Computer Networks and Security PDF

COMPUTER NETWORKS AND SECURITY Software Vulnerabilities PRELIM Destroyed (deleted) software Module 1 - An Overview of Computer Security Stolen (pirated) software...

COMPUTER NETWORKS AND SECURITY Software Vulnerabilities PRELIM Destroyed (deleted) software Module 1 - An Overview of Computer Security Stolen (pirated) software Altered (but still run) software Status Of Security In Computing (In Early 2000s) - Logic bomb Some computing professionals & managers do - Trojan horse not even recognize the value of the resources - Virus they use or control. - Trapdoor In the event of a computing crime, some - Information leaks companies do not investigate or prosecute. Data Security Has the status changed for the better? The principle of adequate protection Characteristics of Computer Intrusion Storage of encryption keys A Computing System : a collection of Software versus hardware methods hardware, software, data, and people that an Other Exposed Assets organization uses to do computing tasks Storage media Any piece of the computing system can become Networks the target of a computing crime Access The weakest point is the most serious Key people vulnerability. People involved in Computer Crimes The principles of easiest penetration Amateurs Security Breaches (Terminology) Crackers Exposure - a form of possible loss or harm Career criminals Vulnerability - a weakness in the system Methods of Defense Attack Encryption Threats - human attacks, natural disasters, Software controls errors Hardware controls Control - a protective measure Policies Assets - h/w, s/w, data Physical controls Types of Security Breaches Encryption Disclosure - unauthorized access to info At the heart of all security methods - Snooping Confidentiality of data Deception - acceptance of false data Some protocols rely on encryption to ensure - Modification, spoofing, repudiation of availability of resources origin, denial of receipt Encryption does not solve all computer security Disruption - prevention of correct operation problems - Modification, man-in-the-middle attack Software controls Usurpation - unauthorized control of some part Internal program controls of the system. (usurp: take by force or without OS controls right) Development controls - Modification, spoofing, delay, denial of Software controls are usually the 1st aspect of service. computer security that come to mind Security Components Policies and Mechanisms Confidentiality - the assets are accessible only Policy says what is, and is not, allowed by authorized parties - This defines “security” for the - Keeping data and resources hidden site/system/etc. Integrity - the assets are modified only by Mechanisms enforce policies authorized parties, and only in authorized ways Mechanisms can be simple but effective - Data Integrity (Integrity) - Example: frequent changes of - Origin Integrity (Authentication) passwords Availability - Assets are accessible to authorized Composition of policies parties - If policies conflict, discrepancies may - Enabling access to data and resources create security vulnerabilities Computing System Vulnerabilities Legal and ethical controls Hardware vulnerabilities - Gradually evolving and maturing Software vulnerabilities Goals of Security Data vulnerabilities Prevention - prevent attackers from violating Human vulnerabilities security policy Detection - detect attacker’s violation of security policy Recovery - stop attack, assess, and repair damage. Continue to function correctly even if attack succeeds Assurance Intellectual Property Specification - requirements analysis. Statement The ownership of ideas and control over the of desired functionality. tangible or virtual representation of those ideas. Design - how system will meet specification Use of another person’s intellectual property Implementation - programs/systems that carry may or may not involve royalty payments or out design permission, but should always include proper Operational Issues credit - inquirer software piracy in asia exposed. Cost-benefit analysis - is it cheaper to prevent or to recover? Includes Risk Analysis - should we protect something? - Trade secrets How much should we protect this thing? - Copyrights Laws and Customs - are desired security - Trademarks measures illegal? Will people do them? - Patents Human Issues Breaches constitute a threat Organizational Problems - power and Most common breach responsibility. Financial benefits - Software piracy People Problems - outsiders and insiders. Social - ⅓ of all software in use is pirated engineering Deliberate Software Attacks Malicious code Module 2 - The Need for Security Malicious software Threats to information security Malware First business hacked out of existence - Denial-of-service attack Categories of Threat Examples - Cloudnine - british internet service Compromises to Piracy, copyright infringement provider intellectual property Virus Segments of code Software attacks Viruses, worms, macros, DoS Attaches itself to existing program Deviations in quality of ISP, power, WAN service issues Takes control of program access service from service providers Replication Worms Espionage or trespass Unauthorized access and/or data Malicious program collection Replicates constantly Forces of nature Fire, flood, earthquake, lightning Doesn’t require another program Can be initiated with or without the user Acts of human error or Accidents, employee mistakes download failure Other Malware Information extortion Blackmail or information Trojan Horse - hide their true nature. Reveal disclosure the designed behavior only when activated Back door or trap door - allows access to Deliberate acts of theft Illegal confiscation of equipment system at will with special privileges or information Polymorphism - changes its apparent shape Missing, inadequate, or Loss of access to information over time. Makes it undetectable by techniques incomplete systems due to disk drive failure, that look for preconfigured signatures without proper backup and Hoaxes recovery plan Espionage or trespass Intelligence Gathering Missing, inadequate, or Network compromised because - Legal - competitive intelligence incomplete controls no firewall security controls - Illegal - industrial espionage Sabotage or vandalism Destruction of systems or - Thin line information - One technique - shoulder surfing Trespass Theft Illegal confiscation of equipment - Protect with: Authentication, or information Authorization. Technical hardware Equipment failure Hackers failures or errors 2 Levels - Experts - develop software scripts. Technical software Bugs, code problems, unknown Develop program exploits failures or errors loopholed - Novice - Script Kiddie (Use previously Technical obsolescence Antiquated or outdated written software). Packet monkeys (use technologies automated exploits) System Rule Breakers Technical Software Failures or Errors Crackers - individuals who crack or remove Large quantities of code written, published, and software protection designed to prevent sold with bugs unauthorized duplication Bugs undetected and unresolved Phreakers - use public networks to make free Combinations of software can cause issues phone calls Weekly patches Forces of Nature Technology Obsolescence Pose some of most dangerous threats Outdated hardware of software Unexpected and occur with little or no warning Reliability problems Fire Management problem Tornado - Should have plan in place Tsunami Non-support of legacy systems Electrostatic discharge Can be costly to resolve Dust contamination Flood Vector Description Earthquake Lightning IP scan and attack Infected system scans IP addresses Landslide and targets vulnerabilities Mudslide Web Browsing Infects web content files infectious hurricane/typhoon Acts of Human Error or Failure Virus Infect other machines Acts performed without intent or malicious purpose by and authorized user Unprotected Infects any device that is Greatest threat to org info security Shares unprotected - Organization’s own employees Mass Mail Emailing to all address in an address - Closest to the data book Mistakes - Revelation of classified data Simple Network Use common password employed in - Entry of erroneous data Management early versions of the protocol the Protocol (SNMP) attacking program can gain control - Accidental deletion or modification of of device data - Storage of data in unprotected areas - Failure to protect information Methods of Attack Deliberate Acts Password crack Information extortion Brute force - Attacker or trusted insider steals Dictionary information The design of the network infrastructure and - Demands compensation communication protocols are a major contributor - Agree not to disclose information Initial communication Three-Way handshake Sabotage or vandalism Deliberate sabotage of a computer system or business Acts to destroy an asset Damage to an image of an organization Hackterist or cyber activist - Interfere with or disrupt system - Protest the operations, policies, or actions Cyber terrorism Theft Theft Illegal taking of another’s property Social engineering - Physical IP Spoofing - IP address of the source element - Electronic of the data packets are altered and replaced with - Intellectual bogus addresses - constant SYN spoofing - the server is overwhelmed by Problem - crime not always readily apparent spoofed packets Scanning - way of determining which parts are open and can be used Denial of service - smurf sends large amounts of spoofed ping packets. Overwhelms the system. Can stop response Spam Mail bombing Sniffing - Monitors data travelling over a network - Legitimated and non legitimate purposes - Packet sniffing Man in the middle - Monitors or sniffs packets from network - Modifies the packets - Inserts them back into the network - Allows attacker to eavesdrop, change, delete, reroute, add, or divert data - Variant - spoofing involves the interception of an encryption key exchange Programming Errors 95 percent of software security bugs come from 19 common, well understood programming mistakes Software can be correct without being secure There is an imbalance between our abilities as developers and the abilities and resources of the attacker Timing Attack Explores the contents of a web browser’s cache Allows a web designer to create a malicious form of cookie that is stored on the client’s system Cookie allow designer to collect information on how to access password protected sites

Computer Networks and Security PDF

Document Details

Tags

Related

Summary

Full Transcript