SlideShare une entreprise Scribd logo

Cyber Crime and Security Ch 1 .ppt

Télécharger en tant que PPT, PDF
W
waleejhaider1

Cyber Security

Formation
1  sur  49
CS-7303/CS-6303 Cyber Crime and Security/ TE-7116 Cyber Security Sir Syed University of Engineering & Technology, Karachi Dr. Waeej Haider, DoCS&IT
Roadmap  Computer Security  Cyber Security  Attacks  Mutual Trust  Network Security  Computer Security 2
Background  Information Security requirements have changed in recent times (due to attacks on sensitive info.)  Traditionally provided by physical and administrative mechanisms  Computer use requires automated tools to protect files and other stored information  Use of networks and communications links requires measures to protect data during transmission 3
Definitions  Computer Security - generic name for the collection of tools designed to protect data and to thwart hackers  Network Security - measures to protect data during their transmission  Internet Security - measures to protect data during their transmission over a collection of interconnected networks 5
Computer Security  Can be elaborated as:  The protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity, availability and confidentiality of information system resources (includes hardware, software, firmware, information/data, and telecommunications) 6
Cisco Public © 2013 Cisco and/or its affiliates. All rights reserved. 7 Cybersecurity is the protection of internet-connected systems such as hardware, software and data from cyber- threats. The practice is used by individuals and enterprises to protect against unauthorized access to data centers and other computerized systems. Farrukh Nizami AIT CEP
Key Security Concepts 8
Examples of Security Requirements  confidentiality – student grades  integrity – patient information  availability – authentication service  authenticity – admission ticket  non-repudiation – stock sell order 9
Aspects of Security  consider 3 aspects of information security:  security attack  security mechanism (control)  security service  note terms  threat – a potential for violation of security  vulnerability – a way by which loss can happen  attack – an assault on system security, a deliberate attempt to evade security services 10
Attacks, Services and Mechanisms  Security Attack: Any action that compromises the security of information.  Security Mechanism: A mechanism that is designed to detect, prevent, or recover from a security attack.  Security Service: A service that enhances the security of data processing systems and information transfers. A security service makes use of one or more security mechanisms. 11
Threat Actors Threat Actors  Threat actors are individuals or groups of individuals who perform cyberattacks. They include, but are not limited to: • Amateurs (self-taught) • Hacktivists (use of computer-based techniques such as hacking as a form of civil disobedience to promote a political agenda or social change) • Organized crime groups • State-sponsored groups • Terrorist groups  Cyberattacks are intentional malicious acts meant to negatively impact another individual or organization.
Security Attacks 14 Learning Assignment: In the notes (below)
Security Attacks  Passive attacks: are in the nature of eavesdropping on, or monitoring of, transmissions  Goal of the opponent is to obtain information that is being transmitted  Active attacks: involve some modification of the data stream or the creation of a false stream 15
Passive Attack - Interception •This is an attack on confidentiality 16
Passive Attack: Traffic Analysis Observe traffic pattern 17
Active Attack: Interruption Block delivery of message •This is an attack on availability 18
Active Attack: Fabrication Fabricate message •This is an attack on authenticity 19
Active Attack: Replay 20
Active Attack: Modification Modify message This is an attack on integrity 21
Handling Attacks  Passive attacks – focus on Prevention • Easy to stop • Hard to detect  Active attacks – focus on Detection and Recovery • Hard to stop • Easy to detect 22
23 © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential  The Consequences of a Security Breach • Not feasible to prevent every attack • Attackers will always find new ways • Ruined reputation, vandalism, theft, revenue lost, damaged intellectual property  Security Breach Example - LastPass • An online password manager • Stolen email addresses, password reminders, and authentication hashes • Requires email verification or multi-factor authentication when logging in from an unknown device • Users should use complex master password, change master password periodically, and beware of phishing attacks Organizational Data The Impact of a Security Breach
24 © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential  Internal Security Threats • Can be an employee or contract partner • Mishandle confidential data • Threaten the operations of internal servers or network infrastructure devices • Facilitate outside attacks by connecting infected USB media into the corporate computer system • Accidentally invite malware onto the network through malicious email or websites • Can cause great damage because of direct access  External Security Threats • exploit vulnerabilities in network or computing devices • use social engineering to gain access The Profile of a Cyber Attacker Internal and External Threats
25 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Levels of Impact  can define 3 levels of impact from a security breach  Low  Moderate  High 26
Low Impact  The loss could be expected to have a limited adverse effect on organizational operations, organizational assets, or individuals.  A limited adverse effect means that, for example, the loss of confidentiality, integrity, or availability might  (i) cause a degradation in mission capability to an extent and duration that the organization is able to perform its primary functions, but the effectiveness of the functions is noticeably reduced;  (ii) result in minor damage to organizational assets;  (iii) result in minor financial loss; or  (iv) result in minor harm to individuals. 27
Moderate Impact  The loss could be expected to have a serious adverse effect on organizational operations, organizational assets, or individuals.  A serious adverse effect means that, for example, the loss might  (i) cause a significant degradation in mission capability to an extent and duration that the organization is able to perform its primary functions, but the effectiveness of the functions is significantly reduced;  (ii) result in significant damage to organizational assets;  (iii) result in significant financial loss; or  (iv) result in significant harm to individuals that does not involve loss of life or serious, life-threatening injuries. 28
High Impact  The loss could be expected to have a severe or catastrophic adverse effect on organizational operations, organizational assets, or individuals.  A severe or catastrophic adverse effect means that, for example, the loss might  (i) cause a severe degradation in or loss of mission capability to an extent and duration that the organization is not able to perform one or more of its primary functions;  (ii) result in major damage to organizational assets;  (iii) result in major financial loss; or  (iv) result in severe or catastrophic harm to individuals involving loss of life or serious life threatening injuries. 29
 The following describes some of the ways through which any information systems can be attacked. a. Social Engineering b. Viruses / Trojan Horses / Worms c. Denial of Service (DoS) d. IP Spoofing e. Replay Attack How to do an Attack 30
Social Engineering  Social engineering is a technique used by attackers to gain system access or information by exploiting the basic human instinct to be helpful.  Social engineering exploit are successful because the targeted enterprise lacks an awareness program to educate employees of their security- related duties and responsibilities.  A simple phone call by an intruder to a target posing as a network support guy and asking her username and password to rectify a non existing problem.
Viruses / Trojan Horses / Worms  Virus is malicious code that can plant itself into operating systems and programs and modify them.  Trojan-horse is a virus that is hidden inside a legitimate software. Once the software is installed or downloaded, the malicious code does its thing.  Worm is industry nomenclature for a self-contained program that will replicate itself across a network, infecting each server and workstation it can access.
Denial of Service (DoS)  An attack that targets resources within the network with the intention of reserving resource and keeping legitimate users from gaining access.  During a SYN attack, an enemy workstation will generate a flood of session requests using bogus IP addresses.  The target server begins reserving resources for each request while waiting for the completion of the TCP/IP handshake process.  The expected reply from the enemy workstation never comes but the reserved resources results in the denial of service for the legitimate user.
IP Spoofing  IP spoofing is accomplished when an outside hacker uses a discovered IP address to gain access of a trusted environment from outside the network.  A hacker can obtain a valid IP address in a variety of ways such as social engineering.
Replay Attack  A replay attack occurs when a hacker intercepts a communication between two parties and replays the message.  For instance, a hacker might intercept a credit card transaction between a consumer and a Web site. The hacker then replays the transaction multiple times resulting in multiple debits to the consumers credit account.
Security Service  enhance security of data processing systems and information transfers of an organization  intended to counter security attacks  using one or more security mechanisms  often replicates functions normally associated with physical documents • which, for example, have signatures, dates; need protection from disclosure, tampering, or destruction; be notarized or witnessed; be recorded or licensed 36
37 Security Services  Confidentiality (privacy)  Authentication (who created or sent the data)  Integrity (has not been altered)  Non-repudiation (the order is final)  Access control (prevent misuse of resources)  Availability (permanence, non-erasure)  Denial of Service Attacks  Virus that deletes files 37
Security Services  X.800: “a service provided by a protocol layer of communicating open systems, which ensures adequate security of the systems or of data transfers”  RFC 2828: “a processing or communication service provided by a system to give a specific kind of protection to system resources” 38
Security Services (X.800)  Authentication - assurance that communicating entity is the one claimed  have both peer-entity & data origin authentication  Access Control - prevention of the unauthorized use of a resource  Data Confidentiality –protection of data from unauthorized disclosure  Data Integrity - assurance that data received is as sent by an authorized entity  Non-Repudiation - protection against denial by one of the parties in a communication  Availability – resource accessible/usable 39
Security Mechanism  a.k.a. control  feature designed to detect, prevent, or recover from a security attack  no single mechanism that will support all services required  however one particular element underlies many of the security mechanisms in use:  cryptographic techniques  hence our focus on this topic 40
Security Mechanisms (X.800) specific security mechanisms: (May be incorporated into the appropriate protocol layer in order to provide some of the OSI security services)  encipherment, digital signatures, access controls, data integrity, authentication exchange, traffic padding, routing control, notarization pervasive security mechanisms: (Mechanisms that are not specific to any particular OSI security service or protocol layer)  trusted functionality, security labels, event detection, security audit trails, security recovery 41
Specific security mechanisms Encipherment  The use of mathematical algorithms to transform data into a form that is not readily intelligible. The transformation and subsequent recovery of the data depend on an algorithm and zero or more encryption keys. Digital Signature  Data appended to, or a cryptographic transformation of, a data unit that allows a recipient of the data unit to prove the source and integrity of the data unit and protect against forgery (e.g., by the recipient). Access Control  A variety of mechanisms that enforce access rights to resources. Data Integrity  A variety of mechanisms used to assure the integrity of a data unit or stream of data units. 42
Cont…. Authentication Exchange  A mechanism intended to ensure the identity of an entity by means of information exchange. Traffic Padding  The insertion of bits into gaps in a data stream to frustrate traffic analysis attempts. Routing Control  Enables selection of particular physically secure routes for certain data and allows routing changes, especially when a breach of security is suspected. Notarization  The use of a trusted third party to assure certain properties of a data exchange. 43
Pervasive security mechanisms: Trusted Functionality  That which is perceived to be correct with respect to some criteria (e.g., as established by a security policy). Security Label  The marking bound to a resource (which may be a data unit) that names or designates the security attributes of that resource. Event Detection  Detection of security-relevant events. Security Audit Trail  Data collected and potentially used to facilitate a security audit, which is an independent review and examination of system records and activities. Security Recovery  Deals with requests from mechanisms, such as event handling and management functions, and takes recovery actions. 44
Model for Network Security 45
Model for Network Security  using this model requires us to: 1. design a suitable algorithm for the security transformation 2. generate the secret information (keys) used by the algorithm 3. develop methods to distribute and share the secret information 4. specify a protocol enabling the principals to use the transformation and secret information for a security service 46
Model for Network Access Security 47
Model for Network Access Security  using this model requires us to: 1. select appropriate gatekeeper functions to identify users 2. implement security controls to ensure only authorised users access designated information or resources  note that model does not include: 1. monitoring of system for successful penetration 2. monitoring of authorized users for misuse 3. audit logging for forensic uses, etc. 48
Summary  topic roadmap & standards organizations  security concepts:  confidentiality, integrity, availability  X.800 security architecture  security attacks, services, mechanisms  models for network (access) security 49

Recommandé

SEMINAR ON CYBER SECURITY.pptx
SEMINAR ON CYBER SECURITY.pptxSEMINAR ON CYBER SECURITY.pptx
SEMINAR ON CYBER SECURITY.pptxGauravWankar2
 
Module 1.pdf
Module 1.pdfModule 1.pdf
Module 1.pdfSitamarhi Institute of Technology
 
module 1 Cyber Security Concepts
module 1 Cyber Security Conceptsmodule 1 Cyber Security Concepts
module 1 Cyber Security ConceptsSitamarhi Institute of Technology
 
IT Security.pdf
IT Security.pdfIT Security.pdf
IT Security.pdfManassahIjudigal
 
Chapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamananChapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamanannewbie2019
 
Network security-S.Karthika II-M.Sc computer science,Bon Securous college for...
Network security-S.Karthika II-M.Sc computer science,Bon Securous college for...Network security-S.Karthika II-M.Sc computer science,Bon Securous college for...
Network security-S.Karthika II-M.Sc computer science,Bon Securous college for...karthikasivakumar3
 
Cyber.pptx
Cyber.pptxCyber.pptx
Cyber.pptxMahalakshmiShetty3
 
Chapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamananChapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamanannewbie2019
 

Recommandé

SEMINAR ON CYBER SECURITY.pptx
SEMINAR ON CYBER SECURITY.pptxSEMINAR ON CYBER SECURITY.pptx
SEMINAR ON CYBER SECURITY.pptxGauravWankar2
 
Module 1.pdf
Module 1.pdfModule 1.pdf
Module 1.pdfSitamarhi Institute of Technology
 
module 1 Cyber Security Concepts
module 1 Cyber Security Conceptsmodule 1 Cyber Security Concepts
module 1 Cyber Security ConceptsSitamarhi Institute of Technology
 
IT Security.pdf
IT Security.pdfIT Security.pdf
IT Security.pdfManassahIjudigal
 
Chapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamananChapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamanannewbie2019
 
Network security-S.Karthika II-M.Sc computer science,Bon Securous college for...
Network security-S.Karthika II-M.Sc computer science,Bon Securous college for...Network security-S.Karthika II-M.Sc computer science,Bon Securous college for...
Network security-S.Karthika II-M.Sc computer science,Bon Securous college for...karthikasivakumar3
 
Cyber.pptx
Cyber.pptxCyber.pptx
Cyber.pptxMahalakshmiShetty3
 
Chapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamananChapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamanannewbie2019
 
ENSA_Module_3.pptx
ENSA_Module_3.pptxENSA_Module_3.pptx
ENSA_Module_3.pptxSkyBlue659156
 
S.Karthika,II-M.sc(Computer Science),Bon Secours college for women,thanjavur
S.Karthika,II-M.sc(Computer Science),Bon Secours college for women,thanjavurS.Karthika,II-M.sc(Computer Science),Bon Secours college for women,thanjavur
S.Karthika,II-M.sc(Computer Science),Bon Secours college for women,thanjavurvkarthi314
 
Cybersecurity and Risk Management Technology
Cybersecurity and Risk Management TechnologyCybersecurity and Risk Management Technology
Cybersecurity and Risk Management TechnologyMohammad Febri
 
Lec 2- Hardening and whitelisting of devices
Lec 2- Hardening and whitelisting of devicesLec 2- Hardening and whitelisting of devices
Lec 2- Hardening and whitelisting of devicesBilalMehmood44
 
Safety and Security to Data and Protection Measures.docx
Safety and Security to Data and Protection Measures.docxSafety and Security to Data and Protection Measures.docx
Safety and Security to Data and Protection Measures.docxAdeen Ali
 
22 need-for-security
22 need-for-security22 need-for-security
22 need-for-securityAl Balqa Applied University
 
Network Attacks - (Information Assurance and Security)BS in Information Techn...
Network Attacks - (Information Assurance and Security)BS in Information Techn...Network Attacks - (Information Assurance and Security)BS in Information Techn...
Network Attacks - (Information Assurance and Security)BS in Information Techn...SyvilMaeTapinit
 
Introduction To Ethical Hacking
Introduction To Ethical HackingIntroduction To Ethical Hacking
Introduction To Ethical Hackingchakrekevin
 
Cyber security
Cyber securityCyber security
Cyber securityvishakha bhagwat
 
Computer security
Computer securityComputer security
Computer securitysruthiKrishnaG
 
23 network security threats pkg
23 network security threats pkg23 network security threats pkg
23 network security threats pkgUmang Gupta
 
Chapter-2 (1).pptx
Chapter-2 (1).pptxChapter-2 (1).pptx
Chapter-2 (1).pptxPaulaRodalynMateo1
 
Module 4.pdf
Module 4.pdfModule 4.pdf
Module 4.pdfSitamarhi Institute of Technology
 
Module 4 Cyber Security Vulnerabilities& Safe Guards
Module 4 Cyber Security Vulnerabilities& Safe GuardsModule 4 Cyber Security Vulnerabilities& Safe Guards
Module 4 Cyber Security Vulnerabilities& Safe GuardsSitamarhi Institute of Technology
 
ch02_2.ppt
ch02_2.pptch02_2.ppt
ch02_2.pptIbrahimAl22
 
ch02_2.ppt
ch02_2.pptch02_2.ppt
ch02_2.pptgtrajasekaran1
 
Cyber Security
Cyber SecurityCyber Security
Cyber SecurityIllumeo
 
Ethical Hacking and Network Defence 1.pptx
Ethical Hacking and Network Defence 1.pptxEthical Hacking and Network Defence 1.pptx
Ethical Hacking and Network Defence 1.pptxJanani S
 
Need for security
Need for securityNeed for security
Need for securityUniversity of Central Punjab
 
Introduction to cyber security i
Introduction to cyber security iIntroduction to cyber security i
Introduction to cyber security iEmmanuel Gbenga Dada (BSc, MSc, PhD)
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdfQucHHunhnh
 
mini mental status format.docx
mini mental status format.docxmini mental status format.docx
mini mental status format.docxPoojaSen20
 

Contenu connexe

Similaire à Cyber Crime and Security Ch 1 .ppt

S.Karthika,II-M.sc(Computer Science),Bon Secours college for women,thanjavur
S.Karthika,II-M.sc(Computer Science),Bon Secours college for women,thanjavurS.Karthika,II-M.sc(Computer Science),Bon Secours college for women,thanjavur
S.Karthika,II-M.sc(Computer Science),Bon Secours college for women,thanjavurvkarthi314
 
Cybersecurity and Risk Management Technology
Cybersecurity and Risk Management TechnologyCybersecurity and Risk Management Technology
Cybersecurity and Risk Management TechnologyMohammad Febri
 
Lec 2- Hardening and whitelisting of devices
Lec 2- Hardening and whitelisting of devicesLec 2- Hardening and whitelisting of devices
Lec 2- Hardening and whitelisting of devicesBilalMehmood44
 
Safety and Security to Data and Protection Measures.docx
Safety and Security to Data and Protection Measures.docxSafety and Security to Data and Protection Measures.docx
Safety and Security to Data and Protection Measures.docxAdeen Ali
 
Network Attacks - (Information Assurance and Security)BS in Information Techn...
Network Attacks - (Information Assurance and Security)BS in Information Techn...Network Attacks - (Information Assurance and Security)BS in Information Techn...
Network Attacks - (Information Assurance and Security)BS in Information Techn...SyvilMaeTapinit
 
Introduction To Ethical Hacking
Introduction To Ethical HackingIntroduction To Ethical Hacking
Introduction To Ethical Hackingchakrekevin
 
23 network security threats pkg
23 network security threats pkg23 network security threats pkg
23 network security threats pkgUmang Gupta
 
Cyber Security
Cyber SecurityCyber Security
Cyber SecurityIllumeo
 
Ethical Hacking and Network Defence 1.pptx
Ethical Hacking and Network Defence 1.pptxEthical Hacking and Network Defence 1.pptx
Ethical Hacking and Network Defence 1.pptxJanani S
 

Similaire à Cyber Crime and Security Ch 1 .ppt (20)

ENSA_Module_3.pptx
ENSA_Module_3.pptxENSA_Module_3.pptx
ENSA_Module_3.pptx
 
S.Karthika,II-M.sc(Computer Science),Bon Secours college for women,thanjavur
S.Karthika,II-M.sc(Computer Science),Bon Secours college for women,thanjavurS.Karthika,II-M.sc(Computer Science),Bon Secours college for women,thanjavur
S.Karthika,II-M.sc(Computer Science),Bon Secours college for women,thanjavur
 
Cybersecurity and Risk Management Technology
Cybersecurity and Risk Management TechnologyCybersecurity and Risk Management Technology
Cybersecurity and Risk Management Technology
 
Lec 2- Hardening and whitelisting of devices
Lec 2- Hardening and whitelisting of devicesLec 2- Hardening and whitelisting of devices
Lec 2- Hardening and whitelisting of devices
 
Safety and Security to Data and Protection Measures.docx
Safety and Security to Data and Protection Measures.docxSafety and Security to Data and Protection Measures.docx
Safety and Security to Data and Protection Measures.docx
 
22 need-for-security
22 need-for-security22 need-for-security
22 need-for-security
 
Network Attacks - (Information Assurance and Security)BS in Information Techn...
Network Attacks - (Information Assurance and Security)BS in Information Techn...Network Attacks - (Information Assurance and Security)BS in Information Techn...
Network Attacks - (Information Assurance and Security)BS in Information Techn...
 
Introduction To Ethical Hacking
Introduction To Ethical HackingIntroduction To Ethical Hacking
Introduction To Ethical Hacking
 
Cyber security
Cyber securityCyber security
Cyber security
 
Computer security
Computer securityComputer security
Computer security
 
23 network security threats pkg
23 network security threats pkg23 network security threats pkg
23 network security threats pkg
 
Chapter-2 (1).pptx
Chapter-2 (1).pptxChapter-2 (1).pptx
Chapter-2 (1).pptx
 
Module 4.pdf
Module 4.pdfModule 4.pdf
Module 4.pdf
 
Module 4 Cyber Security Vulnerabilities& Safe Guards
Module 4 Cyber Security Vulnerabilities& Safe GuardsModule 4 Cyber Security Vulnerabilities& Safe Guards
Module 4 Cyber Security Vulnerabilities& Safe Guards
 
ch02_2.ppt
ch02_2.pptch02_2.ppt
ch02_2.ppt
 
ch02_2.ppt
ch02_2.pptch02_2.ppt
ch02_2.ppt
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
Ethical Hacking and Network Defence 1.pptx
Ethical Hacking and Network Defence 1.pptxEthical Hacking and Network Defence 1.pptx
Ethical Hacking and Network Defence 1.pptx
 
Need for security
Need for securityNeed for security
Need for security
 
Introduction to cyber security i
Introduction to cyber security iIntroduction to cyber security i
Introduction to cyber security i
 

Dernier

1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdfQucHHunhnh
 
mini mental status format.docx
mini mental status format.docxmini mental status format.docx
mini mental status format.docxPoojaSen20
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxpboyjonauth
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxGaneshChakor2
 
Separation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesSeparation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesFatimaKhan178732
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Sapana Sha
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionSafetyChain Software
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfciinovamais
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfsanyamsingh5019
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Krashi Coaching
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactPECB
 
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991RKavithamani
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introductionMaksud Ahmed
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfJayanti Pande
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformChameera Dedduwage
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfSoniaTolstoy
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Educationpboyjonauth
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingTechSoup
 

Dernier (20)

1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
 
mini mental status format.docx
mini mental status format.docxmini mental status format.docx
mini mental status format.docx
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptx
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptx
 
Separation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesSeparation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and Actinides
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory Inspection
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
 
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
 
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdf
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy Reform
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Education
 
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy Consulting
 

Cyber Crime and Security Ch 1 .ppt

  • 1. CS-7303/CS-6303 Cyber Crime and Security/ TE-7116 Cyber Security Sir Syed University of Engineering & Technology, Karachi Dr. Waeej Haider, DoCS&IT
  • 2. Roadmap  Computer Security  Cyber Security  Attacks  Mutual Trust  Network Security  Computer Security 2
  • 3. Background  Information Security requirements have changed in recent times (due to attacks on sensitive info.)  Traditionally provided by physical and administrative mechanisms  Computer use requires automated tools to protect files and other stored information  Use of networks and communications links requires measures to protect data during transmission 3
  • 4.
  • 5. Definitions  Computer Security - generic name for the collection of tools designed to protect data and to thwart hackers  Network Security - measures to protect data during their transmission  Internet Security - measures to protect data during their transmission over a collection of interconnected networks 5
  • 6. Computer Security  Can be elaborated as:  The protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity, availability and confidentiality of information system resources (includes hardware, software, firmware, information/data, and telecommunications) 6
  • 7. Cisco Public © 2013 Cisco and/or its affiliates. All rights reserved. 7 Cybersecurity is the protection of internet-connected systems such as hardware, software and data from cyber- threats. The practice is used by individuals and enterprises to protect against unauthorized access to data centers and other computerized systems. Farrukh Nizami AIT CEP
  • 9. Examples of Security Requirements  confidentiality – student grades  integrity – patient information  availability – authentication service  authenticity – admission ticket  non-repudiation – stock sell order 9
  • 10. Aspects of Security  consider 3 aspects of information security:  security attack  security mechanism (control)  security service  note terms  threat – a potential for violation of security  vulnerability – a way by which loss can happen  attack – an assault on system security, a deliberate attempt to evade security services 10
  • 11. Attacks, Services and Mechanisms  Security Attack: Any action that compromises the security of information.  Security Mechanism: A mechanism that is designed to detect, prevent, or recover from a security attack.  Security Service: A service that enhances the security of data processing systems and information transfers. A security service makes use of one or more security mechanisms. 11
  • 12. Threat Actors Threat Actors  Threat actors are individuals or groups of individuals who perform cyberattacks. They include, but are not limited to: • Amateurs (self-taught) • Hacktivists (use of computer-based techniques such as hacking as a form of civil disobedience to promote a political agenda or social change) • Organized crime groups • State-sponsored groups • Terrorist groups  Cyberattacks are intentional malicious acts meant to negatively impact another individual or organization.
  • 13.
  • 15. Security Attacks  Passive attacks: are in the nature of eavesdropping on, or monitoring of, transmissions  Goal of the opponent is to obtain information that is being transmitted  Active attacks: involve some modification of the data stream or the creation of a false stream 15
  • 16. Passive Attack - Interception •This is an attack on confidentiality 16
  • 17. Passive Attack: Traffic Analysis Observe traffic pattern 17
  • 18. Active Attack: Interruption Block delivery of message •This is an attack on availability 18
  • 19. Active Attack: Fabrication Fabricate message •This is an attack on authenticity 19
  • 21. Active Attack: Modification Modify message This is an attack on integrity 21
  • 22. Handling Attacks  Passive attacks – focus on Prevention • Easy to stop • Hard to detect  Active attacks – focus on Detection and Recovery • Hard to stop • Easy to detect 22
  • 23. 23 © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential  The Consequences of a Security Breach • Not feasible to prevent every attack • Attackers will always find new ways • Ruined reputation, vandalism, theft, revenue lost, damaged intellectual property  Security Breach Example - LastPass • An online password manager • Stolen email addresses, password reminders, and authentication hashes • Requires email verification or multi-factor authentication when logging in from an unknown device • Users should use complex master password, change master password periodically, and beware of phishing attacks Organizational Data The Impact of a Security Breach
  • 24. 24 © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential  Internal Security Threats • Can be an employee or contract partner • Mishandle confidential data • Threaten the operations of internal servers or network infrastructure devices • Facilitate outside attacks by connecting infected USB media into the corporate computer system • Accidentally invite malware onto the network through malicious email or websites • Can cause great damage because of direct access  External Security Threats • exploit vulnerabilities in network or computing devices • use social engineering to gain access The Profile of a Cyber Attacker Internal and External Threats
  • 25. 25 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
  • 26. Levels of Impact  can define 3 levels of impact from a security breach  Low  Moderate  High 26
  • 27. Low Impact  The loss could be expected to have a limited adverse effect on organizational operations, organizational assets, or individuals.  A limited adverse effect means that, for example, the loss of confidentiality, integrity, or availability might  (i) cause a degradation in mission capability to an extent and duration that the organization is able to perform its primary functions, but the effectiveness of the functions is noticeably reduced;  (ii) result in minor damage to organizational assets;  (iii) result in minor financial loss; or  (iv) result in minor harm to individuals. 27
  • 28. Moderate Impact  The loss could be expected to have a serious adverse effect on organizational operations, organizational assets, or individuals.  A serious adverse effect means that, for example, the loss might  (i) cause a significant degradation in mission capability to an extent and duration that the organization is able to perform its primary functions, but the effectiveness of the functions is significantly reduced;  (ii) result in significant damage to organizational assets;  (iii) result in significant financial loss; or  (iv) result in significant harm to individuals that does not involve loss of life or serious, life-threatening injuries. 28
  • 29. High Impact  The loss could be expected to have a severe or catastrophic adverse effect on organizational operations, organizational assets, or individuals.  A severe or catastrophic adverse effect means that, for example, the loss might  (i) cause a severe degradation in or loss of mission capability to an extent and duration that the organization is not able to perform one or more of its primary functions;  (ii) result in major damage to organizational assets;  (iii) result in major financial loss; or  (iv) result in severe or catastrophic harm to individuals involving loss of life or serious life threatening injuries. 29
  • 30.  The following describes some of the ways through which any information systems can be attacked. a. Social Engineering b. Viruses / Trojan Horses / Worms c. Denial of Service (DoS) d. IP Spoofing e. Replay Attack How to do an Attack 30
  • 31. Social Engineering  Social engineering is a technique used by attackers to gain system access or information by exploiting the basic human instinct to be helpful.  Social engineering exploit are successful because the targeted enterprise lacks an awareness program to educate employees of their security- related duties and responsibilities.  A simple phone call by an intruder to a target posing as a network support guy and asking her username and password to rectify a non existing problem.
  • 32. Viruses / Trojan Horses / Worms  Virus is malicious code that can plant itself into operating systems and programs and modify them.  Trojan-horse is a virus that is hidden inside a legitimate software. Once the software is installed or downloaded, the malicious code does its thing.  Worm is industry nomenclature for a self-contained program that will replicate itself across a network, infecting each server and workstation it can access.
  • 33. Denial of Service (DoS)  An attack that targets resources within the network with the intention of reserving resource and keeping legitimate users from gaining access.  During a SYN attack, an enemy workstation will generate a flood of session requests using bogus IP addresses.  The target server begins reserving resources for each request while waiting for the completion of the TCP/IP handshake process.  The expected reply from the enemy workstation never comes but the reserved resources results in the denial of service for the legitimate user.
  • 34. IP Spoofing  IP spoofing is accomplished when an outside hacker uses a discovered IP address to gain access of a trusted environment from outside the network.  A hacker can obtain a valid IP address in a variety of ways such as social engineering.
  • 35. Replay Attack  A replay attack occurs when a hacker intercepts a communication between two parties and replays the message.  For instance, a hacker might intercept a credit card transaction between a consumer and a Web site. The hacker then replays the transaction multiple times resulting in multiple debits to the consumers credit account.
  • 36. Security Service  enhance security of data processing systems and information transfers of an organization  intended to counter security attacks  using one or more security mechanisms  often replicates functions normally associated with physical documents • which, for example, have signatures, dates; need protection from disclosure, tampering, or destruction; be notarized or witnessed; be recorded or licensed 36
  • 37. 37 Security Services  Confidentiality (privacy)  Authentication (who created or sent the data)  Integrity (has not been altered)  Non-repudiation (the order is final)  Access control (prevent misuse of resources)  Availability (permanence, non-erasure)  Denial of Service Attacks  Virus that deletes files 37
  • 38. Security Services  X.800: “a service provided by a protocol layer of communicating open systems, which ensures adequate security of the systems or of data transfers”  RFC 2828: “a processing or communication service provided by a system to give a specific kind of protection to system resources” 38
  • 39. Security Services (X.800)  Authentication - assurance that communicating entity is the one claimed  have both peer-entity & data origin authentication  Access Control - prevention of the unauthorized use of a resource  Data Confidentiality –protection of data from unauthorized disclosure  Data Integrity - assurance that data received is as sent by an authorized entity  Non-Repudiation - protection against denial by one of the parties in a communication  Availability – resource accessible/usable 39
  • 40. Security Mechanism  a.k.a. control  feature designed to detect, prevent, or recover from a security attack  no single mechanism that will support all services required  however one particular element underlies many of the security mechanisms in use:  cryptographic techniques  hence our focus on this topic 40
  • 41. Security Mechanisms (X.800) specific security mechanisms: (May be incorporated into the appropriate protocol layer in order to provide some of the OSI security services)  encipherment, digital signatures, access controls, data integrity, authentication exchange, traffic padding, routing control, notarization pervasive security mechanisms: (Mechanisms that are not specific to any particular OSI security service or protocol layer)  trusted functionality, security labels, event detection, security audit trails, security recovery 41
  • 42. Specific security mechanisms Encipherment  The use of mathematical algorithms to transform data into a form that is not readily intelligible. The transformation and subsequent recovery of the data depend on an algorithm and zero or more encryption keys. Digital Signature  Data appended to, or a cryptographic transformation of, a data unit that allows a recipient of the data unit to prove the source and integrity of the data unit and protect against forgery (e.g., by the recipient). Access Control  A variety of mechanisms that enforce access rights to resources. Data Integrity  A variety of mechanisms used to assure the integrity of a data unit or stream of data units. 42
  • 43. Cont…. Authentication Exchange  A mechanism intended to ensure the identity of an entity by means of information exchange. Traffic Padding  The insertion of bits into gaps in a data stream to frustrate traffic analysis attempts. Routing Control  Enables selection of particular physically secure routes for certain data and allows routing changes, especially when a breach of security is suspected. Notarization  The use of a trusted third party to assure certain properties of a data exchange. 43
  • 44. Pervasive security mechanisms: Trusted Functionality  That which is perceived to be correct with respect to some criteria (e.g., as established by a security policy). Security Label  The marking bound to a resource (which may be a data unit) that names or designates the security attributes of that resource. Event Detection  Detection of security-relevant events. Security Audit Trail  Data collected and potentially used to facilitate a security audit, which is an independent review and examination of system records and activities. Security Recovery  Deals with requests from mechanisms, such as event handling and management functions, and takes recovery actions. 44
  • 45. Model for Network Security 45
  • 46. Model for Network Security  using this model requires us to: 1. design a suitable algorithm for the security transformation 2. generate the secret information (keys) used by the algorithm 3. develop methods to distribute and share the secret information 4. specify a protocol enabling the principals to use the transformation and secret information for a security service 46
  • 47. Model for Network Access Security 47
  • 48. Model for Network Access Security  using this model requires us to: 1. select appropriate gatekeeper functions to identify users 2. implement security controls to ensure only authorised users access designated information or resources  note that model does not include: 1. monitoring of system for successful penetration 2. monitoring of authorized users for misuse 3. audit logging for forensic uses, etc. 48
  • 49. Summary  topic roadmap & standards organizations  security concepts:  confidentiality, integrity, availability  X.800 security architecture  security attacks, services, mechanisms  models for network (access) security 49