0% found this document useful (0 votes)

15 views

2 - Introduction - Week 2

Uploaded by

Arshad Farhad

Available Formats

Download as PPTX, PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

15 views

2 - Introduction - Week 2

Uploaded by

Arshad Farhad

Available Formats

Download as PPTX, PDF, TXT or read online on Scribd

You are on page 1/ 36

Introduction –

Cyber
Security
Dr. Arshad Farhad

1
2

Aspects of Security

 consider 3 aspects of information security:

 security attacks
 security services
 security mechanisms
3

Security Attack
 any action that compromises the security of
information owned by an organization
 often threat & attack used to mean same thing
 Threat: A person, thing, event, or idea which poses
some danger to an asset in terms of that asset's
confidentiality, integrity, availability.
 Attack: A realization of a threat; Any action that
attempts to compromise the security of the
information owned by an organization/person
Attacks
Nature of attacks
Active attacks
Passive attacks

Categorization of attacks
Interruption
Interception
Modification
Fabrication
5

Passive Attacks
6

Active Attacks
8

Security Service
 enhance security of data processing systems and
information transfers of an organization
 intended to counter security attacks
 using one or more security mechanisms
9

Security Services (X.800)

 Authentication - assurance that the
communicating entity is the one claimed
 Access Control - prevention of the unauthorized
use of a resource
 Data Confidentiality –protection of data from
unauthorized disclosure
 Data Integrity - assurance that data received is as
sent by an authorized entity
 Non-Repudiation - protection against denial by
one of the parties in a communication
10

Security Mechanisms

 feature designed to detect, prevent, or recover

from a security attack
 no single mechanism that will support all services
required
 however one particular element underlies many of
the security mechanisms in use:
 cryptographic techniques
 hence our focus on this topic
11

 Confidentiality:
Unauthorized parties cannot
access information (->Secret Data Privacy in
Key Encryption) communication … Bill
 Authenticity: Ensuring that Services & Mechanisms
the actual sender is the Confidentiality
claimed sender. (->Public Joe
Key Encryption)
Bill Authenticity
 Integrity: Ensuring that the
Joe (Actually Bill)
message was not modified in
transmission. (->Hashing) Ann
 Nonrepudiation: Ensuring
Ann
that sender cannot deny Integrity
sending a message at a later Joe Non-Repudiation
time. (->Digital Signature) Joe
Bill

Ann

Ann
12

Model for Security

 using this model requires us to:
1. design a suitable algorithm for the security
transformation
2. generate the secret information (keys) used
by the algorithm
3. develop methods to distribute and share the
secret information
14

Model for Network Access Security

 using this model requires us to:
1. select appropriate gatekeeper functions to identify
users
2. implement security controls to ensure only
authorised users access designated information or
resources
16

Statistics
 According the certain estimates by McAfee &
Kapersky Lab, the cost of information security
breaches that took place in 2018 was worth $600
billion.
 Globally, information security breaches have
witnessed a steep increase of 67% in the last five
years
 In last quarter of 2018, a single incident of
cyberattack on Private Bank operating in Pakistan
resulted in the loss of $6 million in just 23 minutes
17

Malware Count
18

https://www.hackmageddon.com/
19

https://www.hackmageddon.com/
20

Why do we need security?

Lets go through some real-world

examples.
Mirai Botnet – Case Study
 First identified in August 2016 by the whitehat security research
group MalwareMustDie, Mirai—Japanese for “the future”—and its
many variants have served as the vehicle for some of the most
potent DDoS attacks in history.
 In September 2016, the website of computer security consultant
Brian Krebs was hit with 620 gbps of traffic, “many orders of
magnitude more traffic than is typically needed to knock most sites
offline.”2 At about the same time, an even bigger DDoS attack
using Mirai malware—peaking at 1.1 Tbps— targeted the French
webhost and cloud service provider OVH
https://www.rsaconference.com/writable/presentations/file_upload/hta-w10-mirai-and-iot-botnet-analysis.pdf
https://www.imperva.com/blog/malware-analysis-mirai-ddos-botnet/?utm_campaign=Incapsula-moved
https://www.csoonline.com/article/3258748/the-mirai-botnet-explained-how-teen-scammers-and-cctv-cameras-almost-brough
own-the-internet.html
Mirai - Bots

https://www.imperva.com/blog/malware-analysis-mirai-ddos-botnet/?utm_campaign=Incapsula-moved
23

New York Times and Twitter

struggle after Syrian hack … (2013)
 The newspaper and social network were hit after their
domain name details were maliciously edited by
hackers.
 The Syrian Electronic Army (SEA), a group supporting
Syrian president Bashar al-Assad, says it carried out
the attack.
 In recent months, these hackers have targeted major
media companies including the Financial Times,
Washington Post, CNN and BBC.
 The SEA was able to gain access to Melbourne IT's
system, where Twitter and the New York Times
registered their respective domains.
http://www.bbc.co.uk/news/technology-23862105
24

Major banks hit with biggest cyber

attacks in history… (2012)
 The websites of Bank of America, JPMorgan, U.S.
Bank and PNC Bank all suffered day-long
slowdowns and been sporadically unreachable for
many customers ….
 A denial of service attack
 The attackers got hold of thousands of high-
powered application servers and pointed them all
at the targeted banks.
 The volume of traffic sent to these sites was 10 to
20 times the volume that was normally recorded.

http://money.cnn.com/2012/09/27/technology/bank-cyberattacks/index.html

By David Goldman CNN September 28, 2012

iPhone attack … (2007)
 iPhoneSafari downloads
malicious web page
 Arbitrary code is run with
administrative privileges
 Can read SMS log, address
book, call history, other data
 could dial phone numbers,
send text messages, or record
audio
 Transmit collected data over
network to attacker

http://www.securityevaluators.com/iphone/ 2
26

Top 7 Network Attacks of 2015 … so far June 2015

http://www.calyptix.com/top-threats/top-7-network-attack-types-in-2015-so-far/
27
28

Top 10 network attacks techniques of 2014

29
30

Mobile threats 2014

Mobile
threats
2014
32

Top 5 out of 20 Mobile threats of 2014

1 Trojan-SMS.AndroidOS.Stealer.a 18.0%

2 RiskTool.AndroidOS.MimobSMS.a 7.1%

3 DangerousObject.Multi.Generic 6.9%

4 RiskTool.AndroidOS.SMSreg.gc 6.7%

5 Trojan-SMS.AndroidOS.OpFake.bo 6.4%
Mass-scale Organizational Targeted
33
Attacks (MOTAs)
Bagle mass-mailer
worm campaign
between January 1,
2014, and April 29,
2014

Source: Symantec April 2015

Recent Trends
 Malware, worms, and Trojan horses
 spread by email, instant messaging, malicious or infected websites
 Botnets and zombies
 improving their encryption capabilities, more difficult to detect
 Scareware – fake/rogue security software
 Attacks on client-side software
 browsers, media players, PDF readers, etc.
 Ransom attacks
 malware encrypts hard drives, or DDOS attack
 Social network attacks
 Users’ trust in online friends makes these networks a prime target.