffers Understand the TCP, UDP, and.
+ Websites Vulnerabilities. + Content Expand of The Internet Use of the Internet Examples Importance of the Internet How to find Security Vulnerabilities.

+ Websites Vulnerabilities. + Content Expand of The Internet Use of the Internet Examples Importance of the Internet How to find Security Vulnerabilities.
CSCI 6962: Server-side Design and Programming Secure Web Programming.

CSCI 6962: Server-side Design and Programming Secure Web Programming.
© All rights reserved. Zend Technologies, Inc. PHP Security Kevin Schroeder Zend Technologies.

© All rights reserved. Zend Technologies, Inc. PHP Security Kevin Schroeder Zend Technologies.
Lecture slides prepared for “Computer Security: Principles and Practice”, 3/e, by William Stallings and Lawrie Brown, Chapter 5 “Database and Cloud Security”.

Lecture slides prepared for “Computer Security: Principles and Practice”, 3/e, by William Stallings and Lawrie Brown, Chapter 5 “Database and Cloud Security”.
Software Security Testing Vinay Srinivasan cell: +91 9823104620.

Software Security Testing Vinay Srinivasan cell:
OSI and TCP/IP Models And Some Vulnerabilities AfNOG 12 30 th May 2011 – 10 th June 2011 Tanzania By Marcus K. G. Adomey.

OSI and TCP/IP Models And Some Vulnerabilities AfNOG th May 2011 – 10 th June 2011 Tanzania By Marcus K. G. Adomey.
CHAPTER 11 Spoofing Attack. INTRODUCTION Definition Spoofing is the act of using one machine in the network communication to impersonate another. The.

CHAPTER 11 Spoofing Attack. INTRODUCTION Definition Spoofing is the act of using one machine in the network communication to impersonate another. The.
Security+ Guide to Network Security Fundamentals, Fourth Edition

Security+ Guide to Network Security Fundamentals, Fourth Edition
Web Application Security ECE 4112. ECE 4112 - Internetwork Security What is a Web Application? An application generally comprised of a collection of scripts.

Web Application Security ECE ECE Internetwork Security What is a Web Application? An application generally comprised of a collection of scripts.
Security Scanners Mark Shtern. Popular attack targets Web – Web platform – Web application Windows OS Mac OS Linux OS Smartphone.

Security Scanners Mark Shtern. Popular attack targets Web – Web platform – Web application Windows OS Mac OS Linux OS Smartphone.

Similar presentations

Ads by Google