Cybersecurity Foundations Lecture 1 PDF
Document Details
Uploaded by TopnotchEllipsis
King Saud University
2018
Dr. Ahmed Abo-Bakr
Tags
Summary
This lecture provides a fundamental overview of cybersecurity systems. Topics covered include cybersecurity fundamentals, attacker techniques, and intrusion detection systems. The course purpose is to provide familiarity with cybersecurity fundamentals, attacks, and various tools. The lecture also covers tentative topics, assessment details, and contact information.
Full Transcript
Cybersecurity and Digital Forensics CYBERSECURITY FOUNDATIONS A cybersecurity fundamental overview Dr. Ahmed Abo-Bakr © 2018 Cybersecurity and Digital Forensics CYBERSECURITY FOUNDATIONS A cybersecurity fundamental overview Lecture 1 Dr. Ahmed Abo-Bakr © 2018...
Cybersecurity and Digital Forensics CYBERSECURITY FOUNDATIONS A cybersecurity fundamental overview Dr. Ahmed Abo-Bakr © 2018 Cybersecurity and Digital Forensics CYBERSECURITY FOUNDATIONS A cybersecurity fundamental overview Lecture 1 Dr. Ahmed Abo-Bakr © 2018 GENERAL NOTES - COME ON-TIME - PLEASE TURN CELL PHONES OFF DURING CLASS!!! Cell phones, blackberries, iPods, etc. may not be accessed during class. - The Final Exam will be comprehensive, covering all the material presented in the course - NO MAKE UP EXAMS (except for what is stated under the “Regulations for Accepting Excuses for Not Attending Exams” section). - Communication - Through University e-mails only ([email protected]) - No WhatsApp - No Calls Cybersecurity and Digital Forensics 3 COURSE GENERAL INFORMATION o IT 601: Cybersecurity Foundation o Credits: 3 (2, 2, 0) o Lecture: 2 hours/week o Lab: 2 hours/week o Prerequisites: o Desire to learn o Commitment o Nothing else o Mode of delivering concepts o Interactive o Do not just set back and listen o Share your opinion and experience Cybersecurity and Digital Forensics 4 COURSE GENERAL INFORMATION o IT 601: Cybersecurity Foundation o Credits: 3 (2, 2, 0) o Lecture: 2 hours/week o Lab: 2 hours/week o Prerequisites: o Desire to learn o Commitment o Nothing else o Mode of delivering concepts o Interactive o Do not just set back and listen o Share your opinion and experience Cybersecurity and Digital Forensics 5 DESCRIPTION o This course provides fundamental overview of cybersecurity and lays a foundation for subsequent topical courses in the area of cybersecurity systems o Topics covered include: o Cyber Security Fundamentals, o Attacker Techniques, o Exploit Tools, o Information Theft, o Analysis Techniques, o Events Forensics, o Intrusion Detection Systems. Cybersecurity and Digital Forensics 6 COURSE PURPOSE o Familiarity with Cybersecurity Fundamentals o Learn fundamentals of Attacks o Gain knowledge about Attacker Techniques, Malicious Code o Gain knowledge about various Exploit Tools, Information Theft and Exploitation o Become familiar with Events Forensics & Intrusion Detection Systems Cybersecurity and Digital Forensics 7 TOPICS (TENTATIVE) Week Course Topics Book’s Chapter 1 Introduction to Cybersecurity Chapter 1 2 Cyber Stalking, Fraud, and Abuse Chapter 2 3 Denial of Service Attacks Chapter 3 4 Denial of Service Attacks Chapter 3 5 Exam 1 6 KSA National Day 7 Cryptography Chapter 5 8 Cryptography Chapter 5 9 Security Policies Chapter 6 10 Exam 2 11 Cyber Terrorism Chapter 7 12 Firewalls and Intrusion Detection Systems External Materials 13 Exam 3 14 Term Presentation 15 Term Presentation 16 FINAL EXAMS 17 FINAL EXAMS Cybersecurity and Digital Forensics 8 TENTATIVE ASSESSMENTS Proportion of Assessment task Week Due Total Assessment 1 Exam 1, 2, 3 5, 10, 13 15% ea. 15% 2 Presentation 14, 15 (5% report + 10% presentation) -1% for not 3 Lab Work Weekly delivering 4 Final Exam 17 40% Cybersecurity and Digital Forensics 9 REFERENCES Reference 's Name Author Publisher Publication year Essentials of Cyber Security Paperback Dr Gurpreet S Dhillon Paradigm Books 2014 ISBN-13: 978-0692218006 Cyber Security Essentials James Graham Richard Howard Auerbach 2010 ISBN-13: 978-1439851234 Ryan Olson Cyber Security Understanding Cyber Crimes, Computer Forensics Nina Godbole and Legal Perspectives Wiley 2011 Sunit Belpure ISBN-13: 978-8126521791 Cybersecurity and Digital Forensics 10 REFERENCES Reference 's Name Author Publisher Publication year Essentials of Cyber Security Paperback Dr Gurpreet S Dhillon Paradigm Books 2014 ISBN-13: 978-0692218006 Cyber Security Essentials James Graham Richard Howard Auerbach 2010 ISBN-13: 978-1439851234 Ryan Olson Cyber Security Understanding Cyber Crimes, Computer Forensics Nina Godbole and Legal Perspectives Wiley 2011 Sunit Belpure ISBN-13: 978-8126521791 Cybersecurity and Digital Forensics 11 Cybersecurity and Digital Forensics INTRODUCTION TO CYBERSECURITY Chapter 1 Dr. Ahmed Abo-Bakr © 2018 CHAPTER TOPICS o What is Computer Security? o Purpose of Computer Security o Common cyber threats o Cyber threats categories Cybersecurity and Digital Forensics 13 THE BASICS WHAT IS COMPUTER SECURITY? IS IT: Information Privacy Data Integrity Availability Cybersecurity and Digital Forensics 15 PURPOSE OF COMPUTER SECURITY Ensures integrity of Business processes business processes are not broken is maintained i.e. data in databases Ensures resources Ensure valuable e.g. No disruption in and computer systems are available to the resources remain supply chain logistics does not get changed, right people at the protected intentionally or right time unintentionally Cybersecurity and Digital Forensics 16 CONSEQUENCES o Inability to have the right access to data and information o Inadequate or flawed decision making o Non-availability of information is a typical consequence of both intentional and unintentional compromises o Possibly because someone – human or a machine – is a hurdle in the process Cybersecurity and Digital Forensics 17 MAINTAINING CONFIDENTIALITY o No doubt, one needs to ensure that the person one claims to be, is indeed the one o Authenticity o In modern institutions, information resources are never located or stored in one place o So, it is important to ensure that data and information do not change as it moves from one location to the other o Non-repudiation (denial or negation) Cybersecurity and Digital Forensics 18 CORE CONCEPTS OF COMPUTER SECURITY o Protection of information resources of an institute – or a firm, o Protection accomplished by ensuring: o Confidentiality o Integrity o Availability of data information o CIA Cybersecurity and Digital Forensics 19 CORE CONCEPTS OF COMPUTER SECURITY (CIA) All data and All data and Assurance that information is information is all data and kept private and timely, accurate, information is is not disclosed complete and available when to unauthorized consistent required and that individuals there is no DoS Confidentiality Integrity Availability Cybersecurity and Digital Forensics 20 COMPUTER-BASED SYSTEM VULNERABILITIES SYSTEM VULNERABILITIES o Consistent increase in the number and complexity of cyber threats o For example, o In 2011 o 82 targeted attacks/day o In 2012 o Symantec reported 81% increase in malicious attacks o 232 million identity theft o In 2024: o studies conducted by the University of Maryland's A. James Clark School of Engineering found that more than 2,200 cyberattacks occur each day o When broken down, that means someone becomes a victim of a data breach, phishing attack, or other cybercrime every 39 seconds Cybersecurity and Digital Forensics 22 COMMON CYBER THREATS Identity Theft: Hacking: Malware: Phishing: Cybersecurity and Digital Forensics 23 COMMON CYBER THREATS Identity Theft: Obtaining unauthorized access to personal information—such as UID, SSN, bank accounts and passwords, for the purpose of committing crimes such as fraud or theft. Hacking: Malware: Phishing: Cybersecurity and Digital Forensics 24 COMMON CYBER THREATS Identity Theft: Obtaining unauthorized access to personal information—such as UID, SSN, bank accounts and passwords, for the purpose of committing crimes such as fraud or theft. Hacking: Hacking is defined as secretly getting access to a computer system to steal information or cause damage. Malware: Phishing: Cybersecurity and Digital Forensics 25 COMMON CYBER THREATS Identity Theft: Obtaining unauthorized access to personal information—such as UID, SSN, bank accounts and passwords, for the purpose of committing crimes such as fraud or theft. Hacking: Hacking is defined as secretly getting access to a computer system to steal information or cause damage. Malware: Malware (short for "malicious software") is any program or file that is harmful to a computer user, including computer viruses, worms, Trojans and spyware. Phishing: Cybersecurity and Digital Forensics 26 COMMON CYBER THREATS Identity Theft: Obtaining unauthorized access to personal information—such as UID, SSN, bank accounts and passwords, for the purpose of committing crimes such as fraud or theft. Hacking: Hacking is defined as secretly getting access to a computer system to steal information or cause damage. Malware: Malware (short for "malicious software") is any program or file that is harmful to a computer user, including computer viruses, worms, Trojans and spyware. Phishing: Stealing personal information by tricking victims into clicking a link or entering username & password. Phishing comes in many forms: emails, phone calls, website downloads. Cybersecurity and Digital Forensics 27 CYBER THREATS CATEGORIES 1. Automated attacks 2. Malicious intent cyber attacks 3. Internal employee cyber attacks (insider attack) 4. Social engineering (cyber attacks because of social engineering) 5. Privacy attacks (loss of privacy and identity - related attacks) 6. Cyber espionage - related attacks (espionage) Cybersecurity and Digital Forensics 28 AUTOMATED ATTACKS AUTOMATED ATTACKS o Main reason for chaos o Can go unnoticed for long periods of time o Originated by humans o Human involvement is limited, once propagated o Hackers are very fond of automated attacks o SQL injection, in particular o Remote File Inclusion o Sqlmap, Havji, NetSparker are some of several tools available Cybersecurity and Digital Forensics 30 REASONS FOR CHOOSING AUTOMATED ATTACKS o Tools used require little technological skills o Often available for free (hacker sites, or testing businesses) o Hackers can attack a vast number of sites quickly o Make use of compromised and rented servers Cybersecurity and Digital Forensics 31 SQL INJECTION o Standard Query Language Injection o Fields available for users’ data o Allow SQL statements to pass through o Consequently, allows querying the database directly Cybersecurity and Digital Forensics 32 REMOTE FILE INCLUSION (RFI) o RFI attack is when an attacker can upload a malicious file on a server using a service o Usually through script o A symptom of a possible poor validation check o Improper checks allow for a code to be executed in a website or on the server Cybersecurity and Digital Forensics 33 MALICIOUS INTENT CYBER ATTACKS TARGETS AND REASONS o Infrastructures attacks o 2012 o Energy sector (82 reported by DHS) o Water industry (29 reported) o Chemical plants (7 reported) o Nuclear companies (6 reported) o Banks (0xOmar and 0xOmer) o TV broadcasts (South and North Korea 2013) o 2023 o more than 2 in 5 ransomware attacks targeted organizations in a critical infrastructure sector o 1,193 out of 2,825 hit critical infrastructure organizations (over 42%) o Reasons o Political (main reason) o Theft Cybersecurity and Digital Forensics 35 INFORMATION TECHNOLOGY SERVICES Cybersecurity and Digital Forensics CONTACT Dr. Ahmed Abo-Bakr Computer Science Department [email protected] Cybersecurity and Digital Forensics 37
