1
Attack Sophistication vs. Required Intruder Knowledge Required Intruder Knowledge
BackOrifice
Attack Sophistication Auto. Toolkits
Packet spoofing
1997
Widespread DDoS
2007 2
What are the Issues & problems?
Security was not a fundamental design consideration The Internet is growing exponentially
User dependence is increasing;
With increasing complexity, there are billions of entry points
3
Who are the intruders? • Criminals • “Curious” Intruders • Insiders • Corporate Spies
4
Motives
Money Access to additional resources Competitive advantages Curiosity and Mischief Terrorism
5
BUT!!!! I do not have anything important on my machine; who would want to crack my machine ??????
WHY THEY ATTACK? WHAT THEY WANT? WHAT WE SHOULD DO?
6
WHY THEY ATTACK? WHAT THEY WANT? They want your Bandwidth They want your CPU They want your Disk Space They want your Data They want to Steal Information They want to Destroy 7
Possible Attacks: DDoS (Distributed Denial of Service) Sniffing Port Scanning Malicious code
8
9
Denial of Service (DoS) Attack
Attacker prevent user from accessing a service Floods network with information. Server unable to process your request.
10
Example of DDoS attack:
Request with spoofed IP of target
Intruder Target 11
Example of DDoS attack:
Intruder
Flood Target with replies
Target
12
Sniffing •
•
•
Examines traffic on same physical network Intruder must have physical access to network Used to gather usernames and passwords
13
Port Scanning • •
Over 65535 ports available. Each port scanned sequentially. Scan
Reply
Port Status
SYN
SYN+ACKOpen
SYN FIN FIN
RST RST Ignored
Close Close Open
14
Malicious Code •
•
Includes Viruses and Trojan Horses Difficult to control.
15
Methods of Defence • • • • •
Encryption Software Controls Hardware Controls Policies Firewalls
16
Encryption
Science of writing in Secret Code Protects data from theft and alteration. Unencrypted Data PlainText Encrypted Data CipherText
17
Cryptographic Techniques
Secret Key Cryptography Public Key Cryptography Hash Functions
18
Secret Key Cryptography
19
Public Key Cryptography
20
Hash Function
21
Sample Application of 3 Cryptography Techniques for Secure Communication Alice’s Private Key
Public Key Crypto
Alice’s Message
Hash Function
Random Session Key Bob’s Public Key
Secret Key Crypto
Public Key Crypto
Digital Signature
Digital Envelope Encrypte d Message
Sent to Bob
Encrypte d Session Key 22
SOFTWARE CONTROLS
Access limitations in database Anti-Virus Software
HARDWARE CONTROLS
Use Smartcard for authentication
23
POLICIES
Frequent Change of Passwords Never Share Your Password Avoid Using Dictionary word as Password Network Monitoring
24
Firewalls
A firewall is a network access control device. Performs a centralized security management function. Denies all traffic except that which is explicitly allowed.
25
Why Use firewalls? Prevent Compromises and Vulnerabilities Preventing DDoS Attack Preventing Port Scanning Preventing Malicious Code Prevent Attack From Insiders
26
As individuals and businesses increase information sharing and communication via the
Internet, vulnerability to attack or intrusion rises.
In the world of technological evolution,
everyone is a target of electronic crime and needs to be concerned about 27
I would like to thank: Mrs. Vandana Syal & All of you for your time and patience.
28