Presentation is loading. Please wait.

Presentation is loading. Please wait.

 Data Storage  Steganography  Phishing.  How are files stored?  Each file is assigned one or more sectors in the disk.  If the file is small enough,

Published byEliana Gillman Modified over 9 years ago

Similar presentations

Presentation on theme: " Data Storage  Steganography  Phishing.  How are files stored?  Each file is assigned one or more sectors in the disk.  If the file is small enough,"— Presentation transcript:

1  Data Storage  Steganography  Phishing

2

3  How are files stored?  Each file is assigned one or more sectors in the disk.  If the file is small enough, not all the sector will be used.  The unused space is called a Slack space  We can save information there using a special editor.

4  How do you know that the data you stored hasn’t been modified?  Hash functions  What is a hash function?  Is a function with an special algorithm that finds a value given a file.  Each file has a unique hash value.  Even small changes in a file can generate totally different hash values.

5  First get the hash values: Hash value original file Hash value modified file

6  Now let’s open the modified file:

7 Entire phrase:

8  Try to make other changes (possibly random) to the file and save the file with another name, but retaining the extension.  Can you execute the new file? Explain why or why not?  Close all windows. 

9

10

11  Each byte represents a shade red, blue or green.  Random changes to the least priority bit generally produce only slight changes of shade Resulting Shade

12  Go to desktop/Exercises/3.0 Steganography/  Double-click on the “Jphswin.exe”  Hide data into “jpeg” file.  Click on Open Jpeg on the menu bar and open the file “KaalBhairava.jpg” in “data” sub-folder.  Create a text file “input.txt” with some text in the “data” folder.  Click on Hide on the menu bar and give a password of your choice as prompted. Then, as prompted, point to the file “input.txt” that you intend to hide.  Lastly, use save jpge as to save the image as “hidden.jpg” in the “data” sub-folder. The message text in “input.txt” has been hidden in the jpeg image file “hidden.jpg”.

13  Close all open files and the JPHS application.  Retrieve the hidden message from the “jpeg” file.  Open the file “hidden.jpg” using the Steganography tool “Jphswin.exe”.  Click on Seek on the menu bar. Then, as prompted, save the file as hidden “output.txt” into the “data” folder.

14  Hide messages in such a way that no one, apart from the sender and intended recipient, suspects the existence of the message, a form of  Security through obscurity  What other types of files can be used?  Documents, images, audio files… Hide relatively small amount of data in other data files that are significantly larger  What is it useful for?  Send secret messages  Watermarking products for proprietary issues

15  PRESIDENT'S EMBARGO RULING SHOULD HAVE IMMEDIATE NOTICE. GRAVE SITUATION AFFECTING INTERNATIONAL LAW. STATEMENT FORESHADOWS RUIN OF MANY NEUTRALS. YELLOW JOURNALS UNIFYING NATIONAL EXCITEMENT IMMENSELY.  Can you find the hidden message?  PERSHING SAILS FROM NY JUNE I.

16 INFSCI 2935: Introduction to Computer Security16 Example of Steganography (Text – page 48) Dear George, Greetings to all at Oxford. Many thanks for your letter and for the summer examination package. All entry forms and fees forms should be ready for final dispatch to the syndicate by Friday 20 th or at the latest I am told by the 21 st. Admin has improved here though there is room for improvement still; just give us all two or three more years and we will really show you! Please don’t let these wretched 16+ proposals destroy your basic O and A pattern. Certainly this sort of change, if implemented immediately, would bring chaos. Sincerely yours, your your package package ready ready Friday Friday 21 st. 21 st. room room three three Please Please destroy destroy this thisimmediately

17

18  Please go to:  http://wombatsecurity.com/antiphishing_phil/index.html

19  “Phishing e-mail messages are designed to steal your identity. They ask for personal data, or direct you to Web sites or phone numbers to call where they ask you to provide personal data” [1].  Steps:  Gain your trust  Ask for personal information

20  Logos that look real  They may use information learnt in social networks  They may seem to come from someone you trust

21 In Firefox if you step over the address, you’ll see the real URL. Like here:

22  If the web page is trusted by your browser, you’ll see something like this:  Firefox:  In Internet Explorer:  Are these two fine? ▪ https://www.bankofamerica.com/index.jsp ▪ https://www.bank○famerica.com/index.jsp

23

24

25

26

27  What are browsing cookies?  HTTP is stateless ▪ Each HTTP request and response are treated in isolation ▪ Hard for web servers to determine their state with the client they are serving  Cookies are used to maintain state information ▪ Authentication ▪ Session tracking ▪ Storing site preferences ▪ Shopping cart contents ▪ Identifier for a server-based session

28 Now you can see what the owner was looking at: TYPEURLMODIFIED TIMEACCESS TIMEFILENAMEDIRECTORYHTTP HEADERS

29

30  Cookies can be used as spyware  Track internet users' web browsing habits  Web pages visited  Order Time

31  A small graphic on a web page that allows sites to track user activities  How they work?  Typically 1 pixel X 1 Pixel images that cannot be seen  The image is loaded by a page from Site X  The image itself comes from Site Y  Site X and Site Y now have exchanged information about the user’s web activities  E.g. : “Alice has visited msnbc.com and has gone to the sports page” ---> SupplyAds.com ----> Ad for NBA gear  Use tools like Bugnosis for IE to detect web bugs

32 ERASING COOKIES PRIVATE BROWSING

33 Thank you

34 1. http://www.microsoft.com/protect/fraud/phi shing/symptoms.aspx http://www.microsoft.com/protect/fraud/phi shing/symptoms.aspx Some of the examples were taken from: 1. http://antivirus.about.com/od/emailscams/s s/phishing.htm http://antivirus.about.com/od/emailscams/s s/phishing.htm 2. http://www.utsa.edu/oit/images/MSC/phishi ng_example3.gif http://www.utsa.edu/oit/images/MSC/phishi ng_example3.gif

35  http://www.sis.pitt.edu/~cybercard/lab/lab_p age.htm http://www.sis.pitt.edu/~cybercard/lab/lab_p age.htm

Download ppt " Data Storage  Steganography  Phishing.  How are files stored?  Each file is assigned one or more sectors in the disk.  If the file is small enough,"

Similar presentations

The Internet.

The Internet.
Introduction to Web Design Lecture number:. Todays Aim: Introduction to Web-designing and how its done. Modelling websites in HTML.

Introduction to Web Design Lecture number:. Todays Aim: Introduction to Web-designing and how its done. Modelling websites in HTML.
1. XP 2 * The Web is a collection of files that reside on computers, called Web servers. * Web servers are connected to each other through the Internet.

1. XP 2 * The Web is a collection of files that reside on computers, called Web servers. * Web servers are connected to each other through the Internet.
Web Programming 1 Darby Chang Web Programming. Cookie 2 Web Programming.

Web Programming 1 Darby Chang Web Programming. Cookie 2 Web Programming.
WEBNP Telecom Invoice Retrieval TEX-AN Customer User Guide.

WEBNP Telecom Invoice Retrieval TEX-AN Customer User Guide.
Grade 6 Hopewell Elementary 2011. You will read each slide, then try to think of the answer. When you think you know the answer, click ONCE on the mouse.

Grade 6 Hopewell Elementary You will read each slide, then try to think of the answer. When you think you know the answer, click ONCE on the mouse.
XP New Perspectives on Browser and E-mail Basics Tutorial 1 1 Browser and E-mail Basics Tutorial 1.

XP New Perspectives on Browser and Basics Tutorial 1 1 Browser and Basics Tutorial 1.
Services Course Windows Live SkyDrive Participant Guide.

Services Course Windows Live SkyDrive Participant Guide.
Sterling Heights Public Library Agenda n We’ll learn how to “clean up” the computers n We’ll review how SLC’s mail system works n We’ll review SpamLion.

Sterling Heights Public Library Agenda n We’ll learn how to “clean up” the computers n We’ll review how SLC’s mail system works n We’ll review SpamLion.
 2008 Pearson Education, Inc. All rights reserved. 1 2 2 Web Browser Basics: Internet Explorer and Firefox.

 2008 Pearson Education, Inc. All rights reserved Web Browser Basics: Internet Explorer and Firefox.
Chapter 16 The World Wide Web.

Chapter 16 The World Wide Web.
Lecture 6/2/12. Forms and PHP The PHP $_GET and $_POST variables are used to retrieve information from forms, like user input When dealing with HTML forms.

Lecture 6/2/12. Forms and PHP The PHP $_GET and $_POST variables are used to retrieve information from forms, like user input When dealing with HTML forms.
Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.

Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
CPSC 203 Introduction to Computers Tutorial 59 & 64 By Jie (Jeff) Gao.

CPSC 203 Introduction to Computers Tutorial 59 & 64 By Jie (Jeff) Gao.
6/10/2015Cookies1 What are Cookies? 6/10/2015Cookies2 How did they do that?

6/10/2015Cookies1 What are Cookies? 6/10/2015Cookies2 How did they do that?
XP Browser and E-mail Basics1. XP Browser and E-mail Basics2 Learn about Web browser software and Web pages The Web is a collection of files that reside.

XP Browser and Basics1. XP Browser and Basics2 Learn about Web browser software and Web pages The Web is a collection of files that reside.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 3 Internet Security.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 3 Internet Security.
Steganography Rayan Ghamri.

Steganography Rayan Ghamri.
ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.

ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.
1 The World Wide Web. 2  Web Fundamentals  Pages are defined by the Hypertext Markup Language (HTML) and contain text, graphics, audio, video and software.

1 The World Wide Web. 2  Web Fundamentals  Pages are defined by the Hypertext Markup Language (HTML) and contain text, graphics, audio, video and software.

Similar presentations

Ads by Google