Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Copyright © 2014 M. E. Kabay. All rights reserved. Taxonomy of Computer Security Breaches CSH6 Chapter 8 “Using a Common Language for Computer Security.

Published byMarjorie Johnston Modified over 8 years ago

Similar presentations

Presentation on theme: "1 Copyright © 2014 M. E. Kabay. All rights reserved. Taxonomy of Computer Security Breaches CSH6 Chapter 8 “Using a Common Language for Computer Security."— Presentation transcript:

1 1 Copyright © 2014 M. E. Kabay. All rights reserved. Taxonomy of Computer Security Breaches CSH6 Chapter 8 “Using a Common Language for Computer Security Incident Information” John D. Howard

2 2 Copyright © 2014 M. E. Kabay. All rights reserved. Topics  What is a Common Descriptive Language?  What is a Taxonomy?  Why a Language/Taxonomy for Computer Crime?  The Model as a Whole  Actions  Targets  Events  Vulnerability  Tool  Unauthorized Result  Objectives  Attackers CSH6 Chapter 8: “Using a Common Language for Computer Security Incident Information”

3 3 Copyright © 2014 M. E. Kabay. All rights reserved. What is a Common Descriptive Language?  Set of terms that experts agree on in a field  Clear definitions to the extent possible  Precise  Unambiguous  Easy to determine in the field  A common language does not necessarily imply a causal or structural model  Provides means of communication among experts  Supports analysis

4 4 Copyright © 2014 M. E. Kabay. All rights reserved. What is a Taxonomy?  Structure relating terms in the common language  Permits classification of phenomena  Expresses (a) model(s) of the underlying phenomena  Supports hypothesis-building  Supports collection and analysis of statistical information

5 5 Copyright © 2014 M. E. Kabay. All rights reserved. Why a Language/Taxonomy for Computer Crime?  Field of information assurance growing  More people  Less common experience  Growing variability in meaning of terms  What’s wrong with ambiguous terminology?  Can cause confusion – talking at cross-purposes  Can mislead investigators and others  Wastes time in clarification time after time  Interferes with data-gathering  Makes comparisons and tests difficult or impossible

6 6 Copyright © 2014 M. E. Kabay. All rights reserved. The Model as a Whole

7 7 Copyright © 2014 M. E. Kabay. All rights reserved. Actions  Probe / scan  Flood  Authenticate / Bypass / Spoof  Read / Copy / Steal  Modify / Delete

8 8 Copyright © 2014 M. E. Kabay. All rights reserved. Targets Analyze the following real cases and identify the target(s) in the events:  A criminal inserts a Trojan Horse into a production system; it logs keystrokes  A criminal hacker defaces a Web page  An attacker launches millions of spurious packets addressed to a particular e-commerce server  The Morris Worm of November 1988 takes down 9,000 computers on the Internet

9 9 Copyright © 2014 M. E. Kabay. All rights reserved. Events  An event consists of an action taken against a target  Analyze the following events in these terms:  An 8-year-old kid examines all the ports on a Web server to see if any are unprotected  A dishonest employee makes copies on a Zip disk of secret formulas for a new product  A saboteur cuts the cables linking a company network to the Internet

10 10 Copyright © 2014 M. E. Kabay. All rights reserved. Vulnerability  Vulnerability = a weakness  Distinguish among vulnerabilities due to  Design  Implementation  Configuration

11 11 Copyright © 2014 M. E. Kabay. All rights reserved. Common Vulnerabilities and Exposures Dictionary

12 12 Copyright © 2014 M. E. Kabay. All rights reserved. Tool  Means of exploiting a vulnerability  Widely available on Internet  Exchanged at hacker meetings  2600  L0pht (defunct)  Discussed and demonstrated at black-hat and gray-hat conferences  DEFCON – Las Vegas  HACTIC – Netherlands  Many exploits usable by script kiddies and other poorly-trained hackers

13 13 Copyright © 2014 M. E. Kabay. All rights reserved. Unauthorized Result Analyze the results of the following attacks:  Someone installs a Remote Access Trojan called BO2K on a target system  An e-mail-enabled worm (e.g., KLEZ) sends a copy of a confidential document to 592 strangers  The Stacheldraht DDoS tool completely interdicts access to an e- commerce site  A secret program installed by an employee uses all the “excess” CPU cycles in a corporate network for prime-number calculations

14 14 Copyright © 2014 M. E. Kabay. All rights reserved. Objectives  Characteristics of the human beings involved in the attack  Different objectives and define different labels  Criminal hacking  Industrial espionage  Industrial sabotage  Information warfare

15 15 Copyright © 2014 M. E. Kabay. All rights reserved. Attackers  Wide range of attributes  Subject of later chapter (6) Skill Ideology Gain

16 16 Copyright © 2014 M. E. Kabay. All rights reserved. The Model as a Whole (again)

17 17 Copyright © 2014 M. E. Kabay. All rights reserved. Now go and study

Download ppt "1 Copyright © 2014 M. E. Kabay. All rights reserved. Taxonomy of Computer Security Breaches CSH6 Chapter 8 “Using a Common Language for Computer Security."

Similar presentations

Chapter 1 - 1 ADCS CS262/0898/V1 Chapter 1 An Introduction To Computer Security TOPICS Introduction Threats to Computer Systems –Threats, Vulnerabilities.

Chapter ADCS CS262/0898/V1 Chapter 1 An Introduction To Computer Security TOPICS Introduction Threats to Computer Systems –Threats, Vulnerabilities.
1-1/29 Copyright © 2006 M. E. Kabay. All rights reserved. 08:15-09:00 INFORMATION WARFARE Part 1: Fundamentals Advanced Course in Engineering 2006 Cyber.

1-1/29 Copyright © 2006 M. E. Kabay. All rights reserved. 08:15-09:00 INFORMATION WARFARE Part 1: Fundamentals Advanced Course in Engineering 2006 Cyber.
Incident Response Managing Security at Microsoft Published: April 2004.

Incident Response Managing Security at Microsoft Published: April 2004.
Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
Hackers, Crackers, and Network Intruders: Heroes, villains, or delinquents? Tim McLaren Thursday, September 28, 2000 McMaster University.

Hackers, Crackers, and Network Intruders: Heroes, villains, or delinquents? Tim McLaren Thursday, September 28, 2000 McMaster University.
Computer Threats I can understand computer threats and how to protect myself from these threats.

Computer Threats I can understand computer threats and how to protect myself from these threats.
A Common Language for Computer Security Incidents John D. Howard, Thomas A. Longstaff Presented by: Jason Milletary 9 November 2000.

A Common Language for Computer Security Incidents John D. Howard, Thomas A. Longstaff Presented by: Jason Milletary 9 November 2000.
1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?

1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?
McGraw-Hill/Irwin Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. Extended Learning Module H Computer Crime and Digital Forensics.

McGraw-Hill/Irwin Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. Extended Learning Module H Computer Crime and Digital Forensics.
Taxonomy of Computer Security Incidents Yashodhan Fadnavis.

Taxonomy of Computer Security Incidents Yashodhan Fadnavis.
Mod H-1 Examples of Computer Crimes. Mod H-2 Stuxnet.

Mod H-1 Examples of Computer Crimes. Mod H-2 Stuxnet.
What is hacking? Taeho Oh

What is hacking? Taeho Oh
Hacker, Cracker?! Are they the same? No!!! Hacker programmers intensely interested in the arcane and recondite workings of any computer operating system.

Hacker, Cracker?! Are they the same? No!!! Hacker programmers intensely interested in the arcane and recondite workings of any computer operating system.
7.1 Copyright © 2011 Pearson Education, Inc. 7 Chapter Securing Information Systems.

7.1 Copyright © 2011 Pearson Education, Inc. 7 Chapter Securing Information Systems.
INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)

INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)
The Ecommerce Security Environment For most law-abiding citizens, the internet holds the promise of a global marketplace, providing access to people and.

The Ecommerce Security Environment For most law-abiding citizens, the internet holds the promise of a global marketplace, providing access to people and.
Hands-On Ethical Hacking and Network Defense

Hands-On Ethical Hacking and Network Defense
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
Copyright © 2002 Pearson Education, Inc. Slide 5-1 PERTEMUAN 8.

Copyright © 2002 Pearson Education, Inc. Slide 5-1 PERTEMUAN 8.
Lecture 11 Reliability and Security in IT infrastructure.

Lecture 11 Reliability and Security in IT infrastructure.

Similar presentations

Ads by Google