Download Figure 9.1 Today`s de facto standard point-and

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
page
23
page
24
Document related concepts

Malware wikipedia , lookup

Computer and network surveillance wikipedia , lookup

Cracking of wireless networks wikipedia , lookup

Distributed firewall wikipedia , lookup

Unix security wikipedia , lookup

Mobile security wikipedia , lookup

Computer security wikipedia , lookup

Computer virus wikipedia , lookup

Cyberattack wikipedia , lookup

Transcript 
Chapter 8
Cybercrime,
Cyberterrorism, and
Cyberwarfare
Cybercrime
Illegal or criminogenic
activities performed in
cyberspace
Common EC/EB crime targets/victims




Identity theft – is your customer “real”?
Credit card number theft – is your customer’s
credit/debit account “real”?
Computational embezzlement – fraudulent
creation/manipulation of financial info
regarding EC/EB transactions or accounts
(biggest corporate problem)
(Security) Vulnerability and exploit attacks
(most pervasive problem). EC/EB system
targeted attacks mostly “out of sight” so far
Copyright © 2003, Addison-Wesley
Hacker/Cracker



Originally, an expert programmer
Today, someone (Cracker) who breaks into
computers
Types of hackers



White-hat hackers
Black-hat hackers (crackers, dark side hackers)
Elite hackers




Superior technical skills
Very persistent
Often publish their exploits
Samurai – a hacker for hire
Copyright © 2003, Addison-Wesley
Figure 8.1 A list of postings on a hacker
newsgroup.
Source: alt.bio.hackers newsgroup
Copyright © 2003, Addison-Wesley
Figure 8.2 A typical posting.
Source: alt.bio.hackers newsgroup
Copyright © 2003, Addison-Wesley
Figure 8.3 Hackers publish their exploits.
Source: http://packetstormsecurity.org/
Copyright © 2003, Addison-Wesley
Script-kiddies and Phreakers

Script-kiddie (packet monkeys, lamerz)



Phreaker


Hacker in training
Disdained by the elite hackers
Person who cracks the telephone network
Insider/outsider using “social engineering”



Trusted employee turned black-hat hacker
Dumpster divers; help desk impersonators, etc.
Potentially most dangerous
Copyright © 2003, Addison-Wesley
Why Do Hackers Hack?

Government sponsored hacking

Cyberwarfare
Cyberterrorism

Espionage



Industrial espionage
White-hats


Publicize vulnerabilities
The challenge – hack mode

Black hats – misappropriate software and personal
information
Script kiddies – gain respect

Insiders – revenge

Copyright © 2003, Addison-Wesley
Password Theft


Easiest way to gain access/control
User carelessness

Poor passwords



Dumpster diving
Observation, particularly for insiders



Easily guessed
The sticky note on the monitor
Human engineering, or social engineering
Standard patterns (e.g., Miami University)

Guess the password from the pattern
Copyright © 2003, Addison-Wesley
Rules for Choosing Good Passwords



Easy to remember, difficult to guess
Length – 6 to 9 characters
Mix character types





Letters, digits, special characters
Use an acronym
Avoid dictionary words
Different account  different password
Change passwords regularly
Copyright © 2003, Addison-Wesley
Packet Sniffers




Software wiretap
Captures and analyzes packets
Any node between target and Internet
Broadcast risk



Ethernet and cable broadcast messages
Set workstation to promiscuous mode
Legitimate uses


Detect intrusions
Monitoring
Copyright © 2003, Addison-Wesley
Potentially Destructive Software

Logic bomb (set up by insider)



Rabbit


Potentially very destructive
Time bomb – a variation
Denial of service
Trojan horse

Common source of backdoors
Copyright © 2003, Addison-Wesley
Backdoor

Undocumented access point


Testing and debugging tool
Common in interactive computer games


Cheats and Easter eggs
Hackers use/publicize backdoors to gain
access



Programmer fails to close a backdoor
Trojan horse
Inserted by hacker on initial access

Back Orifice – the Cult of the Dead Cow
Copyright © 2003, Addison-Wesley
Viruses and Worms (most common)

Virus





Parasite
Requires host program to replicate
Virus hoaxes can be disruptive
Virus patterns/generators exist; script kiddies use
these (but most anti-virus software does not!)
Worm



Virus-like
Spreads without a host program
Used to collect information


Sysop – terminal status
Hacker – user IDs and passwords
Copyright © 2003, Addison-Wesley
Figure 8.6 Structure of a typical virus.
Reproduction
logic



Macro viruses (thanks to
MS )
Polymorphic viruses
E-mail attachments



Concealment
logic


Payload can be


Today, click attachment
Tomorrow, may be
eliminated!

Spawn mini-viruses
Cyberterrorism threat

Cluster viruses

Payload


Trivial
Logic bomb
Time bomb
Trojan horse
Backdoor
Sniffer
Copyright © 2003, Addison-Wesley
Anti-Virus Software

Virus signature



Heuristics



Uniquely identifies a specific virus
Update virus signatures frequently
Monitor for virus-like activity
Virus detection and removal to be pushed
“upstream” in the IT supply chain
infrastructure
Recovery support
Copyright © 2003, Addison-Wesley
Figure 8.8 Security and
virus protection in layers.
Internet
Internet
Router

Defend in depth



Firewall
What one layer
misses, the next
layer traps
Firewalls (Chapter 9)
Anti-virus software
Host server
Virus protection
Firewall
Workstation
Personal virus
protection
Firewall
Copyright © 2003, Addison-Wesley
System Vulnerabilities

Known security weak points






Default passwords – system initialization
Port scanning
Software bugs
Logical inconsistencies between layers
Published security alerts
War dialer to find vulnerable computer
Copyright © 2003, Addison-Wesley
Denial of Service Attacks (DoS)

An act of vandalism or terrorism


Objective




A favorite of script kiddies
Send target multiple packets in brief time
Overwhelm target
The ping o’ death
Distributed denial of service attack

Multiple sources
Copyright © 2003, Addison-Wesley
Figure 8.9 A distributed denial of service
attack.




Cyber equivalent
of throwing
bricks
Overwhelm
target computer
Standard DoS is
a favorite of
script kiddies
DDoS more
sophisticated
Target system
Copyright © 2003, Addison-Wesley
Spoofing


Act of faking key system parameters
DNS spoofing



Alter DNS entry on a server
Redirect packets
IP spoofing


Alter IP address
Smurf attack
Copyright © 2003, Addison-Wesley
Figure 8.10 IP spoofing.
1
False message claiming to come from Beta

Preparation

3
Alpha server
(the target)
4
Counterfeit
acknowledgement
Hacker's
computer

One-way connection

2
Acknowledgement to Beta
No response possible
Probe target (A)
Launch DoS attack on
trusted server (B)
Attack target (A)


Fake message from B
A acknowledges B


Beta server
(trusted source)


B cannot respond
DoS attack
Fake acknowledgement
from B
Access A via 1-way
communication path
Under DoS attack
Copyright © 2003, Addison-Wesley
Cybercrime prevention


Multi-layer security
Security vs. privacy?
Copyright © 2003, Addison-Wesley
Related documents
課程大綱
課程大綱
CMSI 686 Database Management Systems
CMSI 686 Database Management Systems
Chapter 5
Chapter 5
Chapter 2
Chapter 2
3460:421/521 Object Oriented Programming
3460:421/521 Object Oriented Programming
Chapter 3
Chapter 3
Chpt 1
Chpt 1
Chapter 1
Chapter 1
Chpt 5
Chpt 5
An Application of Inductive Reasoning: Number Patterns
An Application of Inductive Reasoning: Number Patterns