lecture 4.pdf

Full Transcript

1

University of Science and Technology
Faculty of Computer Science and Information Technology
Department of Information and Communication Technology

Lecture (4)

Instructor: Mashair Omer

2

Security Attacks:

 An Attack is the deliberate act that exploits vulnerability
.People who use or create computer software to gain
access to information illegally or to cause deny of service
to the information system are called attackers.
 The attackers exploit the holes or vulnerabilities in the
computer or the system to attack it.
 There are two types of attacks: direct attacks and indirect
attacks. Direct attack is when the attacker uses his
computer to attack the other systems. Indirect attack is
when the attacker compromised the other systems
and used them in a distributed denial of service attack
(DDoS).

3

Stages of the attack process:

An attack takes three distinct phases:
 Discovery:
The attacker find out the weaknesses in the target system.
 Penetration:
The attacker circumuent the system security.
 Control:
The attacker extends his security breach in many directions
to gain as much as possible.
The compromised system running the attacker’s commands.

4

purpose of the attack:

1. Intrusion

 This type of attack is the most common attacks on systems, with
intrusions; attackers will be able to use others computer systems as if
they were legitimate users.
2. Denial of Service (DoS)
 A denial of service attack is fundamentally to flood its target machine
with so much traffic that it prevents it from being accessible to any
other requests or providing services.
3. Information Theft
 This category of attacks allows an attacker to get data without ever
having to directly use system's computers.
 Attackers can gain information simply by reading information as it
crosses through correctly authorized channel or by sniffing.

5

Examples of Attacks:

1. Backdoor or Trapdoor
 A backdoor, or trapdoor, is a secret entry point into a
program that allows someone that is aware of it to gain
access without going through the usual security access
procedures. Have been used legitimately for many years
to debug and test programs, but become a threat when
left in production programs, allowing intruders to gain
unauthorized access. It is difficult to implement operating
system controls for backdoors. Security measures must
focus on the program development and software update
activities

6

2. Password Attacks
Password Crack
Attempting to reverse-calculate a password is often called
cracking. It is used when a copy of the Security Account
Manager (SAM) data file, which contains hashed
representation of the user’s password, can be obtained. A
password can be hashed using the same algorithm and
compared to the hashed results. If they are the same, the
password has been cracked

7

Brute Force

 Brute force attack is the application of computing and
network resources to try every possible password
combination. Since the brute force attack is often used
to obtain passwords to commonly used accounts, it is
sometimes called a password attack.

8

Dictionary
 The dictionary attack is a variation of the brute force
attack which narrows the search by selecting specific
target accounts and using a list of commonly used
passwords (the dictionary) instead of random
combinations. Organizations can use similar
dictionaries to disallow passwords during the reset
process and thus guard against easy-to-guess
passwords.

9

3. Denial-of-Service (DoS) and Distributed
Denial-of-Service (DDoS)
 In a denial-of-service (DoS) attack, the attacker sends
a large number of connection or infor-mation requests
to a target , so as to made that target system becomes
overloaded and cannot respond to legitimate requests
for service. As a result, the system may crash or simply
become unable to perform ordinary functions.

10

4.Distributed Denial-of-Service (DDoS)
 A distributed denialof-service (DDoS) is an attack in
which a coordinated stream of requests is launched
against a target from many locations at the same time.
Most DDoS attacks are preceded by a preparation phase
in which many systems, perhaps thousands, are
compromised. The compromised machines are turned
into zombies, machines that are directed remotely
(usually by atransmitted command) by the attacker to
participate in the attack.
 DDoS attacks are the most difficult to defend against,
and there are presently no controls that any single
organization can apply.

11

DDos Attack

12

5. Spoofing
 Spoofing is a technique used to gain unauthorized access
to computers, wherein the intruder sends messages with
a source IP address that has been forged to indicate that
the messages are coming from a trusted host.
 To engage in IP spoofing, hackers use a variety of
techniques to obtain trusted IP addresses ( Random,
fixed, Subnet, and Enroute spoofing), and then modify
the packet headers (see Figure below) to insert these
forged addresses. Newer routers and firewall
arrangements can offer protection against IP spoofing

13

IP Spoofing

6. Man-in-the-Middle
14

 In the well-known man-in-the-middle or TCP hijacking
attack, an attacker monitors (or sniffs) packets from the
network, modifies them, and inserts them back into the
network. This type of attack uses IP spoofing to enable an
attacker to impersonate another entity on the network. It
allows the attacker to eavesdrop as well as to change,
delete, reroute, add, forge, or divert data.
 A variant of TCP hijacking, involves the interception of an
encryption key exchange, which enables the hacker to act as
an invisible man-in-the-middle—that is, an eavesdropper—
on encrypted communications. The next figure illustrates
these attacks by showing how a hacker uses public and
private encryption keys to intercept messages.

15

Man–in-the-middle Attack

16

7. Spam
 Spam is unsolicited (unwanted) commercial e-mail.
While many consider spam a trivial nuisance rather than
an attack, it has been used as a means of enhancing
malicious code attacks.
 The most significant consequence of spam, however, is
the waste of computer and human resources. Many
organizations attempt to cope with the flood of spam by
using e-mail filtering technologies. Other organizations
simply tell the users of the mail system to delete
unwanted messages.

17

8. Mail Bombing
 This is another form of e-mail attack that is also a DoS
is called a mail bomb, in which an attacker routes
large quantities of e-mail to the target. This can be
accomplished by means of social engineering (to be
discussed shortly) or by exploiting various technical
flaws in the Simple Mail Transport Protocol (SMTP).

18

9.Sniffers
 A sniffer is a program or device that can monitor data
traveling over a network. Sniffers can be used both for
legitimate network management functions and for
stealing information.
 Unauthorized sniffers can be extremely dangerous to a
network’s security, because they are virtually impossible
to detect and can be inserted almost anywhere.

19

10. Social Engineering

 Social engineering manipulates people into performing actions
or divulging confidential information. Similar to a confidence
trick or simple fraud, the term applies to the use of deception
to gain information, commit fraud, or access computer
systems.
Email:
Phone Call:
This is John, the System Admin. What
is your password?
In Person:
What ethnicity are you?
Your mother’s maiden
name?

ABC Bank has
noticed a
problem with
your account…

and have some
software patches

I have come to
repair your
machine…

20

11. Malicious Codes:
 The malicious code attack includes the execution of viruses,
worms, Trojan horses, and active Web scripts with the intent
to destroy or steal information.
 Other forms of malware include software that are designed
to work out of sight of users or via an apparently safe user
action. These include bots, spyware, and adware.

21

Malicious Code – cont.
 A bot (an abbreviation of robot) is “an automated software
program that executes certain commands when it receives a
specific input.
 Spyware is “any technology that aids in gathering
information about a person or organization without their
knowledge. Spyware is placed on a computer to secretly
gather information about the user and report it. The various
types of spyware include:
 (1) a Web bug, a tiny graphic on a Web site that is referenced within
the Hypertext Markup Language (HTML) content of a Web page or email to collect information about the user viewing the HTML content;
 (2) a tracking cookie, which is placed on the user’s computer to track
the user’s activity on different Web sites and create a detailed profile
of the user’sbehavior.”

22

Malicious Code – cont.

 Adware is “any software program intended for marketing
purposes such as that used to deliver and display
advertising banners or popup to the user’s screen”
 Each of these hidden code components can be used to
collect information from or about the user which could then
be used in a social engineering or identity theft attack.