The document discusses various topics related to human, computer, and vulnerability such as profiling mobile users, intelligence, related works on web profiling and privacy, and the author's approach to addressing privacy problems with user profiling research. It provides background on trends in information technology and predictions for the future, and examines concepts like profiling, why profiling is done, and intelligence in relation to profiling.
14. 2. Hackers 2.1 History
Hacking has been around for more than a
century. In the 1870s, several teenagers
were flung off the country's brand new
phone system by enraged authorities
University facilities with huge mainframe
computers, like MIT's artificial intelligence
lab, become staging grounds for hackers.
At first, "hacker" was a positive term for a
person with a mastery of computers who
could push programs beyond what they
were designed to do.
John Draper makes a long-distance call for
free by blowing a precise tone into a
telephone that tells the phone system to
open a line. Draper discovered the whistle
as a give-away in a box of children's cereal
14
15. 2. Hackers 2.1 History
Two members of California's Homebrew
Computer Club begin making "blue
boxes," devices used to hack into the
phone system. The members, who adopt
handles "Berkeley Blue" (Steve Jobs) and
"Oak Toebark" (Steve Wozniak), later go
on to found Apple Computer.
Morris, Son of former National Security
Agency scientist Robert Morris, is known
as the creator of the Morris Worm, the
first computer worm to be unleashed on
the Internet. As a result of this crime, he
was the first person prosecuted under the
1986 Computer Fraud and Abuse Act.
15
16. 2. Hackers 2.1 History
Kevin Mitnick secretly monitors the e-mail of
MCI and Digital Equipment security officials.
He is arrested (again), N.C., after he is tracked
down via computer by Tsutomu Shimomura
at the San Diego Supercomputer Center.
Tsutomu Shimomura is a senior fellow at the
San Diego Supercomputer Center, where he
works on problems in areas as diverse as
computational physics and computer security.
In February 1995 he helped several online
service and Internet companies track down
computer outlaw Kevin Mitnick.
16
22. 3. Information Security 3.1 Definitions
Protecting information and information
systems from unauthorized access, use,
disclosure, disruption, modification,
perusal, inspection, recording or
destruction
Computer security and information
assurance are frequently used
interchangeably
Confidentiality, Integrity, Availability
Plus Accountability(Non-Repudiation)
Process, Risk Management, BCP/DRP
22
23. 3. Information Security 3.2 Attributes
Confidentiality
used to prevent the disclosure of
information to unauthorized individuals or
systems
Integrity
means that data cannot be modified
undetectably. This is not the same thing
as referential integrity in databases
Availability
A requirement intended to assure that
systems work promptly and service is not
denied to authorized users
Accountability(Non-Repudiation)
The requirement that actions of an entity
may be traced uniquely to that entity.
23
24. 3. Information Security 3.3 Risk Management
Risk management is the identification,
assessment, and prioritization of risks
(defined in ISO 31000 as the effect of
uncertainty on objectives, whether positive or
negative) followed by coordinated and
economical application of resources to
minimize, monitor, and control the probability
and/or impact of unfortunate events or to
maximize the realization of opportunities
Composite Risk Index = Impact of Risk event x
Probability of Occurrence
24
25. 3. Information Security 3.4 Process
Security Governance
The Software Engineering Institute at Carnegie Mellon University, in a publication
titled "Governing for Enterprise Security (GES)", defines characteristics of effective
security governance
Incident Response Plans
computer security incident management involves the monitoring and detection of
security events on a computer or computer network, and the execution of proper
responses to those events
Change Management
Change management is an IT service management discipline. The objective of change
management in this context is to ensure that standardized methods and procedures
are used for efficient and prompt handling of all changes to control IT infrastructure,
in order to minimize the number and impact of any related incidents upon service
25
26. 3. Information Security 3.5 BCP/DRP
BCP may be a part of an organizational
learning effort that helps reduce
operational risk.
BCP is working out how to continue
operations under adverse conditions that
include local events like building fires,
theft, and vandalism, regional incidents
like earthquakes and floods, and national
incidents like pandemic illnesses.
Disaster recovery is the process, policies
and procedures related to preparing for
recovery or continuation of technology
infrastructure critical to an organization
after a natural or human-induced disaster
26
34. 5. Network Hacking 5.1 DoS
A denial-of-service attack (DoS attack) or
distributed denial-of-service attack (DDoS attack)
is an attempt to make a computer or network
resource unavailable to its intended users
Method
Consumption of computational resources,
such as bandwidth, disk space, or processor
time.
Disruption of configuration information,
such as routing information.
Disruption of state information, such as
unsolicited resetting of TCP sessions.
Disruption of physical network components.
Obstructing the communication media
between the intended users and the victim
so that they can no longer communicate
adequately.
34
35. 5. Network Hacking 5.2 ARP Spoofing
ARP spoofing is a computer hacking technique
whereby an attacker sends fake ("spoofed")
Address Resolution Protocol (ARP) messages
onto a Local Area Network.
Even ARP entries which have not yet expired
will be overwritten when a new ARP reply
packet is received. There is no method in the
ARP protocol by which a host can authenticate
the peer from which the packet originated. This
behavior is the vulnerability which allows ARP
spoofing to occur.
Defense
Static ARP entries
OS Security
35
36. 5. Network Hacking 5.3 XSS
Cross-site scripting (XSS) is a type of computer insecurity vulnerability typically found in
Web applications (such as web browsers through breaches of browser security) that
enables attackers to inject client-side script into Web pages viewed by other users.
XSS vulnerabilities have been reported and exploited since the 1990s. Prominent sites
affected in the past include the social-networking sites Twitter, Facebook, MySpace,
and Orkut.
36
40. 6. Malware 6.3 Definition
Short for Malicious Software
Software designed to disrupt computer
operation, gather sensitive information,
or gain unauthorized access to computer
systems
Computer viruses, worms, trojan horses,
spyware, adware, most rootkits, and
other malicious programs
Is not the same as defective software
40
41. 6. Malware 6.4 Infection
Called Virus, Worm
Many early infectious programs. They were
generally intended to be harmless or merely
annoying, rather than to cause serious damage
to computer systems
Before Internet access became widespread,
viruses spread on personal computers by
infecting the executable boot sectors of floppy
disks
Virus is used for a program has infected some
executable software and, when run, causes
the virus to spread to other executables.
A worm is a program that actively transmits
itself over a network to infect other computers.
41
42. 6. Malware 6.5 Concealment
Called Trojan Horses, Rootkit, Backdoor
When a malicious program is disguised as
something normal or desirable, users may be
tempted to install it without realizing it. This is
the technique of the Trojan horse or trojan.
A rootkit was a set of tools installed by a human
attacker on a Unix system, allowing the attacker
to gain administrator (root) access
A backdoor is a method of bypassing normal
authentication procedure
42
45. 7. Encryption 7.1 Origins
A watermark is a recognizable image or
pattern in paper that appears as various
shades of lightness/darkness when viewed by
transmitted light (or when viewed by
reflected light, atop a dark background),
caused by thickness or density variations in
the paper
Cryptology From Greek κρυπτός, "hidden,
secret" graphein, "writing", or -λογία, -logia,
"study", respectively
Steganography is the art and science of
writing hidden messages in such a way that
no one, apart from the sender and intended
recipient, suspects the existence of the
message, a form of security through obscurity
45
46. 7. Encryption 7.2 Water Marking
In philately, the watermark is a key feature
of a stamp, and often constitutes the
difference between a common and a rare
stamp
A watermark is very useful in the
examination of paper because it can be
used for dating, identifying sizes, mill
trademarks and locations, and the quality
of a paper.
Encoding an identifying code into digitized
music, video, picture, or other file is known
as a digital watermark.
46
47. 7. Encryption 7.3 Cryptography
It is about constructing and analyzing protocols
that overcome the influence of adversaries and
which are related to various aspects in
information security such as data confidentiality,
data integrity, and authentication.
Symmetric-Key Cryptography
DES,AES
Public-Key Cryptography
RSA(Ronald Rivest, Adi Shamir, Len
Adleman)
Cryptanalysis
Bruce Schneier
47
48. 7. Encryption 7.4 Steganography
The first recorded uses of steganography can be
traced back to 440 BC when Herodotus mentions
two examples of steganography in his Histories.
Steganography includes the concealment of
information within computer files. In digital
steganography, electronic communications may
include steganographic coding inside of a
transport layer, such as a document file, image
file, program or protocol
Steganography is used by some modern printers,
including HP and Xerox brand color laser printers.
Tiny yellow dots are added to each page. The
dots are barely visible and contain encoded
printer serial numbers, as well as date and time
stamps
48
51. 8. Privacy 8.1
Latin : Privatus “Separated from the Rest”
Want Anonymous
Keyboard Warrior
Debate Sensitive Topic
Social Fatigue
Security Problem(Like Social ID)
Do Not Want
Watch Your Behavior
Know Your Feeling
Know Where You Are/Live
51
53. 9. Related Works 9.1 Kraken
It means Legendary sea monsters of
giant proportions said to dwell off the
coasts of Norway and Iceland.
OSGi Based Network Security Platform
Pcap Packet Analysis
53
55. 9. Related Works 9.3 Metasploit
The Metasploit Project is an open-source,
computer security project which provides
information about security vulnerabilities
and aids in penetration testing and IDS
signature development. Its most well-known
sub-project is the Metasploit Framework, a
tool for developing and executing exploit
code against a remote target machine
Created by H.D Moore in 2003
Penetration Testing Tool
55
56. 9. Related Works 9.4 Backtrack
BackTrack is a distribution based on the Ubuntu
GNU/Linux distribution aimed at digital forensics
and penetration testing use
It is named after backtracking
Merged WHAX and Auditor Security Collection
Penetration Testing Tool
56
57. 9. Related Works 9.5 Anti Virus
is software used to detect and
remove computer viruses, as well
as many other types of harmful
software, collectively referred to as
malware.
Identification methods
Signature-based detection
Suspicious behavior
monitoring
Heuristics
57
87. References Papers
Hacking : The Art of Exploitation
The Art of Deception
Social Engineering
Authorized translation of the English of Information Security : Principles and
Practice(WILEY)
Hacking : The Next Generation(O’REILLY)
Practical : Cryptography(WILEY)
Rootkits : subverting the windows kernel (Addison-Wesley)
Malware Forensic(SYGRESS)
Professional Penetration Testing(SYGRESS)
Botnet Detection(Springer)
Malware Detection(Springer)
87