Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download Computersikkerhed
Document related concepts
Deep packet inspection wikipedia , lookup
Next-Generation Secure Computing Base wikipedia , lookup
Post-quantum cryptography wikipedia , lookup
Cyberwarfare wikipedia , lookup
Authentication wikipedia , lookup
Airport security wikipedia , lookup
Unix security wikipedia , lookup
Information security wikipedia , lookup
Cross-site scripting wikipedia , lookup
Cyber-security regulation wikipedia , lookup
Computer and network surveillance wikipedia , lookup
Distributed firewall wikipedia , lookup
Cracking of wireless networks wikipedia , lookup
Wireless security wikipedia , lookup
Social engineering (security) wikipedia , lookup
Security-focused operating system wikipedia , lookup
Cyberattack wikipedia , lookup
Computer security wikipedia , lookup
Transcript
Areas Encryption Program security Operating systems Data base security Security in network and distributed systems Administration of security Legal and ethical security 1 Retrospective look on security Physical Security Communications Security Emission Security Computer Security Network Security Information Security 2 Physical Security Information protected by walls, moats and guards. Information sent by messenger. 3 Communication Security Caesar Ciffer. Enigma machine. One time pads. 4 Emmision Security All electronic systems create electronic emissions. 5 Computer Security Computers came on the scene. David Bell and Leonard LaPadula models Orange Book German Green Book Common Criteria The development vent faster then the models 6 Network Security LAN, MAN and WAN. Wireless Network Bluetooth 7 Information Security Security is a mix of the above. 8 Security is a proces and many products Anti-virus Software Access Control Firewalls Smart Cards Biometrics Intrusion Detection and Prevention Policy Management Vulnerability Scanning Encryption Data Loss Prevention Physical Security Mechanisms 9 Threats 10 Access Attack-snooping 11 Eavesdropping 12 Interception 13 Modification Attacks Changes Insertion Deletion 14 Denial of Service Attacks Denial Denial Denial Denial of of of of Access Access Access Access to to to to Information Applications Systems Communication 15 Repudiation Attacks Masquerading Denying an Event 16 Security goals confidentiality integrity availability 17 Vulnerability Hardware Software deletion modification logic bomber Trojan horse trapdoors information leaks steel 18 Vulnerability cont. Data general Interpreted by everyone No intrinsic value Value for a short time period principle of adequate protection confidentiality integrity 19 Vulnerability cont. Andre storage media network access Key personal 20 Vulnerability in computer systems 21 Securing data 22 Overlapping controls 23 Computer security Size and portability Ability to avoid physical contact Value of assets Wild west Computer firms does not inform principal of easiest penetration 24 Hackers Amateurs Crackers Carrere Criminals 25 Hackers Motivation Challenge Greed Malicious Intent 26 Hackers Techniques Bad Passwords Brute-force attack Open Sharing 27 Hackers Techniques cont Software Vulnerabilities Buffer Overflows Sql Injection Network Hacking Sniffing Switch Networks Redirection Traffic Sending All Traffic to All Ports IP Spoofing 28 Hackers Techniques cont Social Engineering Denial of Service Distributed Denial of Service Attacks Malicious Software Virus Trojan Worm 29 Threats in network Reconnaissance Threats in Transit: Eavesdropping and Wiretapping Protocol Flaws Impersonation Message Confidentiality Threats Message Integrity Threats Format Failures Web Site Vulnerabilities Denial of Service Distributed Denial of Service Threats in Active or Mobile Code Complex Attacks 30 Reconnaissance Port Scan Social Engineering Intelligence Operating System and Application Fingerprinting Bulletin Boards and Chats Availability of Documentation 31 Threats in Transit: Eavesdropping and Wiretapping Cable Microwave Satellite Communication Optical Fiber Wireless Interception Theft of Service 32 Threats in Transit: Eavesdropping and Wiretapping continued 33 Impersonation Authentication Foiled by Guessing Authentication Thwarted by Eavesdropping or Wiretapping Authentication Foiled by Avoidance Nonexistent Authentication Well-Known Authentication Trusted Authentication Spoofing Masquerade Phishing Session Hijacking Man-in-the-Middle Attack 34 Message Confidentiality Threats Misdelivery Exposure Traffic Flow Analysis 35 Message Integrity Threats Falsification of Messages Noise 36 Format Failures Malformed Packets Protocol Failures and Implementation Flaws 37 Web Site Vulnerabilities Web Site Defacement Buffer Overflows Dot-Dot-Slash Application Code Errors Server-Side Include 38 Denial of Service Transmission Failure Connection Flooding Echo-Chargen Ping of Death Smurf Syn Flood Teardrop Traffic Redirection DNS Attacks 39 Denial of Service cont. Smurf attack 40 Denial of Service cont. Syn Flood 41 Distributed Denial of Service 42 Threats in Active or Mobile Code Cookies Scripts Active Code Java Code ActiveX Controls Auto Exec by Type Bots 43 Complex Attacks Script Kiddies Building Blocks 44 Threats in network summing up Precursors to attack Port scan Social engineering Reconnaissance OS and application fingerprinting Impersonation Guessing Eavesdropping Spoofing Session hijacking Man-in-the-middle attack Buffer overflow Addressing errors Parameter modification, time-of-check to time-of-use errors Server-side include Cookie Malicious active code: Java, ActiveX Malicious code: virus, worm, Trojan horse Malicious typed code Authentication failures Programming flaws 45 Threats in network summing up Confidentiality Protocol flaw Eavesdropping Passive wiretap Misdelivery Exposure within the network Traffic flow analysis Cookie Protocol flaw Active wiretap Impersonation Falsification of message Noise Web site defacement DNS attack Protocol flaw Transmission or component failure Connection flooding, e.g., echo-chargen, ping of death, smurf, syn flood DNS attack Traffic redirection Distributed denial of service Integrity Availability 46
